I agree with mjg59 that this sort of system does not provide true security. That said, I think it might be slightly more effective if the system verifies the whole /boot partition instead of just the files within, especially if free space is filled with random bytes.
edit: I also think it might be ever so slightly better to calculate signatures instead of plain hashes. That would make it bit more difficult for attacker to forge correct values.
edit: I also think it might be ever so slightly better to calculate signatures instead of plain hashes. That would make it bit more difficult for attacker to forge correct values.