Configuring for secure boot

Configuring for secure boot

[Christian Eggers]

Board: phytec-som-imx6

I need to configure barebox in a way, that a malicious attacker can not break
into the system. It looks like I need to perform the following steps:

1. Enforce signature verification of FIT image
--> CONFIG_BOOTM_FORCE_SIGNED_IMAGES

2. Prevent manipulation of the saved environment in flash
--> Do not load any environment settings from flash, only use compiled in
default environment.
--> Remove / permanently disable "barebox,environment" node in device-tree?
--> Compile without CONFIG_OF_BAREBOX_DRIVERS?

3. Prevent access to the barebox shell
--> CONFIG_CMD_LOGIN?
--> CONFIG_SHELL_NONE?

What is the best way to prevent (offline) manipulation of the barebox
environment? What is the best way to block the shell access?

regards
Christian



________________________________
 [http://assets.arri.com/media/sign/2019-12-13a-ARRI-E-mail-Signatur-Parkstadt.jpg] <https://www.google.com/maps/place/Herbert-Bayer-Stra%C3%9Fe+10,+80807+M%C3%BCnchen/data=!4m2!3m1!1s0x479e74379489f045:0x4bbf0c7a9e893d66?sa=X&ved=2ahUKEwjjvdSlh8TmAhWIp4sKHe3vDlQQ8gEwAHoECAsQAQ>

Get all the latest information from www.arri.com<https://www.arri.com/>, Facebook<https://www.facebook.com/TeamARRI>, Twitter<https://twitter.com/ARRIChannel>, Instagram<https://instagram.com/arri> and YouTube<https://www.youtube.com/user/ARRIChannel>.

Arnold & Richter Cine Technik GmbH & Co. Betriebs KG
Sitz: München - Registergericht: Amtsgericht München - Handelsregisternummer: HRA 57918
Persönlich haftender Gesellschafter: Arnold & Richter Cine Technik GmbH
Sitz: München - Registergericht: Amtsgericht München - Handelsregisternummer: HRB 54477
Geschäftsführer: Dr. Michael Neuhäuser; Stephan Schenk; Walter Trauninger; Markus Zeiler

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: Configuring for secure boot

[Sascha Hauer]

Hi Christian,

On Mon, Jan 20, 2020 at 05:38:36PM +0100, Christian Eggers wrote:
> Board: phytec-som-imx6
> 
> I need to configure barebox in a way, that a malicious attacker can not break
> into the system. It looks like I need to perform the following steps:
> 
> 1. Enforce signature verification of FIT image
> --> CONFIG_BOOTM_FORCE_SIGNED_IMAGES

Yes.

> 
> 2. Prevent manipulation of the saved environment in flash
> --> Do not load any environment settings from flash, only use compiled in
> default environment.
> --> Remove / permanently disable "barebox,environment" node in device-tree?
> --> Compile without CONFIG_OF_BAREBOX_DRIVERS?

Disable CONFIG_ENV_HANDLING, that alone is sufficient.

> 
> 3. Prevent access to the barebox shell
> --> CONFIG_CMD_LOGIN?
> --> CONFIG_SHELL_NONE?

I wouldn't trust CONFIG_CMD_LOGIN that much. If you do, at least make
sure to use a safe hash function for the password, i.e. not the default
md5.
Disabling the shell entirely with CONFIG_SHELL_NONE is the best you can
do. This also forces you to program your boot process in C which helps
you to get a well defined boot without diving into potentially unsafe
shell commands.

To state the obvious, you have to enable HAB support, sign your barebox
images and burn the necessary fuses to forbid loading unsigned images.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: Configuring for secure boot

[Ahmad Fatoum]

Hello,

On 1/20/20 8:53 PM, Sascha Hauer wrote:
> Disabling the shell entirely with CONFIG_SHELL_NONE is the best you can
> do. This also forces you to program your boot process in C which helps
> you to get a well defined boot without diving into potentially unsafe
> shell commands.
> 
> To state the obvious, you have to enable HAB support, sign your barebox
> images and burn the necessary fuses to forbid loading unsigned images.

