diff options
| author | Peter Jones <pjones@redhat.com> | 2021-02-18 16:52:30 -0500 |
|---|---|---|
| committer | Peter Jones <pjones@redhat.com> | 2021-02-22 11:22:36 -0500 |
| commit | de9165756c5dc0ef90508e44a151619f7a3cb27f (patch) | |
| tree | 63849cd962071fbb4962cb8a2535c88455fba837 | |
| parent | 80ff1751183bd36b197ac19ed255e832af1f4fca (diff) | |
| download | efi-boot-shim-de9165756c5dc0ef90508e44a151619f7a3cb27f.tar.gz efi-boot-shim-de9165756c5dc0ef90508e44a151619f7a3cb27f.zip | |
SBAT: mirror SBAT to SbatRT and extend to PCR7 + log
This adds SBAT to our table of variables to mirror with our MoK state.
Currently it mirrors "SBAT" to a variable named "SbatRT", both using the
SHIM GUID.
Currently we enforce the current policy WRT these variables:
- we always delete SbatRT if it's present, for a couple of reasons:
- If we got here either something created it before us during boot,
which isn't a thing we believe anything should be doing, or it's an
NV variable, which it shouldn't be.
- we want to raise the error if it's NV+Authenticated
- we always delete SBAT (and do not mirror it) if it either
- doesn't have BS|NV set or
- does have RT set
- we're requiring !RT because we can't actually tell if it's an
authenticated variable or not, and we want to get the error if RT
is set and it is authenticated, because that means we've lost the
race between us and an attacker to create it.
- we always measure SBAT into PCR7 and add a log extension with the
measured hash
Signed-off-by: Peter Jones <pjones@redhat.com>
| -rw-r--r-- | README.tpm | 1 | ||||
| -rw-r--r-- | mok.c | 16 |
2 files changed, 17 insertions, 0 deletions
@@ -19,6 +19,7 @@ PCR7: - shim_cert - shim's build-time generated allowlist, logged as "Shim" - MokSBState will be extended into PCR7 if it is set, logged as "MokSBState". +- SBAT will be extended into PCR7 if it is set, logged as "SBAT" PCR8: - If you're using the grub2 TPM patchset we cary in Fedora, the kernel command @@ -229,6 +229,22 @@ struct mok_state_variable mok_state_variables[] = { .no_attr = EFI_VARIABLE_RUNTIME_ACCESS, .state = &ignore_db, }, + {.name = L"SBAT", + .name8 = "SBAT", + .rtname = L"SbatRT", + .rtname8 = "SbatRT", + .guid = &SHIM_LOCK_GUID, + .yes_attr = EFI_VARIABLE_BOOTSERVICE_ACCESS | + EFI_VARIABLE_NON_VOLATILE, + /* + * we're enforcing that SBAT can't have an RT flag here because + * there's no way to tell whether it's an authenticated variable. + */ + .no_attr = EFI_VARIABLE_RUNTIME_ACCESS, + .flags = MOK_MIRROR_DELETE_FIRST | + MOK_VARIABLE_MEASURE, + .pcr = 7, + }, { NULL, } }; |