Articles & Reviews
News Archive
Forums
Premium
Contact
Categories

Computers Display Drivers Graphics Cards Linux Gaming Memory Motherboards Processors Software Storage Operating Systems Peripherals

GRUB Bootloader Picks Up A Verifier Framework For Secure Boot, TPM, PGP Verification

Written by Michael Larabel in GNU on 9 November 2018 at 08:09 AM EST. 18 Comments

GNU

Landing in the GRUB boot-loader minutes ago is a new "verifiers" framework providing core verification functionality for the likes of UEFI Secure Boot, Trusted Platform Modules, and PGP.

The GRUB verifiers framework can be used by modules whereby the boot-loader needs to handle some verification steps at boot-time. The obvious focus on this verification framework is for security mechanisms like Secure Boot or TPM support.

This framework allows also verifying the kernel image to built, modules command lines, etc. The initial user of this framework is the PGP module for checking the GRUB image against a GnuPG signature. There is also a new EFI shim lock verifier module that was added that provides verification of kernels if UEFI Secure Boot is enabled.

This work was just merged into GRUB Git ahead of the eventual GRUB 2.04 release.

18 Comments

Related News

Patches Posted For Review Adding COBOL Frontend To GCC Compiler

Glibc 2.41 Adds C23's sinpi / cospi / tanpi Functions

GCC 15 Ends Support For Altera Nios II Embedded Processors

GNU Linux-libre 6.12-gnu Continues Dealing With More Blobs In The Kernel

GCC 15 Compiler Development Shifts From Features To Bug Fixing

GCC 15 Moves C Default Language Version To C23

About The Author

Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week

OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts

How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs

Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd

Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal

GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd

KDE Starts December By Landing A Number Of New Features

NTSYNC Linux Patches Revived To Help Boost Steam Play Gaming Performance

Rust-Based, Memory-Safe PNG Decoders "Vastly Outperform" C-Based PNG Libraries