UEFI allows us to create EFI stubs that combine the inititrd and other things into one little image that can be signed & verified by Secure Boot, and read by the UEFI boot-selection/loader. This solves most of the issues described. Like the article says, the issue is that Linux distros do not use those capabilities by default yet.
UEFI allows us to create EFI stubs that combine the
inititrdand other things into one little image that can be signed & verified by Secure Boot, and read by the UEFI boot-selection/loader. This solves most of the issues described. Like the article says, the issue is that Linux distros do not use those capabilities by default yet.