secure boot for nixos ~ personal fork
Go to file
Julian Stecklina 100504e370 Fix license badge 2022-11-24 11:20:50 +01:00
nix Move uefi-run into its own Nix file 2022-11-22 00:43:15 +01:00
rust lanzatool: implement copying sdboot to esp 2022-11-24 11:10:19 +01:00
.envrc Initial import of Rust files 2022-11-21 12:31:23 +01:00
.gitignore .gitignore.nix: block result* in subdirectories too 2022-11-23 00:20:27 +01:00
README.md Fix license badge 2022-11-24 11:20:50 +01:00
flake.lock Initial import of Rust files 2022-11-21 12:31:23 +01:00
flake.nix Merge pull request #5 from blitz/magic-mk-shell 2022-11-23 15:41:04 +01:00

README.md

Lanzaboote

GitHub branch checks state made-with-rust GitHub license

🚧🚧🚧 This is not working yet. Come back later.* 🚧🚧🚧

This repository contains experimental tooling for Secure Boot on NixOS.

lanzatool

lanzatool is a Linux command line application that takes a bootspec document and installs the boot files into the UEFI ESP.

lanzaboote

lanzaboote is a UEFI application that is started by systemd-boot (or any other EFI boot loader) and loads a Linux kernel and initrd without breaking the Secure Boot chain of trust.

The information what kernel with what command line and initrd to boot is embedded into the lanzaboote by lanzatool.