From: Andy Lutomirski <luto@kernel.org>
To: David Howells <dhowells@redhat.com>
Cc: Andy Lutomirski <luto@kernel.org>,
Matthew Garrett <mjg59@google.com>,
Ard Biesheuvel <ard.biesheuvel@linaro.org>,
James Morris <jmorris@namei.org>,
Alan Cox <gnomes@lxorguk.ukuu.org.uk>,
Linus Torvalds <torvalds@linux-foundation.org>,
Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Justin Forbes <jforbes@redhat.com>,
linux-man <linux-man@vger.kernel.org>, joeyli <jlee@suse.com>,
LSM List <linux-security-module@vger.kernel.org>,
Linux API <linux-api@vger.kernel.org>,
Kees Cook <keescook@chromium.org>,
linux-efi <linux-efi@vger.kernel.org>
Subject: Re: [GIT PULL] Kernel lockdown for secure boot
Date: Tue, 3 Apr 2018 15:39:14 -0700 [thread overview]
Message-ID: <CALCETrV6E+r942K+fu-ALNf-x6qOZ3o1hNKGeu7qEMvr8sMP9A@mail.gmail.com> (raw)
In-Reply-To: <9349.1522794769@warthog.procyon.org.uk>
On Tue, Apr 3, 2018 at 3:32 PM, David Howells <dhowells@redhat.com> wrote:
> Andy Lutomirski <luto@kernel.org> wrote:
>
>> > If the user can arbitrarily modify the running kernel image, you cannot
>> > trust anything. You cannot determine the trustworthiness of something
>> > because your basis for determining that trust can be compromised.
>>
>> I'm having a very, very hard time coming up with a scenario where I
>> can "trust" something if an attacker can get root but can't modify the
>> running kernel image but I can't "trust" something if the attacker
>> can't.
>
> Eh? If the attacker can't what? Did you mean to put "can" at the end of that
> rather than "can't"? I don't see why the kernel-level trust would be
> compromised if an attacker can't get root and can't modify the running kernel
> image.
Whoops, yes.
>
> Here's a simple scenario: You boot your machine. You have module verification
> keys in your kernel. You have /dev/mem available for root to read/write. A
> program running as root can modify the keys in your kernel or just disable the
> checking code entirely. It can now insmod any module it likes. You may as
> well not bother with signed modules. In fact, it can modify the running
> kernel image in any way it likes, without even having to load modules.
I don't particularly disagree with any of this, but you seem to be
saying "if you've bought into the party line wrt signed modules, you
had better enable lockdown, too". I *don't* buy into the party line
about why signed modules should be needed for Secure Boot.
> There's no point bothering with UID/GID checking either.
Give me a break. There's a *huge* difference between a system where
only root can load unsigned modules and a system where anyone can load
unsigned modules.
>
>> > Stopping the kernel from being arbitrarily read stops any encryption keys it
>> > may be using from being retrieved.
>>
>> If I build a server that runs Panera Bread 2.0's website, and the
>> attacker exploits my machine to steal tens of millions of customer
>> records by getting the machine to talk to some database server using
>> keys that are securely stored in the kernel keyring, ...
>
> I was thinking more in terms of preventing access to the encrypted data on
> your own disk. The key for that could be unlocked using a TPM, but the
> session key then has to be retained in RAM for performance reasons unless you
> can transfer the session key to, say, your SATA controller without it going
> through the CPU.
>
> However, if /dev/mem can be read, any root process can extract the session key
> for your disk.
Any root process can read /dev/mapper/plaintext_disk, lockdown or otherwise.
>
> But, as you suggest, they could also protect secrets used in communications.
> However, the communications themselves have to be exposed to userspace for
> userspace to be able to use them. That is unavoidable. The kernel keyring,
> for example, tries to restrict who can even see a key, much less use it as
> much as possible - but ptrace() exists... You are no less vulnerable if the
> key is held in a userspace process; then the attacker can get the key and the
> data.
>
> If the kernel is locked down, the aim is to try and make sure that keys
> stashed in the kernel cannot be read, though they have to be able to be used,
> or there's no point to them.
