Received: by 10.213.65.68 with SMTP id h4csp1314968imn;
        Wed, 4 Apr 2018 17:07:32 -0700 (PDT)
X-Google-Smtp-Source: AIpwx4/Ob0bhZ0U3C8kmHyXGfY6fBZe4XomtflrPAiG/0/XvwrRlY5DVn/XRaLR4qTQYJuATbWRa
X-Received: by 2002:a17:902:b789:: with SMTP id e9-v6mr15078793pls.246.1522886852137;
        Wed, 04 Apr 2018 17:07:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1522886852; cv=none;
        d=google.com; s=arc-20160816;
        b=M+uE2mtp/oK+D9N46ZGaQriI8o9PP3Km/geWpS04rJXuv7fK/HFvGy1i9Z0mjCMXVV
         cBDnvZedldruBOVLuSKEqU7G5mDWg2yYOwtxdKG1YGKTPk2omIN8C2SQwbzF6IEmgmMI
         vJj7HfxXgYjOs6w2QeAqxvFetoOj8YKxcyNwlxNYD2vwvd7mrRqCW7E0/11HDlAlM5yG
         mvl1AdgUCGdHQIRAgT1hmwJ77CWQBFZTVCZY7ZO7CyXaHM5efy1eTDjLo/54yEYmhy9w
         yJSHOOlyPM7hHIgr9ZXeGur7K1VAlwE7H6FEj8U36JEBcq8EnnOIeIyuKj4OR84SyUgg
         kVUA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:cc:to:subject:message-id:date:from
         :references:in-reply-to:mime-version:dkim-signature
         :arc-authentication-results;
        bh=RG+rVwR9KGBm5thqi8+L/4QTvPn4GmvRZeJqV5G7RgM=;
        b=HwIBMd8BHANUeaxv6eYJwzzU4vc31GZIAD780q2A2/wsOAbNZyxgO//YLjxKz2p96Z
         /1F9AClcSS+PS5Lv/uZmkxdsvY9d3om5mGkxF+6z6r+okP+pSojn/U4YKHA6czgdA4W4
         Sz26ird9+Yw+vBlPzJ+L/SllA2G3+qTONArp4185+7gLkS2MizJayJR/8S8WSBYSgGlm
         KfpQXu5RHHVjuZmI7l3vMJGp5KKakvbTbg+xh1Lm6f91Rm2bZdMYeVoXlhZZV5LrwMbU
         +k4h0AQQmkjdOUThWHejcG9DyOlQ3GqlZGQpT9+LKiramWNY1V9fzv/ISySz7EBDfE2q
         ff5g==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=b0vfQs+R;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id b18si4268888pgu.116.2018.04.04.17.07.17;
        Wed, 04 Apr 2018 17:07:32 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=b0vfQs+R;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1752718AbeDEAFu (ORCPT
        <rfc822;paul.schmitz.hallo.parkuhr@gmail.com> + 99 others);
        Wed, 4 Apr 2018 20:05:50 -0400
Received: from mail-wm0-f68.google.com ([74.125.82.68]:35563 "EHLO
        mail-wm0-f68.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1752311AbeDEAFs (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 4 Apr 2018 20:05:48 -0400
Received: by mail-wm0-f68.google.com with SMTP id r82so1837737wme.0;
        Wed, 04 Apr 2018 17:05:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=mime-version:in-reply-to:references:from:date:message-id:subject:to
         :cc;
        bh=RG+rVwR9KGBm5thqi8+L/4QTvPn4GmvRZeJqV5G7RgM=;
        b=b0vfQs+RWWmHVL3hJ1IUMn2qFq6WHy4dD9TTLsqQvIv4wAAH3xfvcqkqsAVybgwGcG
         qY2uyLvurDPKcMRGiNPuhxhvCRhzX/lU3vKNYYbRPyJeT5e4GSnqJfgJtgwpd/Y257Pj
         q3V32Bl33UW2Fk73SAXkYx7Ax2cxvZjuWHnyajZT2QXVC30VcD9ocPwT8C9dQRiMPGA0
         o5Bdx1mIckQ3iZRBcDrcJbPpzZxifxBcs02vW5VhUiFlrNyAz5dOCZSMIsxR89V7vWnl
         +iZQmpmPGeS6P7sowB5sA/5XHrabKRRORSAj9S7ROACI4KrgwKC3hFV6Att2AfE2kDo8
         lv2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:mime-version:in-reply-to:references:from:date
         :message-id:subject:to:cc;
        bh=RG+rVwR9KGBm5thqi8+L/4QTvPn4GmvRZeJqV5G7RgM=;
        b=Q4r2ibUv5+reQHGCOeFXF/+vB07UUya89nM0lNkFFc3F3tNNAb3auZlyOqWAKmOJ8g
         aAdvVMzpOXNookjDB04tcboQOt7YZ7SMwTUMSrrRDJHLjIu9RSJb0jxLDwdi6h3cMnVO
         c+pQjeWJ+UBH8qYuRTMLryabzcErqV58JK1SdOG06NXH9IENfuOKPiW6TbIXeF+sJ9Xb
         6jLCCJrYnyc51T7P2Gu/TWsVrDOLM0ub+QG9qIdm10+qevTDmix5i8u1VMJdSG1lkKVd
         8utbv+WgB6Vr3jF2gacg9537YPqa15f5ciJyPa8PKmeBQCrnrbGgmpP05jbcrhPTd1+g
         8zeQ==
X-Gm-Message-State: AElRT7GRw8aV5PvgVXQ0nqVPEUpKEaL1B4DQsQCpt3JignIexeFIeqKy
        iFshvUred5k/x2L5PR0wNjHPD4fLxNR69JPJOVU=
X-Received: by 10.28.4.86 with SMTP id 83mr8101508wme.13.1522886746051; Wed,
 04 Apr 2018 17:05:46 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.151.36 with HTTP; Wed, 4 Apr 2018 17:05:45 -0700 (PDT)
In-Reply-To: <CACdnJuuGRRUt-a3i89o906ka3RDOhs+_7tz_G8LTG8Jc0DXAyQ@mail.gmail.com>
References: <CA+55aFzYbpRAdma0PvqE+9ygySuKzNKByqOzzMufBoovXVnfPw@mail.gmail.com>
 <CACdnJuv-VpdhjEe1cMysdHb6Oy67jQqg-_TVHbUrOfH9GmCVvg@mail.gmail.com>
 <CA+55aFwvuoSHhKnn82VnDndZ6oXMJgwHF604gZ=h3ehHyC600A@mail.gmail.com>
 <CA+55aFzJ2sQR13T+20MKEJ5co-f3Ev8rRxQkRCWVaeDSUU3yhQ@mail.gmail.com>
 <CACdnJuti5Riqoi1sesqPALYHq9LT87o4MFj-0Y5BZqqzJ5579g@mail.gmail.com>
 <CA+55aFwhi=gz3HLoGST9--n1_kLJNP6jsf8GSesSFxTDCdPdtQ@mail.gmail.com>
 <CACdnJuuek-sS3esmomNOkjBMV_6VPL2NFCzRd+UGxbZrMe=4nw@mail.gmail.com>
 <CA+55aFxgrh5eeG9MRSEsJtyL5yTe0TehZ=BS2josGJaLxoMMBQ@mail.gmail.com>
 <CACdnJutuBaE3RaDx0KM5vDF9Sinrp=3tG9csrS-H3eU-J7-Utw@mail.gmail.com>
 <24353.1522848817@warthog.procyon.org.uk> <20180404135251.GD16242@thunk.org> <CACdnJuuGRRUt-a3i89o906ka3RDOhs+_7tz_G8LTG8Jc0DXAyQ@mail.gmail.com>
From:   Peter Dolding <oiaohm@gmail.com>
Date:   Thu, 5 Apr 2018 10:05:45 +1000
Message-ID: <CANA3KFWLCfe=KYPBhKj+g698=frt4E-u-Hq2--5jFkHnkNoBnA@mail.gmail.com>
Subject: Re: [GIT PULL] Kernel lockdown for secure boot
To:     Matthew Garrett <mjg59@google.com>
Cc:     Theodore Tso <tytso@mit.edu>, David Howells <dhowells@redhat.com>,
        Linus Torvalds <torvalds@linux-foundation.org>,
        luto@kernel.org, Ard Biesheuvel <ard.biesheuvel@linaro.org>,
        James Morris <jmorris@namei.org>,
        Alan Cox <gnomes@lxorguk.ukuu.org.uk>,
        Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
        Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
        jforbes@redhat.com, linux-man@vger.kernel.org, jlee@suse.com,
        LSM List <linux-security-module@vger.kernel.org>,
        linux-api@vger.kernel.org, Kees Cook <keescook@chromium.org>,
        linux-efi <linux-efi@vger.kernel.org>
Content-Type: text/plain; charset="UTF-8"
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

