[bug #56423] module verification falls through to tpm, which approves it automatically

[Benjamin Doron]

URL:
  <https://savannah.gnu.org/bugs/?56423>

                 Summary: module verification falls through to tpm, which
approves it automatically
                 Project: GNU GRUB
            Submitted by: benjamind
            Submitted on: Fri 31 May 2019 06:48:33 AM UTC
                Category: Security
                Severity: Major
                Priority: 5 - Normal
              Item Group: Software Error
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: 
                 Release: other
         Reproducibility: Every Time
         Planned Release: None

    _______________________________________________________

Details:

Configuration: grub 2.04-rc1, built with gcc 9.1.1 and binutils 2.31.1 on
Fedora 30 and configured with "./configure --with-platform=efi
--disable-werror". After running "make", built an image with "export
GRUB_MODULES=$(cat mods); ./grub-mkimage -O x86_64-efi -o grubx64.efi -p
/EFI/fedora -d grub-core $GRUB_MODULES)" and then signed grubx64.efi with
pesign using a certificate enrolled in MOK (because secure boot is enabled,
but this bug applies regardless). Then, copied the rest of the modules into
the esp with "mkdir /boot/efi/EFI/fedora/x86_64-efi; cp grub-core/*.mod
/boot/efi/EFI/fedora/x86_64-efi/" and signed them, mostly following the steps
in
https://www.gnu.org/software/grub/manual/grub/html_node/Using-digital-signatures.html.


According to what I've read in the documentation for 2.04 (on git), inserting
a module should now first check it for a valid pgp signature (where
previously, distros disabled "insmod" entirely and grub would "insmod"
regardless, having no concept of secure boot). However, I've observed that
modules do get inserted, even without having detached signatures, so long as
the tpm module is loaded. This is true on a VM with no TPM and a laptop with
one. (With the tpm module loaded, try loading a module. It will succeed. Then
"rmmod tpm" and try loading another. It fails with the error, "verification
requested but nobody cares: <path to module>")

My bet is that the pgp module isn't verifying modules for some reason and that
it's falling through to the tpm module, which measures (in some cases,
'measures') and okays them.


I consider the following to be bugs:
1. pgp module isn't verifying modules that we attempt to insert
2. tpm module is allowed to verify modules. The tpm can only measure. What if
the module is malicious?
3. tpm module operates on a system without a tpm?

The following should also be considered (but I understand that I can't expect
it to be done if I can't do it myself): If modules are meant to be verified
against keys, a malicious user could trust another public key and then insert
their module. Perhaps (on secure boot only, maybe?) modules should only be
allowed to be inserted if signed by a particular key that's provided either
with the source code at "make" time or to "grub2-mkimage" at build time to be
included in the image.


Perhaps I'm misunderstanding where the pgp signatures should be (as .sigs with
the .mods, no?) and that's why pgp isn't verifying them, but I see no
indication why that would be the case.



    _______________________________________________________

File Attachments:


-------------------------------------------------------
Date: Fri 31 May 2019 06:48:33 AM UTC  Name: mods  Size: 468B   By: benjamind
The modules included at build time. I placed it with the source code
<http://savannah.gnu.org/bugs/download.php?file_id=47006>

    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?56423>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/