Secure Boot

Reading List

• uBoot
  • http://www.denx-cs.de/doku/?q=m28verifiedboot
  • https://github.com/ckuethe/uboot-denx/tree/master/doc/uImage.FIT
  • https://github.com/ckuethe/uboot-denx/blob/master/doc/README.mxc_hab
  • https://github.com/ckuethe/uboot-denx/blob/master/doc/README.odroid
  • U-Boot_verified_RSA_boot_flow_on_arm_target.pdf
  • http://lwn.net/Articles/571031/
  • http://events.linuxfoundation.org/sites/events/files/slides/elce-2014.pdf
• i.MX HAB
  • https://community.freescale.com/docs/DOC-96451
  • https://community.freescale.com/docs/DOC-96409
  • https://community.freescale.com/thread/264827
  • http://boundarydevices.com/secure-boot-on-i-mx6-nitrogen6x-boards/
  • http://cache.freescale.com/files/32bit/doc/app_note/AN4581.pdf
  • http://bunniefoo.com/novena/IMX6DQ6SDLSRM_security.pdf
  • http://www.edlangley.co.uk/blog/2014/06/rescuing-bricked-secure-mode-i.mx6/
  • 0328-ENGR00217417-MX6-Provide-Secure-Boot-releated-config.patch
  • 0376-ENGR00000000-secure-boot-add-support-for-V2012-Secur.patch
• dm-verity
  • http://lwn.net/Articles/459420/
  • https://code.google.com/p/cryptsetup/wiki/DMVerity
  • https://www.kernel.org/doc/Documentation/device-mapper/verity.txt
  • http://nelenkov.blogspot.com/2014/05/using-kitkat-verified-boot.html?m=1
  • http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/tree/Documentation/device-mapper/verity.txt
  • http://askubuntu.com/questions/109413/how-do-i-use-overlayfs
  • https://github.com/torvalds/linux/commit/e9be9d5e76e34872f0c37d72e25bc27fe9e2c54c
  • http://www.chromium.org/chromium-os/chromiumos-design-docs
  • http://comments.gmane.org/gmane.linux.kernel.device-mapper.dm-crypt/7392
  • https://github.com/mkdesu/liberte/blob/master/src/root/initrd/init
  • https://source.android.com/devices/tech/security/secureboot/index.html
• Linux Binary Signing
  • http://www.phoronix.com/scan.php?page=news_item&px=MTI3NTY
  • http://lwn.net/Articles/532778/
  • http://www.jukie.net/~bart/elfpgp/
  • http://blog.codenoise.com/signelf-digitally-signing-elf-binaries
  • https://github.com/digsig-ng
• Failure modes
  • http://blog.azimuthsecurity.com/2013/04/unlocking-motorola-bootloader.html

Ideas

• get a working system with CONFIG_FIT_SIGNATURE in uboot. make sandbox_config
• do some stuff to make and test a signed FIT. See vboot_test.sh
• can QEMU emulate high assurance boot? No.
• how to boot a disk image through uboot? qemu -sd sd.img -kernel u-boot.elf ...
• can uboot load a verified initrd, embedded in the FIT? ???
• how to verify disk integrity? dm-verity
• how to sign userland? signelf
• how to execute only signed userland? ???

Protection Layers?

• user - loads hash of trusted keys into HABv4 PROM
• user - only signs bootloaders that use verified boot and disallow configuration change
• user - only signs kernel images that use dm-verity
• user - builds and signs approved rootfs image
• user - only signs trusted userland binaries
• processor/HABv4 - checks that bootloader is signed by trusted key
• processor/HABv4 - encrypted boot?
• processor/Trustzone - provides virtualized encrypted microsd to all other layers?
• processor/SAHARAv4 - worth it to use hardware supported ciphers/hashes?
• bootloader - uses verified boot, only a properly signed image will be booted
• bootloader - prevents runtime configuration changes somehow?
• bootloader - does not read environment from untrusted disk?
• bootloader - do something with complex signed FIT images to package approved configurations
• kernel - uses dm-verity to ensure that rootfs does not deviate from shipped image
• kernel - uses elfsign to ensure that only signed executables can be run
• kernel - MAC frameworks like Selinux, AppArmor, FLASK, etc?
• kernel - full disk encryption
• userland - dedicated partition for various purposes
• userland - per-user encrypted home
• userland - disallow interpreters (LOLWUT)

Partition Layout ?

/         /dev/mmcblk0p1 ext4     size=512M,ro,verity               #rootfs, read-only
/         /dev/mmcblk0p2 ext4     size=2048M,rw,nodev,union         #overlay, for new binaries, updates, etc.
/etc      /dev/mmcblk0p3 ext4     size=32M,rw,nodev,noexec,union    #overlay, just for system configuration
/tmp      /dev/mmcblk0p5 ext4     size=512M,rw,nodev,noexec,encrypt # randomly keyed encrypted /tmp
/var/tmp  /tmp           bind     defaults                          # reuse /tmp
/home     /dev/mmcblk0p6 ext4     rw,nodev,nosuid
/dev      none           devtmpfs defaults
/proc     none           procfs   defaults
/sys      none           sysfs    defaults

http://wiki.openwrt.org/doc/techref/flash.layout