secureboot

Signed-off-by: Holger Dengler <dengler@linutronix.de>

8 files changed, 506 insertions, 0 deletions

diff --git a/security/secureboot/Kconfig b/security/secureboot/Kconfig
new file mode 100644
index 0000000..088df3e
--- /dev/null
+++ b/security/secureboot/Kconfig
@@ -0,0 +1,6 @@
+config SECURITY_BOOT
+	bool "Linux Secureboot"
+	default y
+	help
+	 Content:
+	   - Secureboot
diff --git a/security/secureboot/Makefile b/security/secureboot/Makefile
new file mode 100644
index 0000000..fa556c4
--- /dev/null
+++ b/security/secureboot/Makefile
@@ -0,0 +1 @@
+obj-$(CONFIG_SECURITY_BOOT) += pres_secureboot.pdf
diff --git a/security/secureboot/frm_secboot_basics.tex b/security/secureboot/frm_secboot_basics.tex
new file mode 100644
index 0000000..d34d1c6
--- /dev/null
+++ b/security/secureboot/frm_secboot_basics.tex
@@ -0,0 +1,84 @@
+% ----------------------------
+\subsection{Basics}
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Motivation}
+Why do we talk about Secureboot?
+\begin{itemize}
+\item Protection
+ \begin{itemize}
+ \item Remote Access
+ \item Physical Access
+ \end{itemize}
+\item Support/Warranty
+\end{itemize}
+
+How do we get it?
+\begin{itemize}
+\item Solution: Code Integrity
+\item Implementation: Secureboot
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Data Integrity}
+ \begin{figure}[h]
+ \centering
+ \includegraphics[width=8cm]{images/data-hash-signature.png}
+ \end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Typical Boot Sequence}
+\begin{itemize}
+\item Power/Reset
+\item ROM Loader (load, execute BL)
+\item Bootloader (load, execute OS)
+\item Operating System (load, execute Application)
+\end{itemize}
+
+\begin{figure}[h]
+\centering
+\includegraphics[width=8cm]{images/bootseq_typical.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Secure Boot Sequence}
+\begin{itemize}
+\item Power/Reset
+\item ROM Loader (load, verify, execute BL)
+\item Bootloader (load, verify, execute OS)
+\item Operating System (load, verify, execute Application)
+\end{itemize}
+
+\begin{figure}[h]
+\centering
+\includegraphics[width=8cm]{images/bootseq_sec.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Secure Boot Sequence}
+\begin{itemize}
+\item Power/Reset
+\item ROM Loader
+ \begin{itemize}
+ \item Hardware Specific
+ \item e.g. High Assurance Boot v4 (i.mx6/7/8)
+ \end{itemize}
+\item Bootloader (u-boot)
+ \begin{itemize}
+ \item signed FIT Images
+ \end{itemize}
+\item Operating System (Linux)
+ \begin{itemize}
+ \item signed Modules
+ \item Filesystem Integrity
+ \end{itemize}
+\end{itemize}
+\end{frame}
diff --git a/security/secureboot/frm_secboot_hab.tex b/security/secureboot/frm_secboot_hab.tex
new file mode 100644
index 0000000..1d1c925
--- /dev/null
+++ b/security/secureboot/frm_secboot_hab.tex
@@ -0,0 +1,111 @@
+% ----------------------------
+\subsection{NXP High Assurance Boot (i.mx-Family)}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{i.mx Boot}
+\begin{itemize}
+\item High Assurance Boot (HAB)
+\item v4.x in i.mx6/7/8
+\item Boot-Image Verification
+\item Key-Hash in One-Time-Programmable (OTP) Memory/Fuses
+\item PKI:
+ \begin{itemize}
+ \item up to 4 Storage Root Keys (SRK)
+ \item separate Sequence and Image Key Trees
+ \item Field Key-Revoke possible (only SRK 0-2)
+ \item ECC (only for SRK-CA)
+ \end{itemize}
+\item Cryptographic Methods:
+ \begin{itemize}
+ \item sha256
+ \item RSA-4096
+ \item ECC (SRK CA only)
+ \end{itemize}
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{HAB Boot Image}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.5\textwidth}
+  \begin{itemize}
+  \item Image Vector Table
+  \item Device Configuration Data
+  \item Bootloader
+  \item opt.: Command Sequence
+  \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+  \begin{figure}[h]
+  \centering
+  \includegraphics[width=6cm]{images/imx-hab-image.png}
+  \end{figure}
+ \end{column}
