From: Traut Manuel LCPF-CH <Manuel.Traut@mt.com>
To: Ilias Apalodimas <ilias.apalodimas@linaro.org>
Cc: "u-boot@lists.denx.de" <u-boot@lists.denx.de>,
Venzin Daniel LCPF-CH <Daniel.Venzin@mt.com>,
Gujan Armin LCPF-CH <Armin.Gujan@mt.com>,
Manuel Traut <manut@mecka.net>,
Heinrich Schuchardt <xypron.glpk@gmx.de>,
Burak Gerz <burak@gerz.io>
Subject: Re: EFI File renaming
Date: Tue, 12 Nov 2024 15:55:35 +0100 [thread overview]
Message-ID: <ZzNsZyVFuXAry8qT@mt.com> (raw)
In-Reply-To: <CAC_iWjJEiNj+tCj64TXs5i+oqOMnEvevs1YrwPGQJ_XVkWsgsA@mail.gmail.com>
> > > > systemd-boot counting logic requires [0] to be implemented.
> >
> > > > If not we plan to add the functionality in fs/fs.c and fs/fat - correct?
> > >
> > > We don't have plans for it, but explaining any use cases you have might help
> >
> > systemd-boot is able to do bootcounting by renaming the UKI image [0]
> > the code that triggers the not implemented code section is here [1].
> >
> > With this it is possible to have watchdog based A/B switching on systems
> > without a writeable u-boot environment. And therefore it is a nice
> > method to implement measured boot.
>
> The A/B is ok, but I cant understand how that realted to measured
> boot. The TPM access, UKI infrastucture etc, will work fine without
> A/B
Yes, TPM, UKI works fine right now :)
systemd-boot is renaming the UKI before it starts it, by increasing
the bootcounter that is part of the filename. If the system is fully
booted the file gets renamed again to reset the bootcounter.
If the bootcounter exceeds systemd-boot tries the next UKI.
The UKIs can be signed and are still valid after rename.
I expect that changes to the u-boot env will change a PCR measurement.
At least it should be like this, since it might alter the boot path?
For trusted systems it would be nice to have a meaurement of the EFI
variables and beside that have no dynamic environment.
Hope this explenation is understandable?
Manuel
> > [0] https://uapi-group.org/specifications/specs/boot_loader_specification/#boot-counting
> > [1] https://github.com/systemd/systemd/blob/3304a029b847e87da51f7a8ad8c118111508e009/src/boot/boot.c#L1407
> >
> > > >
> > > > [0] https://elixir.bootlin.com/u-boot/v2025.01-rc1/source/lib/efi_loader/efi_file.c#L971
next prev parent reply other threads:[~2024-11-12 14:55 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-11-12 13:21 EFI File renaming Traut Manuel LCPF-CH
2024-11-12 13:46 ` Ilias Apalodimas
2024-11-12 14:10 ` Heinrich Schuchardt
2024-11-12 14:23 ` Traut Manuel LCPF-CH
2024-11-12 14:22 ` Traut Manuel LCPF-CH
2024-11-12 14:27 ` Ilias Apalodimas
2024-11-12 14:55 ` Traut Manuel LCPF-CH [this message]
2024-11-12 15:04 ` Ilias Apalodimas
2024-12-12 8:03 ` Enric Balletbo i Serra
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=ZzNsZyVFuXAry8qT@mt.com \
--to=manuel.traut@mt.com \
--cc=Armin.Gujan@mt.com \
--cc=Daniel.Venzin@mt.com \
--cc=burak@gerz.io \
--cc=ilias.apalodimas@linaro.org \
--cc=manut@mecka.net \
--cc=u-boot@lists.denx.de \
--cc=xypron.glpk@gmx.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.