Garrett: UEFI secure booting

I was speaking of "standard Linux boot-loader", they will not work in protected or long mode, without extensive modifications.
For instance, even if Gujin can work in an emulation (i.e. DOS running EMM386 virtual memory management) it has to load the kernel at a physical memory address and uses HIMEM services for that, knowing that HIMEM has to use physical addresses because it was used by some old drivers to manage DMA buffers. It has also to detect it is not running in real mode and disable trying to access VESA2 video memory directly (disable 4 Gb segments).
Also, LOADLIN could be used with EMM386 memory, but had to have a hook just after entering protected mode to relocate each kernel/initrd page.
Basically, BIOS bootloader are mostly dealing with physical addresses and assume they own all memory over 1 Mbyte, loading the kernel just after that boundary and the initrd just before the end of memory. As such they could do a checksum/SHA of at least the first Mbyte of the FLASH if it were always located at 0xFFF00000, but newer PC probably have more FLASH than that.
IHMO EFI mostly solves Windows problems, I fail to see which Linux problem is solved.