Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage

From: Luca Boccassi
Date: Fri Jul 21 2023 - 11:15:33 EST

Next message: Paolo Bonzini: "Re: [RFC PATCH v11 18/29] KVM: selftests: Drop unused kvm_userspace_memory_region_find() helper"
Previous message: Thierry Reding: "Re: [PATCH] firmware: Explicitly include correct DT includes"
In reply to: James Bottomley: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Next in thread: Luca Boccassi: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 21 Jul 2023 at 14:34, James Bottomley
<James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote:
>
> On Fri, 2023-07-21 at 14:10 +0100, Luca Boccassi wrote:
> > On Fri, 21 Jul 2023 at 14:01, James Bottomley
> > <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx> wrote:
> [...]
> > > Well, my job is to be concerned about how individuals who want to
> > > own their own keys, either in MoK or db, participate in this, so I
> > > am mostly thinking about local signing. Whatever we decide, there
> > > must be a local workflow pathway.
> >
> > Sure but for local signing via MoK that's obviously fine, as one gets
> > to keep the pieces. AFAIK it's a different flow in Shim whether
> > something is authorized by MoK, DB or the built-in cert, so having
> > different policies built-in for those different cases should be
> > doable. Actually at the moment even if Shim loads the image, if it
> > gets authorized by DB .sbat isn't checked at all.
>
> So let's be sure we mean the same thing here. There is really no third
> party CA. Microsoft gives the distributions a signing key to allow
> them to sign their version of shim. Some distributions, like Red Hat,
> also embed their signing certificates in shim, so shim can distinguish
> between a RH key and another key added to MokList. However, some
> distributions, like SUSE, insist that all signing keys be approved by
> the machine owner (so no embedded shim certs for non-enterprise) and
> their shim can't distinguish between SUSE keys and machine owner
> additions. Given the variances in key handling, I think trying to
> distinguish between official and developer keys is a huge addition of
> complexity we don't need, so there has to be a workflow that functions
> for both and that workflow would seem to be allowing non-existent or
> empty sbat sections. Official key holders would *always* add sbat
> sections, so there's really no problem that needs a solution to be
> mandated here.

The certificate is called the "Microsoft Corporation UEFI CA 2011" ,
issued by the "Microsoft Corporation Third Party Marketplace Root". So
for short, we call it UEFI 3rd party CA :-)
Anyway, I wasn't aware that SUSE doesn't embed their cert in Shim,
we'll have to take that in consideration for sure.

Next message: Paolo Bonzini: "Re: [RFC PATCH v11 18/29] KVM: selftests: Drop unused kvm_userspace_memory_region_find() helper"
Previous message: Thierry Reding: "Re: [PATCH] firmware: Explicitly include correct DT includes"
In reply to: James Bottomley: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Next in thread: Luca Boccassi: "Re: [RFC PATCH v2] x86/boot: add .sbat section to the bzImage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]