DOCSLIB.ORG

UEFI Secure Boot: the Story Behind and Where Linux Stands

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
UEFI Secure Boot: the Story Behind and Where Linux Stands UEFI Secure Boot: The story behind and where Linux stands Dr. Udo Seidel Linux-Strategy @ Amadeus To my Mum LinuxTag 2013 2 Agenda ● Introduction ● Keys and Signatures ● Linux and Opportunities ● What else? ● Summary LinuxTag 2013 3 Introduction LinuxTag 2013 4 Me ;-) ● Teacher of mathematics & physics ● PhD in experimental physics ● Started with Linux in 1996 ● Linux/UNIX trainer ● Solution engineer in HPC and CAx environment ● Head of the Linux Strategy team @Amadeus LinuxTag 2013 5 Basic Input Output System ● Around for a while ● Insecure ● Easy to hack ● Executes anything ● Problems with big disks LinuxTag 2013 6 (U)EFI ● Unified Extensible Firmware Interface ● First version called EFI ● HP Itanium systems ● UEFI kind of EFI NG ● Replaces BIOS ● Emulates BIOS ● See talk from Thorsten Leemhuis LinuxTag 2013 7 Secure Boot ● Part of UEFI Specification v2.2+ ● Addresses BIOS security issues ● Mandate by Microsoft ● For Windows 8 ● Not only x86 ● See keynote from Matthew Garrett LinuxTag 2013 8 Keys and Signatures LinuxTag 2013 9 Trust ● Parties ● Platform ● Firmware ● Operating System ● Technique ● Asymmetric keys ● Public one part of implementation LinuxTag 2013 10 Key master ● Platform Key (PK) ● Key Exchange Key (PK) ● Signature database (db) ● Forbidden signature database (dbx) ● Signed EFI executables LinuxTag 2013 11 EFI instead of ELF ● Subset of PE32 specification ● Portable Executable (PE) ● See also Common Object File Format (COFF) ● PE/COFF header ● Optional part ● List of pointers ● Signatures tailing file LinuxTag 2013 12 Firmware ● Legacy (CSM) ● UEFI ● Without Secure Boot OR ● With Secure Boot – Setup modus – User modus LinuxTag 2013 13 Typical scenario ● Since last autumn ● UEFI Secure Boot ● Enabled if not even forced ● Microsoft 'keys' implemented Linux locked out ?!? LinuxTag 2013 14 Linux: Options and Opportunities LinuxTag 2013 15 Options ● Setup modus ● Replace keys ● MS signed Linux bootloader LinuxTag 2013 16 Option I – Setup modus ● Insecure ● Not always possible ● Facing backward LinuxTag 2013 17 Option II – Replace keys ● Linux distribution ... ● ... specific ● ... independent ● 3rd party support needed ● Tools needed LinuxTag 2013 18 Replacing keys – more details ● X.509 certificates ● Generation via openssl ● Tools for EFI binary signing ● Multi O/S configuration tricky LinuxTag 2013 19 Replacing keys – tools ● pesign ● sbsigntools ● efitools LinuxTag 2013 20 Option III – MS signed bootloader ● MS support needed ● Again: Linux distribution ... ● ... specific ● ... independent ● Bootloader maintenance? LinuxTag 2013 21 MS signed bootloader - Idea ● Phased bootloader ● Small & static ● Between UEFI and Linux bootloader LinuxTag 2013 22 MS signed bootloader – Loader.efi ● Linux Foundation ● To enable ALL Linux bootloaders ● No additional security ● Recently reworked ● Helper tools ● Preloader.efi ● Hashtool.efi LinuxTag 2013 23 MS signed bootloader – the SHIM ● Originally RedHat'ish ● First version quite static ● Does not support all bootloaders ● Yes: eLILO, GRUB, GRUB2 ● No: Gummiboot, efilinux LinuxTag 2013 24 Machine Owner ● Originally from SUSE ● Machine Owner Keys (MOK) ● Integrated in SHIMv2 LinuxTag 2013 25 Extending SB trust chain ● Several certificates ● Microsoft ● Linux distribution ● Signed bootloader ● Signed kernel core binary ● Signed kernel modules ● ..?!? LinuxTag 2013 26 Distributor approaches ● Enterprise ● In place: Ubuntu LTS ● Announced: SUSE ● Unknown: RedHat, Oracle ● Community ● In place: Ubuntu, Fedora, openSUSE, ... ● Announced: ... ● Unknown: Debian and derivatives LinuxTag 2013 27 What else? LinuxTag 2013 28 ARM ● UEFI Forum since 2008 ● More strict Microsoft mandate ● UEFI ARM boards available but ... LinuxTag 2013 29 Problems ● Samsung: firmware death ● Toshiba: Missing keys ● Lenovo: Only Windows 8 and RHEL ● Microsoft: leaked keys LinuxTag 2013 30 Summary LinuxTag 2013 31 Take aways ● Linux almost ready ● In general ● Enterprise sector ● Opportunity not pain ● Homework to be done LinuxTag 2013 32 References ● http://www.uefi.org ● http://mjg59.dreamwidth.org ● http://blog.hansenpartnership.com ● http://www.sxc.hu LinuxTag 2013 33 Thank you! LinuxTag 2013 34 UEFI Secure Boot: The story behind and where Linux stands Dr. Udo Seidel Linux-Strategy @ Amadeus LinuxTag 2013 35.
