On Mon, May 4, 2020 at 4:25 PM Daniel Kiper <daniel.ki...@oracle.com> wrote: > > Otherwise the kernel does not know its state and cannot enable various > security features depending on UEFI Secure Boot.
I think this needs more context. If the kernel is loaded via the EFI boot stub, the kernel is aware of the UEFI secure boot state. Why duplicate this functionality in order to avoid the EFI stub?
