Same for all Linuxes, it’s a current limitation of the Linux kernel. There’s an open issue about it, essentially working out how to use the TPM to sign the memory dump so that secureboot will accept the signature and load it from disk.
Same for all Linuxes, it’s a current limitation of the Linux kernel. There’s an open issue about it, essentially working out how to use the TPM to sign the memory dump so that secureboot will accept the signature and load it from disk.
Other languages have ended up introducing it out of practical necessity, e.g. Go’s contexts, JS execution contexts. Pick your poison, although I expect Rust’s general minimal approach will leave it as extra parameters, Go-style.