Linux does support Secure Boot, and I believe Red Hat offers RHEL with signed bootloaders, kernels and kernel modules. However, I don't know how secure the secure boot environment is in practice, and I'm pretty sure Secure Boot support on most distros is stubbed to be good enough to boot with Secure Boot enabled, but not good enough to meaningfully verify the integrity of your environment.

I wouldn't be surprised if Valve started making serious innards into improving Secure Boot support on Linux for the sake of Steam Deck compatibility. However, I'm not sure that would work with the lack of stable driver ABI on other platforms that aren't a known quantity.

The mainstream GNU/Linux/whatever software stacks fully support secure boot on a technical level.

> not good enough to meaningfully verify the integrity of your environment

That depends entirely on whose perspective you take. There are tools to do pretty much anything you can think of and you always have the freedom to extend them yourself. So for the end user it's significantly better at that task than proprietary competitors because the end user has full control over the process.

From the perspective of an entity like Riot it doesn't offer anything of value because (AFAIK) none of the distros choose to provide releases that verify the environment binaries match official releases built by the maintainers. I imagine the majority of maintainers would consider providing such a thing to be an anti-feature.

Valve could easily provide an attested system if they wanted to. I'm glad they choose not to (at least so far). If a studio is turning to kernel level anti-cheat they screwed something up to arrive there.