Re: two questions on verified boot

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Dhananjay Phadke <dphadke@linux.microsoft.com>
To: rasmus.villemoes@prevas.dk
Cc: sjg@chromium.org, u-boot@lists.denx.de
Subject: Re: two questions on verified boot
Date: Sun, 21 Nov 2021 11:32:19 -0800	[thread overview]
Message-ID: <1637523139-14507-1-git-send-email-dphadke@linux.microsoft.com> (raw)
In-Reply-To: <e77992cf-ef3f-3781-bcd8-8376549e3848@prevas.dk>

On 11/21/2021 6:55 AM, Rasmus Villemoes wrote:
> (2) Assuming for the moment that I would be happy with just using
> required=image, am I right in that not only does that mean that the
> combination of kernel/fdt/initramfs is not verified, merely the
> individual parts, but more importantly (a mix'n'match attack isn't
> really very likely), _only_ the data property in each node is part of
> what gets signed, not the other important properties such as load= and
> entry=? IOW, suppose I have a FIT image with
> 
> and I know that the boot process uses $loadaddr = 0x40000000. What is to
> stop me from modifying that FIT image to read
> 
> where 0xabcde is chosen to coincide with where the data part of the
> pwned property lies in the modified FIT? (That pwned property can be put
> anywhere; I could even just replace the signer-name property inside the
> signature node with a value of "mkimage\0<padding><my payload>".)
> 
> In fit_config_process_sig(), there's this elaborate dance with
> fit_config_get_data()/fdt_find_regions() which, AFAICT, ends up
> including all the property values (and the FDT_PROP tags and string
> offsets etc.), and then we call info.crypto->sign() with some
> appropriate region_count. But in fit_image_process_sig(), we call
> info.crypto->sign() with nregions==1, and AFAICT, the data being signed
> is just the value of the "data" property, nothing else.
Couldn't agree more, I've been wondering on similar lines. It would be
great to actually run digest over entire image (data + attributes) or
config node (minus signature and hash subnodes if re-signing). It would
have avoided CVE-2020-10648?

Regards,
Dhananjay

next prev parent reply	other threads:[~2021-11-21 19:32 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-11-21 14:55 two questions on verified boot Rasmus Villemoes
2021-11-21 19:32 ` Dhananjay Phadke [this message]
2022-01-27 15:06 ` Simon Glass
2022-01-27 15:41   ` Rasmus Villemoes
2022-03-12  2:24     ` Simon Glass

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1637523139-14507-1-git-send-email-dphadke@linux.microsoft.com \
    --to=dphadke@linux.microsoft.com \
    --cc=rasmus.villemoes@prevas.dk \
    --cc=sjg@chromium.org \
    --cc=u-boot@lists.denx.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.