I am interested in secure network booting. UEFI Secure Boot, combined with a signing key I control, ensures that no unauthorized code can run. However, it doesn’t provide rollback protection: an attacker can cause an earlier version of the OS to run.
Is there a way to prevent this? The first one that comes to mind is:
- The initramfs compares the running kernel version (
uname -r
) and its own version with values stored in EFI variables. - If the values in EFI are newer, boot is aborted.
- Otherwise, the values are written to the EFI variables.