All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Michael S. Tsirkin" <mst@redhat.com>
To: Andy Lutomirski <luto@amacapital.net>
Cc: Josh Boyer <jwboyer@fedoraproject.org>,
	Jason Cooper <jason@lakedaemon.net>,
	"ksummit-discuss@lists.linuxfoundation.org"
	<ksummit-discuss@lists.linuxfoundation.org>,
	James Bottomley <James.Bottomley@hansenpartnership.com>,
	Mark Brown <broonie@sirena.org.uk>
Subject: Re: [Ksummit-discuss] [TOPIC] Secure/verified boot and roots of trust
Date: Wed, 3 Aug 2016 07:42:02 +0300	[thread overview]
Message-ID: <20160803073731-mutt-send-email-mst@kernel.org> (raw)
In-Reply-To: <CALCETrWDvwPrYiHE41Uhpz3m=-V=zJMLSUwBgEzVho=iRv4RhQ@mail.gmail.com>

On Tue, Aug 02, 2016 at 09:34:14PM -0700, Andy Lutomirski wrote:
> On Tue, Aug 2, 2016 at 8:32 PM, Matthew Garrett <mjg59@coreos.com> wrote:
> > On Tue, Aug 2, 2016 at 7:58 PM, Andy Lutomirski <luto@amacapital.net> wrote:
> >>  - Appeasing the Secure Boot deities.  AFAIK this specifically
> >> requires that we verify the kernel and its modules using a combination
> >> of EFI-supplied and distro keys.
> >
> > Eh not quite. The rules are basically that if a Microsoft-signed
> > object can be used to compromise other operating systems, Microsoft
> > may unilaterally blacklist that object. Allowing arbitrary module
> > loading or arbitrary kexec clearly makes it straightforward to simply
> > use a signed Linux boot chain to then boot a compromised version of
> > any other operating system, defeating the point of Secure Boot.
> 
> > Distro
> > keys are used for module signing because that's the easiest way to
> > handle it (sign them during build and then discard the key),
> 
> With my module hashing patches, that'll be even simpler.  The kernel
> image will contain a list of SHA256 hashes of in-tree .ko files and
> will accept those files.

Hmm. I kind of like ability to build and add modules to a running
kernel. And I think some distros might use it too, updating modules
without updating the kernel (doesn't work if you discard the key,
obviously).

> > UEFI keys
> > are used to appease some manufacturers (they can ship their
> > binary-only drivers signed with a key that's in firmware) and shim
> > keys are used to allow users to sign their own modules.
> 
> Hmm.  Would it be okay if a physically present user could subvert it?
> For example, if a physically present user typed "insecure" into a
> bootloader command line and thus turned off signature verification?

Typically already possible with firmware menus.

> >>  - Bootloader supplies public keys and policy to the kernel.
> >
> > The main problem here is the lack of a standardised way of passing
> > data from bootloader to kernel. We can't just append a CPIO to the
> > initramfs because using arbitrary initramfs is a reasonable policy for
> > many usecases. Having a secure architecture-independent communications
> > channel between the bootloader and the kernel would be helpful in
> > various ways.
> 
> Indeed.  I wonder if we could design such a thing?  Or at least
> something that requires only minimal arch-specific work.
> _______________________________________________
> Ksummit-discuss mailing list
> Ksummit-discuss@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/ksummit-discuss

  reply	other threads:[~2016-08-03  4:42 UTC|newest]

Thread overview: 29+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-08-03  2:58 [Ksummit-discuss] [TOPIC] Secure/verified boot and roots of trust Andy Lutomirski
2016-08-03  3:24 ` Kees Cook
2016-08-03  3:32 ` Matthew Garrett
2016-08-03  4:34   ` Andy Lutomirski
2016-08-03  4:42     ` Michael S. Tsirkin [this message]
2016-08-03  4:46       ` Andy Lutomirski
2016-08-03  5:15     ` Matthew Garrett
2016-08-03  8:33 ` Alexandre Belloni
2016-08-03 10:31 ` Mark Brown
2016-08-03 10:43 ` David Howells
2016-08-03 16:46   ` Andy Lutomirski
2016-08-03 17:17     ` Matthew Garrett
2016-08-03 17:23       ` Andy Lutomirski
2016-08-03 17:26         ` Matthew Garrett
2016-08-03 17:28           ` Andy Lutomirski
2016-08-03 18:00         ` Michael S. Tsirkin
2016-08-03 23:01     ` Ben Hutchings
2016-08-03 23:22       ` Andy Lutomirski
2016-08-04  5:26         ` Kees Cook
2016-08-17 11:38       ` Ben Hutchings
2016-08-17 13:03         ` Mimi Zohar
2016-08-17 16:11           ` Ben Hutchings
2016-08-18 12:28             ` Mimi Zohar
2016-08-03 12:42 ` James Bottomley
2016-08-03 17:04   ` Andy Lutomirski
2016-08-03 17:23     ` Matthew Garrett
2016-08-03 17:29       ` Andy Lutomirski
2016-08-03 22:09     ` James Bottomley
     [not found]       ` <CALCETrVpCnfOJ2aXkNsOXatQAF6NG-AcJpxeYfA9wG_t2ocykg@mail.gmail.com>
     [not found]         ` <CALCETrWgS0XObzxfQWQbyntVEn6QF81K2TVbS4bGNyN6EcYb_A@mail.gmail.com>
2016-08-03 22:39           ` Andy Lutomirski

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20160803073731-mutt-send-email-mst@kernel.org \
    --to=mst@redhat.com \
    --cc=James.Bottomley@hansenpartnership.com \
    --cc=broonie@sirena.org.uk \
    --cc=jason@lakedaemon.net \
    --cc=jwboyer@fedoraproject.org \
    --cc=ksummit-discuss@lists.linuxfoundation.org \
    --cc=luto@amacapital.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.