Sure. I have no problem with having an upstream kernel have a
lockdown feature, although I think that feature should distinguish
between reads and writes. But I don't think the upstream kernel
should apply a patch that ties any of this to Secure Boot without a
genuine technical reason why it makes sense.
next prev parent reply other threads:[~2018-04-03 22:39 UTC|newest]
Thread overview: 126+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-03-30 23:29 [GIT PULL] Kernel lockdown for secure boot David Howells
2018-03-31 0:46 ` James Morris
2018-04-03 0:37 ` Andy Lutomirski
2018-04-03 0:59 ` Kees Cook
2018-04-03 1:47 ` Andy Lutomirski
2018-04-03 7:06 ` David Howells
2018-04-03 15:11 ` Andy Lutomirski
2018-04-03 15:41 ` Alexei Starovoitov
2018-04-03 16:26 ` Andy Lutomirski
2018-04-03 16:29 ` Matthew Garrett
2018-04-03 16:45 ` Andy Lutomirski
2018-04-03 18:45 ` Kees Cook
2018-04-03 19:01 ` Andy Lutomirski
2018-04-03 19:07 ` Kees Cook
2018-04-03 19:29 ` Matthew Garrett
2018-04-03 21:51 ` Andy Lutomirski
2018-04-04 18:42 ` Peter Jones
2018-04-04 20:01 ` Thomas Gleixner
2018-04-04 20:18 ` Matthew Garrett
2018-04-05 18:47 ` Andy Lutomirski
2018-04-06 4:42 ` Peter Dolding
2018-04-03 17:16 ` David Howells
2018-04-03 19:01 ` Andy Lutomirski
2018-04-03 19:49 ` David Howells
2018-04-03 21:58 ` Andy Lutomirski
2018-04-03 22:32 ` David Howells
2018-04-03 22:39 ` Andy Lutomirski [this message]
2018-04-03 22:46 ` Linus Torvalds
2018-04-03 22:51 ` Matthew Garrett
2018-04-03 22:53 ` Andy Lutomirski
2018-04-03 23:08 ` Justin Forbes
2018-04-03 23:09 ` Matthew Garrett
2018-04-03 23:08 ` Linus Torvalds
2018-04-03 23:10 ` Linus Torvalds
2018-04-03 23:17 ` Matthew Garrett
2018-04-03 23:26 ` Linus Torvalds
2018-04-03 23:39 ` Linus Torvalds
2018-04-03 23:47 ` Matthew Garrett
2018-04-04 0:02 ` Linus Torvalds
2018-04-04 0:04 ` Matthew Garrett
2018-04-04 0:08 ` Linus Torvalds
2018-04-04 0:12 ` Matthew Garrett
2018-04-05 14:58 ` Alan Cox
2018-04-04 0:22 ` David Howells
2018-04-05 17:59 ` Alan Cox
2018-04-05 18:03 ` Matthew Garrett
2018-04-03 23:45 ` Matthew Garrett
2018-04-03 23:55 ` Linus Torvalds
2018-04-03 23:59 ` Matthew Garrett
2018-04-04 0:06 ` Linus Torvalds
2018-04-04 0:10 ` Matthew Garrett
2018-04-04 0:15 ` Linus Torvalds
2018-04-04 0:16 ` Matthew Garrett
2018-04-04 0:18 ` Andy Lutomirski
2018-04-04 0:19 ` Matthew Garrett
2018-04-04 9:04 ` Greg Kroah-Hartman
2018-04-04 0:25 ` Linus Torvalds
2018-04-04 0:33 ` Linus Torvalds
2018-04-04 0:46 ` Matthew Garrett
2018-04-04 0:56 ` Linus Torvalds
2018-04-04 1:13 ` Matthew Garrett
2018-04-04 1:43 ` Linus Torvalds
2018-04-04 4:30 ` Matthew Garrett
2018-04-04 12:57 ` Theodore Y. Ts'o
2018-04-04 13:02 ` Greg Kroah-Hartman
2018-04-04 13:34 ` Theodore Y. Ts'o
2018-04-04 13:57 ` Greg Kroah-Hartman
2018-04-04 13:29 ` Mike Galbraith
