[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE
|
From: |
Roger Pau Monné |
|
Subject: |
Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type |
|
Date: |
Tue, 19 Mar 2024 13:12:20 +0100 |
On Thu, Mar 14, 2024 at 02:24:31PM +0000, Ross Lagerwall wrote:
> On Thu, Mar 14, 2024 at 1:37 PM Jan Beulich <jbeulich@suse.com> wrote:
> >
> > On 14.03.2024 10:30, Ross Lagerwall wrote:
> > > On Thu, Mar 14, 2024 at 7:24 AM Jan Beulich <jbeulich@suse.com> wrote:
> > >>
> > >> On 13.03.2024 16:07, Ross Lagerwall wrote:
> > >>> In addition to the existing address and ELF load types, specify a new
> > >>> optional PE binary load type. This new type is a useful addition since
> > >>> PE binaries can be signed and verified (i.e. used with Secure Boot).
> > >>
> > >> And the consideration to have ELF signable (by whatever extension to
> > >> the ELF spec) went nowhere?
> > >>
> > >
> > > I'm not sure if you're referring to some ongoing work to create signable
> > > ELFs that I'm not aware of.
> >
> > Something must have been invented already to make Linux modules signable.
>
> Linux module signatures operate outside of the ELF container. In fact,
> AFAIK the actual signed content could be anything. The file format is:
>
> * Content (i.e. ELF binary)
> * Signature of content in PKCS7 format
> * Signature info, including signature length
> * Magic marker: "~Module signature appended~\n"
>
> This kind of arrangement does indeed work but it is fragile. Since the
> signature is on the entire contents and tools that understand ELF don't
> parse the signature, any transformation of the binary (e.g. to
> strip out debuginfo) will cause the signature to be lost / invalidated.
>
> Nevertheless, this could still be an option for Xen if this is
> deemed to be a preferred solution by others. It would be good to hear
> some opinions on this.
No, IMO the PE route is likely the best one, as there's already all
the tooling around it, and it's what other OSes use to perform secure
boot.
It would have been nice for ELF to grow an extension to the spec for
image integrity data, but I don't see myself doing the work TBH.
Thanks, Roger.
- [PATCH 0/7] GRUB: Supporting Secure Boot of xen.gz, Ross Lagerwall, 2024/03/13
- [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Ross Lagerwall, 2024/03/13
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Jan Beulich, 2024/03/14
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Damien Zammit, 2024/03/14
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Vladimir 'phcoder' Serbinenko, 2024/03/14
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Ross Lagerwall, 2024/03/14
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Jan Beulich, 2024/03/14
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Ross Lagerwall, 2024/03/14
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Jan Beulich, 2024/03/14
- Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type,
Roger Pau Monné <=
Re: [PATCH 1/7] multiboot2: Add load type header and support for the PE binary type, Roger Pau Monné, 2024/03/19
[PATCH 3/7] multiboot2: Add support for the load type header tag, Ross Lagerwall, 2024/03/13
[PATCH 2/7] multiboot2: Allow 64-bit entry tags, Ross Lagerwall, 2024/03/13