From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from ams.source.kernel.org (ams.source.kernel.org [145.40.68.75])
 by mx.groups.io with SMTP id smtpd.web10.7779.1675421364053127741
 for <devel@edk2.groups.io>;
 Fri, 03 Feb 2023 02:49:24 -0800
Authentication-Results: mx.groups.io;
 dkim=pass header.i=@kernel.org header.s=k20201202 header.b=cL3D+ZcM;
 spf=pass (domain: kernel.org, ip: 145.40.68.75, mailfrom: ardb@kernel.org)
Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(No client certificate requested)
	by ams.source.kernel.org (Postfix) with ESMTPS id E6D0AB82A59
	for <devel@edk2.groups.io>; Fri,  3 Feb 2023 10:49:21 +0000 (UTC)
Received: by smtp.kernel.org (Postfix) with ESMTPSA id 8A6F8C433EF
	for <devel@edk2.groups.io>; Fri,  3 Feb 2023 10:49:20 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org;
	s=k20201202; t=1675421360;
	bh=SddD5eroizZJ+q0kPnFy3jemq+0Rd0zGIN/DbxNHZus=;
	h=References:In-Reply-To:From:Date:Subject:To:Cc:From;
	b=cL3D+ZcMarv82oQ7LdQ5rAitWMUUHL7DJQaq4f7SQlYWHWIjqerl/Zl91Fx+lwwzr
	 9Y+ETAsyQjSNHFTTyTIKc3a3VmarlGJXt4QRvHEyaKHFA4bs3W80MnrNDL6YKj+YJJ
	 2Tt2BPkgwnHClomc23bH6x3bL1LmHfIuMKlSlsi104orHuvmSFnd71VZH26Q4CIrqx
	 i3sYDJsChYHQHTDmCO4pWYi1xHsO0+bL9zB5Hz9C3b8KK3uAtXxUa0jEH6TLcZKu2n
	 MryYAlceHR4kmlZBwNAqE5Q21iuT1Qy8j2tLFSs1t10asBXE8gooqvfEwbLY7g1Ag1
	 k9vz1nXW3cJ4g==
Received: by mail-lf1-f46.google.com with SMTP id br9so7204389lfb.4
        for <devel@edk2.groups.io>; Fri, 03 Feb 2023 02:49:20 -0800 (PST)
X-Gm-Message-State: AO0yUKXHMV0/gtKaUZMYdEXhG80Wnqk6T7T4i4xhk72x7nxj5x90VZlP
	J8m+vmQAHnp/Qq3yDfhswLIjGhDmZOFU4dVzJ1k=
X-Google-Smtp-Source: AK7set+tPRVoxAkZWa+DiIEutqHnX+pW2MqOn8grNwaFFMJbMnpcincG86kzKRtVulrjIhUAnV7WkefvnpAGvzSW1vE=
X-Received: by 2002:ac2:5b9c:0:b0:4d8:767b:8b6b with SMTP id
 o28-20020ac25b9c000000b004d8767b8b6bmr1870969lfn.63.1675421358620; Fri, 03
 Feb 2023 02:49:18 -0800 (PST)
MIME-Version: 1.0
References: <20230120225835.42733-1-jbobek@nvidia.com> <20230120225835.42733-4-jbobek@nvidia.com>
In-Reply-To: <20230120225835.42733-4-jbobek@nvidia.com>
From: "Ard Biesheuvel" <ardb@kernel.org>
Date: Fri, 3 Feb 2023 11:49:07 +0100
X-Gmail-Original-Message-ID: <CAMj1kXFg_FJjxRxqSCpjKL9hyVYHkjBzbNaFxXobtTcnV1TZ1g@mail.gmail.com>
Message-ID: <CAMj1kXFg_FJjxRxqSCpjKL9hyVYHkjBzbNaFxXobtTcnV1TZ1g@mail.gmail.com>
Subject: Re: [PATCH v1 3/4] ArmVirtPkg: require self-signed PK when secure boot is enabled
To: Jan Bobek <jbobek@nvidia.com>
Cc: devel@edk2.groups.io, Laszlo Ersek <lersek@redhat.com>, 
	Jiewen Yao <jiewen.yao@intel.com>, Ard Biesheuvel <ardb+tianocore@kernel.org>, 
	Leif Lindholm <quic_llindhol@quicinc.com>, Sami Mujawar <sami.mujawar@arm.com>, 
	Gerd Hoffmann <kraxel@redhat.com>
Content-Type: text/plain; charset="UTF-8"

