[systemd-devel] why systemd-boot (seems as everyone else) does not check the signatures of initramfs?

Felix Rubio felix at kngnt.org
Wed May 24 14:20:05 UTC 2023 

Hi Andrei, Lennart

@Andrei: Do you think, then, that the same private key used for 
SecureBoot could be used for GPG signing the initramfs? That would be 
cool, as the whole boot signing infrastructure would still depend on a 
single entity.

@Lennart: I was thinking in using a private key for which I'd enroll the 
certificate in MOK (I mean, just following the standard use case for 
MOK).

Without having much idea about the code base of systemd-boot, I am 
willing to give it a try (to a GPG with private key from SB) provided 
you think is something the community might benefit from. What are your 
thoughts?

Regards,

-- 
Felix Rubio
"Don't believe what you're told. Double check."

On 2023-05-24 14:35, Lennart Poettering wrote:
> On Mi, 24.05.23 12:22, Felix Rubio (felix at kngnt.org) wrote:
> 
>> I agree that having a measured boot, that decrypts the system is a 
>> better
>> solution... but this is, correct me if wrong, still very green: There 
>> are
>> some approaches supported, but none of them seems to be structural: 
>> they
>> rely on the existence of a TPM, introduce additional dependencies on 
>> the
>> update process (when the kernel/initramfs changes the previous 
>> measurement
>> will not be correct anymore and needs to be updated), etc. On the 
>> other hand
>> UKI comes with its own challenges, and also forces the admin to 
>> rebuild the
>> UKI any time there is an update.
>> 
>> I feel there should be some middle point in which we do not have to 
>> rely on
>> a TPM and a fully measured system, but we can still make sure that the
>> initramfs is trusted. The question, then, is: Is this something that 
>> could
>> be supported in systemd-boot, or this is something that is considered 
>> to be
>> just out of scope?
> 
> As in the other mail: Which key do you intend to use for validation?
> 
> Note that in systemd git main there's already support for generating
> UKIs dynamically when a kernel RPM/DEB is installed (as long as the
> "kernel-install" infra is in use). It can be signed with a local key,
> that can be enrolled with MOK.
> 
> With that we make it reasonably easy to run a setup with a locally
> signed initrd – but it means that you'll get a MOK prompt during at
> least one boot.
> 
> Lennart
> 
> --
> Lennart Poettering, Berlin

More information about the systemd-devel mailing list