diff options
| author | Nayna Jain <nayna@linux.ibm.com> | 2020-09-16 11:21:29 -0500 |
|---|---|---|
| committer | Oliver O'Halloran <oohall@gmail.com> | 2020-10-01 13:44:07 +1000 |
| commit | 87562bc5c1a6863009fe244c306b9446b0ceae9c (patch) | |
| tree | 01613a63fdd2296611549833847b1c9b76de6f05 /doc | |
| parent | 9e7a4b327050101ec629b4028c2f7a452d7d5c0c (diff) | |
| download | skiboot-87562bc5c1a6863009fe244c306b9446b0ceae9c.zip skiboot-87562bc5c1a6863009fe244c306b9446b0ceae9c.tar.gz skiboot-87562bc5c1a6863009fe244c306b9446b0ceae9c.tar.bz2 | |
secvar/backend: add edk2 derived key updates processing
As part of secureboot key management, the scheme for handling key updates
is derived from tianocore reference implementation[1]. The wrappers for
holding the signed update is the Authentication Header and for holding
the public key certificate is ESL (EFI Signature List), both derived from
tianocore reference implementation[1].
This patch adds the support to process update queue. This involves:
1. Verification of the update signature using the key authorized as per the
key hierarchy
2. Handling addition/deletion of the keys
3. Support for dbx (blacklisting of hashes)
4. Validation checks for the updates
5. Supporting multiple ESLs for single variable both for update/verification
6. Timestamp check
7. Allowing only single PK
8. Failure Handling
9. Resetting keystore if the hardware key hash changes
[1] https://github.com/tianocore/edk2-staging.git
Signed-off-by: Nayna Jain <nayna@linux.ibm.com>
Signed-off-by: Eric Richter <erichte@linux.ibm.com>
Signed-off-by: Oliver O'Halloran <oohall@gmail.com>
Diffstat (limited to 'doc')
| -rw-r--r-- | doc/secvar/edk2.rst | 49 |
1 files changed, 49 insertions, 0 deletions
diff --git a/doc/secvar/edk2.rst b/doc/secvar/edk2.rst new file mode 100644 index 0000000..1e4cc9e --- /dev/null +++ b/doc/secvar/edk2.rst @@ -0,0 +1,49 @@ +.. _secvar/edk2: + +Skiboot edk2-compatible Secure Variable Backend +=============================================== + +Overview +-------- + +The edk2 secure variable backend for skiboot borrows from edk2 concepts +such as the three key hierarchy (PK, KEK, and db), and a similar +structure. In general, variable updates must be signed with a key +of a higher level. So, updates to the db must be signed with a key stored +in the KEK; updates to the KEK must be signed with the PK. Updates to the +PK must be signed with the previous PK (if any). + +Variables are stored in the efi signature list format, and updates are a +signed variant that includes an authentication header. + +If no PK is currently enrolled, the system is considered to be in "Setup +Mode". Any key can be enrolled without signature checks. However, once a +PK is enrolled, the system switches to "User Mode", and each update must +now be signed according to the hierarchy. Furthermore, when in "User +Mode", the backend initialized the ``os-secure-mode`` device tree flag, +signaling to the kernel that we are in secure mode. + +Updates are processed sequentially, in the order that they were provided +in the update queue. If any update fails to validate, appears to be +malformed, or any other error occurs, NO updates will not be applied. +This includes updates that may have successfully applied prior to the +error. The system will continue in an error state, reporting the error +reason via the ``update-status`` device tree property. + +P9 Special Case for the Platform Key +------------------------------------ + +Due to the powerful nature of the platform key and the lack of lockable +flash, the edk2 backend will store the PK in TPM NV rather than PNOR on +P9 systems. (TODO expand on this) + +Update Status Return Codes +-------------------------- + +TODO, edk2 driver needs to actually return these properly first + + +Device Tree Bindings +-------------------- + +TODO |