Matthew Garrett ([personal profile] mjg59) wrote2012-11-30 07:51 pm
Entry tags:

Secure Boot bootloader for distributions available now

I'm pleased to say that a usable version of shim is now available for download. As I discussed here, this is intended for distributions that want to support secure boot but don't want to deal with Microsoft. To use it, rename shim.efi to bootx64.efi and put it in /EFI/BOOT on your UEFI install media. Drop MokManager.efi in there as well. Finally, make sure your bootloader binary is called grubx64.efi and put it in the same directory.

Now generate a certificate and put the public half as a binary DER file somewhere on your install media. On boot, the end-user will be prompted with a 10-second countdown and a menu. Choose "Enroll key from disk" and then browse the filesystem to select the key and follow the enrolment prompts. Any bootloader signed with that key will then be trusted by shim, so you probably want to make sure that your grubx64.efi image is signed with it.

If you want, you're then free to impose any level of additional signing restrictions - it's entirely possible to use this signing as the basis of a complete chain of trust, including kernel lockdowns and signed module loading. However, since the end-user has explicitly indicated that they trust your code, you're under no obligation to do so. You should make it clear to your users what level of trust they'll be able to place in their system after installing your key, if only to allow them to make an informed decision about whether they want to or not.

This binary does not contain any built-in distribution certificates. It does contain a certificate that was generated at build time and used to sign MokManager - you'll need to accept my assurance that the private key was deleted immediately after the build was completed. Other than that, it will only trust any keys that are either present in the system db or installed by the end user.

A couple of final notes: As of 17:00 EST today, I am officially (rather than merely effectively) no longer employed by Red Hat, and this binary is being provided by me rather than them, so don't ask them questions about it. Special thanks to everyone at Suse who came up with the MOK concept and did most of the implementation work - without them, this would have been impossible. Thanks also to Peter Jones for his work on debugging and writing a signing tool, and everyone else at Red Hat who contributed valuable review feedback.

Non-secure boot fallback.

[identity profile] jordanu [launchpad.net] 2012-12-01 02:06 am (UTC)(link)
What will the shim do if booted on a UEFI system with secure boot disabled?

Ideally I'd like to configure things so that if someone boots my media (Super GRUB2 Disk) without secure boot there is no user intervention required to get to SG2D, so I would like it to just load the grubx64.efi automatically in that case.

Re: Non-secure boot fallback.

(Anonymous) - 2012-12-01 14:34 (UTC) - Expand

Re: Non-secure boot fallback.

(Anonymous) - 2012-12-02 01:09 (UTC) - Expand

(Anonymous) 2012-12-01 05:09 am (UTC)(link)
Does this only work for Linux or will this work for FreeBSD as well?

(no subject)

(Anonymous) - 2012-12-02 18:29 (UTC) - Expand

Can this be used to bring up SYSLINUX

(Anonymous) - 2012-12-02 05:38 (UTC) - Expand

Would you mind doing a post on what you did to get a signed shim.

(Anonymous) 2012-12-01 07:17 am (UTC)(link)
After the trouble the Linux Foundation has it would be interested it see the successful method. Particularly if it can be made done without using windows.

I don't mean to be mean but if someone does not trust you. Providing the process and list of costs say here you can do this yourself if you don't trust me.
.

thank you

(Anonymous) 2012-12-01 01:41 pm (UTC)(link)
Matt, thank you and everyone involved for having gone through the trouble for us too. Shame on Microsoft for "innovating" in making that trouble.

--
Michael Shigorin

Microsoft signed? Is that "secure"?

(Anonymous) 2012-12-01 02:16 pm (UTC)(link)
If Microsoft signs it couldn't they als sign malware to be authentic? How is that secure? Ok, Microsoft wouldn't do something like doing bat things to comeptitor like linux but keys can get lost or a "admin" at Microsoft goes beserk.

Re: Microsoft signed? Is that "secure"?

[identity profile] http://apebox.org/wordpress/ 2012-12-01 02:54 pm (UTC)(link)
They could accidentally sign malware as authentic, but there is support for blacklisting specific signed binaries to ban them from booting, and provision in the Secure Boot spec for distributing the blacklist updates via Windows Update (and other OSes may implement it too)

Re: Microsoft signed? Is that "secure"?

(Anonymous) - 2012-12-01 20:06 (UTC) - Expand

Re: Microsoft signed? Is that "secure"?

(Anonymous) - 2012-12-02 03:22 (UTC) - Expand

Re: Microsoft signed? Is that "secure"?

(Anonymous) - 2012-12-01 15:00 (UTC) - Expand

Re: Microsoft signed? Is that "secure"?

(Anonymous) - 2012-12-01 21:02 (UTC) - Expand

UEFI

(Anonymous) 2012-12-01 02:18 pm (UTC)(link)
Will this be in the SuSe distros?