2018-04-04 16:20 ` Matthew Garrett
2018-04-08 22:00 ` Pavel Machek
2018-04-04 13:33 ` David Howells
2018-04-04 13:52 ` Theodore Y. Ts'o
2018-04-04 16:22 ` Matthew Garrett
2018-04-04 16:39 ` Andy Lutomirski
2018-04-04 16:42 ` Matthew Garrett
2018-04-04 16:46 ` Justin Forbes
2018-04-05 0:05 ` Peter Dolding
2018-04-05 0:20 ` Matthew Garrett
2018-04-04 13:57 ` David Howells
2018-04-04 16:09 ` Linus Torvalds
2018-04-04 16:17 ` Matthew Garrett
2018-04-04 6:56 ` Peter Dolding
2018-04-04 16:26 ` Matthew Garrett
2018-04-05 1:28 ` Peter Dolding
2018-04-04 1:30 ` Justin Forbes
2018-04-04 1:58 ` Linus Torvalds
2018-04-04 1:36 ` Justin Forbes
2018-04-04 0:17 ` Jann Horn
2018-04-04 0:23 ` Andy Lutomirski
2018-04-04 8:05 ` David Howells
2018-04-04 14:35 ` Andy Lutomirski
2018-04-04 14:44 ` David Howells
2018-04-04 15:43 ` Eric W. Biederman
2018-04-03 23:56 ` David Howells
2018-04-03 23:58 ` Linus Torvalds
2018-04-03 23:39 ` David Howells
2018-04-03 23:48 ` Andy Lutomirski
2018-04-08 8:23 ` Pavel Machek
2018-04-03 23:12 ` David Howells
2018-04-03 23:27 ` Linus Torvalds
2018-04-03 23:42 ` Andy Lutomirski
2018-04-03 20:53 ` Linus Torvalds
2018-04-03 20:54 ` Matthew Garrett
2018-04-03 21:01 ` Linus Torvalds
2018-04-03 21:08 ` Matthew Garrett
2018-04-03 21:21 ` Al Viro
2018-04-03 21:37 ` Matthew Garrett
2018-04-03 21:26 ` Linus Torvalds
2018-04-03 21:32 ` Matthew Garrett
2018-04-08 8:10 ` Pavel Machek
2018-03-31 10:20 ` David Howells
2018-04-03 13:25 ` Ard Biesheuvel
2018-04-03 21:48 ` James Morris
2018-04-05 17:53 ` Alan Cox
2018-11-21 12:05 ` [PATCH next-lockdown 0/1] debugfs EPERM fix for 'Kernel lockdown for secure boot' patch series Vasily Gorbik
2018-11-21 12:05 ` [PATCH next-lockdown 1/1] debugfs: avoid EPERM when no open file operation defined Vasily Gorbik
-- strict thread matches above, loose matches on Subject: below --
2018-04-04 2:34 [GIT PULL] Kernel lockdown for secure boot Alexei Starovoitov
2018-04-04 4:31 ` Matthew Garrett
2018-04-08 7:44 ` joeyli
2018-04-08 8:07 ` joeyli
2018-04-09 3:40 ` Alexei Starovoitov
2018-04-09 8:14 ` Daniel Borkmann
2018-04-09 13:55 ` joeyli
2017-10-26 16:37 David Howells
2017-10-26 18:22 ` Mimi Zohar
2017-10-26 19:20 ` James Morris
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CALCETrV6E+r942K+fu-ALNf-x6qOZ3o1hNKGeu7qEMvr8sMP9A@mail.gmail.com \
--to=luto@kernel.org \
--cc=ard.biesheuvel@linaro.org \
--cc=dhowells@redhat.com \
--cc=gnomes@lxorguk.ukuu.org.uk \
--cc=gregkh@linuxfoundation.org \
--cc=jforbes@redhat.com \
--cc=jlee@suse.com \
--cc=jmorris@namei.org \
--cc=keescook@chromium.org \
--cc=linux-api@vger.kernel.org \
--cc=linux-efi@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-man@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=mjg59@google.com \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).