Hi Marta,
Thanks Martha, yes that would be very helpful and I appreciate your
consideration for that. Yes the patch-set is getting reviewed actively
so I am also hopeful that these would be upstreamed soon.
Thanks,
Sudhakar Kuppusamy
On 2025-05-13 19:46, Marta Lewandowska wrote:
Red Hat has been carrying patches 1-13 of this set for like four
years now. We would be willing to test the remainder, with the hope
that at least those first 13 will get accepted sometime soon. Is that
reasonable? thanks, marta On Wed, Mar
Red Hat has been carrying patches 1-13 of this set for like four years
now. We would be willing to test the remainder, with the hope that at
least those first 13 will get accepted sometime soon. Is that
reasonable?
thanks,
marta
On Wed, Mar 26, 2025 at 8:33 PM Sudhakar Kuppusamy
<sudha...@linux.ibm.com> wrote:
This patch set contains v2 of the consolidated version of the patch
sets for secure boot using appended signatures on powerpc,
rebased on top of git HEAD.
The v1 series is at
https://lists.gnu.org/archive/html/grub-devel/2024-12/msg00071.html
Linux on Power LPAR secure boot ensures the integrity of the Linux
boot
stack. The hypervisor and partition firmware are part of the core
root of
trust. The partition firmware verifies the signature on the GRUB
image
before handing control to GRUB. Similarly, GRUB verifies the
signature on
the kernel image before booting the OS. This ensures that every
image
running at the boot time is verified and trusted. UEFI platforms
relies
on PECOFF based signature scheme. Since Power is not a UEFI
platform, an
alternative mechanism is needed. Power already uses appended
signatures
on the Linux Kernel, and is now extended to sign the grub as well.
Linux on Power also allows multiple signers, and if any one of the
signature passes, then the image passes the validation. Appended
signature
scheme uses CMS structure to contain signatures. On Power, the
multiple
signature support relies on the multiple signers features already
supported
by CMS standards. It does require that all the signers should sign
at the
same time and are not allowed to add or remove the signatures
randomly.
By default, Linux LPAR secure boot uses static key management[1].
This means
that each image embeds the keys it needs to verify the image it
loads.
For example, the keys used to verify the GRUB image are built into
the
firmware image. Similarly, the keys used for verifying the kernel
image
are built into the GRUB image. These are pre-defined keys and they
cannot
be modified at runtime. The drawback of this approach is that key
rotations
results in both firmware and OS updates. This is where dynamic key
management is useful.
An admin can switch from static keys to dynamic keys by coordinating
with
Hardware Management Console(HMC) admin and enabling the required
flags
for the given LPAR.
The dynamic key management relies on the Platform KeyStore(PKS)[2]
storage
allocation for each LPAR with individually managed access controls
to
store sensitive information securely. Once switched to dynamic keys,
HMC
advertises this flag to the PowerVM, which then initializes the PKS
with the default secvars. It also creates a variable SB_VERSION that
represents the secure boot key management mode. The default secvars
are
used by Partition firmware, grub and the linux kernel to reads keys
for
verification. These secvars can be managed by user interface exposed
via
linux kernel. The linux kernel already supports this interface and
it is available in the upstream kernel.
This patchset adds the appended signature support both for signing
and
verification and the key management to the grub component. The whole
patchset can be split into following four main parts:
The series has following four main parts:
1.) Sign grub.elf with an appended signature. (Patches 1 - 3)
These patches provide some infrastructure and documentation for
signing grub's core.elf with a Linux-kernel-module style appended
signature.
An appended signature is a 'dumb' signature over the contents of a
file. (It is distinct from schemes like Authenticode that are aware
of
the structure of the file and only sign certain parts.) The
signature
is wrapped in a PKCS#7 message, and is appended to the signed file
along with some metadata and a magic string. The signatures are
validated against a public key which is usually provided as an x509
certificate.