Load more

Recommended publications
  • UEFI Porting Update for ARM Platforms
    UEFI Porting Update for ARM Platforms What did we do since July? presented by Leif Lindholm UEFI tech lead Linaro Enterprise Group UEFI Plugfest – May 2014 Agenda Introduction Linux Support EDK2 Development SCT Platforms Tree Future Work The UEFI Forum www.uefi.org 2 Introduction Last year, Grant Likely presented an overview of the types of things we were planning to do. Since then, we have done various things... The UEFI Forum www.uefi.org 3 Linux Support The UEFI Forum www.uefi.org 4 Linux Support The big topic since the last Linaro Connect event has been Linux support: Runtime Services UEFI stub loader Co-existence of ACPI/FDT The UEFI Forum www.uefi.org 5 Runtime Services Runtime services support for both 32-bit and 64-bit ARM Not yet upstream, but aiming for Linux kernel v3.16 This included reworking of common code, since some functionality was already duplicated between x86/ia64 Main purpose is enabling GetVariable()/SetVariable() Enables bootloader installer to add boot entries, and update bootorder, from within Linux The UEFI Forum www.uefi.org 6 Linux UEFI stub loader The “stub loader” is the mechanism by which the Linux kernel can be loaded directly from UEFI, as a UEFI application Becoming the default mechanism on x86(/x64) platforms. Enables the use of more light-weight bootloaders, like gummiboot or rEFInd Not yet upstream, but aiming for 3.16 Majority of code shared between arm/arm64, and a fair bit shared with x86 The UEFI Forum www.uefi.org 7 ACPI vs. FDT A slightly contentious issue with existing ARM Linux developers
    [Show full text]
  • The “Stabs” Debug Format
    The \stabs" debug format Julia Menapace, Jim Kingdon, David MacKenzie Cygnus Support Cygnus Support Revision TEXinfo 2017-08-23.19 Copyright c 1992{2021 Free Software Foundation, Inc. Contributed by Cygnus Support. Written by Julia Menapace, Jim Kingdon, and David MacKenzie. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with no Invariant Sections, with no Front-Cover Texts, and with no Back-Cover Texts. A copy of the license is included in the section entitled \GNU Free Documentation License". i Table of Contents 1 Overview of Stabs ::::::::::::::::::::::::::::::: 1 1.1 Overview of Debugging Information Flow ::::::::::::::::::::::: 1 1.2 Overview of Stab Format ::::::::::::::::::::::::::::::::::::::: 1 1.3 The String Field :::::::::::::::::::::::::::::::::::::::::::::::: 2 1.4 A Simple Example in C Source ::::::::::::::::::::::::::::::::: 3 1.5 The Simple Example at the Assembly Level ::::::::::::::::::::: 4 2 Encoding the Structure of the Program ::::::: 7 2.1 Main Program :::::::::::::::::::::::::::::::::::::::::::::::::: 7 2.2 Paths and Names of the Source Files :::::::::::::::::::::::::::: 7 2.3 Names of Include Files:::::::::::::::::::::::::::::::::::::::::: 8 2.4 Line Numbers :::::::::::::::::::::::::::::::::::::::::::::::::: 9 2.5 Procedures ::::::::::::::::::::::::::::::::::::::::::::::::::::: 9 2.6 Nested Procedures::::::::::::::::::::::::::::::::::::::::::::: 11 2.7 Block Structure
    [Show full text]
  • Automatic Classifying of Mac OS X Samples
    Automatic Classifying of Mac OS X Samples Spencer Hsieh, Pin Wu and Haoping Liu Trend Micro Inc., Taiwan TREND MICRO LEGAL DISCLAIMER The information provided herein is for general information Contents and educational purposes only. It is not intended and should not be construed to constitute legal advice. The information contained herein may not be applicable to all situations and may not reflect the most current situation. Nothing contained herein should be relied on or acted 4 upon without the benefit of legal advice based on the particular facts and circumstances presented and nothing Introduction herein should be construed otherwise. Trend Micro reserves the right to modify the contents of this document at any time without prior notice. Translations of any material into other languages are intended solely as a convenience. Translation accuracy 6 is not guaranteed nor implied. If any questions arise related to the accuracy of a translation, please refer to Mac OS X Samples Dataset the original language official version of the document. Any discrepancies or differences created in the translation are not binding and have no legal effect for compliance or enforcement purposes. 