Mailinglist Archive: opensuse-security (22 mails)

< Previous Next >
[opensuse-security] signing custom kernel for secure boot
Hi there,

to bring pain to a new level I play with secure boot and want to get a
custom kernel run with secure boot. I read the SUSE how to from there:

https://en.opensuse.org/openSUSE:UEFI#Booting_a_custom_kernel

But, I am a bit confused, this guides signs vmlinuz, but not a single
module!?
DonĀ“t the kernel modules need to be signed as well?
Or is there some magic that applies the vmlinuz signature automatically
to all modules?!

Last, there is a UEFI boot entry "opensuse-trusted" (or similar), I
guess this is meant to use with secure boot / shim?

regards
--
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-security+owner@xxxxxxxxxxxx

< Previous Next >
List Navigation
This Thread
Follow Ups