Because some platforms, such as powerpc-ieee1275, may load grub from
a
raw disk partition rather than a filesystem, we extend grub-install
to
add an ELF note that allows us to specify the size and location of
the
signature.
2.) Enable appended signature verification using builtin keys
(Patches 4 - 10).
Part of a secure boot chain is allowing grub to verify the boot
kernel. For UEFI platforms, this is usually delegated to the
shim. However, for platforms that do not implement UEFI, an
alternative scheme is required.
This part teaches grub how to verify Linux kernel-style appended
signatures. Kernels on powerpc are already signed with this scheme
and
can be verified by IMA for kexec.
As PKCS#7 messages and x509 certificates are both based on ASN.1, we
import libtasn1 to parse them. Because ASN.1 isn't self-documenting,
we import from GNUTLS the information we need to navigate their
structure.
This section is composed of the following patches:
- patch 4 is a small fix to allow persistent modules to work on the
emu target.
- patches 5 and 6 are small refactorings.
- patch 7 allows x509 certificates to be built in to the grub core
in much the same way as PGP keys.
- patch 8 brings in the code from GNUTLS that allows us to parse
PKCS#7 and x509 with libtasn1.
- patch 9 is our PKCS#7 and x509 parser. They're minimal and fairly
strict parsers that extract only the bits we need to verify the
signatures.
- patch 10 is the guts of the appended signature verifier. It uses
the verifier infrastructure like pgp, and adds a number of
user-friendly commands that mirror the pgp module.
- patch 11 adds tests, and patch 12 adds documentation.
3.) Enable lockdown if secure boot is enabled (Patch 13)
If the 'ibm,secure-boot' property of the root node is 2 or greater,
enter lockdown.The main appended signature module now tests for
lockdown to
enter 'forced' mode.
4.) Enable accessing keys dynamically from Platform KeyStore (Patch
14 - 21)
This part teaches grub how to read db and dbx variables from
platform keystore
using client interface call then load keys from those two variable,
and use it
to verify Linux kernel.
This section is composed of the following patches:
- patch 14 is an exposes an interface in ieee1275 for reading
secure boot
variable
db and dbx from Platform Keystore.
- patch 15 is a read secure boot variables such as db and dbx from
PKS and
extract certificates from ESL.
- patch 16 is creates the trusted and distrusted lists.
- patch 17 is verify the kernel using trusted and distrusted lists
- patch 18 sets the use_static_keys flag if DB not available in
PKS,
and patch 19 is reads the DB default keys from ELF Note and
store it in trusted lists if use_static_keys flag is set.
- patch 20 adds trusted and distrusted commands, and patch 21 adds
documentation.
Thanks to Stefan Berger, Avnish Chouhan, Michal Suchanek, and
Vladimir Serbinenko for providing review comments on v1.
I've pushed this all to
https://github.com/SudhakarKuppusamy1/grub/tree/appendedsig-2.13
[1]https://www.ibm.com/docs/en/linux-on-systems?topic=servers-guest-secure-boot-static-keys
[2]https://community.ibm.com/community/user/power/blogs/chris-engel1/2020/11/20/powervm-introduces-the-platform-keystore
Alastair D'Silva (1):
grub-install: support embedding x509 certificates
Daniel Axtens (11):
docs/grub: Document signing grub under UEFI
docs/grub: Document signing grub with an appended signature
dl: provide a fake grub_dl_set_persistent for the emu target
pgp: factor out rsa_pad
