[personal profile] mjg59
I'm pleased to say that a usable version of shim is now available for download. As I discussed here, this is intended for distributions that want to support secure boot but don't want to deal with Microsoft. To use it, rename shim.efi to bootx64.efi and put it in /EFI/BOOT on your UEFI install media. Drop MokManager.efi in there as well. Finally, make sure your bootloader binary is called grubx64.efi and put it in the same directory.

Now generate a certificate and put the public half as a binary DER file somewhere on your install media. On boot, the end-user will be prompted with a 10-second countdown and a menu. Choose "Enroll key from disk" and then browse the filesystem to select the key and follow the enrolment prompts. Any bootloader signed with that key will then be trusted by shim, so you probably want to make sure that your grubx64.efi image is signed with it.

If you want, you're then free to impose any level of additional signing restrictions - it's entirely possible to use this signing as the basis of a complete chain of trust, including kernel lockdowns and signed module loading. However, since the end-user has explicitly indicated that they trust your code, you're under no obligation to do so. You should make it clear to your users what level of trust they'll be able to place in their system after installing your key, if only to allow them to make an informed decision about whether they want to or not.

This binary does not contain any built-in distribution certificates. It does contain a certificate that was generated at build time and used to sign MokManager - you'll need to accept my assurance that the private key was deleted immediately after the build was completed. Other than that, it will only trust any keys that are either present in the system db or installed by the end user.

A couple of final notes: As of 17:00 EST today, I am officially (rather than merely effectively) no longer employed by Red Hat, and this binary is being provided by me rather than them, so don't ask them questions about it. Special thanks to everyone at Suse who came up with the MOK concept and did most of the implementation work - without them, this would have been impossible. Thanks also to Peter Jones for his work on debugging and writing a signing tool, and everyone else at Red Hat who contributed valuable review feedback.

Re: Microsoft signed? Is that "secure"?

Date: 2012-12-01 02:54 pm (UTC)
From: [identity profile] http://apebox.org/wordpress/
They could accidentally sign malware as authentic, but there is support for blacklisting specific signed binaries to ban them from booting, and provision in the Secure Boot spec for distributing the blacklist updates via Windows Update (and other OSes may implement it too)
From: (Anonymous)
You see, MS has been recently caught on signing serious industrial spyware/sabotage tool with their valid signature. So I have no doubt they will also sign any kind of bootkit/rootkit, should some big guys need it to do evil things on Iran PCs at their factories... or spy at *your* PC. Or someone else PC. Or whatever. If they signed hardcore industrial espionage kit, you can exepct absolutely ANYTHING from such vendor. So you can't expect security at all.

P.S. still this bootloader is an incredible workaround to these crappy initiatives where you're FORCED to "trust" to entities you have no reason to trust at all. However as for me at this point I would consider whole x86 platform with UEFI to be untrusted due to all this activity. If someone forces you to "trust" by pointing you with their gun and leaving no other options, you know, this "trust" is a big fake.

P.s.: "Those who would give up Essential Liberty to purchase a little Temporary Safety, deserve neither Liberty nor Safety." - B. Franklin.
From: (Anonymous)
Amen to that (and kudos to BF)!

P.S. To MG - I like your (not)captcha technique. Yours, or did you get it elsewhere? :-)


Re: Microsoft signed? Is that "secure"?

Date: 2012-12-01 08:06 pm (UTC)
From: (Anonymous)
there is support for blacklisting specific signed binaries to ban them from booting

Does this mean that one day in the future this shim loader could be (accidentally/deliberately) blacklisted, bricking all the devices that rely on it ?

Re: Microsoft signed? Is that "secure"?

Date: 2012-12-01 08:20 pm (UTC)
From: [identity profile] http://apebox.org/wordpress/
Yes. But, equally, so could Windows Boot Manager.

Re: Microsoft signed? Is that "secure"?

Date: 2012-12-02 03:22 am (UTC)
From: (Anonymous)
You'd need to install the revocation list updates for it to be blacklisted.

If they come from Windows Updates and you're not running Windows at all, then it seems unlikely that your system would suddenly stop working.

Of course, this assumes that the firmware doesn't have some way to update the revocation lists on its own.


Matthew Garrett

About Matthew

Power management, mobile and firmware developer on Linux. Security developer at Google. Ex-biologist. @mjg59 on Twitter. Content here should not be interpreted as the opinion of my employer.

Expand Cut Tags

No cut tags