BugLink: http://bugs.launchpad.net/bugs/1566221

UEFI Secure Boot provides a mechanism for ensuring that the firmware will
only load signed bootloaders and kernels. Certain use cases may also
require that all kernel modules also be signed. Add a configuration option
that enforces this automatically when enabled.
Signed-off-by: Matthew Garrett <matthew.garrett@nebula.com>
Signed-off-by: Tim Gardner <tim.gardner@canonical.com>