10 Although Trend Micro uses reasonable efforts to include accurate and up-to-date information herein, Trend Micro makes no warranties or representations of any kind as Classification of Mach-O Files to its accuracy, currency, or completeness. You agree that access to and use of and reliance on this document and the content thereof is at your own risk. Trend Micro disclaims all warranties of any kind, express or implied. 11 Neither Trend Micro nor any party involved in creating, producing, or delivering this document shall be liable for any consequence, loss, or damage, including direct, Malware Families indirect, special, consequential, loss of business profits, or special damages, whatsoever arising out of access to, use of, or inability to use, or in connection with the use of this document, or any errors or omissions in the content 15 thereof.
    [Show full text]
  • A Proposed System for Hiding Information in Portable Executable Files Based on Analyzing Import Section
    IOSR Journal of Engineering (IOSRJEN) www.iosrjen.org ISSN (e): 2250-3021, ISSN (p): 2278-8719 Vol. 04, Issue 01 (January. 2014), ||V7|| PP 21-30 A Proposed System for Hiding Information In Portable Executable Files Based on Analyzing Import Section Mohammad Hussein Jawwad 1- University of Babylon- College of Information Technology- Iraq Abstract: - Information-hiding techniques have newly become very important in a many application areas. Many cover mediums have been used to hide information like image, video, voice. Use of these mediums have been extensively studied. In this paper, we propose new system for hiding information in Portable Executable files (PE files). PE is a file format for executable file used in the 32-bit and 64-bit versions of the Windows operating system. This algorithm has higher security than some traditional ones because of the combination between encryption and hiding. We first encrypt the information before hiding it to ensure high security. After that we hide the information in the import table of PE file. This hiding depends on analyzing the import table characteristics of PE files that have been built under Borland turbo assembler. The testing result shows that the result file does not make any inconsistency with anti-virus programs and the PE file still function as normal after the hiding process. Keywords: - PE File, Information Hiding, Cryptography. I. INTRODUCTION The development and wide use of computer science and informatics also, the advent of global networks (i.e. Internet) that make the access for information is possible for every one online impose the need for ways to avoid hackers and muggers from getting the important information.
    [Show full text]
  • Portable Executable File Format
    Chapter 11 Portable Executable File Format IN THIS CHAPTER + Understanding the structure of a PE file + Talking in terms of RVAs + Detailing the PE format + The importance of indices in the data directory + How the loader interprets a PE file MICROSOFT INTRODUCED A NEW executable file format with Windows NT. This for- mat is called the Portable Executable (PE) format because it is supposed to be portable across all 32-bit operating systems by Microsoft. The same PE format exe- cutable can be executed on any version of Windows NT, Windows 95, and Win32s. Also, the same format is used for executables for Windows NT running on proces- sors other than Intel x86, such as MIPS, Alpha, and Power PC. The 32-bit DLLs and Windows NT device drivers also follow the same PE format. It is helpful to understand the PE file format because PE files are almost identi- cal on disk and in RAM. Learning about the PE format is also helpful for under- standing many operating system concepts. For example, how operating system loader works to support dynamic linking of DLL functions, the data structures in- volved in dynamic linking such as import table, export table, and so on. The PE format is not really undocumented. The WINNT.H file has several struc- ture definitions representing the PE format. The Microsoft Developer's Network (MSDN) CD-ROMs contain several descriptions of the PE format. However, these descriptions are in bits and pieces, and are by no means complete. In this chapter, we try to give you a comprehensive picture of the PE format.
