jiazhang0 / seloader Goto Github PK

Secure EFI Loader designed to authenticate the non-PE files

License: BSD 3-Clause "New" or "Revised" License

Makefile 0.11% C++ 2.38% C 97.49% SWIG 0.03%

efi bootloader secure-boot mok security integrity shim

seloader's Introduction

Secure EFI Loader
=================

The SELoader is designed to authenticate the non-PE files, such as grub
configuration, initrd, grub modules, which cannot be verified by the MOK
Verify Protocol registered by shim loader.

In order to conveniently authenticate the PE file with gBS->LoadImage()
and gBS->StartImage(), the SELoader hooks EFI Security2 Architectural
Protocol and employs MOK Verify Protocol to verify the PE file. If only
UEFI Secure Boot is enabled, the SELoader just simplily calls
gBS->LoadImage() and gBS->StartImage() to allow BIOS to verify PE file.

The SELoader publishes MOK2 Verify Protocol which provides a flexible
interface to allow the bootloader to verify the file, file buffer or
memory buffer without knowing the file format.

In order to establish the chain of trust, the SELoader is required to be
signed by a private key corresponding to a DB certificate, the shim
certificate, the vendor certificate or a shim MOK certificate. The specific
key is determined by the Secure Boot scheme you will use.

Using UEFI Secure Boot, MOK Verify Protocol and the SELoader together, the
boot process is completely trustworthy.

ESP Layout
----------
A typical ESP layout for x86-64 looks like below, e.g,

.
├── EFI
│ └── BOOT
│ ├── bootx64.efi
│ ├── grub.cfg
│ ├── grub.cfg.p7b
│ ├── grubx64.efi
│ ├── Hash2DxeCrypto.efi
│ ├── LockDown.efi
│ ├── mmx64.efi
│ ├── Pkcs7VerifyDxe.efi
│ ├── SELoaderx64.efi
│ └── x86_64-efi
│ ├── ...
│ ├── mok2verify.mod
│ └── ...
├── images
│ ├── bzImage
│ ├── bzImage.p7b
│ ├── initrd
│ └── initrd.p7b
└── startup.nsh

where:
- bootx64.efi
The first stage shim loader, signed by DB key and authenticated by UEFI BIOS
boot manager.
- SELoaderx64.efi
The second stage loader, authenticated by the shim loader with the vendor
certificate, shim certificate, MOK certificate or DB certificate.
- grubx64.efi
The third stage loader, authenticated by the SELoader with the same objects
as mentioned in SELoaderx64.efi.
- grub.cfg
grub configuration file.
- grub.cfg.p7b
The signature file of grub.cfg, authenticated by the SELoader.
- mok2verify.mod
Providing MOK2 Verify Protocol support, allowing the grub loader to call
SELoader to verify grub.cfg.p7b, bzImage.p7b and initrd.p7b.
- bzImage
Linux kernel.
- bzImage.p7b
The signature file of bzImage, authenticated by the SELoader.
- initrd
initramfs image.
- initrd.p7b
The signature file of initrd, authenticated by the SELoader.
- LockDown.efi
Run the automatical certificate provision for UEFI Secure Boot.
- mmx64.efi
MOK Secure Boot manager, authenticated by the shim loader.
- Pkcs7VerifyDxe.efi
Providing EFI Pkcs7 Verify Protocol support, authenticated by the SELoader.
- Hash2DxeCrypto.efi
Providing EFI Hash2 Protocol support, authenticated by the SELoader.
- startup.nsh
UEFI shell bootstrap script.

All efi binaries are signed with either DB.key or vendor_cert.key per the
secure boot scheme you choose. Refer to meta-secure-env for practical secure
boot implementation, and the signing tool sbsigntool.

Note that the SELoader can be also used alone without the shim loader.

EFI Pkcs7 Verify Protocol
-------------------------
The SELoader employs EFI PKCS7 Verify Protocol available since UEFI
Specification version 2.5 to verify the signature to prove the integrity
of checked file.

If your BIOS doesn't support this protocol, it is recommended to update
the BIOS to the latest. If the latest still doesn't support the protocol,
the SELoader is able to load the Pkcs7VerifyDxe.efi driver if available.
Usually, the Pkcs7VerifyDxe.efi driver is located in the directory where
the SELoader resides on ESP.

You can build the Pkcs7VerifyDxe.efi driver from the scratch if you would
like to do it. Refer to Bin/README for the instructions.

Known Issues
------------
- The PKCS#7 detached signature format (.p7s) is not supported.