Re: UEFI

(Anonymous) 2012-12-01 10:40 pm (UTC)(link)
SUSE will use the very same code - big thanks to Matthew for developing it. We won't be using the just released signed binary though, we prefer to do the signing process ourselves, if only to be able to produce updates easily when needed. --Vojtech Pavlik (@suse)

Re: UEFI

(Anonymous) - 2012-12-02 02:50 (UTC) - Expand

thank you

(Anonymous) 2012-12-01 02:52 pm (UTC)(link)
thank you.

Will MS revoke it?

(Anonymous) 2012-12-01 03:43 pm (UTC)(link)
More importantly, can they?

Re: Will MS revoke it?

(Anonymous) - 2012-12-01 16:30 (UTC) - Expand

Re: Will MS revoke it?

(Anonymous) - 2012-12-03 16:56 (UTC) - Expand

Re: Will MS revoke it?

(Anonymous) - 2012-12-04 02:49 (UTC) - Expand

ARM systems support?

(Anonymous) 2012-12-01 04:09 pm (UTC)(link)
This appears to be an x86 solution/work-around. What about ARM systems? Are you working on a version for that?

Re: ARM systems support?

(Anonymous) - 2012-12-01 19:03 (UTC) - Expand

Good luck

(Anonymous) 2012-12-01 04:14 pm (UTC)(link)
I'm sure I speak for more than just me in wishing you all the best in your new endeavors! Keep on bloggin'!

-Rubberman

archival time

[personal profile] retired_paranoid 2012-12-01 09:42 pm (UTC)(link)
Since this might be subject to disappearing, do you have any objections to it being posted someplace else if it does "go away"?

So Linux devs/users pay MS ...

(Anonymous) 2012-12-01 11:25 pm (UTC)(link)
Basically then Linux developers (and end-users who want to use their own Certificates) basically are blackmailed into paying Microsoft $99 to use their operating system of choice on hardware they purchased in a more secure manner.

Work-arounds are all well and good, and many large kudos for this one, but something is seriously wrong with this picture and needs a rather large complaint filed with the FTC.

Re: So Linux devs/users pay MS ...

(Anonymous) - 2012-12-02 02:53 (UTC) - Expand

Re: So Linux devs/users pay MS ...

(Anonymous) - 2012-12-03 16:57 (UTC) - Expand

Re: So Linux devs/users pay MS ...

(Anonymous) - 2012-12-02 22:15 (UTC) - Expand

How about doing this in reverse?

(Anonymous) 2012-12-02 04:03 am (UTC)(link)
DoD or other major buyer wants a "computer" that can't boot insecurely, but the OS they are using isn't MS.

A defense contractor sells the DoD what amounts to a commodity Intel or AMD x64 computer that's locked down to only boot a specific, DoD-approved software stack - a stack that is NOT based on MS-Windows.

The DoD buys the computers but the project is eventually scrapped before full deployment.

To make these computers more attractive at auction, the DoD gets the defense contractor or the motherboard manufacturer to sign a version of Matthew's bootloader or something similar.

This bootloader can now be used to boot ... wait for it ... Windows. Or any other OS.

The DoD now gets "used computer" prices at auction instead of "scrap metal" prices.

Secure Boot bootloader for distributions available now

(Anonymous) 2012-12-02 12:46 pm (UTC)(link)
I have a better idea, don't purchase these systems until a more equitable solution is worked out. One that does not invest all the power in one company.

Wake up!

(Anonymous) 2012-12-02 06:24 pm (UTC)(link)
I've heard all the BS excuses. The issue is not about whether computing should move on from the older Bios technology to the "Secure Boot". The real issue is who is allowed to control this newer method.

The current situation is no different than allowing for instance Ford to have some sort of signing key that allows all car engines manufactured worldwide the ability to start. Believing that any single company should have this kind of power over its competitors is insane no matter whether the controlling company is Microsoft, RedHat, Oracle or whoever.

As was predicted before this whole mess started to come into effect there are already problems for users of alternative operating systems. Its only going to get worse from here on.

While its nice that you have come up with a work around, a work around is all it is and it can be made unusable at any point and my guess is that is exactly what will happen with your method and any other future method. Microsoft will interfere with anything that works. Bet on it.

No, the real solution is to remove Microsoft's ability to control this process and hand it over to an international unbiased standards body. If they do not do it willingly then legal action is required. NOTHING ELSE WILL WORK PERMANENTLY. No other solution will serve to address the freedom of consumers to use computers and operating systems as the consumer wishes.

WAKE UP!

Re: Wake up!

(Anonymous) 2012-12-30 02:56 pm (UTC)(link)
You are absolutely right.

