Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

But then you're loading the kernel from unencrypted fat32 partition?


If it's signed with Secure Boot keys it's no different for loading signed Grub image. Grub would also need to be unencrypted to work.

As for signing kernel: https://github.com/andreyv/sbupdate




Consider applying for YC's Winter 2026 batch! Applications are open till Nov 10

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: