secure boot: lockdown, grub fallback, CI #2299
Conversation
...el/coreos-sources/files/6.6/z0004-efi-Add-an-EFI_SECURE_BOOT-flag-to-indicate-secure-b.patch
Show resolved
Hide resolved
...tainer/src/third_party/coreos-overlay/sys-kernel/coreos-sources/coreos-sources-6.6.48.ebuild
Outdated
Show resolved
Hide resolved
|
As there is a work in progress and if the desire is to move to a new kernel soon-ish (#2300), I would suggest to have these patches only for the 6.10 or the new LTS 6.12, and to not have to maintain them for 6.6 too (less work if we maintain only for very up-to-date Linux versions). And maybe in the meantime find a way to upstream / gather some support for mainline. |
|
Build action triggered: https://github.com/flatcar/scripts/actions/runs/10902608332 |
They will never be mainline. You can see the full discussion here: https://lore.kernel.org/lkml/[email protected]/.
The aim is to submit a shim for signing in october so we can't risk it by coupling the required changes to other ones like the kernel upgrade. If we have to maintain patches on two kernel branches then so be it. |
jepio
force-pushed
the
jepio+sayan/sboot-lockdown
branch
from
a2805bf to
36d1a7f
Compare
| echo "++++ ${CIA_TESTSCRIPT}: Using existing ${bios} ++++" | ||
| if [ -f "${firmware}" ] ; then | ||
| echo "++++ ${CIA_TESTSCRIPT}: Using existing ${firmware} ++++" | ||
| else |
There was a problem hiding this comment.
The indentation seems off?
jepio
force-pushed
the
jepio+sayan/sboot-lockdown
branch
2 times, most recently
from
0b3cefe to
a9e42a8
Compare
jepio
force-pushed
the
jepio+sayan/sboot-lockdown
branch
from
a9e42a8 to
30343ba
Compare
|
Jenkins CI ran successfully here: http://jenkins.infra.kinvolk.io:8080/job/container/job/packages_all_arches/4670/cldsv/ |
|
@ader1990 are you OK with merging? |
Shim signing for secure boot requires enforcing lockdown. There are three ways we can do this: 1. setting CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY=y. This unconditionally prevents loading unsigned kernel modules. 2. setting lockdown=integrity on the kernel cmdline from a signed Grub configuration. This would be OK, but Grub is not updated in the field right now, so we'd be stuck. 3. incorporate the secure-boot-lockdown patches that other major distros are using. We're going to go with 3, because this only enforces lockdown when secure boot is actually enabled and lets us change approach later on. These patches are sourced from Debian: https://sources.debian.org/src/linux/6.6.13-1~bpo12%2B1/debian/patches/features/all/lockdown/. Signed-off-by: Jeremi Piotrowski <[email protected]>
This is a requirement of the shim signing process. Signed-off-by: Jeremi Piotrowski <[email protected]>
With secure boot a failed shim signature check will leave us stuck in grub. Enable automatic fallback in that case.
Signed-off-by: Sayan Chowdhury <[email protected]> Signed-off-by: Jeremi Piotrowski <[email protected]>
Signed-off-by: Jeremi Piotrowski <[email protected]>
Signed-off-by: Jeremi Piotrowski <[email protected]>
jepio
force-pushed
the
jepio+sayan/sboot-lockdown
branch
from
30343ba to
fd54cca
Compare
I suppose I am okay with merging, but I still think it is not an optimal way forward. Because having this unreviewed (and soon rebased, conflicts need to be taken care of, etc) patches affect Flatcar images that will never be used in a secure boot environment, thus adding more possible security vulnerabilities. I suggested to have a more one-step at a time approach, activate this patch just for the OEMs that we know need the secure boot implementation now, see how it goes for a while, and then activate the patches for all the images. I am saying this because some of the code from the patches executes independently of the kernel config option is set or not, which opens the possibility for unwanted behaviours. |
The patches don't do anything unless secure boot is enabled at runtime (the switch checks whether firmware set SECUREBOOT=1) So lockdown is only triggered in a secure boot environment. We can't ship a different kernel configuration for different OEMs because that would require preparing separate update payloads and nebraska can't handle that. These patches are part of standard Ubuntu, Debian, Fedora, RHEL, SuSe kernels so they have been well tested. I would also rather not have them. |
efi_get_fdt_params is changed, also some small other places in the process. This code change runs irrespective of the secureboot kernel config. If other operating systems use the same byte-wise patches, I suppose it is a smaller risk. Let's hope for the best. I see, for example, that 6.10 also has the same level of support for the patches: https://sources.debian.org/data/main/l/linux/6.10.6-1~bpo12+1/debian/patches/features/all/lockdown/, which is great, as we can copy those over byte-wise. Maybe we could add a small .github ci automation to get these patches automatically on a kernel change, like we do with the gentoo upstream - to have the same source of truth Flatcar and Debian. |
|
Leaving this here for future usage and reference: https://sources.debian.org/data/main/l/linux/6.6.13-1~bpo12%2B1/debian/patches/features/all/lockdown/efi-lock-down-the-kernel-if-booted-in-secure-boot-mo.patch vs https://sources.debian.org/data/main/l/linux/6.10.6-1~bpo12+1/debian/patches/features/all/lockdown/efi-lock-down-the-kernel-if-booted-in-secure-boot-mo.patch Seems that the rebasing work is already done, although it lags on a few patch releases. For: #2300 |
secure boot: lockdown, grub fallback, CI
How to use
[ describe what reviewers need to do in order to validate this PR ]
Testing done
Tested here:
amd64: http://jenkins.infra.kinvolk.io:8080/job/container/job/test/26834/cldsv/
arm64: http://jenkins.infra.kinvolk.io:8080/job/container/job/test/26780/cldsv/
changelog/directory (user-facing change, bug fix, security fix, update)/bootand/usrsize, packages, list files for any missing binaries, kernel modules, config files, kernel modules, etc.