Re: [PATCH v10 8/8] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true

From: Eric Snowberg <eric.snowberg@oracle.com>
To: "Michal Suchánek" <msuchanek@suse.de>
Cc: David Howells <dhowells@redhat.com>,
	"dwmw2@infradead.org" <dwmw2@infradead.org>,
	"ardb@kernel.org" <ardb@kernel.org>,
	Jarkko Sakkinen <jarkko@kernel.org>,
	"jmorris@namei.org" <jmorris@namei.org>,
	"serge@hallyn.com" <serge@hallyn.com>,
	"nayna@linux.ibm.com" <nayna@linux.ibm.com>,
	Mimi Zohar <zohar@linux.ibm.com>,
	"keescook@chromium.org" <keescook@chromium.org>,
	"torvalds@linux-foundation.org" <torvalds@linux-foundation.org>,
	"weiyongjun1@huawei.com" <weiyongjun1@huawei.com>,
	"keyrings@vger.kernel.org" <keyrings@vger.kernel.org>,
	"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>,
	"linux-efi@vger.kernel.org" <linux-efi@vger.kernel.org>,
	"linux-security-module@vger.kernel.org" 
	<linux-security-module@vger.kernel.org>,
	"James.Bottomley@hansenpartnership.com" 
	<James.Bottomley@hansenpartnership.com>,
	"pjones@redhat.com" <pjones@redhat.com>,
	Konrad Wilk <konrad.wilk@oracle.com>
Subject: Re: [PATCH v10 8/8] integrity: Only use machine keyring when uefi_check_trust_mok_keys is true
Date: Mon, 11 Apr 2022 16:39:42 +0000	[thread overview]
Message-ID: <C970A5DB-0238-4B5A-9935-588DF9B1DDEF@oracle.com> (raw)
In-Reply-To: <20220411110640.GC163591@kunlun.suse.cz>

> On Apr 11, 2022, at 5:06 AM, Michal Suchánek <msuchanek@suse.de> wrote:
> 
> Hello,
> 
> On Tue, Jan 25, 2022 at 09:58:34PM -0500, Eric Snowberg wrote:
>> With the introduction of uefi_check_trust_mok_keys, it signifies the end-
> 
> What value does such flag have?
> 
> The user is as much in control of the flag as the MOK keys.

The flag allows the system owner (not root) the ability to determine 
if they want to load MOKList into the machine keyring.  Keys contained 
in the machine keyring are then linked to the secondary.  The flag is no 
different than the '—ignore-db' currently available in shim, which then 
gets propagated to Linux (uefi_check_ignore_db).  These flags can be 
set by the system owner, who can prove physical presence.  

>> user wants to trust the machine keyring as trusted keys.  If they have
>> chosen to trust the machine keyring, load the qualifying keys into it
>> during boot, then link it to the secondary keyring .  If the user has not
>> chosen to trust the machine keyring, it will be empty and not linked to
>> the secondary keyring.
> 
> Why is importing the keys and using them linked together?
> 
> If later we get, say, machine keyring on powerpc managed by secvarctl
> then it has its value to import the keyring and be able to list the
> content with the same tools on EFI and powerpc.

The machine keyring is linked to the secondary keyring, exactly the same way 
the builtin is linked to it.  Linking this way should eliminate the need to change 
any user space tools to list the contents. 

> It also makes sense to be able to configure the kernel to import the
> keys and not use them. I don't see any value in configuring that in
> shim, though. shim is both source of the key material and the flag so
> the flag is redundant, it does not exist on existing shim versions
> installed on user systems, and it's unlikely to exist on other
> plaltforms, either.

I’m sure other solutions to enable it will be accepted as well.  I know Mimi was testing 
without shim using a different method.