References
----------
libsign - the signing tool used to generate SELoader PKCS#7 signature
https://github.com/jiazhang0/libsign

grub - Mok2Verify patch to verify the grub.cfg, linux kernel and initrd
https://github.com/jiazhang0/meta-secure-core/blob/master/meta-efi-secure-boot/recipes-bsp/grub/grub-efi/mok2verify-support-to-verify-non-PE-file-with-PKCS-7.patch

shim - implement MOK verify protocol
https://github.com/rhboot/shim

meta-secure-core - a practical secure boot implementation based on oe-core
https://github.com/jiazhang0/meta-secure-core

SecureCore - a complete OpenEmbedded/Poky-compatible reference implementation based on meta-secure-core
https://github.com/jiazhang0/SecureCore

seloader's People

Contributors

Stargazers

Watchers

seloader's Issues

undefined reference to 'gEfiLoadedImageProtocolGuid'

While linking SELoader I get the following error:

Efi/Lib/libSELoader.a(Image.o): In function LoadImage':Image.c:(.text+0x26): undefined reference to gEfiLoadedImageProtocolGuid'
x86_64-poky-linux-ld:Efi/Lib/libSELoader.a(Image.o): relocation R_X86_64_PC32 against undefined hidden symbol `gEfiLoadedImageProtocolGuid' can not be used when making a shared object
x86_64-poky-linux-ld: final link failed: Bad value

I can see why this happens:

In Src/Efi/Lib/Image.c EfiLoadedImageProtocolGuid declaration is dependent on:

#if GNU_EFI_VERSION <= 303

Then in LoadImage(), EfiLoadedImageProtocolGuid is accessed unconditionally:

Status = EfiProtocolOpen(gThisImage, &gEfiLoadedImageProtocolGuid,
(VOID **)&LoadedImage);

Causing the undefined symbol.

Therefore if the GNU_EFI_VERSION is > 303, linking will fail.

Is this the correct behaviour? Should versions of gnu-efi above 3.0.3 be supported with some alternative? Or is it intended, that only versions below 3.0.3 are supported (despite Mak.env having a default of 3.0.5)?

seloader skip checking PE and p7b signature

Hi Jia,
I'm running into a problem, with upstream SecureCore on qemu, grubx64.efi and grub.cfg.p7b checking are bypassed. For example, if grub.cfg.p7b is removed or grubx64.efi is signed by a unknown key, seloader can boot grub, which is not an expected behavior.

Sounds in MokVerifyProtocolInstalled(), seloader can't locate gEfiMokVerifyProtocolGuid, see:

Status = EfiProtocolLocate(&gEfiMokVerifyProtocolGuid,
(VOID **)&MokVerifyProtocol);

I guess gEfiMokVerifyProtocolGuid is installed by shim loader, but why this protocol is not located by seloader?

Can you help with this?

Thanks,
Yunguo

Loading files on other devices?

Does this support opening files in locations other than where the module itself resides? For example, if I have (hd0,gpt1) as where SELoader (and shim and everything else reside) and wish to have GRUB load from a FAT partition that's on (hd0,gpt2) instead AFAICT SELoader (and Mok2Verify) is passing back FILE_NOT_FOUND even if yes, the file really does exist. Any pointers greatly appreciated, thanks!

Verify grub modules and fonts

It doesn't seem to verify grub modules even though README claims it. Am I missing something?
I'm also thinking about fonts. How do you handle them?

I tried to workaround the issue with grub-mkstandalone but it didn't work with secure booting. Probably the problem is that SELoader doesn't support separated filesystems. Right?

Is it enough to embed all needed modules with grub-mkimage?

The SELoader built failed with gnu-efi 3.0.8: multiple definition of `StrnCpy'

The SELoader built failed with gnu-efi 3.0.8:

| /build/tmp-glibc/work/core2-64-wrs-linux/seloader/0.4.5+gitAUTOINC+9c2723afae-r0/recipe-sysroot/usr/lib64/libefi.a(str.o): In function StrnCpy': | /usr/src/debug/gnu-efi/3.0.8-r0/gnu-efi-3.0.8//lib/str.c:124: multiple definition of StrnCpy'
| /build/tmp-glibc/work/core2-64-wrs-linux/seloader/0.4.5+gitAUTOINC+9c2723afae-r0/git/Src/Efi/Lib/BaseLibrary/libBaseLibrary.a(StrnCpy.o):StrnCpy.c:(.text+0x0): first defined here
| /build/tmp-glibc/work/core2-64-wrs-linux/seloader/0.4.5+gitAUTOINC+9c2723afae-r0/git/Rules.mk:9: recipe for target 'SELoader.so' failed
| make[2]: *** [SELoader.so] Error 1

This is because gnu-efi 3.0.8 also define StrnCpy function in the following commit:

commit 9485c65f6d28b71ff697849c1c8d47fd077ccd07
Author: Peter Jones [email protected]
Date: Tue Mar 13 15:20:28 2018 -0400

gnu-efi: add some more common string functions.

This adds bounded string helper functions:

StrnLen()
StrnCpy()
StrnCat()
StpnCpy()

And the unbounded function StpCpy().

Signed-off-by: Peter Jones <[email protected]>
Signed-off-by: Nigel Croxon <[email protected]>

Recommend Projects

React

A declarative, efficient, and flexible JavaScript library for building user interfaces.
Vue.js

🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript

TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
TensorFlow

An Open Source Machine Learning Framework for Everyone
Django

The Web framework for perfectionists with deadlines.
Laravel

A PHP framework for web artisans
D3

Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

javascript

JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
web

Some thing interesting about web. New door for the world.
server

A server is a program made to process requests and deliver data to clients.
Machine learning

Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Visualization

Some thing interesting about visualization, use data art
Game

Some thing interesting about game, make everyone happy.

Recommend Org

Facebook

We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft

Open source projects and samples from Microsoft.
Google

Google ❤️ Open Source for everyone.
Alibaba

Alibaba Open Source for everyone
D3

Data-Driven Documents codes.
Tencent

China tencent open source team.