The way around it is to not have dual boot with Windows. In fact, the problem is more severe. A hacker could lockup your computer bios code to the extent that it will not boot any software.

Therefore, as it is now, bios hardware will require a jumper to re-initialize the bios flash memory so that the bios software could be boot strapped.

If the bios has a bug, ask the question about how to get a bios update. Can this be done without changing signatures? The answer is NO.

Hardware vendors are the losers here. And perhaps we are lucky that MS is becoming insignificant as a desktop software provider. So, eventually, MS and it's dream of continuing for another few years as a predominant vendor is over. One will go to the Web for business software, games, and everything else. The Android tablet, or its successor (one from Linux with vendor neutrality will take over).

+1 @ Wake Up!

(Anonymous) 2012-12-02 06:49 pm (UTC)(link)
I agree playing follow-the-leader with M$ cannot end up being more pleasant than the leapfrog/unicorn game. Let's face it, M$ effectively owns the hardware companies. The Windows tax proves this. End of story barring legal action. When "Tiles 2.0" comes out and my neighbor must throw their Tiles 1.0 PC into the dumpster, I'll nab it and disable secure boot.

Re: +1 @ Wake Up!

(Anonymous) 2012-12-02 07:04 pm (UTC)(link)
Yeah, that's the ticket. Rummage around in the trash to dig out your neighbors forcibly obsoleted Windows 8 box. That will address the entire issue for sure......

That plays right into Microsoft's whole hope for this garbage. Slowly pressure Linux and it's users back into their definition of Linux as a "hobby OS" used by people too cheap to buy new computers and software.

Hope that works out for ya.....

BTW, clue to you. Microsoft does not own the hardware companies....but it would like to have that kind of control. Stevie B has nightly wet dreams in that direction.

Only real solution is legal action, not dumpster diving.

Re: +1 @ Wake Up!

(Anonymous) - 2012-12-03 00:04 (UTC) - Expand

Re: +1 @ Wake Up!

(Anonymous) - 2012-12-03 00:36 (UTC) - Expand

Re: +1 @ Wake Up!

(Anonymous) - 2012-12-30 14:39 (UTC) - Expand

Pointers on signing

(Anonymous) 2012-12-03 06:50 am (UTC)(link)
I'm trying to use this, but it's unclear to me precisely how to sign my .efi files. The source code includes a script to generate certificates, but it's not clear to me how to use them to sign binaries. Googling hasn't turned up much useful (it's mostly sites about setting up OpenSSL with Apache). Thanks for any pointers.

Thanks

(Anonymous) 2012-12-03 07:42 am (UTC)(link)
Thanks for taking the time to develop this. While I hope that my distributions of choice pick this up, but I'm not exactly excited to buy hardware with these restrictions.

How about a 32 bit system ?

[personal profile] deckard026354 2012-12-03 12:15 pm (UTC)(link)
Matthew great work.

Do you have a 32 bit UEFI binary ? I have a 32 bit UEFI system that is/will have secure boot on it and - thus would really like to ensure it works with shim before release.

Network (PXE) boot

(Anonymous) 2012-12-03 06:51 pm (UTC)(link)
How does this interact with PXE? If I set my machine to PXE boot (as most BIOSes do by default if there is no local media), what happens?

What about if I want to run from Read-only media, and do an unattended reboot?

Where do I find mokManager.efi

(Anonymous) 2012-12-03 08:27 pm (UTC)(link)
I'm hoping this will help me get around an issue I'm dealing with on the ASUS S405C.

And how about grub-install generated .efi files?

(Anonymous) 2012-12-03 09:51 pm (UTC)(link)
Ok, this is for sure a great way to make live distro images boot.
But what about grub-install (grub-mkimage...) grubx64.efi files?
These files seem to contain information about where is the "root" (grub root) partition, in particular the variables "root" and "prefix" change from system to system.
So, if this file changes from system to system and is generated during the install process, how is one supposed to have it signed without disclosing the private key?

Which licenze do you use for shim?

(Anonymous) - 2012-12-03 23:29 (UTC) - Expand

Signatures for the source/binary

(Anonymous) 2012-12-04 06:34 am (UTC)(link)
Could you please sign the binaries/source with your gpg key?

Re: Signatures for the source/binary

(Anonymous) - 2012-12-04 07:28 (UTC) - Expand
Any chance we could get you to build this for an ARM target, for testing on the MS Surface and other UEFI tablets? Thanks.

Re: Surface

(Anonymous) - 2012-12-04 20:21 (UTC) - Expand

Fabio

(Anonymous) 2012-12-04 07:52 pm (UTC)(link)
Matthew,
could you version shim-signed.tgz on the http server?

Thanks.

Page 1 of 2

<< [1] [2] >>