f125a8b892
This change addresses a long-standing issue in rST documentation imported from XML.
That import process added backslash escapes in front of various characters. The three
most common being '(', ')', and '_'.
These instances are removed.
Signed-off-by: Ron Stone <ronald.stone@windriver.com>
Change-Id: Id43a9337ffcd505ccbdf072d7b29afdb5d2c997e
33 lines
1.0 KiB
ReStructuredText
33 lines
1.0 KiB
ReStructuredText
|
|
.. avv1595963682527
|
|
.. _uefi-secure-boot:
|
|
|
|
================
|
|
UEFI Secure Boot
|
|
================
|
|
|
|
Secure Boot is a technology where the system firmware checks that the
|
|
system boot loader is signed with a cryptographic key authorized by a
|
|
configured database of certificate\(s) contained in the firmware or a
|
|
security device. It is used to secure various boot stages.
|
|
|
|
|prod|'s implementation of Secure Boot also validates the signature of the
|
|
second-stage boot loader, the kernel, and kernel modules.
|
|
|
|
Operational complexity:
|
|
|
|
.. _uefi-secure-boot-ul-cfz-cvf-mmb:
|
|
|
|
- For each node that is going to use secure boot, you must populate the
|
|
|prod| public certificate (with public key) in the |UEFI| Secure Boot
|
|
authorized database in accordance with the board manufacturer's process.
|
|
|
|
- You may need to work with your hardware vendor to have the certificate
|
|
installed.
|
|
|
|
- This must be done for each node before starting the installation.
|
|
|
|
For more information, see the section :ref:`UEFI Secure Boot
|
|
<overview-of-uefi-secure-boot>`.
|
|
|