 73e7f8ef4c
			
		
	
	73e7f8ef4c
	
	
	
		
			
			Epic: Security Planning shall support expectations presented in pre-sales presentations. Updated with review comments for Patch set 4 Updated with review comments for Patch set 3 Updated with review comments from Patch set 2 Updated with review comments from Patch set 1 Added summaries of items raised in pre-sales presentations Change-Id: Ic1e458dfd57ad7ab18923f3a1756007ad717efe1
		
			
				
	
	
	
		
			1.0 KiB
		
	
	
	
	
	
	
	
			
		
		
	
	
			1.0 KiB
		
	
	
	
	
	
	
	
UEFI Secure Boot
Secure Boot is a technology where the system firmware checks that the system boot loader is signed with a cryptographic key authorized by a configured database of certificate(s) contained in the firmware or a security device. It is used to secure various boot stages.
's implementation of Secure Boot also validates the signature of the second-stage boot loader, the kernel, and kernel modules.
Operational complexity:
- For each node that is going to use secure boot, you must populate the public certificate (with public key) in the Secure Boot authorized database in accordance with the board manufacturer's process.
- You may need to work with your hardware vendor to have the certificate installed.
- This must be done for each node before starting the installation.
For more information, see the section UEFI Secure Boot
<overview-of-uefi-secure-boot>.