I think it would be great to have a CONFIG_LOCKDOWN option that has inverse
dependencies on the stuff that should not be enabled and normal dependencies
on the stuff that should be. Such a CONFIG_LOCKDOWN barebox can then be used in
secure boot scenarios or for fuzzing efforts.

Thoughts?

> 
> Sascha
> 

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: Configuring for secure boot

[Sascha Hauer]

On Tue, Jan 21, 2020 at 11:52:02AM +0100, Ahmad Fatoum wrote:
> Hello,
> 
> On 1/20/20 8:53 PM, Sascha Hauer wrote:
> > Disabling the shell entirely with CONFIG_SHELL_NONE is the best you can
> > do. This also forces you to program your boot process in C which helps
> > you to get a well defined boot without diving into potentially unsafe
> > shell commands.
> > 
> > To state the obvious, you have to enable HAB support, sign your barebox
> > images and burn the necessary fuses to forbid loading unsigned images.
> 
> I think it would be great to have a CONFIG_LOCKDOWN option that has inverse
> dependencies on the stuff that should not be enabled and normal dependencies
> on the stuff that should be. Such a CONFIG_LOCKDOWN barebox can then be used in
> secure boot scenarios or for fuzzing efforts.
> 
> Thoughts?

I don't think this is feasible. There are too many different expectations
what is secure and what is not. loadenv/saveenv might be desired at some
point (at least when we add signing support), for others it's a no-go.
Some accept the potential security risk of having a shell, others don't.
You might want to build a device which can boot in a secure mode with
signed kernels only, or alternatively any other kernel after dropping
the security privileges in the CAAM or whatever. That's just some
examples off the top of my head, there are surely more.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: Configuring for secure boot / Using bootchooser

[Christian Eggers]

Hi Sascha,

seems I ran into trouble (see below) with CONFIG_SHELL_NONE.

Am Montag, 20. Januar 2020, 20:53:51 CET schrieb Sascha Hauer:
> Hi Christian,
> 
> On Mon, Jan 20, 2020 at 05:38:36PM +0100, Christian Eggers wrote:
> > Board: phytec-som-imx6
> > 
> > I need to configure barebox in a way, that a malicious attacker can not
> > break into the system. It looks like I need to perform the following
> > steps:
> > 
> > 3. Prevent access to the barebox shell
> > --> CONFIG_CMD_LOGIN?
> > --> CONFIG_SHELL_NONE?
> 
> I wouldn't trust CONFIG_CMD_LOGIN that much. If you do, at least make
> sure to use a safe hash function for the password, i.e. not the default
> md5.
> Disabling the shell entirely with CONFIG_SHELL_NONE is the best you can
> do. This also forces you to program your boot process in C which helps
> you to get a well defined boot without diving into potentially unsafe
> shell commands.

I've tried to implement my boot process in C. Attaching the MTD partition to 
UBI and directly calling bootm_data() looks straightforward and seems to work.

	bootm_data_init_defaults(&data);
	data.os_file = "/dev/nand0.root.ubi.kernel";

	ret = bootm_boot(&data);
	if (ret) {
		printf("handler failed with: %s\n", strerror(-ret));
		goto error_return;
	}

Now I'm trying to integrate bootchooser. My first attempt was to call 
bootchooser directly from my barebox_main:

	bc = bootchooser_get();
	if (IS_ERR(bc))
		return PTR_ERR(bc);

	ret = bootchooser_boot(bc);

	bootchooser_put(bc);

Unfortunately this doesn't work, because there is no boot provider available 
for booting the result of bootchooser (e.g. "nand0.root.ubi.kernel").

