Re: [Ksummit-discuss] [TOPIC] Secure/verified boot and roots of trust

[Matthew Garrett <mjg59@coreos.com>]

On Wed, Aug 3, 2016 at 10:04 AM, Andy Lutomirski <luto@amacapital.net> wrote:
> What's wrong with that?  In grub language, this would be approximately:
>
> linuxefi path/to/image
> linuxkeypolicy path/to/policy

Thinking about it further - there's no real problem integrating this
with a build-time key. Rather than having the public half in the
kernel, stash the public half in the packaging and then have the
signing step (that's signing the kernel anyway) also sign the key. The
bootloader verifies that the key is signed by a trusted root and
passes that on to the kernel. If we have a standardised mechanism for
the bootloader to pass this information on, it's absolutely possible
to push the root of trust down to the bootloader (and also make it
responsible for pulling any other signing keys out of EFI variables or
wherever)

> Anyway, here's a concrete proposal for a cross-arch way to pass
> trusted policy from the bootloader to the kernel: define a new
> structure:
>
> struct trusted_policy_header {
>   unsigned long size;
> };
>
> Rig up the linker script so the trusted_policy is at the very end of
> the kernel virtual address space and lives in its own ELF segment (or
> arch equivalent).  That segment will have filesize == 0 and memsize ==
> sizeof(struct trusted_policy_header).  Mark the segment so the
> bootloader knows about it.
>
> Now the bootloader can supply policy (keys and whatever else it wants)
> by simply writing it to the trusted_policy_header and beyond in
> memory.

The bootloader doesn't see the ELF object on (at least) x86?