Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure boot to kernel #474

Open
wants to merge 16 commits into
base: master
Choose a base branch
from
Open

Secure boot to kernel #474

wants to merge 16 commits into from

Conversation

roblabla
Copy link
Member

Automatically creates a secure boot image that starts at the flash firmware (OVMF) and verifies the bootloader, which in turn verifies the bootstrap, kernel and KIPs.

Long term, we'll replace GRUB (and PGP) with our own bootloader (See #468) but in the meantime, this gets us some very good security memes.

@todo
Copy link

todo bot commented Sep 16, 2019

Integrate secureboot key generation into setup-ovmf.

Secure boot keygen depends on openssl, efitools and sed - none of which are available on windows. We should integrate it all into the gen-secureboot-keys tool.

SunriseOS/Makefile.toml

Lines 88 to 98 in 9cec331

# TODO: Integrate secureboot key generation into setup-ovmf.
# BODY: Secure boot keygen depends on openssl, efitools and sed - none of which
# BODY: are available on windows. We should integrate it all into the
# BODY: gen-secureboot-keys tool.
openssl req -new -x509 -newkey rsa:2048 -subj "/CN=SecureBoot Platform Key/" -outform PEM -keyout target/keys/PK.key -out target/keys/PK.crt -nodes -sha256
# Random UUID chosen by fair dice roll.
cert-to-efi-sig-list -g "6270c1f5-7f36-4239-8be0-b617d586e07e" target/keys/PK.crt target/keys/PK.esl
# Not a random UUID. This is used by OVMF to detect the PK.crt in the SMBIOS
# type 11 strings.

This comment was generated by todo based on a TODO comment in 9cec331 in #474. cc @roblabla.

marysaka
marysaka approved these changes Sep 17, 2019
View reviewed changes
Copy link
Member

@marysaka marysaka left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm

Orycterope
Orycterope approved these changes Oct 16, 2019
View reviewed changes
bootstrap/src/main.rs
@@ -149,10 +149,11 @@ pub extern "C" fn do_bootstrap(multiboot_info_addr: usize) -> ! {

// Move the multiboot_header to a single page in kernel space. This simplifies some
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Well then it's not a single page, innit ?

@roblabla
Fix get_process_id... oops
3667c81
@roblabla
libuser: Finish implementing cloning.
b4d4543
@roblabla
Loader: Split process creation from process start.
3accf5c 
Allows doing some initialization based on the pid before starting a
process. For instance, a future commit will allow setting up the
stdin/out/err pipes before starting the process.
@roblabla
Implement twili
b9d2b62 
Twili, also known as the pipe manager (which is not pm), allows passing
stdin/stdout/stderr pipes to various sub-process. It is also responsible
for passing data around in the "dumb" pipes (basically unix pipes). It
has a generic interface, IPipe, that is implemented by those dumb pipes,
but also by vi Terminals and, eventually, fs Files.
@roblabla
Makefile: Build all nostd binaries together in one go
19b7699
@roblabla
update rust from rust_sunrise sunrise
5c51e19
@roblabla
Implement Ctrl+D to escape cat hell
84426cb
@roblabla
Fix clippy
2185826
@roblabla
Bootstrap: Support multi-page Multiboot
eba08ed 
When booting from UEFI, multiboot infos are a lot bigger for whatever
reason. They're so much bigger, they span multiple pages! As such,
bootstrap now accepts multiple pages for the multiboot. The kernel
already allows multi-page multiboot infos (it tells the frame allocator
to reserve the whole multiboot info region).
@roblabla
Disk Initializer: Enforce priority with conflicts.
1048ed3 
When disk initializer sees two conflicting files, it will now chose the
earliest file instead of panicking.
@roblabla
Add an OVMF_VARS generator
8ead8ec
@roblabla
Build: Make disk/iso rules copy binaries to target
7a6cdcb 
We should strive to keep the source directory clean, and only copy stuff
in the target/ directory. It keeps the gitignore simpler, and simplifies
a bunch of other things. So now we copy the binaries to
target/isofiles/boot instead.
@roblabla
Implement secure boot to kernel+kip using GRUB.
c2e9081
@roblabla
Test disk-secure on github-actions
33bd9d9 
Only run it on linux for now.
@roblabla
Add console to terminal_output
c016ea6
@roblabla
Fix clippy
a78e008
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Orycterope Orycterope Orycterope approved these changes

@marysaka marysaka marysaka approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@roblabla @marysaka @Orycterope