Hi Lennart,
"Sorry, but GPG is a no-go. Not in 2023."
Yes, I understand that. What I am trying to get is a simple way to
verify that the initramfs has not been tampered with. UKI comes with its
own challenges, using encryption tied to a measured boot looks overkill,
and I fully agree in which adding an authentication layer is not
desirable. Then... what alternatives are available for just performing
verification of the initramfs? I was giving a look at IMA now, so this
could be sorted with a policy... but I think this is not supported in
sd-boot.
In the case I wrap the initramfs on a PE envelope, as you suggested,
when then its signature be validated automatically? when it gets loaded?
Because, if so... this would work enough for this use case.
Thank you
---
Felix Rubio
"Don't believe what you're told. Double check."
On 2023-05-24 18:11, Lennart Poettering wrote:
On Mi, 24.05.23 16:20, Felix Rubio (felix@xxxxxxxxx) wrote:
Hi Andrei, Lennart
@Andrei: Do you think, then, that the same private key used for
SecureBoot
could be used for GPG signing the initramfs? That would be cool, as
the
whole boot signing infrastructure would still depend on a single
entity.
@Lennart: I was thinking in using a private key for which I'd enroll
the
certificate in MOK (I mean, just following the standard use case for
MOK).
Without having much idea about the code base of systemd-boot, I am
willing
to give it a try (to a GPG with private key from SB) provided you
think is
something the community might benefit from. What are your thoughts?
Sorry, but GPG is a no-go. Not in 2023.
But also I am not sure I understand what are you trying to do?
Note that shim only authenticates PE binaries, hence you'd have to
wrap your initrd in a PE binary anyway to validate an initrd against
MOK.
And we really don#t want to add another layer of authentication in
sd-boot, let's leave that in uefi sb firmware + shim. i.e. we
expressly don#t want to embedd a crypto stack like grub. And even if
we could we don't get access to MOK iirc, shim makes that impossible
for later boot components.
If you wrap your initrd in a PE envelope this is pretty much exactly
what UKIs are. – Also note that there's currently a PR pending that
allows wrapping kernel command lines in separate PE files which can be
read by a UKI, a concept we call "add-on", which would we could extend
to initrds too i guess, see
https://github.com/systemd/systemd/pull/27358
Lennart
--
Lennart Poettering, Berlin
