[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] Xen.efi and secure boot
>>> On 26.11.12 at 18:57, George Dunlap <dunlapg@xxxxxxxxx> wrote: > So while doing a bit of investigation into a request that we have > instructions for how to sign a Xen binary, I came across a related pair of > questions. If we boot from a signed Xen binary, then: > 1. Will Xen then successfully boot a signed dom0 kernel / initrd? > 2. Will Xen fail to boot an unsigned dom0 kernel / initrd? > > I think if Xen is signed, then ideally we want both 1 and 2 to be true, > right? Not necessarily: With the shim approach that most people now seem to agree to, it would depend on whether xen.efi actually got loaded directly or through the shim. When loaded through the shim, both ought to be true. If loaded without the shim, whether Xen is signed doesn't matter, and hence whether the Dom0 kernel image is signed shouldn't matter either. The grub2 code I just looked at doesn't verify the initrd btw, that's apparently left to the kernel. > Does UEFI provide a way to check the signature of files? Does > it happen automatically, or would we need to add extra support? > Or would we need to embed a public key within the Xen binary > and have Xen check the signatures of files that it reads? No, that's what the shim is actually for - it publishes a suitable, trivial protocol. Adding the verification step has turned out to require 19 added lines, so pretty trivial. I didn't look into what additional data Dom0 may need access to, yet. Jan _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx http://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |