Received: by 10.213.65.68 with SMTP id h4csp943577imn; Wed, 4 Apr 2018 09:49:10 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+hU1v907+zRJrdtDsUWmoGkhaiCmeT5arBucFwe2gY63UPSXgapAWEPK/UJUZCbgK+L0NP X-Received: by 10.99.163.9 with SMTP id s9mr12487426pge.187.1522860550542; Wed, 04 Apr 2018 09:49:10 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522860550; cv=none; d=google.com; s=arc-20160816; b=bXTF7PQH2n3963uwWq0flaC3cUAA10fPMGsN0mXB8gj5lZWfLX7KTSzSgT9Yx4ygTS MmDrORGVxIEpfXPbnYwF5Sl/I6eda9SnESV1RoyF31nPa4WzFM9VdQU9f4VBjNPcyArw JIeJINBvcDM1kZPNjSg1ZmxbzMNLElvedK7avVjVzFZfrwH6OW/LNMw+zh7RsN0gE3m2 z2eJoItY9iRFGCyjdOAwwdOhpf0NDBIvmghoLiV+80/LfyyG7b8ErzBhKsC+3Tyxj8xt FNpFOYs05G/o9nIC6ixoydzbqW2sAkRxVzoEeq9nsekn+5MqHlnx1J/3c8bM3GNaqrL9 Is9g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:arc-authentication-results; bh=wU2lkAnaAJ5O08V3xIJoGeiHYmBkKhzC94uKfsKfNyU=; b=m9NuITeGBcj2qetUO6b8Qgv9IetgNq55IfUpa4xXsKC16+wT2OC1OPt3OhWfGT+AS6 5O4B+tEq+ZNgwl6Y2hDmjAk2aedEOfpunhGzTmOF0tAS0VQ45GOnjk4p/fvcEti1wRKR JLYQPtfexELcFwxvsBf9Bs4TjgYBdShW3uH4PsAkruPhIqlXZmJL+NJkqozn3QFkgw1W /ycdByQu3Hnxq0ug+h4V/L2s2hWYnWQLb/+IkkTg9yaZ0uHCszsFetyYhnaLg3eM1Uy4 tYNpY2mezOxmqSstp8/vAVn3xbBYpSzJVehtPYlceB0Fr5SVW5Ms6JdSCI6n0BDaIiAA ItWA== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id y11-v6si3420348plg.154.2018.04.04.09.48.56; Wed, 04 Apr 2018 09:49:10 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=redhat.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752517AbeDDQqe (ORCPT + 99 others); Wed, 4 Apr 2018 12:46:34 -0400 Received: from mail-ot0-f195.google.com ([74.125.82.195]:38496 "EHLO mail-ot0-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752121AbeDDQqc (ORCPT ); Wed, 4 Apr 2018 12:46:32 -0400 Received: by mail-ot0-f195.google.com with SMTP id o9-v6so24076692otj.5 for ; Wed, 04 Apr 2018 09:46:32 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=wU2lkAnaAJ5O08V3xIJoGeiHYmBkKhzC94uKfsKfNyU=; b=CXp/a0hGUH91ZVAS27GHrNqX/ko8d8JscSm2k4Ug6jttXkGzkhA8OstsSgND61FLAj AFonvuPs6tIthYRcU1r94SUmyhP4Ic7yiQPCANjsQgC0UUJaIObVOCM/jOlSF0H2NahA OUInDSN0IJEoW8W/s0KWC2p6JsM64AXPBT5J7mAGTKTg3c7ZecVtUQbX07RbHSyqz3E4 UIwi7TtNUAJTBRCYk+/jT2645IvCt8ohdOJXV+Hl1ndV8KgSrEvQ1IpfcKc7rlcOw5Si f4rPEBllc+ie9grJVPJcv2p0pbiZYlry/aGmw06J7Rsp5COKcqGxXo199Xq+yvr2vDGZ r8Ww== X-Gm-Message-State: ALQs6tCk4DrO5ewcBi/JU5WbuZtKndWSdpcM7YoxZ2EHtR/VeH/g0yDA VwmnwXEjDYmYz0iW+Gs9dgTIB7LwAzzQOvUr7l8Nkg== X-Received: by 2002:a9d:61ca:: with SMTP id h10-v6mr10860099otk.6.1522860391557; Wed, 04 Apr 2018 09:46:31 -0700 (PDT) MIME-Version: 1.0 Received: by 10.201.65.9 with HTTP; Wed, 4 Apr 2018 09:46:31 -0700 (PDT) In-Reply-To: References: <24353.1522848817@warthog.procyon.org.uk> <20180404135251.GD16242@thunk.org> From: Justin Forbes Date: Wed, 4 Apr 2018 11:46:31 -0500 Message-ID: Subject: Re: [GIT PULL] Kernel lockdown for secure boot To: Andy Lutomirski Cc: Matthew Garrett , "Ted Ts'o" , David Howells , Linus Torvalds , Ard Biesheuvel , James Morris , Alan Cox , Greg Kroah-Hartman , Linux Kernel Mailing List , linux-man , joeyli , LSM List , Linux API , Kees Cook , linux-efi Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Wed, Apr 4, 2018 at 11:39 AM, Andy Lutomirski wrote: > On Wed, Apr 4, 2018 at 9:22 AM, Matthew Garrett wrote: >> On Wed, Apr 4, 2018 at 6:52 AM Theodore Y. Ts'o wrote: >> >>> On Wed, Apr 04, 2018 at 02:33:37PM +0100, David Howells wrote: >>> > Theodore Y. Ts'o wrote: >>> > >>> > > Whoa. Why doesn't lockdown prevent kexec? Put another away, why >>> > > isn't this a problem for people who are fearful that Linux could be >>> > > used as part of a Windows boot virus in a Secure UEFI context? >>> > >>> > Lockdown mode restricts kexec to booting an authorised image (where the >>> > authorisation may be by signature or by IMA). >> >>> If that's true, then Matthew's assertion that lockdown w/o secure boot >>> is insecure goes away, no? >> >> If you don't have secure boot then an attacker with root can modify your >> bootloader or kernel, and on next boot lockdown can be silently disabled. > > This has been rebutted over and over and over. Secure boot is not the > only verified boot mechanism in the world. Other, better, much more > auditable, and much simpler mechanisms have been around for a long, > long time. > That is certainly the case, and one of the main reasons for the secureboot patchset being split out and lockdown taking a different name. The problem is, right now, secure boot is the only thing using lockdown. I certainly wouldn't go through any effort to tie into it with any other mechanism knowing that this patch set has been delayed upstream for years. I would hope and expect that once lockdown is in mainline, other verified boot mechanisms would leverage it as well. >>> The fact that this Verified Boot on, lockdown off causes trouble >>> points to a clear problem. User owns the hardware they should have >>> the right to defeat secureboot if they wish to. >> >> Which is why Shim allows you to disable validation if you prove physical >> user presence. > > And that's a giant hack. The actual feature should be that a user > proves physical presence and thus disables lockdown *without* > disabling verification. > > --Andy