Rafael Jardim d95c80d36f Update Security

Fixed merge conflict (RS)

Signed-off-by: Rafael Jardim <rafaeljordao.jardim@windriver.com>
Change-Id: I30b882a14196525f440db1108a56bbf862dfaf55
Signed-off-by: Ron Stone <ronald.stone@windriver.com>

2021-04-01 16:02:36 -04:00

1.0 KiB

Raw Blame History

UEFI Secure Boot

Secure Boot is a technology where the system firmware checks that the system boot loader is signed with a cryptographic key authorized by a configured database of certificate(s) contained in the firmware or a security device. It is used to secure various boot stages.

's implementation of Secure Boot also validates the signature of the second-stage boot loader, the kernel, and kernel modules.

Operational complexity:

For each node that is going to use secure boot, you must populate the public certificate (with public key) in the Secure Boot authorized database in accordance with the board manufacturer's process.
You may need to work with your hardware vendor to have the certificate installed.
This must be done for each node before starting the installation.

For more information, see the section UEFI Secure Boot <overview-of-uefi-secure-boot>.

1.0 KiB Raw Blame History

UEFI Secure Boot

1.0 KiB

Raw Blame History