From the documentation of the "boot" command, this should be possible:

----------------8<---------------
BAREBOX_CMD_HELP_TEXT("BOOTSRC can be:")
BAREBOX_CMD_HELP_TEXT("- a filename under /env/boot/")
BAREBOX_CMD_HELP_TEXT("- a full path to a boot script")
BAREBOX_CMD_HELP_TEXT("- a device name")   
BAREBOX_CMD_HELP_TEXT("- a partition name under /dev/")  <---- tried this one
BAREBOX_CMD_HELP_TEXT("- a full path to a directory which")
BAREBOX_CMD_HELP_TEXT("   - contains boot scripts, or")
BAREBOX_CMD_HELP_TEXT("   - contains a loader/entries/ directory containing 
bootspec entries")
---------------->8---------------

Looking into bootentry_create_from_name() I didn't find how booting from "a 
device name" or "a partition name" can work.

Also using the shell doesn't help:
----------------8<---------------
barebox:/ boot nand0.root.ubi.kernel
Nothing bootable found on 'nand0.root.ubi.kernel'
Nothing bootable found
---------------->8---------------
So I'm able to run bootm_boot() directly from C, but I've not found a way to 
boot indirectly via bootchooser.

Any hints how I can use bootchooser from my own barebox_main() with 
CONFIG_SHELL_NONE?




_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: Configuring for secure boot / Using bootchooser

[Sascha Hauer]

On Thu, Jan 23, 2020 at 11:29:41AM +0100, Christian Eggers wrote:
> Hi Sascha,
> 
> seems I ran into trouble (see below) with CONFIG_SHELL_NONE.
> 
> Am Montag, 20. Januar 2020, 20:53:51 CET schrieb Sascha Hauer:
> > Hi Christian,
> >
> > On Mon, Jan 20, 2020 at 05:38:36PM +0100, Christian Eggers wrote:
> > > Board: phytec-som-imx6
> > >
> > > I need to configure barebox in a way, that a malicious attacker can not
> > > break into the system. It looks like I need to perform the following
> > > steps:
> > >
> > > 3. Prevent access to the barebox shell
> > > --> CONFIG_CMD_LOGIN?
> > > --> CONFIG_SHELL_NONE?
> >
> > I wouldn't trust CONFIG_CMD_LOGIN that much. If you do, at least make
> > sure to use a safe hash function for the password, i.e. not the default
> > md5.
> > Disabling the shell entirely with CONFIG_SHELL_NONE is the best you can
> > do. This also forces you to program your boot process in C which helps
> > you to get a well defined boot without diving into potentially unsafe
> > shell commands.
> 
> I've tried to implement my boot process in C. Attaching the MTD partition to
> UBI and directly calling bootm_data() looks straightforward and seems to work.
> 
>         bootm_data_init_defaults(&data);
>         data.os_file = "/dev/nand0.root.ubi.kernel";
> 
>         ret = bootm_boot(&data);
>         if (ret) {
>                 printf("handler failed with: %s\n", strerror(-ret));
>                 goto error_return;
>         }
> 
> Now I'm trying to integrate bootchooser. My first attempt was to call
> bootchooser directly from my barebox_main:
> 
>         bc = bootchooser_get();
>         if (IS_ERR(bc))
>                 return PTR_ERR(bc);
> 
>         ret = bootchooser_boot(bc);
> 
>         bootchooser_put(bc);
> 
> Unfortunately this doesn't work, because there is no boot provider available
> for booting the result of bootchooser (e.g. "nand0.root.ubi.kernel").
> 
> From the documentation of the "boot" command, this should be possible:
> 
> ----------------8<---------------
> BAREBOX_CMD_HELP_TEXT("BOOTSRC can be:")
> BAREBOX_CMD_HELP_TEXT("- a filename under /env/boot/")
> BAREBOX_CMD_HELP_TEXT("- a full path to a boot script")
> BAREBOX_CMD_HELP_TEXT("- a device name")
> BAREBOX_CMD_HELP_TEXT("- a partition name under /dev/")  <---- tried this one
> BAREBOX_CMD_HELP_TEXT("- a full path to a directory which")
> BAREBOX_CMD_HELP_TEXT("   - contains boot scripts, or")
> BAREBOX_CMD_HELP_TEXT("   - contains a loader/entries/ directory containing
> bootspec entries")
> ---------------->8---------------
> 
> Looking into bootentry_create_from_name() I didn't find how booting from "a
> device name" or "a partition name" can work.
> 
> Also using the shell doesn't help:
> ----------------8<---------------
> barebox:/ boot nand0.root.ubi.kernel
> Nothing bootable found on 'nand0.root.ubi.kernel'
> Nothing bootable found
> ---------------->8---------------
> So I'm able to run bootm_boot() directly from C, but I've not found a way to
> boot indirectly via bootchooser.
> 
> Any hints how I can use bootchooser from my own barebox_main() with
> CONFIG_SHELL_NONE?

Obviously anything involving shell scripts cannot work when no shell is
enabled. I suggest using bootloader spec (CONFIG_BLSPEC) to boot a
kernel. This works without shell support.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

[RFC PATCH] bootm: Register as bootentry provider

[Christian Eggers]

> Obviously anything involving shell scripts cannot work when no shell is
> enabled. I suggest using bootloader spec (CONFIG_BLSPEC) to boot a
> kernel. This works without shell support.

I would like to avoid using bootloader spec. The patch below works fine
for me. Do you think that this (or something similar) can be added to
barebox?


Support for "boot <device>". This is required for using bootchooser with
CONFIG_SHELL_NONE. In this case no boot scripts can be used, so the
device name of the flash partition containing the kernel image has to
provided.

Only enabled if CONFIG_BLSPEC is disabled.

Example: bootchooser.system0.boot=nand0.root.ubi.kernel0

Signed-off-by: Christian Eggers <ceggers@arri.de>
---
 common/bootm.c | 71 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 70 insertions(+), 1 deletion(-)

diff --git a/common/bootm.c b/common/bootm.c
index 366f31455..e880d3cab 100644
--- a/common/bootm.c
+++ b/common/bootm.c
@@ -12,6 +12,7 @@
  */
 
 #include <common.h>
+#include <boot.h>
 #include <bootm.h>
 #include <fs.h>
 #include <malloc.h>
@@ -721,6 +722,74 @@ err_out:
 	return ret;
 }
 
+#ifndef CONFIG_BLSPEC
+static int bootm_entry_boot(struct bootentry *entry, int verbose, int dryrun)
+{
+	struct bootm_data data = {};
+
+	bootm_data_init_defaults(&data);
+	data.os_file = entry->title;
+
+	return bootm_boot(&data);
+}
+
+static void bootm_release(struct bootentry *entry)
+{
+	free(entry);
+}
+
+/*
+ * bootm_scan_devicename - scan a hardware device for child cdevs
+ *
+ * Given a name of a hardware device this functions checks whether the device
+ * exists and add one booentries entry.
+ * Returns the number of entries found or a negative error code if some unexpected
+ * error occured.
+ */
+static int bootm_scan_devicename(struct bootentries *bootentries, const char *devname)
+{
+	struct cdev *cdev;
+
+	pr_debug("%s: %s\n", __func__, devname);
+
+	device_detect_by_name(devname);
+
+	cdev = cdev_by_name(devname);
+	if (cdev || get_device_by_name(devname)) {
+		struct bootentry *entry = xzalloc(sizeof(*entry));
+
+		entry->boot = bootm_entry_boot;
+		entry->release = bootm_release;
+		entry->title = basprintf("/dev/%s", devname);
+		entry->description = xstrdup(entry->title);
+
+		bootentries_add_entry(bootentries, entry);
+
+		return 1;
+	}
+
+	return -ENODEV;
+}
+
+static int bootm_bootentry_provider(struct bootentries *bootentries,
+				     const char *name)
+{
+	int ret, found = 0;
+
+	ret = bootm_scan_devicename(bootentries, name);
+	if (ret > 0)
+		found += ret;
+
+	return found;
+}
+#else   /* CONFIG_BLSPEC */
+static int bootm_bootentry_provider(struct bootentries *bootentries,
+				     const char *name)
+{
+	return 0;
+}
+#endif  /* CONFIG_BLSPEC */
+
 static int bootm_init(void)
 {
 	globalvar_add_simple("bootm.image", NULL);
@@ -742,7 +811,7 @@ static int bootm_init(void)
 	globalvar_add_simple_enum("bootm.verify", (unsigned int *)&bootm_verify_mode,
 				  bootm_verify_names, ARRAY_SIZE(bootm_verify_names));
 
