|
|
Log in / Subscribe / Register

memfd_secret() in 5.14

memfd_secret() in 5.14

Posted Aug 10, 2021 8:59 UTC (Tue) by NYKevin (subscriber, #129325)
In reply to: memfd_secret() in 5.14 by pabs
Parent article: memfd_secret() in 5.14

Secure boot checks the signature on the thing that receives control from UEFI (e.g. GRUB). It doesn't know or care about the fact that GRUB hands control over to the Linux kernel, much less what RAM image the Linux kernel subsequently decides to load up.

Otherwise, this chain of attestation would never end. You'd have to sign the kernel, and systemd, and GNOME, and Firefox, and...

to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds