[PATCH RFC 06/12] integrity: Trust mok keys if MokListTrustedRT found

From: Eric Snowberg <eric.snowberg@oracle.com>
To: keyrings@vger.kernel.org, linux-integrity@vger.kernel.org,
	zohar@linux.ibm.com, dhowells@redhat.com, dwmw2@infradead.org,
	herbert@gondor.apana.org.au, davem@davemloft.net,
	jarkko@kernel.org, jmorris@namei.org, serge@hallyn.com
Cc: eric.snowberg@oracle.com, keescook@chromium.org,
	gregkh@linuxfoundation.org, torvalds@linux-foundation.org,
	scott.branden@broadcom.com, weiyongjun1@huawei.com,
	nayna@linux.ibm.com, ebiggers@google.com, ardb@kernel.org,
	nramas@linux.microsoft.com, lszubowi@redhat.com,
	linux-kernel@vger.kernel.org, linux-crypto@vger.kernel.org,
	linux-security-module@vger.kernel.org,
	James.Bottomley@HansenPartnership.com, pjones@redhat.com,
	glin@suse.com, konrad.wilk@oracle.com
Subject: [PATCH RFC 06/12] integrity: Trust mok keys if MokListTrustedRT found
Date: Tue,  6 Jul 2021 22:43:57 -0400	[thread overview]
Message-ID: <20210707024403.1083977-7-eric.snowberg@oracle.com> (raw)
In-Reply-To: <20210707024403.1083977-1-eric.snowberg@oracle.com>

A new MOK variable called MokListTrustedRT has been introduced in shim.
When this UEFI variable is set, it indicates the end-user has made the
decision themself that they wish to trust MOK keys within the Linux
trust boundary.  It is not an error if this variable does not exist. If
it does not exist, the MOK keys should not be trusted within the kernel.

MOK variables are mirrored from Boot Services to Runtime Services.  When
shim sees the new MokTML BS variable, it will create a new variable
(before Exit Boot Services is called) called MokListTrustedRT without
EFI_VARIABLE_NON_VOLATILE set.  Following Exit Boot Services, UEFI
variables can only be set and created with SetVariable if both
EFI_VARIABLE_RUNTIME_ACCESS & EFI_VARIABLE_NON_VOLATILE are set.
Therefore, this can not be defeated by simply creating a MokListTrustedRT
variable from Linux, the existence of EFI_VARIABLE_NON_VOLATILE will cause
uefi_check_trust_mok_keys to return false.

Signed-off-by: Eric Snowberg <eric.snowberg@oracle.com>
---
 .../integrity/platform_certs/mok_keyring.c    | 38 +++++++++++++++++++
 1 file changed, 38 insertions(+)

diff --git a/security/integrity/platform_certs/mok_keyring.c b/security/integrity/platform_certs/mok_keyring.c
index 2b0d17caf8fd..666fa355996d 100644
--- a/security/integrity/platform_certs/mok_keyring.c
+++ b/security/integrity/platform_certs/mok_keyring.c
@@ -5,8 +5,11 @@
  * Copyright (c) 2021, Oracle and/or its affiliates.
  */
 
+#include <linux/efi.h>
 #include "../integrity.h"
 
+bool trust_mok;
+
 static __init int mok_keyring_init(void)
 {
 	int rc;
@@ -24,3 +27,38 @@ void __init destroy_mok_keyring(void)
 {
 	return integrity_destroy_keyring(INTEGRITY_KEYRING_MOK);
 }
+
+/*
+ * Try to load the MokListTrustedRT UEFI variable to see if we should trust
+ * the mok keys within the kernel. It is not an error if this variable
+ * does not exist.  If it does not exist, mok keys should not be trusted
+ * within the kernel.
+ */
+static __init bool uefi_check_trust_mok_keys(void)
+{
+	efi_status_t status;
+	unsigned int mtrust = 0;
+	unsigned long size = sizeof(mtrust);
+	efi_guid_t guid = EFI_SHIM_LOCK_GUID;
+	u32 attr;
+
+	status = efi.get_variable(L"MokListTrustedRT", &guid, &attr, &size, &mtrust);
+
+	/*
+	 * The EFI_VARIABLE_NON_VOLATILE check is to verify MokListTrustedRT
+	 * was set thru shim mirrioring and not by a user from the host os.
+	 * According to the UEFI spec, once EBS is performed, SetVariable()
+	 * will succeed only when both EFI_VARIABLE_RUNTIME_ACCESS &
+	 * EFI_VARIABLE_NON_VOLATILE are set.
+	 */
+	return (status == EFI_SUCCESS && (!(attr & EFI_VARIABLE_NON_VOLATILE)));
+}
+
+static __init int mok_keyring_trust_setup(void)
+{
+	if (uefi_check_trust_mok_keys())
+		trust_mok = true;
+	return 0;
+}
+
+late_initcall(mok_keyring_trust_setup);
-- 
2.18.4

