Received: by 2002:a05:6358:7058:b0:131:369:b2a3 with SMTP id 24csp1149102rwp; Thu, 13 Jul 2023 06:56:02 -0700 (PDT) X-Google-Smtp-Source: APBJJlHul60T+bmTkYw+NB0LabBibkmnr33uxCicRkZw0e+iZA1FkGOarUr+T9GZjC29gFgTyq2c X-Received: by 2002:a5d:5511:0:b0:313:f68c:cfe9 with SMTP id b17-20020a5d5511000000b00313f68ccfe9mr1596426wrv.35.1689256562354; Thu, 13 Jul 2023 06:56:02 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689256562; cv=none; d=google.com; s=arc-20160816; b=mWmqnOplwFxxQ+bBH8fifhqE3Svo24hnqKhP3PFAFepGeLbF6GPp3w9AkVorqkl81x OtXWvfPYvm2292Uee7Vry8FESbfD0pZIX0Mc/NJx3lsyKJzkPuUw8hm/EY4tjeiZccIk PrE+Z15bHEDWWf/JwnSZpF1Zrf4VeJd4Jz75gOrNkDczL6UM0F1up6skjO7+2gvoJqOz nnWppa1cj6iXnJeU7SXCVuodgP4fAgtKlJtOqHFiIxu5eDqBEs7SyTb+0p77Q9U1cJzp ZoR6f2vM+maSfIWlMjp1EtLQyxd/x/YfDtIODhCCES650CntriuRxQ0VFuVRpLypD+nx pg7w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:in-reply-to:content-disposition:mime-version :references:message-id:subject:cc:to:from:date:dkim-signature; bh=XG80OESNd/3dCfLZdXdj1oMUWmzVMFz8cNrFTg/HTVo=; fh=caC+tLat4yCJ1EFtPif/yWd4S/ZateOBj4ZZWDTugbY=; b=tBvJTMDdN28IiZ8uTiGAeScN7vjGjQCtaQQ3WTBm37A1Oo54sPx5waD2hu6cJ6C5nj 2AejgLt/strhF/zny4PTKCC5n/gvJSWoJudHeAs9ZwWE4SmRhPAqLP14OKkAf8p5ep6J was73oh7e6FEzvUEwJQEV/QT3luQOawhmVzpV1Jxw9C0vq8il7gAdh58aGp/HHNG+ls9 dlTVYJNPgjFKIlXJEXkDesx7LU6mx3rJeAWY55mFF8xhj/d3QJ9bBUQL41u3bI3BMgNp KVAlWeAi49IzqRl7e/hztJR+j+N4rQBWSqwb6T2Gp//c9y1puJIBerVHTWLaNY7v5Wjo LSkw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=EZOiOP3Y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id l7-20020a1709066b8700b00993a7ae9f37si6751849ejr.882.2023.07.13.06.55.38; Thu, 13 Jul 2023 06:56:02 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=EZOiOP3Y; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S230076AbjGMNwp (ORCPT + 99 others); Thu, 13 Jul 2023 09:52:45 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:47306 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230055AbjGMNwo (ORCPT ); Thu, 13 Jul 2023 09:52:44 -0400 Received: from dfw.source.kernel.org (dfw.source.kernel.org [IPv6:2604:1380:4641:c500::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 751DB1992; Thu, 13 Jul 2023 06:52:43 -0700 (PDT) Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by dfw.source.kernel.org (Postfix) with ESMTPS id EDF7F6103B; Thu, 13 Jul 2023 13:52:42 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 7A026C433C8; Thu, 13 Jul 2023 13:52:38 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1689256362; bh=Z+wdPp4bBuT9L1ChT+AHlpXverdOI7n2EbrlbDUz34A=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=EZOiOP3YZFmh51YhkcCfOxZrjGErPWqe3Xpl4tiS3X+tTndYWqhMu/6gjuvoHMwPS zhAe+a7EQIbGsdRYnPkwkIf0MZOW4P3wV5ubOhXagF083YdxDAuIaJqyQT+7oiEb3E 9kOAtYxAHujbx77HMQBk7+3tRCM/+jYsgzztobYBdzF4pk8gi3nJsBsqlBs0BmXxNV RH4N1P5k8E6qDoCoQUGYcz2euZx5FQxveJ+rt0G3Pm6EwILfhucj3grOP/d1y+HZHw djfTWa/6EDiJF+YhV9j+4mbOr5stgOI0dZMh/qFkJ155FEa0kCw5RJdDagGWz67tjQ hiNvxuWfL9N3A== Date: Thu, 13 Jul 2023 15:52:35 +0200 From: Ard Biesheuvel To: Emanuele Giuseppe Esposito Cc: x86@kernel.org, Thomas Gleixner , bluca@debian.org, lennart@poettering.net, Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andrew Morton , Masahiro Yamada , Alexander Potapenko , Nick Desaulniers , Vitaly Kuznetsov , Daniel P =?iso-8859-1?Q?=2E_Berrang=E9?= , linux-kernel@vger.kernel.org, linux-efi@vger.kernel.org, ardb@kernel.org Subject: Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage Message-ID: References: <20230711154449.1378385-1-eesposit@redhat.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-4.4 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH, DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_MED, SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org (add linux-efi@ cc) On Thu, Jul 13, 2023 at 03:33:38PM +0200, Ard Biesheuvel wrote: > Hello Emanuele, > > Please cc the linux-efi@ mailing list and myself on EFI related patches. > > First of all, I think the tone of the discussion is way out of hand on > both sides of the debate. Please keep it civil and courteous. > > On Tue, Jul 11, 2023 at 11:44:49AM -0400, Emanuele Giuseppe Esposito wrote: > > *Important*: this is just an RFC, as I am not expert in this area and > > I don't know what's the best way to achieve this. > > > > v2: > > * add standard "sbat,1,SBAT Version,..." header string > > > > The aim of this patch is to add a .sbat section to the linux binary > > (https://github.com/rhboot/shim/blob/main/SBAT.md). > > We mainly need SBAT in UKIs (Unified Kernel Images), as we might want > > to revoke authorizations to specific signed PEs that were initially > > considered as trusted. The reason might be for example a security issue > > related to a specific linux release. > > > > A .sbat is simply a section containing a string with the component name > > and a version number. This version number is compared with the value in > > OVMF_VARS, and if it's less than the variable, the binary is not trusted, > > even if it is correctly signed. > > > > Most people will not known what OVMF_VARS is or a PE. > > Also, 'version number' is a bit vague, better to stick with existing > terminology that makes this more self explanatory: the component that > authenticates the kernel image keeps a revocation counter, and refuses > to load authentic images whose revocation index is lower than the > revocation counter. This approach removes the need for revoking > individual image hashes or having to rotate the signing keys when a > vulnerability is discovered. > > The argument that we need this in the upstream kernel seems to be > predicated on the assumption that there is one universal signing > authority and revocation domain, but this is not necessarily true. Even > if the distros appear to have decided that it is a reasonable choice to > deploy the MicroSoft signed shim and the associated components on other > systems than Windows-crippled x86 PCs, this is not universally true, and > UEFI secure boot can be (and is) deployed in sane ways as well. > Note that by Windows-crippled, I mean x86 PCs built by OEMs who care about nothing other than the Windows logo sticker. These PCs often don't allow secure boot keys to be modified by the owner of the machine, or secure boot to be disabled at all. This is why shim exists, not because UEFI secure boot is broken by design.