04-03-2020, 01:54 PM
I don't think we can do a verified boot with the hardware in the PinePhone, and without that it doesn't look like they'll consider a port. There's probably a similar requirement for a hardware keystore. Depending on your threat model those could be a deal breaker for you too. You could probably verify the boot media separately though, and the bootloader is immutable in silicon. If that's ok then look at the wiki or this forum for the list of OS ports being worked on.