+\end{columns}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{HAB Boot Sequence}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.5\textwidth}
+  \begin{enumerate}
+  \begin{scriptsize}
+  \item configure HAB
+  \item verify SRK Table
+  \item process Command Sequence \\
+        (unprotected part)
+   \begin{enumerate}
+   \begin{scriptsize}
+   \item install single SRK PubK
+   \item verify CSFK Certificate \\
+         (w/ installed SRK)
+   \item install CSFK PubK
+   \item verify protected CSF Part \\
+         (w/ installed CSFK)
+   \end{scriptsize}
+   \end{enumerate}
+  \item process Command Sequence \\
+        (protected part)
+   \begin{enumerate}
+   \begin{scriptsize}
+   \item configure Crypt-Infrastructure
+   \item verify IMGK Certificate \\
+         (w/ installed SRK)
+   \item install IMGK PubK
+   \item verify Image \\
+         (w/ installed IMGK)
+   \item execute Image
+   \end{scriptsize}
+   \end{enumerate}
+  \end{scriptsize}
+  \end{enumerate}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+  \begin{figure}[h]
+  \centering
+  \includegraphics[width=3cm]{images/imx-hab-csf.png}
+  \end{figure}
+ \end{column}
+\end{columns}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{HAB: SRK Table Verification}
+ \begin{figure}[h]
+ \centering
+ \includegraphics[width=7cm]{images/imx-hab-verifysrk.png}
+ \end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{HAB: Key Hierarchy}
+ \begin{figure}[h]
+ \centering
+ \includegraphics[width=8cm]{images/imx-hab-keyhierarchy.png}
+ \end{figure}
+\end{frame}
diff --git a/security/secureboot/frm_secboot_linux.tex b/security/secureboot/frm_secboot_linux.tex
new file mode 100644
index 0000000..73364ee
--- /dev/null
+++ b/security/secureboot/frm_secboot_linux.tex
@@ -0,0 +1,25 @@
+% ----------------------------
+\subsection{Linux}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Linux Integrity Targets}
+\begin{itemize}
+\item Kernel Parameters
+ \begin{itemize}
+ \item Append only
+ \item Devicetree
+ \end{itemize}
+\item Signed Modules (enforced)
+\item Filesystem Integrity
+ \begin{itemize}
+ \item IMA/EVM: Hash/Signature per File
+ \item dm-verity: Hashtree per Block-Device
+ \end{itemize}
+\item Mandatory Access Control
+ \begin{itemize}
+ \item SELinux/SMACK
+ \item Tomoyo/AppArmor
+ \end{itemize}
+\end{itemize}
+\end{frame}
diff --git a/security/secureboot/frm_secboot_u-boot.tex b/security/secureboot/frm_secboot_u-boot.tex
new file mode 100644
index 0000000..18c0646
--- /dev/null
+++ b/security/secureboot/frm_secboot_u-boot.tex
@@ -0,0 +1,159 @@
+% ----------------------------
+\subsection{U-Boot Integrity}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{U-Boot Responsibilities}
+\begin{itemize}
+\item initialize CPU
+\item initialize Peripherals
+\item prepare Linux Kernel Parameter (cmdline)
+\item load Kernel/Devicetree/InitramFS Images (bootm/bootz)
+\item opt.: U-Boot Command Line interactions
+\end{itemize}
+\end{frame}
+
+\begin{frame}[fragile]
+\frametitle{U-Boot Integrity check}
+\begin{itemize}
+\item Image Signature checks
+\item Basic Feature available since v2013.04
+\item Supported in U-Boot and SPL
+\item Algorithms
+ \begin{itemize}
+ \item sha1 (note: not recommended anymore)
+ \item sha2
+ \item RSA, keylength 2048 and 4096 bit
+ \end{itemize}
+\item Keyring
+ \begin{itemize}
+ \item pre-calculated Key
+ \item used Algorithm
+ \item build from external DTB
+ \end{itemize}
+\item Protected commands
+ \begin{itemize}
+ \item bootm (FIT Images only)
+ \item bootz disabled
+ \end{itemize}
+\item Protected Data
+ \begin{itemize}
+ \item Kernel Image (Image or zImage)
+ \item Devicetree
+ \item InitramFS
+ \end{itemize}
+\end{itemize}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Configuration}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.40\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{defconfig}
+ \begin{scriptsize}
+ \begin{verbatim}
+CONFIG_FIT=y
+CONFIG_FIT_VERBOSE=y
+CONFIG_FIT_SIGNATURE=y
+CONFIG_SECURE_BOOT=y
+CONFIG_OF_CONTROL=y
