[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[PATCH RFC v2 0/5] verifiers: Framework and EFI shim lock verifier
|
From: |
Daniel Kiper |
|
Subject: |
[PATCH RFC v2 0/5] verifiers: Framework and EFI shim lock verifier |
|
Date: |
Fri, 3 Aug 2018 15:39:53 +0200 |
Hi,
As I promised I am posting verifiers framework patchset. This is an RFC because
I have some concerns which should be discussed.
Some verifiers, e.g. shim lock, may not be able to verify all file types, e.g.
GRUB2 modules, on your own and would want to delegate verification to other
verifiers, e.g. PGP. Currently this is not possible. So, I think that we should
extend the interface with relevant functionality. However, this will not solve
all problems. E.g. it is dangerous to load iorw or memrw modules, even if they
are signed e.g. with PGP, if UEFI secure boot is enabled. So, I think that we
should disable module loading if such verifiers are in use or provide
a functionality which gives us a chance to black list some modules.
If TPM verifier is introduced then module loading order changes will change
measurements. So, in this case maybe we should encourage users to use
standalone GRUB2. Or enforce module loading order somehow. However, this
can be difficult and not reliable.
Additionally, I would split PGP code changes from verifiers introduction (patch
#2),
rename grub-core/commands/verify.c to grub-core/commands/pgp.c and rename
grub-core/commands/verify_helper.c to grub-core/commands/verifiers.c.
And I am tempted to rename verify_detached/trust/list_trusted/distrust
commands to pgp_verify_detached/pgp_trust/pgp_list_trusted/pgp_distrust.
Though this may create some backward compatibility issues, so, ...
Anyway, please take look and say what you think about that.
Daniel
docs/grub-dev.texi | 53 +++++++
grub-core/Makefile.core.def | 11 ++
grub-core/commands/acpi.c | 2 +-
grub-core/commands/blocklist.c | 4 +-
grub-core/commands/cat.c | 2 +-
grub-core/commands/cmp.c | 4 +-
grub-core/commands/efi/loadbios.c | 4 +-
grub-core/commands/efi/shim_lock.c | 93 ++++++++++++
grub-core/commands/file.c | 5 +-
grub-core/commands/hashsum.c | 22 ++-
grub-core/commands/hexdump.c | 2 +-
grub-core/commands/i386/nthibr.c | 79 ++++++++++
grub-core/commands/i386/pc/play.c | 2 +-
grub-core/commands/keylayouts.c | 2 +-
grub-core/commands/legacycfg.c | 2 +-
grub-core/commands/loadenv.c | 24 +--
grub-core/commands/ls.c | 8 +-
grub-core/commands/minicmd.c | 2 +-
grub-core/commands/nativedisk.c | 3 +-
grub-core/commands/parttool.c | 2 +-
grub-core/commands/search.c | 4 +-
grub-core/commands/test.c | 4 +-
grub-core/commands/testload.c | 2 +-
grub-core/commands/testspeed.c | 2 +-
grub-core/commands/verify.c | 564
++++++++++++++++++++++++++++++++++-------------------------------------
grub-core/commands/verify_helper.c | 208 ++++++++++++++++++++++++++
grub-core/disk/loopback.c | 3 +-
grub-core/efiemu/main.c | 2 +-
grub-core/font/font.c | 4 +-
grub-core/fs/zfs/zfscrypt.c | 2 +-
grub-core/gettext/gettext.c | 2 +-
grub-core/gfxmenu/theme_loader.c | 2 +-
grub-core/io/bufio.c | 10 +-
grub-core/io/gzio.c | 5 +-
grub-core/io/lzopio.c | 6 +-
grub-core/io/offset.c | 7 +-
grub-core/io/xzio.c | 6 +-
grub-core/kern/dl.c | 2 +-
grub-core/kern/elf.c | 4 +-
grub-core/kern/file.c | 22 ++-
grub-core/lib/cmdline.c | 9 +-
grub-core/lib/syslinux_parse.c | 2 +-
grub-core/loader/arm/linux.c | 8 +-
grub-core/loader/arm64/linux.c | 10 +-
grub-core/loader/efi/chainloader.c | 2 +-
grub-core/loader/i386/bsd.c | 22 ++-
grub-core/loader/i386/coreboot/chainloader.c | 2 +-
grub-core/loader/i386/linux.c | 18 ++-
grub-core/loader/i386/multiboot_mbi.c | 16 +-
grub-core/loader/i386/pc/chainloader.c | 4 +-
grub-core/loader/i386/pc/freedos.c | 2 +-
grub-core/loader/i386/pc/linux.c | 15 +-
grub-core/loader/i386/pc/ntldr.c | 2 +-
grub-core/loader/i386/pc/plan9.c | 13 +-
grub-core/loader/i386/pc/pxechainloader.c | 2 +-
grub-core/loader/i386/pc/truecrypt.c | 2 +-
grub-core/loader/i386/xen.c | 14 +-
grub-core/loader/i386/xen_file.c | 2 +-
grub-core/loader/i386/xnu.c | 2 +-
grub-core/loader/ia64/efi/linux.c | 7 +
grub-core/loader/linux.c | 6 +-
grub-core/loader/macho.c | 4 +-
grub-core/loader/mips/linux.c | 10 +-
grub-core/loader/multiboot.c | 8 +-
grub-core/loader/multiboot_mbi2.c | 13 +-
grub-core/loader/powerpc/ieee1275/linux.c | 5 +-
grub-core/loader/sparc64/ieee1275/linux.c | 5 +-
grub-core/loader/xnu.c | 25 +++-
grub-core/loader/xnu_resume.c | 4 +-
grub-core/normal/autofs.c | 11 +-
grub-core/normal/crypto.c | 2 +-
grub-core/normal/dyncmd.c | 2 +-
grub-core/normal/main.c | 2 +-
grub-core/normal/term.c | 2 +-
grub-core/video/readers/jpeg.c | 2 +-
grub-core/video/readers/png.c | 2 +-
grub-core/video/readers/tga.c | 2 +-
include/grub/bufio.h | 6 +-
include/grub/elfload.h | 2 +-
include/grub/file.h | 153 +++++++++++++------
include/grub/lib/cmdline.h | 5 +-
include/grub/list.h | 1 +
include/grub/machoload.h | 3 +-
include/grub/verify.h | 76 ++++++++++
util/grub-fstest.c | 6 +-
util/grub-mount.c | 6 +-
86 files changed, 1172 insertions(+), 532 deletions(-)
Daniel Kiper (1):
efi: Add EFI shim lock verifier
Vladimir Serbinenko (4):
verifiers: File type for fine-grained signature-verification controlling
verifiers: Framework core
verifiers: Add possibility to verify kernel and modules command lines
verifiers: Add the documentation
- [PATCH RFC v2 0/5] verifiers: Framework and EFI shim lock verifier,
Daniel Kiper <=
- [PATCH RFC v2 2/5] verifiers: Framework core, Daniel Kiper, 2018/08/03
- [PATCH RFC v2 4/5] verifiers: Add the documentation, Daniel Kiper, 2018/08/03
- [PATCH RFC v2 1/5] verifiers: File type for fine-grained signature-verification controlling, Daniel Kiper, 2018/08/03
- [PATCH RFC v2 3/5] verifiers: Add possibility to verify kernel and modules command lines, Daniel Kiper, 2018/08/03
- [PATCH RFC v2 5/5] efi: Add EFI shim lock verifier, Daniel Kiper, 2018/08/03
- Re: [PATCH RFC v2 0/5] verifiers: Framework and EFI shim lock verifier, Matthew Garrett, 2018/08/03