Kernel integrity check on boot
ashishnkansara at gmail.com
Sat Apr 23 04:13:53 UTC 2016
I was looking at doing a clean install of 16.04, this time with block
device encryption using dm_crypt and LUKS, and was wondering if Ubuntu does
any kernel integrity check on boot.
>From what I understand, secureboot will only perform an integrity check on
the bootloader; the bootloader itself does not check the kernel hash. This
seems sort of counter-intuitive since /boot is not encrypted. Of course,
this is solved if a kernel integrity check is performed on boot.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the ubuntu-users