Re: Linux DRTM on UEFI platforms

From: Brendan Trotter
Date: Tue Jul 05 2022 - 20:03:42 EST

Next message: Andy Lutomirski: "Re: [PATCH] x86/Kconfig: Allow X86_X32_ABI with llvm-objcopy in some cases"
Previous message: Guo Ren: "Re: [PATCH v6 2/4] dt-bindings: riscv: document cbom-block-size"
In reply to: Daniel P. Smith: "Re: Linux DRTM on UEFI platforms"
Next in thread: Matthew Garrett: "Re: Linux DRTM on UEFI platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

On Wed, Jul 6, 2022 at 4:52 AM Daniel P. Smith
<dpsmith@xxxxxxxxxxxxxxxxxxxx> wrote:
> On 6/10/22 12:40, Ard Biesheuvel wrote:> On Thu, 19 May 2022 at 22:59,
> To help provide clarity, consider the following flows for comparison,
>
> Normal/existing efi-stub:
> EFI -> efi-stub -> head_64.S
>
> Proposed secure launch:
> EFI -> efi-stub -> dl-handler -> [cpu] -> sl_stub ->head_64.S

For more clarity; the entire point is to ensure that the kernel only
has to trust itself and the CPU/TPM hardware (and does not have to
trust a potentially malicious boot loader)..Any attempt to avoid a
one-off solution for Linux is an attempt to weaken security.

The only correct approach is "efi-stub -> head_64.S -> kernel's own
secure init"; where (on UEFI systems) neither GRUB nor Trenchboot has
a valid reason to exist and should never be installed.

Cheers,

Brendan

Next message: Andy Lutomirski: "Re: [PATCH] x86/Kconfig: Allow X86_X32_ABI with llvm-objcopy in some cases"
Previous message: Guo Ren: "Re: [PATCH v6 2/4] dt-bindings: riscv: document cbom-block-size"
In reply to: Daniel P. Smith: "Re: Linux DRTM on UEFI platforms"
Next in thread: Matthew Garrett: "Re: Linux DRTM on UEFI platforms"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]