[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] Xen.efi and secure boot

  • To: Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx>
  • From: Alan Cox <alan@xxxxxxxxxxxxxxxxxxx>
  • Date: Mon, 26 Nov 2012 21:51:04 +0000
  • Cc: George Dunlap <dunlapg@xxxxxxxxx>, "Keir \(Xen.org\)" <keir@xxxxxxx>, Ian Campbell <Ian.Campbell@xxxxxxxxxx>, Jan Beulich <JBeulich@xxxxxxxx>, "xen-devel@xxxxxxxxxxxxx" <xen-devel@xxxxxxxxxxxxx>
  • Delivery-date: Mon, 26 Nov 2012 21:46:59 +0000
  • Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwBAMAAAClLOS0AAAAFVBMVEWysKsSBQMIAwIZCwj///8wIhxoRDXH9QHCAAABeUlEQVQ4jaXTvW7DIBAAYCQTzz2hdq+rdg494ZmBeE5KYHZjm/d/hJ6NfzBJpp5kRb5PHJwvMPMk2L9As5Y9AmYRBL+HAyJKeOU5aHRhsAAvORQ+UEgAvgddj/lwAXndw2laEDqA4x6KEBhjYRCg9tBFCOuJFxg2OKegbWjbsRTk8PPhKPD7HcRxB7cqhgBRp9Dcqs+B8v4CQvFdqeot3Kov6hBUn0AJitrzY+sgUuiA8i0r7+B3AfqKcN6t8M6HtqQ+AOoELCikgQSbgabKaJW3kn5lBs47JSGDhhLKDUh1UMipwwinMYPTBuIBjEclSaGZUk9hDlTb5sUTYN2SFFQuPe4Gox1X0FZOufjgBiV1Vls7b+GvK3SU4wfmcGo9rPPQzgIabfj4TYQo15k3bTHX9RIw/kniir5YbtJF4jkFG+dsDK1IgE413zAthU/vR2HVMmFUPIHTvF6jWCpFaGw/A3qWgnbxpSm9MSmY5b3pM1gvNc/gQfwBsGwF0VCtxZgAAAAASUVORK5CYII=
  • List-id: Xen developer discussion <xen-devel.lists.xen.org>

On Mon, 26 Nov 2012 20:12:04 +0000
Stefano Stabellini <stefano.stabellini@xxxxxxxxxxxxx> wrote:

> On Mon, 26 Nov 2012, George Dunlap wrote:
> > So while doing a bit of investigation into a request that we have 
> > instructions for how to sign a Xen binary, I came across a related pair of 
> > questions.  If we
> > boot from a signed Xen binary, then:
> > 1. Will Xen then successfully boot a signed dom0 kernel / initrd?
> > 2. Will Xen fail to boot an unsigned dom0 kernel / initrd?
> > 
> > I think if Xen is signed, then ideally we want both 1 and 2 to be true, 
> > right? 
> I think that you are right

I think you'd have to be out of your tree to try and sign Xen itself
using the MS setup - assuming you can ever get a key and get it to work
which seems to be an issue of its own.

You want to sign a small bootloader that is tightly auditable and do your
own key management within that for anything else. I would think you'd be
able to make use of the Linux bootloader work.

Better yet would be to take the entire sorry EFI and 'secure' boot mess
and kick it where the sun won't shine but alas that may be a challenge
until the PC manufacturers realise they can't handle the support costs of
things in the current state and fix it.

Xen-devel mailing list



Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.