public inbox for devel@edk2.groups.io
 help / color / mirror / Atom feed
From: Laszlo Ersek <lersek@redhat.com>
To: Ard Biesheuvel <ard.biesheuvel@linaro.org>,
	Ming Huang <ming.huang@linaro.org>
Cc: Leif Lindholm <leif.lindholm@linaro.org>,
	linaro-uefi <linaro-uefi@lists.linaro.org>,
	"edk2-devel@lists.01.org" <edk2-devel@lists.01.org>,
	Graeme Gregory <graeme.gregory@linaro.org>,
	"Kinney, Michael D" <michael.d.kinney@intel.com>,
	wanghuiqiang <wanghuiqiang@huawei.com>,
	huangming <huangming23@huawei.com>,
	Jason Zhang <zhangjinsong2@huawei.com>,
	huangdaode@hisilicon.com, John Garry <john.garry@huawei.com>,
	Xinliang Liu <xinliang.liu@linaro.org>,
	zhangfeng56@huawei.com
Subject: Re: [PATCH edk2-platforms v3 1/5] Hisilicon/D0x: Fix secure boot bug in FlashFvbDxe
Date: Tue, 20 Nov 2018 16:14:47 +0100	[thread overview]
Message-ID: <b64e87e9-7aa3-1aba-818d-9872161d2f23@redhat.com> (raw)
In-Reply-To: <CAKv+Gu_Fk-z8k4PzuGFV-rs5=xSDepUvjs7Y9sLvoswbg0H3_w@mail.gmail.com>

On 11/20/18 15:40, Ard Biesheuvel wrote:
> On Tue, 20 Nov 2018 at 15:30, Ming Huang <ming.huang@linaro.org> wrote:
>>
>>
>>
>> On 11/20/2018 8:58 PM, Leif Lindholm wrote:
>>> On Tue, Nov 20, 2018 at 08:40:28PM +0800, Ming Huang wrote:
>>>>
>>>>
>>>> On 11/20/2018 8:13 PM, Leif Lindholm wrote:
>>>>> On Tue, Nov 20, 2018 at 05:01:46PM +0800, Ming Huang wrote:
>>>>>> Now that the generic Variable Runtime DXE code no longer
>>>>>> distinguishes between gEfiVariableGuid and
>>>>>> gEfiAuthenticatedVariableGuid in the varstore FV header.
>>>>>> We can relax the check in the flashFvb driver to accept
>>>>>> either GUID regardless of whether we are running a secure
>>>>>> boot capable build or not.
>>>>>
>>>>> We are still in a situation where D06 is not buildable with Secure
>>>>> Boot enabled though.
>>>>>
>>>>> If you build with -D SECURE_BOOT_ENABLE=TRUE, you still end up with
>>>>> /work/git/edk2-platforms/Platform/Hisilicon/D06/D06.dsc(...): error
>>>>> 4000: Instance of library class [PlatformSecureLib] is not found
>>>>>       in [/work/git/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf] [AARCH64]
>>>>>       consumed by module [/work/git/edk2/SecurityPkg/VariableAuthenticated/SecureBootConfigDxe/SecureBootConfigDxe.inf]
>>>>>
>>>>> And all Hisilicon platforms still use
>>>>> AuthVariableLib|MdeModulePkg/Library/AuthVariableLibNull/AuthVariableLibNull.inf
>>>>> regardless of Secure Boot setting.
>>>>>
>>>>> So what problem does this patch solve? A runtime one?
>>>>
>>>> This patch solve bug in FlashFvbDxe.
>>>
>>> Yes, but what bug? What is the symptom? What _specific_ problem goes
>>> away by adding this patch? That information should have been in the
>>> original commit message. I have no information available to me as I
>>> now build -rc1 to suggest that this patch should be included.
>>
>> The bug is that gEfiAuthenticatedVariableGuid should be used in FlashFvbDxe,
>> not gEfiVariableGuid when enable secure boot.
>>
>>>
>>>> Should I add a patch before this patch
>>>> to solve build error with -D SECURE_BOOT_ENABLE=TRUE in v4?
>>>
>>> That would require a sane implementation of PlatformSecureLib,
>>> implementing a real UserPhysicalPresent().
>>> Can you turn that around within the next few hours?
>>
>> My original idea is using OvmfPkg/Library/PlatformSecureLib/PlatformSecureLib.
>> There is not enough time to implement a real UserPhysicalPresent.
>> This patch will add when we implement real secure boot in future.
>>
> 
> I think it is a terrible idea to enable secure boot now in an insecure
> manner, and enable 'real' secure boot later.
> 
> Note that it is impossible to implement secure boot in a secure manner
> using the generic VariableRuntimeDxe. The crypto routines that perform
> the authentication are located in EfiRuntimeServicesCode memory
> regions, which are writable by the OS, and so any exploit on the OS
> side can modify that code to defeat the checks. Also, the SPI flash
> that backs the variable store is accessible by the OS directly.
> 
> That means a proper secure boot implementation will not be based on
> any of the components in use currently, and so enabling it does
> nothing except confuse people or give them a false sense of security.
> If this is based on OS or firmware test results, please disregard
> those - this is a tick the box mentality that is wholly incompatible
> with building secure systems.
> 

Yup.

Thanks,
Laszlo


  reply	other threads:[~2018-11-20 15:14 UTC|newest]

Thread overview: 19+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-11-20  9:01 [PATCH edk2-platforms v3 0/5] Fix D06 SBSA/SBBR issue and improve Ming Huang
2018-11-20  9:01 ` [PATCH edk2-platforms v3 1/5] Hisilicon/D0x: Fix secure boot bug in FlashFvbDxe Ming Huang
2018-11-20 12:13   ` Leif Lindholm
2018-11-20 12:40     ` Ming Huang
2018-11-20 12:58       ` Leif Lindholm
2018-11-20 14:29         ` Ming Huang
2018-11-20 14:39           ` Leif Lindholm
2018-11-20 15:00             ` Ming Huang
2018-11-20 15:20               ` Laszlo Ersek
2018-11-20 16:23               ` Leif Lindholm
2018-11-21  7:42             ` Ming Huang
2018-11-20 14:40           ` Ard Biesheuvel
2018-11-20 15:14             ` Laszlo Ersek [this message]
2018-11-20  9:01 ` [PATCH edk2-platforms v3 2/5] Hisilicon/D06: Modify Gic base Ming Huang
2018-11-20  9:01 ` [PATCH edk2-platforms v3 3/5] Hisilicon/D06: Correct PcdGicInterruptInterfaceBase Ming Huang
2018-11-20  9:01 ` [PATCH edk2-platforms v3 4/5] Silicon/Hisilicon/D06: Set TA as Node 0 for TA boot Ming Huang
2019-02-11 14:45   ` Leif Lindholm
2018-11-20  9:01 ` [PATCH edk2-platforms v3 5/5] Hisilicon/D06: Move some functions to OemMiscLib Ming Huang
2018-11-20 13:02 ` [PATCH edk2-platforms v3 0/5] Fix D06 SBSA/SBBR issue and improve Leif Lindholm

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-list from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=b64e87e9-7aa3-1aba-818d-9872161d2f23@redhat.com \
    --to=devel@edk2.groups.io \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox