forked from jiazhang0/SELoader
-
Notifications
You must be signed in to change notification settings - Fork 0
/
README
129 lines (110 loc) · 4.77 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
Secure EFI Loader
=================
The SELoader is designed to authenticate the non-PE files, such as grub
configuration, initrd, grub modules, which cannot be verified by the MOK
Verify Protocol registered by shim loader.
In order to conveniently authenticate the PE file with gBS->LoadImage()
and gBS->StartImage(), the SELoader hooks EFI Security2 Architectural
Protocol and employs MOK Verify Protocol to verify the PE file. If only
UEFI Secure Boot is enabled, the SELoader just simplily calls
gBS->LoadImage() and gBS->StartImage() to allow BIOS to verify PE file.
The SELoader publishes MOK2 Verify Protocol which provides a flexible
interface to allow the bootloader to verify the file, file buffer or
memory buffer without knowing the file format.
In order to establish the chain of trust, the SELoader is required to be
signed by a private key corresponding to a DB certificate, the shim
certificate, the vendor certificate or a shim MOK certificate. The specific
key is determined by the Secure Boot scheme you will use.
Using UEFI Secure Boot, MOK Verify Protocol and the SELoader together, the
boot process is completely trustworthy.
ESP Layout
----------
A typical ESP layout for x86-64 looks like below, e.g,
.
├── EFI
│ └── BOOT
│ ├── bootx64.efi
│ ├── grub.cfg
│ ├── grub.cfg.p7b
│ ├── grubx64.efi
│ ├── Hash2DxeCrypto.efi
│ ├── LockDown.efi
│ ├── mmx64.efi
│ ├── Pkcs7VerifyDxe.efi
│ ├── SELoaderx64.efi
│ └── x86_64-efi
│ ├── ...
│ ├── mok2verify.mod
│ └── ...
├── images
│ ├── bzImage
│ ├── bzImage.p7b
│ ├── initrd
│ └── initrd.p7b
└── startup.nsh
where:
- bootx64.efi
The first stage shim loader, signed by DB key and authenticated by UEFI BIOS
boot manager.
- SELoaderx64.efi
The second stage loader, authenticated by the shim loader with the vendor
certificate, shim certificate, MOK certificate or DB certificate.
- grubx64.efi
The third stage loader, authenticated by the SELoader with the same objects
as mentioned in SELoaderx64.efi.
- grub.cfg
grub configuration file.
- grub.cfg.p7b
The signature file of grub.cfg, authenticated by the SELoader.
- mok2verify.mod
Providing MOK2 Verify Protocol support, allowing the grub loader to call
SELoader to verify grub.cfg.p7b, bzImage.p7b and initrd.p7b.
- bzImage
Linux kernel.
- bzImage.p7b
The signature file of bzImage, authenticated by the SELoader.
- initrd
initramfs image.
- initrd.p7b
The signature file of initrd, authenticated by the SELoader.
- LockDown.efi
Run the automatical certificate provision for UEFI Secure Boot.
- mmx64.efi
MOK Secure Boot manager, authenticated by the shim loader.
- Pkcs7VerifyDxe.efi
Providing EFI Pkcs7 Verify Protocol support, authenticated by the SELoader.
- Hash2DxeCrypto.efi
Providing EFI Hash2 Protocol support, authenticated by the SELoader.
- startup.nsh
UEFI shell bootstrap script.
All efi binaries are signed with either DB.key or vendor_cert.key per the
secure boot scheme you choose. Refer to meta-secure-env for practical secure
boot implementation, and the signing tool sbsigntool.
Note that the SELoader can be also used alone without the shim loader.
EFI Pkcs7 Verify Protocol
-------------------------
The SELoader employs EFI PKCS7 Verify Protocol available since UEFI
Specification version 2.5 to verify the signature to prove the integrity
of checked file.
If your BIOS doesn't support this protocol, it is recommended to update
the BIOS to the latest. If the latest still doesn't support the protocol,
the SELoader is able to load the Pkcs7VerifyDxe.efi driver if available.
Usually, the Pkcs7VerifyDxe.efi driver is located in the directory where
the SELoader resides on ESP.
You can build the Pkcs7VerifyDxe.efi driver from the scratch if you would
like to do it. Refer to Bin/README for the instructions.
Known Issues
------------
- The PKCS#7 detached signature format (.p7s) is not supported.
References
----------
libsign - the signing tool used to generate SELoader PKCS#7 signature
https://github.com/jiazhang0/libsign
grub - Mok2Verify patch to verify the grub.cfg, linux kernel and initrd
https://github.com/jiazhang0/meta-secure-core/blob/master/meta-efi-secure-boot/recipes-bsp/grub/grub-efi/mok2verify-support-to-verify-non-PE-file-with-PKCS-7.patch
shim - implement MOK verify protocol
https://github.com/rhboot/shim
meta-secure-core - a practical secure boot implementation based on oe-core
https://github.com/jiazhang0/meta-secure-core
SecureCore - a complete OpenEmbedded/Poky-compatible reference implementation based on meta-secure-core
https://github.com/jiazhang0/SecureCore