> If you don't have secure boot then an attacker with root can modify your
> bootloader or kernel, and on next boot lockdown can be silently disabled.

Stop being narrow minded you don't need secure boot to protect
bootloader or kernel the classic is only boot from read only media.

Another is network boot using https can coreboot firmware.   This
checks the certificate  of the https server against selected CA before
downloading anything and as long as the firmware is set read only in
hardware the attack has absolutely nothing to work on.

In fact the network boot form https server is more secure than UEFI
secureboot due to highly limited parties who can alter/provide the
approved boot loader/kernel image.

Having root user rights does not override physical security.    The
fact there are other ways of doing bootloader and kernel security
other than UEFI secureboot that are in lots of cases more secure than
UEFI secureboot due to using more limited keys is the absolute reason
why lockdown is required without UEFI secureboot.

It would make sense to extend kexec to support UEFI secureboot
verification  and also kexec to have frameworks to support other
security options like https server storage of all kernel images.
Please note kexec supporting UEFI secureboot verification should also
support booting non UEFI secureboot but verified by some other method
and having own PK/KEK set for kexec and this would be when the Linux
kernel is placed in firmware and used instead of EFI firmware..

Please note there are many UEFI firmwares that with secureboot off
allow setting up secure https bootting where you are not in fact
validating the boot loader or kernel but validating the source you get
them from.

There are three different ways to achieve a protected boot process.
1) validate the boot files.(this is like UEFI secure boot and many
other methods)
2) validate source the boot files.  Yes this can be apply key check to
image if image is not signed don't boot from it and the image contain
boot loader and kernel then not bother validating the boot loader and
kernel image/parts individually same with https.
3) make boot files read only.

All three achieve the same level of security.   If you are using any
of the three lockdown option may provide some benefit.

Yes https network boot effectively does 2 and 3 so making having a
very limit threat against the boot process.

Remember there is more 1 way to skin a cat just like there is more
than 1 way to make a secure system.   Currently being too narrow in
methods for doing protected booting.


Peter Dolding.