On Fri, 20 Jan 2023 at 23:59, Jan Bobek <jbobek@nvidia.com> wrote:
>
> REF: https://bugzilla.tianocore.org/show_bug.cgi?id=2506
>
> In all DSC files that define SECURE_BOOT_ENABLE, opt-in into requiring
> self-signed PK when SECURE_BOOT_ENABLE is TRUE.
>
> Cc: Ard Biesheuvel <ardb+tianocore@kernel.org>
> Cc: Leif Lindholm <quic_llindhol@quicinc.com>
> Cc: Sami Mujawar <sami.mujawar@arm.com>
> Cc: Gerd Hoffmann <kraxel@redhat.com>
> Signed-off-by: Jan Bobek <jbobek@nvidia.com>

I have no problems with this patch, but I wonder if we need it. I
suppose this is intended to retain the previous behavior, but i don't
think that makes sense at all. Secure boot support in ArmVirtPkg is
not production quality in any case, and self-signed PKs are rather
pointless too, so I think we should just go with the new default
behavior of allowing unsigned PKs.


> ---
>  ArmVirtPkg/ArmVirtCloudHv.dsc    | 4 ++++
>  ArmVirtPkg/ArmVirtQemu.dsc       | 4 ++++
>  ArmVirtPkg/ArmVirtQemuKernel.dsc | 4 ++++
>  3 files changed, 12 insertions(+)
>
> diff --git a/ArmVirtPkg/ArmVirtCloudHv.dsc b/ArmVirtPkg/ArmVirtCloudHv.dsc
> index 7ca7a391d9cf..dc33936d6f03 100644
> --- a/ArmVirtPkg/ArmVirtCloudHv.dsc
> +++ b/ArmVirtPkg/ArmVirtCloudHv.dsc
> @@ -85,6 +85,10 @@ [PcdsFeatureFlag.common]
>
>    gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE
>
> +!if $(SECURE_BOOT_ENABLE) == TRUE
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdRequireSelfSignedPk|TRUE
> +!endif
> +
>  [PcdsFixedAtBuild.common]
>  !if $(ARCH) == AARCH64
>    gArmTokenSpaceGuid.PcdVFPEnabled|1
> diff --git a/ArmVirtPkg/ArmVirtQemu.dsc b/ArmVirtPkg/ArmVirtQemu.dsc
> index 0f1c6395488a..31fd0e5279ab 100644
> --- a/ArmVirtPkg/ArmVirtQemu.dsc
> +++ b/ArmVirtPkg/ArmVirtQemu.dsc
> @@ -145,6 +145,10 @@ [PcdsFeatureFlag.common]
>
>    gArmVirtTokenSpaceGuid.PcdTpm2SupportEnabled|$(TPM2_ENABLE)
>
> +!if $(SECURE_BOOT_ENABLE) == TRUE
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdRequireSelfSignedPk|TRUE
> +!endif
> +
>  [PcdsFixedAtBuild.common]
>  !if $(ARCH) == AARCH64
>    gArmTokenSpaceGuid.PcdVFPEnabled|1
> diff --git a/ArmVirtPkg/ArmVirtQemuKernel.dsc b/ArmVirtPkg/ArmVirtQemuKernel.dsc
> index 807c85d48285..1e0f06c91137 100644
> --- a/ArmVirtPkg/ArmVirtQemuKernel.dsc
> +++ b/ArmVirtPkg/ArmVirtQemuKernel.dsc
> @@ -114,6 +114,10 @@ [PcdsFeatureFlag.common]
>
>    gEfiMdeModulePkgTokenSpaceGuid.PcdTurnOffUsbLegacySupport|TRUE
>
> +!if $(SECURE_BOOT_ENABLE) == TRUE
> +  gEfiMdeModulePkgTokenSpaceGuid.PcdRequireSelfSignedPk|TRUE
> +!endif
> +
>  [PcdsFixedAtBuild.common]
>  !if $(ARCH) == AARCH64
>    gArmTokenSpaceGuid.PcdVFPEnabled|1
> --
> 2.30.2
>