picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
Systemd/src/boot
History
Max Resch b2bb40ce9a sd-boot: added shim signature/MOK validation (#5702) 
Adds support for booting in a SecureBoot environment with shim as a
preloader. Install an appropriate UEFI security policy to check PE
signature of a chained kernel or UEFI application (using LoadImage())
against the MOK database maintained by shim, using shim's installed
BootServices.

Implementation details for installing the security policy are based on
code from the LinuxFoundation's SecureBoot PreLoader, part of efitools
licensed under LGPL 2.1

Current signed (by Microsoft) versions of shim (Versions 0.8 & 0.9)
so not install a security policy by themselves, future Versions of
shim might (a compile time switch exists in rectent git versions),
so in the future this PR might become unnecessary.
2017-05-09 20:57:40 +02:00
..
efi sd-boot: added shim signature/MOK validation (#5702) 2017-05-09 20:57:40 +02:00
bootctl.c build-sys: correct blkid.h includes 2017-04-06 14:33:02 +01:00
Makefile boot: add stub Makefile symlink 2013-02-13 02:19:03 +01:00