-	return 0;
+	return bootentry_register_provider(bootm_bootentry_provider);
 }
 late_initcall(bootm_init);
 
-- 
Christian Eggers
Embedded software developer

Arnold & Richter Cine Technik GmbH & Co. Betriebs KG
Sitz: Muenchen - Registergericht: Amtsgericht Muenchen - Handelsregisternummer: HRA 57918
Persoenlich haftender Gesellschafter: Arnold & Richter Cine Technik GmbH
Sitz: Muenchen - Registergericht: Amtsgericht Muenchen - Handelsregisternummer: HRB 54477
Geschaeftsfuehrer: Dr. Michael Neuhaeuser; Stephan Schenk; Walter Trauninger; Markus Zeiler


_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [RFC PATCH] bootm: Register as bootentry provider

[Sascha Hauer]

On Mon, Jan 27, 2020 at 11:18:31AM +0100, Christian Eggers wrote:
> > Obviously anything involving shell scripts cannot work when no shell is
> > enabled. I suggest using bootloader spec (CONFIG_BLSPEC) to boot a
> > kernel. This works without shell support.
> 
> I would like to avoid using bootloader spec. The patch below works fine
> for me. Do you think that this (or something similar) can be added to
> barebox?
> 
> 
> Support for "boot <device>". This is required for using bootchooser with
> CONFIG_SHELL_NONE. In this case no boot scripts can be used, so the
> device name of the flash partition containing the kernel image has to
> provided.
> 
> Only enabled if CONFIG_BLSPEC is disabled.
> 
> Example: bootchooser.system0.boot=nand0.root.ubi.kernel0

you could leave bootchooser.system0.boot empty in which case bootchooser
tries to boot something called "system0".

Like in your patch below call bootentry_register_provider() from your
boardcode and put behind "system0" whatever you want.

I don't like interpreting a device name as a kernel image very much,
given that there's no possibility to also specify the devicetree and
commandline.

Another thing is that just enabling CONFIG_BLSPEC in a config shouldn't
prevent a board from booting. the "Only enabled if CONFIG_BLSPEC is
disabled" is not an option here.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox

Re: [RFC PATCH] bootm: Register as bootentry provider

[Christian Eggers]

Hi Sascha,

Am Montag, 27. Januar 2020, 13:49:38 CET schrieb Sascha Hauer:
> On Mon, Jan 27, 2020 at 11:18:31AM +0100, Christian Eggers wrote:
> > > Obviously anything involving shell scripts cannot work when no shell is
> > > enabled. I suggest using bootloader spec (CONFIG_BLSPEC) to boot a
> > > kernel. This works without shell support.
> >
> > I would like to avoid using bootloader spec. The patch below works fine
> > for me. Do you think that this (or something similar) can be added to
> > barebox?
> >
> >
> you could leave bootchooser.system0.boot empty in which case bootchooser
> tries to boot something called "system0".
>
> Like in your patch below call bootentry_register_provider() from your
> boardcode and put behind "system0" whatever you want.
works fine, thanks.

> I don't like interpreting a device name as a kernel image very much,
> given that there's no possibility to also specify the devicetree and
> commandline.
>
> Another thing is that just enabling CONFIG_BLSPEC in a config shouldn't
> prevent a board from booting. the "Only enabled if CONFIG_BLSPEC is
> disabled" is not an option here.
Agreed.

>
> Sascha

regards
Christian




_______________________________________________
barebox mailing list
barebox@lists.infradead.org
http://lists.infradead.org/mailman/listinfo/barebox