Received: by 2002:a05:6358:7058:b0:131:369:b2a3 with SMTP id 24csp10884568rwp; Fri, 21 Jul 2023 06:27:51 -0700 (PDT) X-Google-Smtp-Source: APBJJlE2sepcejVbmaDA+licAcelFM5zL5+nu5Nu6a3hQgM3wXVic3yH8MYnUofJAOKgoZ7qkFEC X-Received: by 2002:a17:906:209d:b0:99b:56f1:300d with SMTP id 29-20020a170906209d00b0099b56f1300dmr1543291ejq.69.1689946070947; Fri, 21 Jul 2023 06:27:50 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1689946070; cv=none; d=google.com; s=arc-20160816; b=rW7i1Z+f8PYC8R7FTY6CcHVS4WyLC/jSmDeoiQzN474QjZjnmKiem2LSViTfYmS0n6 pVhMyUGeUnSDOaTB4RQKP7evNFNjk9AjDoOcgH/B9AsBm8ko4NTFWrmPtOpVac6t+nEY 3D83y2Fp684C408jPuuv0JBUzXyCiHJPWBE8Cx7xGHFH5VvyHN5zuPDAAmBuUAosDLPF W6mYbD/88Tu1W1HxWu7sgkjUPdLxjYYO4P7BnNGLpR/mqfUB4euJdwyulaZnuwB3904t fdxMiDUdzsq2CAHHjsVKFVcbLico5ttMB7Iuw/vVYcAdPvlirBj0A3+MH6g1z+fyyuz9 Z3FQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version; bh=2SMyrYuyGnw6se9V0iz4C3o5R60SIQ8j01sF09ulyNs=; fh=84upHsOdXirOA/7/3g1OEwNUkYffuk3FBUbUAXg5D/o=; b=Ahqre4Gxcj6fs8C5GjgxDTOhCVGEHxiQswIuIHaRS1YBS+kA3EDYsxwBPiZ8+TFJqP YtZu6r7PJLBoHfaKlbC2rni6VD0qQXsCatG1VWKiS+NUf4HiYqtDbBoUCN+Ojqm+3X80 6Q2Vn+KYrPaJfy/qIkpc4cI69h8BJJXmdrejIYna5NTHsFhIwqOdPBnd9u4Z4ybwymt/ bJpePdhtXD6cshWCfEjmB8Z0p4+gyL/h1lGidNTohbSbETkK476gMyTwDual7h7WDZiX qyYhkiDy12juQR+OtM/Ly3APgUwy+n2R46ZSIN1sJxAKKuFs8WaAXMHlMILVezSoMA52 7mKg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id d24-20020a170906175800b00991ece4c966si2173081eje.101.2023.07.21.06.27.01; Fri, 21 Jul 2023 06:27:50 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229972AbjGUNKz (ORCPT + 99 others); Fri, 21 Jul 2023 09:10:55 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:54534 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229644AbjGUNKy (ORCPT ); Fri, 21 Jul 2023 09:10:54 -0400 Received: from mail-yb1-f176.google.com (mail-yb1-f176.google.com [209.85.219.176]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 403BB30C1; Fri, 21 Jul 2023 06:10:48 -0700 (PDT) Received: by mail-yb1-f176.google.com with SMTP id 3f1490d57ef6-cae0ad435b6so1876546276.0; Fri, 21 Jul 2023 06:10:48 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689945047; x=1690549847; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=2SMyrYuyGnw6se9V0iz4C3o5R60SIQ8j01sF09ulyNs=; b=KeclVoogQLTjYtMjWVbqZB3jMUo5gA1/C1iYwJuo8Uyt+J/07YH0tRin8WKUNeCYr/ 6Ph/rhlDJ51+jB+phHO3nQfMlDrD0KqRsFPiXXpOWOBJO7Mp8KwOeAHFno7mc8Ic5nnP dPsx8eWOr1x13hn/9U2GTaNEaP243sbCkaVq6eygHs41HlskgbdStKV+9hfJY23CGDQn ml50LCShko6sBcKkQguciwsCq6IXNcpWk42sOEkXz2Bevrsy+pj4h2ZqHAyGtfYXDcQw rG+b3fVxaBuqTa3TrQAk6tO/0kW5KYd4zIHfXWz5cpWwVAOe+hrGIbVd6vxHSRQhQfsG nhvQ== X-Gm-Message-State: ABy/qLYF50beWv46A1eAbfPrA0s5lMAkfOJbOG/mCw9ILjp/dohTz0d6 1F1YdgClFKJL7qchVfj2xrGhdqLKH+p8Aw== X-Received: by 2002:a25:e20e:0:b0:cef:e2c4:d366 with SMTP id h14-20020a25e20e000000b00cefe2c4d366mr1541335ybe.48.1689945047266; Fri, 21 Jul 2023 06:10:47 -0700 (PDT) Received: from mail-yw1-f174.google.com (mail-yw1-f174.google.com. [209.85.128.174]) by smtp.gmail.com with ESMTPSA id h13-20020a25d00d000000b00c6135ffd2fcsm770861ybg.15.2023.07.21.06.10.46 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Fri, 21 Jul 2023 06:10:46 -0700 (PDT) Received: by mail-yw1-f174.google.com with SMTP id 00721157ae682-57045429f76so20953957b3.0; Fri, 21 Jul 2023 06:10:46 -0700 (PDT) X-Received: by 2002:a25:6dc2:0:b0:cac:e20:90e3 with SMTP id i185-20020a256dc2000000b00cac0e2090e3mr1446640ybc.63.1689945045842; Fri, 21 Jul 2023 06:10:45 -0700 (PDT) MIME-Version: 1.0 References: <20230711154449.1378385-1-eesposit@redhat.com> <0aa647f719103e8620d7209cbde40f04a7334749.camel@HansenPartnership.com> <635B383C-38A5-479E-80A6-358D5F90988B@oracle.com> <137ddc2957d43576afd37afb0bedab3ceea1f8d7.camel@HansenPartnership.com> In-Reply-To: <137ddc2957d43576afd37afb0bedab3ceea1f8d7.camel@HansenPartnership.com> From: Luca Boccassi Date: Fri, 21 Jul 2023 14:10:33 +0100 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage To: James Bottomley Cc: Eric Snowberg , Ard Biesheuvel , =?UTF-8?Q?Daniel_P=2E_Berrang=C3=A9?