no more boot loader: boot using the Linux kernel

We will introduce nmbl (no more boot loader), our fast, secure boot scheme based on the Linux kernel. GRUB is a powerful, flexible, fully-featured boot loader used by many distributions on multiple architectures, but its complexity is difficult to maintain, and it necessarily lags behind the Linux kernel exposing many security holes. The kernel itself, on the other hand, has a large developer base, fast feature development, quick responses to vulnerabilities, and much better overall scrutiny. Our approach is to use the Linux kernel as its own boot loader in the form of a unified kernel image (UKI). Loaded by the EFI stub on UEFI, an UKI is made up of all the components needed to reach the final boot target: the kernel, initramfs, and kernel command line, in one signed bundle. All necessary drivers, filesystem support, and networking are already built in and code duplication is avoided. We will describe the work and testing done so far and our approach to customization, as well as fallback, and hope for your feedback and use cases.