lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3E5A0FA7E9CA944F9D5414FEC6C712205594C20D@ORSMSX105.amr.corp.intel.com>
Date:	Thu, 11 Apr 2013 08:28:37 +0000
From:	"Yu, Fenghua" <fenghua.yu@...el.com>
To:	Thomas Renninger <trenn@...e.de>
CC:	Tang Chen <tangchen@...fujitsu.com>,
	Yinghai Lu <yinghai@...nel.org>,
	Thomas Gleixner <tglx@...utronix.de>,
	Ingo Molnar <mingo@...e.hu>, "H. Peter Anvin" <hpa@...or.com>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Tejun Heo <tj@...nel.org>,
	"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>
Subject: RE: Early microcode signing in secure boot environment -  Was: x86,
 microcode: Use common get_ramdisk_image()

> From: Thomas Renninger [mailto:trenn@...e.de]
> Sent: Thursday, April 11, 2013 12:32 AM
> On Wednesday, April 10, 2013 05:47:25 PM Yu, Fenghua wrote:
> > > -----Original Message-----
> > > From: Thomas Renninger [mailto:trenn@...e.de]
> > > Sent: Wednesday, April 10, 2013 12:41 AM
> > > Hello,
> > >
> > > On Wednesday, April 10, 2013 01:34:33 PM Tang Chen wrote:
> > > > On 04/05/2013 07:46 AM, Yinghai Lu wrote:
> > > > > Use common get_ramdisk_image() to get ramdisk start phys
> address.
> > > > >
> > > > > We need this to get correct ramdisk adress for 64bit bzImage
> that
> > > > > initrd can be loaded above 4G by kexec-tools.disk_size;
> > >
> > > don't know whether this question came up when this feature got
> > > submitted (if yes a pointer would be appreciated).
> > >
> > > Is there a concept how signed microcode can get verified when
> applied
> > > early,
> > > like it is done via firmware loader?
> > >
> > > If not, early microcode loading is not really usable in secure boot
> > > environment, right?
> >
> > The microcode is cryptographically authenticated by the CPU itself,
> so there
> > is no security issue related to early microcode loading.
> 
> So Intel HW is allowed to authenticate its firmware itself, bypassing
> the UEFI
> certificates...
> Does this apply for other vendors as well?
This should apply for other vendors as well as this is defined in X86 SDM.

> Does this apply to secure boot specification?
Secure boot can add another level of security because the early loaded
microcode is part of initrd and initrd is measured by secure boot.

> 
> Is this "cryptographically authenticated by the CPU itself" thing
> documented
> somewhere so that security people can double check that it is really
> secure?

X86 SDM defines that the second part of microcode update is the encrypted data.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