crypto: move storage for grub_crypto_pk_* to crypto.c
appended signatures: import GNUTLS's ASN.1 description files
appended signatures: parse PKCS#7 signedData and X.509
certificates
appended signatures: support verifying appended signatures
appended signatures: verification tests
appended signatures: documentation
ieee1275: enter lockdown based on /ibm,secure-boot
Rashmica Gupta (1):
powerpc-ieee1275: Add support for signing grub with an appended
signature
Sudhakar Kuppusamy (8):
ieee1275: Platform Keystore (PKS) Support
ieee1275: Read the DB and DBX secure boot variables
appendedsig: The creation of trusted and distrusted lists
appendedsig: While verifying the kernel, use trusted and
distrusted
lists
powerpc_ieee1275: set use_static_keys flag
appendedsig: Reads the default DB keys from ELF Note
appendedsig: The grub command's trusted and distrusted support
appendedsig: documentation
docs/grub.texi | 283 +++-
grub-core/Makefile.am | 2 +
grub-core/Makefile.core.def | 31 +
grub-core/commands/appendedsig/appendedsig.c | 1411
+++++++++++++++++
grub-core/commands/appendedsig/appendedsig.h | 110 ++
grub-core/commands/appendedsig/asn1util.c | 98 ++
.../commands/appendedsig/gnutls_asn1_tab.c | 121 ++
grub-core/commands/appendedsig/pkcs7.c | 460 ++++++
.../commands/appendedsig/pkix_asn1_tab.c | 484 ++++++
grub-core/commands/appendedsig/x509.c | 953 +++++++++++
grub-core/commands/pgp.c | 34 +-
grub-core/kern/file.c | 34 +
grub-core/kern/ieee1275/init.c | 46 +
grub-core/kern/powerpc/ieee1275/ieee1275.c | 140 ++
.../kern/powerpc/ieee1275/platform_keystore.c | 346 ++++
grub-core/lib/crypto.c | 4 +
grub-core/lib/pkcs1_v15.c | 59 +
grub-core/term/tparm.c | 1 -
grub-core/tests/appended_signature_test.c | 258 +++
grub-core/tests/appended_signatures.h | 975 ++++++++++++
grub-core/tests/lib/functional_test.c | 1 +
include/grub/dl.h | 11 +
include/grub/file.h | 3 +
include/grub/kernel.h | 2 +
include/grub/lockdown.h | 3 +-
include/grub/pkcs1_v15.h | 27 +
include/grub/powerpc/ieee1275/ieee1275.h | 14 +
.../grub/powerpc/ieee1275/platform_keystore.h | 226 +++
include/grub/types.h | 11 +
include/grub/util/install.h | 10 +-
include/grub/util/mkimage.h | 4 +-
util/grub-install-common.c | 34 +-
util/grub-mkimage.c | 25 +-
util/grub-mkimagexx.c | 38 +-
util/mkimage.c | 39 +-
35 files changed, 6229 insertions(+), 69 deletions(-)
create mode 100644 grub-core/commands/appendedsig/appendedsig.c
create mode 100644 grub-core/commands/appendedsig/appendedsig.h
create mode 100644 grub-core/commands/appendedsig/asn1util.c
create mode 100644 grub-core/commands/appendedsig/gnutls_asn1_tab.c
create mode 100644 grub-core/commands/appendedsig/pkcs7.c
create mode 100644 grub-core/commands/appendedsig/pkix_asn1_tab.c
create mode 100644 grub-core/commands/appendedsig/x509.c
create mode 100644 grub-core/kern/powerpc/ieee1275/ieee1275.c
create mode 100644
grub-core/kern/powerpc/ieee1275/platform_keystore.c
create mode 100644 grub-core/lib/pkcs1_v15.c
create mode 100644 grub-core/tests/appended_signature_test.c
create mode 100644 grub-core/tests/appended_signatures.h
create mode 100644 include/grub/pkcs1_v15.h
create mode 100644
include/grub/powerpc/ieee1275/platform_keystore.h
--
2.43.5
Links:
------
[1]
https://us-phishalarm-ewt.proofpoint.com/EWT/v1/AdhS1Rd-!-XFVHHVa3OJT9VR5Za8gPdRF0zC5n_bZ0RUCAt27UE3C-XDLgiqLMbD2NUoiY_q9qtOF9O7ECQBRONUTavAThgVVsAFD2RS6-fQgO_NzvFzsuKo8HoOFcd8cU0ZJfQ$
_______________________________________________
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
