secure-boot
There are 107 repositories under secure-boot topic.
verity-squash-root
Build signed efi binaries which mount a dm-verity verified squashfs image as rootfs on boot.
multizone-iot-sdk
MultiZone® Trusted Firmware is the quick and safe way to build secure IoT applications with any RISC-V processor. It provides secure access to commercial and private IoT clouds, real-time monitoring, secure boot, and remote firmware updates. The built-in Trusted Execution Environment provides hardware-enforced separation ...
lvm-on-luks
💾 Set up full partition encryption for Ubuntu using LUKS and GRUB2 and optionally LVM and Secure Boot for multi-boot systems.
multizone-linux
MultiZone® Security Enclave for Linux
efi-mkuki
EFI Unified Kernel Image Maker
archiso-sb-shim
A patch for mkarchiso to build secure-boot shim enabled iso
wujian100_open
平头哥无剑100开源SoC平台(双核E902,安全启动,BootROM,IOPMP,Mailbox,RSA-2048,SHA-2, WS2812,Flash)
documentation
wolfSSL product manuals and documentation.
stm32-mw-mcuboot
MCUboot is an OS- and HW-independent secure bootloader for 32-bit MCUs aiming at defining a common infrastructure for the bootloader and the system flash layout on microcontroller systems, and at providing a secure bootloader that enables simple software upgrades.
multizone-sdk-arm
MultiZone® Security TEE for Arm® Cortex®-M is the quick and safe way to add security and separation to any Cortex-M based device. MultiZone® software can retrofit existing designs. If you don’t have TrustZone®, or if you require finer granularity than one secure world, you can take advantage of high security separation without the need for hardware and software redesign, eliminating the complexity associated with managing a hybrid hardware/software security scheme.
sectpmctl
sectpmctl - Secure Boot and TPM2 backed LUKS full disk encryption
meta-stm32mp15x
OpenEmbedded/Yocto BSP layer for STM32MP15x based MPUs
Check-UEFISecureBootVariables
PowerShell scripts to check the UEFI KEK, DB and DBX Secure Boot variables.
tpm-km
yet another pack of scripts for TPM2+Luks
macos-secure-profiles
macOS Security Profiles based off of STIG Developed by Apple and DISA for the DOD
dubiousdisk
The Porygon-Z that's super effective against Secure Boot! (CVE-2022-30203, CVE-2023-21560, CVE-2023-28269, CVE-2023-28249, and more...)
esp32-devenvs
ESP32 Development Environment in Docker Containers with Secure Boot V2 Support
efi-mkkeys
Script to easily generate self-signed UEFI keys for Secure Boot
platform_external_Auditor
Auditor app prebuilt using the latest official release of the Auditor app.
ovmf-secure-boot-vagrant
ovmf secure boot playground
SecureCore
OpenEmbedded/Poky-compatible reference implementation based on meta-secure-core
stm32_bootloader
This is a repository that a custom stm32 secure bootloader is being developed.
max78000-secure-loader
Secure boot loader for MAX78000
bootloaders-with-kaida
A class on Bootloaders by CyberKaida
My-Debian-GNU-Linux
Collection of Solutions for Debian GNU/Linux End Users
debian-uki-hooks
apt hooks to build and sign a unified kernel image
multizone-ada
MultiZone® Security SDK for Ada
Module-Signing-Script
Python script which self signs specified kernel modules for newly installed Linux kernels
secureboot-signer
This script automates the signing and loading of the VMware modules when secure boot is enabled.
multizone-sdk-andes
MultiZone® Security TEE for Andes N22/AE250 is the quick and safe way to add security and separation to any RISC-V processors. The RISC-V standard ISA doesn't define TrustZone-like primitives to provide hardware separation. To shield critical functionality from untrusted third-party components, MultiZone provides hardware-enforced, software-defined separation of multiple equally secure worlds. Unlike antiquated hypervisor-like solutions, MultiZone is self-contained, presents an extremely small attack surface, and it is policy driven, meaning that no coding is required – and in fact even allowed. MultiZone works with any 32-bit or 64-bit RISC-V processors with standard Physical Memory Protection unit (PMP) and “U” mode.
generate-sb-efi
Automate generation of Secure Boot signed single file kernel images
archiso-secure-boot
Create an arch linux boot image signed with your secureboot keys.
openwrt
My own fork to contribute to OpenWrt. For your own usage, please directly fork the upstream repository.
sb-signing-utils
Secureboot Signing Utilities
cryptboot-rs
Command line utility to manage Linux setup with encrypted boot partition and secure boot
esp-devcon23-sbv2-talk
Espressif DevCon 2023 Talk on Secure Boot V2 for ESP32 Platforms