    [Show full text]
  • Common Object File Format (COFF)
    Application Report SPRAAO8–April 2009 Common Object File Format ..................................................................................................................................................... ABSTRACT The assembler and link step create object files in common object file format (COFF). COFF is an implementation of an object file format of the same name that was developed by AT&T for use on UNIX-based systems. This format encourages modular programming and provides powerful and flexible methods for managing code segments and target system memory. This appendix contains technical details about the Texas Instruments COFF object file structure. Much of this information pertains to the symbolic debugging information that is produced by the C compiler. The purpose of this application note is to provide supplementary information on the internal format of COFF object files. Topic .................................................................................................. Page 1 COFF File Structure .................................................................... 2 2 File Header Structure .................................................................. 4 3 Optional File Header Format ........................................................ 5 4 Section Header Structure............................................................. 5 5 Structuring Relocation Information ............................................... 7 6 Symbol Table Structure and Content........................................... 11 SPRAAO8–April 2009
    [Show full text]
  • Freebsd Opengroupware - English
    FreeBSD OpenGroupware - English FreeBSD As Basis For OpenGroupware.org PostgreSQL As Database FreeBSD can currently look back on a history of over 30 PostgreSQL, like BSD, originated at the University of Ca- years. It originated at the University of Berkeley and lifornia and is also distributed under the BSD license. It's FreeBSD evolved over a few intermediate steps into the project one of the oldest and most advanced object-relational founded in 1993 called FreeBSD. The supported architec- database management systems (ORDBMS) in the realm tures are the following: i386, amd64, Alpha, Itanium, of free software and looks back on a development of OpenGroupware.org SPARC, PPC (Mac) and others. over 15 years. PostgreSQL is largely conforming to the FreeBSD has very good support for multiprocessor sys- SQL92/SQL99 standards, that means that all functions in The ideal solution for professional the standards are available and behave as defined; that tems (SMP) and is distributed under the BSD license team communication on the Internet, which grants the user nearly every freedom and is free is not always the case with some commercial and non- commercial SQL database systems. of cost. Apart from having to name the origins of the with FreeBSD and PostgreSQL code, the user may use it in any which way he or she pleases. FreeBSD is a gift to humanity, we are pleased when you use it! FreeBSD has not only got many features, it also has a What is a groupware solution? huge amount of free and open software in its so-called Ports Collection.
    [Show full text]
  • Investigation of Malicious Portable Executable File Detection on the Network Using Supervised Learning Techniques
    Investigation of Malicious Portable Executable File Detection on the Network using Supervised Learning Techniques Rushabh Vyas, Xiao Luo, Nichole McFarland, Connie Justice Department of Information and Technology, Purdue School of Engineering and Technology IUPUI, Indianapolis, IN, USA 46202 Emails: [email protected]; [email protected]; [email protected]; [email protected] Abstract—Malware continues to be a critical concern for that random forest learning technique achieved best detection everyone from home users to enterprises. Today, most devices are performance than the other three learning techniques. The connected through networks to the Internet. Therefore, malicious achieved detection rate and false alarm rate on experimental code can easily and rapidly spread. The objective of this paper is to examine how malicious portable executable (PE) files can be data set were 98.7% and 1.8% respectively. We compared detected on the network by utilizing machine learning algorithms. the performances of the four learning techniques on four The efficiency and effectiveness of the network detection rely types of PE malware - backdoors, viruses, worms and trojans. on the number of features and the learning algorithms. In this The results showed that the same learning technique show work, we examined 28 features extracted from metadata, packing, the similar performance on different types of malwares. It imported DLLs and functions of four different types of PE files for malware detection. The returned results showed that the demonstrated the features that are extracted from the files have proposed system can achieve 98.7% detection rates, 1.8% false no bias for a specific type of malware.
    [Show full text]
  • Where in the World Are We?
    Community Notebook Cache Where in the World are We? Magazines, editors, and s I write this month’s column, You don’t have to several of my colleagues are at wait for an invitation to volunteer at an authors coming to a city near LinuxTag in Berlin [1], just one event – if you see an event that looks in- of the many international events teresting, email the organizers and offer you! By Rikki Kite A we help sponsor and support. Although to help. we can’t attend every event, we are able to be at quite a few each year, and some- Help a Buddy Move times we’re in two places at once. While Have you helped someone move to my colleagues report from LinuxTag, I’ll Linux and open source? I recently wrote be attending SouthEast LinuxFest (SELF) about introducing a friend to Knoppix in Spartanburg, South Carolina [2]. and Ubuntu [5], and maddog followed Events aren’t just an opportunity for up with a blog post of his own [6]. We’d us to hand out free magazines. We also love to hear your additions to our lists get a chance to meet with our authors, and about your moving experiences. such as Dmitri Popov at Lin uxTag and Joe “Zonker” Brockmeier, Amber Graner, Write for Us! maddog, and Jono Bacon at SELF. Events If you haven’t written for us before but are a great way to get feedback from our have an idea for an article, check out our readers and to stay on top of the latest writer's guidelines and send us your pro- news and trends in open source.
