[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH] docs: UEFI Secure Boot security policy

To: Stefano Stabellini <sstabellini@xxxxxxxxxx>
From: Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>
Date: Fri, 20 Jun 2025 00:06:08 +0200
Cc: Ross Lagerwall <ross.lagerwall@xxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>, Anthony PERARD <anthony.perard@xxxxxxxxxx>, Michal Orzel <michal.orzel@xxxxxxx>, Jan Beulich <jbeulich@xxxxxxxx>, Julien Grall <julien@xxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, security@xxxxxxx, Juergen Gross <jgross@xxxxxxxx>, Trammell Hudson <hudson@xxxxxxxx>, Frediano Ziglio <frediano.ziglio@xxxxxxxxx>, Gerald Elder-Vass <gerald.elder-vass@xxxxxxxxx>, Kevin Lampis <kevin.lampis@xxxxxxxxx>
Delivery-date: Thu, 19 Jun 2025 22:06:33 +0000
Feedback-id: i1568416f:Fastmail
List-id: Xen developer discussion <xen-devel.lists.xenproject.org>

On Thu, Jun 19, 2025 at 12:56:12PM -0700, Stefano Stabellini wrote:
> On Thu, 19 Jun 2025, Marek Marczykowski-Górecki wrote:
> > On Thu, Jun 19, 2025 at 03:16:51PM +0100, Ross Lagerwall wrote:
> > > I think a section on PCI passthrough is also warranted. i.e. preventing 
> > > misuse
> > > of a device to exploit Secure Boot.
> > 
> > While I agree it makes sense, I wonder if it's in scope for UEFI
> > Secure Boot as defined by Microsoft? It may have implication for example
> > on PCI passthrough to a PV domains.
> 
> If we bring DomUs into the discussion, then I think we need to make a
> distinction between predefined DomUs, which could have signatures
> verified by Secure Boot (such as Dom0 and hyperlaunch/dom0less guests),
> and other dynamically created DomUs which could be fetched from the
> network and potentially started without signature verification or prior
> knowledge.

I think it's mostly not about what's running inside domU, but what such
domU has access to. The obvious part is enforcing IOMMU configuration so
that domU cannot use a PCI device as a proxy to modify hypervisor (or
dom0) code. But there may be more subtleties like access to specific
devices (HECI? SPI?).
Anyway, lets figure out first _if_ we need to do something about this
topic, and only then worry how.

-- 
Best Regards,
Marek Marczykowski-Górecki
Invisible Things Lab

Attachment: signature.asc
Description: PGP signature

Follow-Ups:
- Re: [PATCH] docs: UEFI Secure Boot security policy
  - From: Ross Lagerwall

References:
- [PATCH] docs: UEFI Secure Boot security policy
  - From: Andrew Cooper
- Re: [PATCH] docs: UEFI Secure Boot security policy
  - From: Ross Lagerwall
- Re: [PATCH] docs: UEFI Secure Boot security policy
  - From: Marek Marczykowski-Górecki
- Re: [PATCH] docs: UEFI Secure Boot security policy
  - From: Stefano Stabellini

Prev by Date: Re: [PATCH] docs: UEFI Secure Boot security policy
Next by Date: Re: [PATCH] xen/xenbus: fix W=1 build warning in xenbus_va_dev_error function
Previous by thread: Re: [PATCH] docs: UEFI Secure Boot security policy
Next by thread: Re: [PATCH] docs: UEFI Secure Boot security policy
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.