Alexander Graf <graf@xxxxxxxxxx> writes:
Hey Ashish,Isn't it the same when we just allow loading kernel modules? I'm sure
On 09.04.24 22:42, Ashish Kalra wrote:
From: Ashish Kalra <ashish.kalra@xxxxxxx>
The patchset adds bits and pieces to get kexec (and crashkernel) work on
SNP guest.
With this patch set (and similar for the TDX one), you enable the
typical kdump case, which is great!
However, if a user is running with direct kernel boot - which is very
typical in SEV-SNP setup, especially for Kata Containers and similar -
the initial launch measurement is a natural indicator of the target
environment. Kexec basically allows them to completely bypass that: You
would be able to run a completely different environment than the one you
measure through the launch digest. I'm not sure it's a good idea to even
allow that by default in CoCo environments - at least not if the kernel
is locked down.
you can also achieve a 'completely different environment' with that :-)
With SecureBoot / lockdown we normally require modules to pass signature
check, I guess we can employ the same mechanism for kexec. I.e. in
lockdown, we require signature check on the kexec-ed kernel. Also, it
may make sense to check initramfs too (with direct kernel boot it's also
part of launch measurements, right?) and there's UKI for that already).
Personally, I believe that if we simply forbid kexec for CoCo in
lockdown mode, the feature will become mostly useless in 'full stack'
(which boot through firmware) production envrironments.