From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id C9D46C433EF for ; Thu, 16 Jun 2022 15:51:32 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1377668AbiFPPvb (ORCPT ); Thu, 16 Jun 2022 11:51:31 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:57206 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1377612AbiFPPv3 (ORCPT ); Thu, 16 Jun 2022 11:51:29 -0400 Received: from mail-oa1-x2e.google.com (mail-oa1-x2e.google.com [IPv6:2001:4860:4864:20::2e]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 416CC42A2C for ; Thu, 16 Jun 2022 08:51:28 -0700 (PDT) Received: by mail-oa1-x2e.google.com with SMTP id 586e51a60fabf-100eb6f7782so2384996fac.2 for ; Thu, 16 Jun 2022 08:51:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=/gQbIaU17eRw5sO/hecNb5FpluiGnQGygV2egDmXIIk=; b=ehE/gd4tah9jS/e8Ze0l+xwI3htCbpaNOqoUJX7AbepMSAJB7sjMCvDJmqYls5FM/e F+y7gfLeUntwqRbT824JObmT4UsnMPnZepY+gdttD59wtsyHuqRPnFlASHQpgPMKidRb BCO5iBlThav5VCTLbd9PY0Av71Kt15RjOCU8k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=/gQbIaU17eRw5sO/hecNb5FpluiGnQGygV2egDmXIIk=; b=sy7UH8uJc6HD4jXdiQKgetxNAjkrj1+vTK1dudQbYNgUBB+t8oJo840g5MeY8Q5her 1Lqnya5Tye1DYH6XhmfvjwTsMhF3L6gFb/B/gULEF9BijIF7R3FhmLgFy2sjr90BnH1a lp5sNUxJYwo97X4rSt+swDjXUaUSZdC7RxXC0BoPxkUNTKTCuUJXmoZaola+csHxVvv2 digMSrJSECl0JsFMaz52AeQR86N1eXiA4bDbNW+9cYYlleZa8coB25UqSsjEKXUBclSy WEfRDa8lUwuvIBDbePZrqXkCdXoUBBrTwUp09ru19a5wcVDuzcsjoyJQKhI77ws1Bhuq 0NBA== X-Gm-Message-State: AJIora+aqO9OKuHZTA9/CDkeYBLpoGIe8ph+hOXE8PbT19UdRxgokP47 Yl0LNIEfR4X+uDYIzZHlZ/rRs3zPKj7Cpg== X-Google-Smtp-Source: AGRyM1uTHC4tPEJZ9kOessXlZmZ0QVxt5XKFbDKXQiEfLfsJ7NulWwBC8DUw+mdAOicAh0QlUdnhpg== X-Received: by 2002:a05:6870:1c8:b0:f3:3165:d271 with SMTP id n8-20020a05687001c800b000f33165d271mr3309348oad.64.1655394687270; Thu, 16 Jun 2022 08:51:27 -0700 (PDT) Received: from mail-oi1-f173.google.com (mail-oi1-f173.google.com. [209.85.167.173]) by smtp.gmail.com with ESMTPSA id y125-20020acae183000000b00325cda1ff8esm1001519oig.13.2022.06.16.08.51.27 for (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 16 Jun 2022 08:51:27 -0700 (PDT) Received: by mail-oi1-f173.google.com with SMTP id h187so2354478oif.4 for ; Thu, 16 Jun 2022 08:51:27 -0700 (PDT) X-Received: by 2002:a05:6870:5247:b0:fb:2e60:26c6 with SMTP id o7-20020a056870524700b000fb2e6026c6mr3012759oai.241.1655394200150; Thu, 16 Jun 2022 08:43:20 -0700 (PDT) MIME-Version: 1.0 References: <20220504232102.469959-1-evgreen@chromium.org> <20220506160807.GA1060@bug> In-Reply-To: From: Evan Green Date: Thu, 16 Jun 2022 08:42:43 -0700 X-Gmail-Original-Message-ID: Message-ID: Subject: Re: [PATCH 00/10] Encrypted Hibernation To: "Rafael J. Wysocki" Cc: Pavel Machek , LKML , Matthew Garrett , Daniil Lunev , zohar@linux.ibm.com, "James E.J. Bottomley" , linux-integrity@vger.kernel.org, Jonathan Corbet , "Rafael J. Wysocki" , Gwendal Grignou , Jarkko Sakkinen , Linux PM , David Howells , Hao Wu , James Morris , Jason Gunthorpe , Len Brown , Peter Huewe , "Serge E. Hallyn" , axelj , keyrings@vger.kernel.org, "open list:DOCUMENTATION" , linux-security-module@vger.kernel.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, May 17, 2022 at 10:34 AM Evan Green wrote: > > Hi Rafael, > > On Tue, May 17, 2022 at 9:06 AM Rafael J. Wysocki wrote: > > > > On Mon, May 9, 2022 at 6:44 PM Evan Green wrote: > > > > > > On Fri, May 6, 2022 at 9:08 AM Pavel Machek wrote: > > > > > > > > Hi! > > > > > > > > > We are exploring enabling hibernation in some new scenarios. However, > > > > > our security team has a few requirements, listed below: > > > > > 1. The hibernate image must be encrypted with protection derived from > > > > > both the platform (eg TPM) and user authentication data (eg > > > > > password). > > > > > 2. Hibernation must not be a vector by which a malicious userspace can > > > > > escalate to the kernel. > > > > > > > > Can you (or your security team) explain why requirement 2. is needed? > > > > > > > > On normal systems, trusted userspace handles kernel upgrades (for example), > > > > so it can escalate to kernel priviledges. > > > > > > > > > > Our systems are a little more sealed up than a normal distro, we use > > > Verified Boot [1]. To summarize, RO firmware with an embedded public > > > key verifies that the kernel+commandline was signed by Google. The > > > commandline includes the root hash of the rootfs as well (where the > > > modules live). So when an update is applied (A/B style, including the > > > whole rootfs), assuming the RO firmware stayed RO (which requires > > > physical measures to defeat), we can guarantee that the kernel, > > > commandline, and rootfs have not been tampered with. > > > > > > Verified boot gives us confidence that on each boot, we're at least > > > starting from known code. This makes it more challenging for an > > > attacker to persist an exploit across reboot. With the kernel and > > > modules verified, we try to make it non-trivial for someone who does > > > manage to gain root execution once from escalating to kernel > > > execution. Hibernation would be one obvious escalation route, so we're > > > hoping to find a way to enable it without handing out that easy > > > primitive. > > > > > > [1] https://www.chromium.org/chromium-os/chromiumos-design-docs/verified-boot/ > > > > So I guess this really is an RFC. > > Yes, I suppose it is. > > > > > Honestly, I need more time to go through this and there are pieces of > > it that need to be looked at other people (like the TPM-related > > changes). > > No problem, thanks for the reply to let me know. I expect some back > and forth in terms of what should be hidden behind abstractions and > where exactly things should live. But I wanted to get this out to > upstream as early as I could, just to get initial reactions on the > overall concept and design. Looking forward to hearing your thoughts > when you get a chance, and let me know if there are others I should be > adding that I've missed. Gentle bump in case this dropped off of radars, I'd still appreciate any feedback folks had on this series. -Evan > > -Evan > > > > > Thanks!