    [Show full text]
  • Linux Kernel Parameters
    LINUX KERNEL PARAMETERS LINUX KERNEL PARAMETERS Dip your toe into the mysterious heart of your Linux machine, with Andrew Conway and the magic of Linux kernel parameters. he dark days when new computer hardware should test it using a venerable utility called often required compiling your own kernel memtest86+. Many distros include it as an option at Tare now firmly in Linux’s past (though those the boot prompt, or you can put a distro such as were fun days). But the fact that Linux – meaning GPartedLive on a USB stick and select the the kernel itself – is free software means that you can memtest86+ option. The test will tell you if you’ve got still delve deep into its innards and tweak it to your bad memory and exactly where it is bad. In our case, heart’s content. the bad patch was reported as 2056.0MB to In an ideal world, the user would never need to think 2176.0MB. The solution was to restart the laptop, and about the kernel, but there are cases where it’s useful. when the bootloader began, switch to its command In fact, it becomes a line and set the necessity when memmap kernel hardware is faulty, “In an ideal world the user would parameter with such as with bad never need to think about the memmap=256M$2048M memory, or if it is This instructs the shipped with buggy kernel, but sometimes we have to.” kernel not to use the firmware that tells lies 256MB of memory about capabilities such as CPU speed or temperature.
    [Show full text]
  • Yocto Project Development Manual [ from the Yocto Project Website
    Scott Rifenbark, Intel Corporation <[email protected]> by Scott Rifenbark Copyright © 2010-2014 Linux Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-Share Alike 2.0 UK: England & Wales [http://creativecommons.org/licenses/by-sa/2.0/uk/] as published by Creative Commons. Note For the latest version of this manual associated with this Yocto Project release, see the Yocto Project Development Manual [http://www.yoctoproject.org/docs/1.7/dev-manual/dev-manual.html] from the Yocto Project website. Table of Contents 1. The Yocto Project Development Manual .................................................................................. 1 1.1. Introduction ................................................................................................................. 1 1.2. What This Manual Provides .......................................................................................... 1 1.3. What this Manual Does Not Provide ............................................................................. 1 1.4. Other Information ........................................................................................................ 2 2. Getting Started with the Yocto Project .................................................................................... 4 2.1. Introducing the Yocto Project ....................................................................................... 4 2.2. Getting Set Up ...........................................................................................................
    [Show full text]
  • History of Linux from Wikipedia, the Free Encyclopedia
    History of Linux From Wikipedia, the free encyclopedia The history of Linux began in 1991 with the commencement of a personal project by Finnish student Linus Torvalds to create a new free operating system kernel. Since then, the resulting Linux kernel has been marked by constant growth throughout its history. Since the initial release of its source code in 1991, it has grown from a small number of C files under a license prohibiting commercial distribution to the 4.2.3 version in 2015 with more than 18 million lines of source code under the GNU General Public License v2.[1](p7)[2][3] Contents 1 Events leading to creation 2 The creation of Linux 3 Naming 4 Linux under the GNU GPL 5 GNU/Linux naming controversy 6 Official mascot 7 New development 7.1 Community 7.2 Open Source Development Lab and Linux Foundation 7.3 Companies 7.4 Desktop environments 8 "Linux is obsolete" 9 Competition from Microsoft 10 SCO 11 Trademark rights 12 Chronology 13 See also 14 References 15 External links Events leading to creation After AT&T had dropped out of the Multics project, the Unix operating system was conceived and implemented by Ken Thompson and Dennis Ritchie (both of AT&T Bell Laboratories) in 1969 and first released in 1970. Later they rewrote it in a new programming language, C, to make it portable. The availability and portability of Unix caused it to be widely adopted, copied and modified by academic institutions and businesses. In 1977, the Berkeley Software Distribution (BSD) was developed by the Computer Systems Research Group (CSRG) from UC Berkeley, based on the 6th edition of Unix from AT&T.
    [Show full text]