5 Classes| docs.yoctoproject.org
Trusted boot is a combination of technologies that allows us to enhance the security posture of a running system. It is composed by FDE, Secure Boot and Measured Boot. Trusted boot is an architectural requirement of SENA (Secure Edge Native Architecture) and is a key component of Kairos. You can read more about Trusted Boot in https://0pointer.de/blog/brave-new-trusted-boot-world.html and about SENA here: https://kairos.io/blog/2023/04/18/kairos-is-now-part-of-the-secure-edge-native-architect...| kairos.io
Index ·| www.freedesktop.org
An explanation of how to enable secure boot on NixOS, using a community project named ‘Lanzaboote’, and further how to automatically unlock a LUKS-encrypted disk using a TPM with systemd-cryptenroll.| jnsgr.uk
Index ·| www.freedesktop.org
The Boot Loader Specification # This document defines a set of file formats and naming conventions that allow the boot loader menu entries to be shared between multiple operating systems and boot loaders installed on one device. Operating systems cooperatively manage boot loader menu entry directories that contain drop-in files, making multi-boot scenarios easy to support. Boot menu entries are defined via two simple formats that can be understood by different boot loader implementations, ope...| uapi-group.org
A unified kernel image (UKI) is a single executable which can be booted directly from UEFI firmware, or automatically sourced by boot loaders with little or no configuration. It is the combination of a UEFI boot stub program like systemd-stub(7), a Linux kernel image, an initrd, and further resources in a single UEFI PE file.| wiki.archlinux.org