GRUB Bootloader Picks Up A Verifier Framework For Secure Boot, TPM, PGP Verification

Written by Michael Larabel in GNU on 9 November 2018 at 08:09 AM EST. 18 Comments
Landing in the GRUB boot-loader minutes ago is a new "verifiers" framework providing core verification functionality for the likes of UEFI Secure Boot, Trusted Platform Modules, and PGP.

The GRUB verifiers framework can be used by modules whereby the boot-loader needs to handle some verification steps at boot-time. The obvious focus on this verification framework is for security mechanisms like Secure Boot or TPM support.

This framework allows also verifying the kernel image to built, modules command lines, etc. The initial user of this framework is the PGP module for checking the GRUB image against a GnuPG signature. There is also a new EFI shim lock verifier module that was added that provides verification of kernels if UEFI Secure Boot is enabled.

This work was just merged into GRUB Git ahead of the eventual GRUB 2.04 release.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week