= , Emanuele Giuseppe Esposito , "x86@kernel.org" , Thomas Gleixner , "lennart@poettering.net" , Ingo Molnar , Borislav Petkov , Dave Hansen , "H. Peter Anvin" , Andrew Morton , Masahiro Yamada , Alexander Potapenko , Nick Desaulniers , Vitaly Kuznetsov , open list , "linux-efi@vger.kernel.org" , "keyrings@vger.kernel.org" , Jarkko Sakkinen Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00, FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,HEADER_FROM_DIFFERENT_DOMAINS, RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Fri, 21 Jul 2023 at 14:01, James Bottomley wrote: > > On Fri, 2023-07-21 at 13:40 +0100, Luca Boccassi wrote: > > On Fri, 21 Jul 2023 at 12:24, James Bottomley > > wrote: > > > > > > On Fri, 2023-07-21 at 09:55 +0100, Luca Boccassi wrote: > > > > On Fri, 21 Jul 2023 at 02:49, Eric Snowberg > > > > wrote: > > > > > > On Jul 20, 2023, at 1:16 PM, Luca Boccassi > > > > > > wrote: > > > > > > On Thu, 20 Jul 2023 at 18:11, Eric Snowberg > > > > > > wrote: > > > [...] > > > > > > > I agree with James in the previous thread; adding the SBAT > > > > > > > section to the kernel should be handled by the signing > > > > > > > tools. It really doesn't need to be included in the > > > > > > > mainline kernel code. I also agree with the sentiment that > > > > > > > mainline and the > > > > > > > stable branches should not have SBAT versions attached > > > > > > > to them. These are things distros should be responsible for > > > > > > > including in their kernel if they want to have SBAT > > > > > > > support. > > > > > > > > > > > > Why would 'signing tools' handle that? It's just a text-based > > > > > > PE section, it doesn't require access to private key > > > > > > materials to be handled, nor it has any relationship with > > > > > > signing. > > > > > > > > > > There is a relationship, the sbat information within the signed > > > > > file can be used for revocation in lieu of revoking the hash or > > > > > signing certificate at a later time. > > > > > > > > No, it is completely disjoint. In fact, the kernel doesn't even > > > > have to be signed at all, but it still _must_ have a .sbat > > > > section when it is used in a UKI. > > > > > > Just a minute, this is wrong. I was talking to Peter after all of > > > this blew up about how we handle signed kernels with no sbat (since > > > we need that still to work for developers who sign their own > > > kernels). I thought he was planning to require an sbat section for > > > all EFI binaries, but he says that's not true. The current way > > > shim does the sbat check is that if the section doesn't exist the > > > binary is processed as having an empty sbat section (i.e. no sbat > > > level checking will be done because there's no named sbat level for > > > anything and it will just work) and they're planning to keep it > > > that way so that a signed but no sbat kernel will always "just > > > work" without any special key handling in shim. So if we're > > > planning to keep this no-sbat case in discrete kernels, even when > > > the shim verifier checks sbat, the UKI kernel will need to work for > > > this case as well. > > > > Are you sure that's not just about local signing? > > Well, my job is to be concerned about how individuals who want to own > their own keys, either in MoK or db, participate in this, so I am > mostly thinking about local signing. Whatever we decide, there must be > a local workflow pathway. Sure but for local signing via MoK that's obviously fine, as one gets to keep the pieces. AFAIK it's a different flow in Shim whether something is authorized by MoK, DB or the built-in cert, so having different policies built-in for those different cases should be doable. Actually at the moment even if Shim loads the image, if it gets authorized by DB .sbat isn't checked at all. > > IE, MoK vs embedded cert auth flow? As far as I know, the plan for > > the 3rd party CA flow is to eventually (very eventually) require it. > > I might have missed some development ofc. > > There is a thought to get sbat adopted by UEFI to solve the dbx > problem, but if that were to happen, UEFI will likely be extremely > concerned about backward compatibility (and as you have remarked, they > and the OEMs adopt at a glacial pace), so, even if they eventually > adopt it, I can't foresee them mandating refusing to execute signed EFI > binaries with no sbat. I'll pretty much stake cash on the compromise > being that for the foreseeable future no sbat gets revoked by dbx and > the plan will be a gradual shift towards sbat ... but all this is > contingent on UEFI adoption in the first place, which isn't a given. > There are also unsolved problems around sbat, like how the master sbat > lists are kept and how they're delivered which must be solved before a > UEFI proposal could be made. I meant Shim + 3rd party CA flow here. UEFI SB 2.0 is so far ahead I'm pretty sure a good chunk of the folks currently talking about it will be retired by the time it actually exist ;-)