On Wed, Sep 21, 2022 at 05:52:31PM +0200, Ilias Apalodimas wrote: > Hi Ard > > On Tue, 20 Sept 2022 at 17:37, Ard Biesheuvel <ardb@xxxxxxxxxx> wrote: > > > > We currently check the MokSBState variable to decide whether we should > > treat UEFI secure boot as being disabled, even if the firmware thinks > > otherwise. This is used by shim to indicate that it is not checking > > signatures on boot images. In the kernel, we use this to relax lockdown > > policies. > > > > However, in cases where shim is not even being used, we don't want this > > variable to interfere with lockdown, given that the variable is > > non-volatile variable and therefore persists across a reboot. This means > > setting it once will persistently disable lockdown checks on a given > > system. > > > > So switch to the mirrored version of this variable, called MokSBStateRT, > > which is supposed to be volatile, and this is something we can check. > > > > Just out of curiosity was the mirroring implemented at the same time > in SHIM? IOW does MokSBState guarantee the presence of the -RT? > Regardless of the answer this fixes an actual problem, so fwiw Yes, since 2016. Reviewed-by: Peter Jones <pjones@xxxxxxxxxx> > Reviewed-by: Ilias Apalodimas <ilias.apalodimas@xxxxxxxxxx> > > > Signed-off-by: Ard Biesheuvel <ardb@xxxxxxxxxx> > > --- > > arch/x86/xen/efi.c | 5 +++-- > > drivers/firmware/efi/libstub/secureboot.c | 8 ++++---- > > 2 files changed, 7 insertions(+), 6 deletions(-) > > > > diff --git a/arch/x86/xen/efi.c b/arch/x86/xen/efi.c > > index 7d7ffb9c826a..8bd65f2900b9 100644 > > --- a/arch/x86/xen/efi.c > > +++ b/arch/x86/xen/efi.c > > @@ -100,6 +100,7 @@ static enum efi_secureboot_mode xen_efi_get_secureboot(void) > > enum efi_secureboot_mode mode; > > efi_status_t status; > > u8 moksbstate; > > + u32 attr; > > unsigned long size; > > > > mode = efi_get_secureboot_mode(efi.get_variable); > > @@ -113,13 +114,13 @@ static enum efi_secureboot_mode xen_efi_get_secureboot(void) > > /* See if a user has put the shim into insecure mode. */ > > size = sizeof(moksbstate); > > status = efi.get_variable(L"MokSBStateRT", &shim_guid, > > - NULL, &size, &moksbstate); > > + &attr, &size, &moksbstate); > > > > /* If it fails, we don't care why. Default to secure. */ > > if (status != EFI_SUCCESS) > > goto secure_boot_enabled; > > > > - if (moksbstate == 1) > > + if (!(attr & EFI_VARIABLE_NON_VOLATILE) && moksbstate == 1) > > return efi_secureboot_mode_disabled; > > > > secure_boot_enabled: > > diff --git a/drivers/firmware/efi/libstub/secureboot.c b/drivers/firmware/efi/libstub/secureboot.c > > index 8a18930f3eb6..516f4f0069bd 100644 > > --- a/drivers/firmware/efi/libstub/secureboot.c > > +++ b/drivers/firmware/efi/libstub/secureboot.c > > @@ -14,7 +14,7 @@ > > > > /* SHIM variables */ > > static const efi_guid_t shim_guid = EFI_SHIM_LOCK_GUID; > > -static const efi_char16_t shim_MokSBState_name[] = L"MokSBState"; > > +static const efi_char16_t shim_MokSBState_name[] = L"MokSBStateRT"; > > > > static efi_status_t get_var(efi_char16_t *name, efi_guid_t *vendor, u32 *attr, > > unsigned long *data_size, void *data) > > @@ -43,8 +43,8 @@ enum efi_secureboot_mode efi_get_secureboot(void) > > > > /* > > * See if a user has put the shim into insecure mode. If so, and if the > > - * variable doesn't have the runtime attribute set, we might as well > > - * honor that. > > + * variable doesn't have the non-volatile attribute set, we might as > > + * well honor that. > > */ > > size = sizeof(moksbstate); > > status = get_efi_var(shim_MokSBState_name, &shim_guid, > > @@ -53,7 +53,7 @@ enum efi_secureboot_mode efi_get_secureboot(void) > > /* If it fails, we don't care why. Default to secure */ > > if (status != EFI_SUCCESS) > > goto secure_boot_enabled; > > - if (!(attr & EFI_VARIABLE_RUNTIME_ACCESS) && moksbstate == 1) > > + if (!(attr & EFI_VARIABLE_NON_VOLATILE) && moksbstate == 1) > > return efi_secureboot_mode_disabled; > > > > secure_boot_enabled: > > -- > > 2.35.1 > > > -- Peter