docs/doc/source/security/kubernetes/overview-of-uefi-secure-boot.rst


.. zrf1552681385017
.. _overview-of-uefi-secure-boot:

============================
Overview of UEFI Secure Boot
============================

Secure Boot is an optional capability of |UEFI| firmware.

Secure Boot is a technology where the system firmware checks that the system
boot loader is signed with a cryptographic key authorized by a database
contained in the firmware or a security device.

|prod|'s implementation of Secure Boot also validates the signature of the
second-stage boot loader, the kernel, and kernel modules.

|prod|'s public key, for programming in the hardware's Secure Boot database,
can be found in the |prod| ISO.
Security guide update Re-organized topic hierarchy Tiny edit to restart review workflow. Squashed with Resolved index.rst conflict commit Change-Id: I13472792cb19d1e9975ac76c6954d38054d606c5 Signed-off-by: Keane Lim <keane.lim@windriver.com> Signed-off-by: MCamp859 <maryx.camp@intel.com> 2020-08-31 11:01:56 -04:00
			`.. zrf1552681385017`
			`.. _overview-of-uefi-secure-boot:`

			`============================`
			`Overview of UEFI Secure Boot`
			`============================`

			`Secure Boot is an optional capability of \|UEFI\| firmware.`

			`Secure Boot is a technology where the system firmware checks that the system`
			`boot loader is signed with a cryptographic key authorized by a database`
			`contained in the firmware or a security device.`

			`\|prod\|'s implementation of Secure Boot also validates the signature of the`
			`second-stage boot loader, the kernel, and kernel modules.`

			`\|prod\|'s public key, for programming in the hardware's Secure Boot database,`
			`can be found in the \|prod\| ISO.`