+ \end{verbatim}
+ \end{scriptsize}
+ \end{beamerboxesrounded}
+ \end{column}
+ \begin{column}{0.50\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{Keyring DT}
+ \begin{scriptsize}
+ \begin{verbatim}
+/dts-v1/;
+/ {
+    model = "u-boot keystore";
+    compatible = "linutronix,imx7d";
+    signature {
+        image-policy {
+            required = "conf";
+            algo = "sha256,rsa4096";
+        };
+
+        keystore {
+            rsa,r-squared  = < [...] >;
+            rsa,modulus    = < [...] >;
+            rsa,exponent   = < [...] >;
+            rsa,n0-inverse = < [...] >;
+            rsa,num-bits   = < [...] >;
+            key-name-hint  = "mx7-secboot";
+        };
+    };
+};
+ \end{verbatim}
+ \end{scriptsize}
+ \end{beamerboxesrounded}
+ \end{column}
+\end{columns}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{FIT Image Generation}
+\begin{columns}[onlytextwidth]
+\begin{column}{0.45\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{Images}
+ \begin{scriptsize}
+ \begin{verbatim}
+images {
+  kernel@1 {
+    description = "imx7d Kernel";
+    data = /incbin/("zImage");
+    type = "kernel";
+    [...]
+    hash@1 {
+      algo = "sha256";
+    };
+  };
+  fdt@1 {
+    description = "phytec-zeta DTB";
+    data = /incbin/("imx7d-zeta.dtb");
+    type = "flat_dt";
+    [...]
+    hash@1 {
+      algo = "sha256";
+    };
+  };
+};
+ \end{verbatim}
+ \end{scriptsize}
+ \end{beamerboxesrounded}
+\end{column}
+\begin{column}{0.50\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{Configurations}
+ \begin{scriptsize}
+ \begin{verbatim}
+configurations {
+  default = "conf@1";
+  conf@1 {
+    description = "Linux imx7d phytec-zeta";
+    kernel = "kernel@1";
+    fdt = "fdt@1";
+    signature@1 {
+      algo = "sha256,rsa4096";
+      key-name-hint = "mx7-secboot";
+      sign-images = "fdt", "kernel";
+    };
+  };
+};
+ \end{verbatim}
+ \end{scriptsize}
+ \end{beamerboxesrounded}
+\end{column}
+\end{columns}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{Verification in System-Context}
+\begin{figure}[h]
+\centering
+\includegraphics[width=8cm]{images/uboot-fit.png}
+\end{figure}
+\end{frame}
diff --git a/security/secureboot/frm_template.tex b/security/secureboot/frm_template.tex
new file mode 100644
index 0000000..2c6e7b4
--- /dev/null
+++ b/security/secureboot/frm_template.tex
@@ -0,0 +1,92 @@
+% ----------------------------
+\subsubsection{templates}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{template list}
+\begin{itemize}
+\end{itemize}
+\begin{verbatim}
+\end{verbatim}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{template graphic}
+ \begin{figure}[h]
+ \centering
+ \includegraphics[width=8cm]{/path/to/image}
+ \end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{template 2-columns}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.5\textwidth}
+  \begin{itemize}
+  \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+  \begin{itemize}
+  \end{itemize}
+ \end{column}
+\end{columns}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{template 2-columns list/picture}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.5\textwidth}
+  \begin{itemize}
+  \end{itemize}
+ \end{column}
+ \begin{column}{0.5\textwidth}
+  \begin{figure}[h]
+  \centering
+  \includegraphics[width=7cm]{/path/to/image}
+  \end{figure}
+ \end{column}
+\end{columns}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{}
+\begin{figure}[h]
+\centering
+\includegraphics[width=8cm]{images/cap_trans_execve.png}
+\end{figure}
+\end{frame}
+
+% ----------------------------
+\begin{frame}[fragile]
+\frametitle{template 2-column box/code}
+\begin{columns}[onlytextwidth]
+ \begin{column}{0.45\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{template box}
+ \begin{scriptsize}
+ \begin{verbatim}
+some code
+ \end{verbatim}
+ \end{scriptsize}
+ \end{beamerboxesrounded}
+ \end{column}
+ \begin{column}{0.45\textwidth}
+ \begin{beamerboxesrounded}[shadow=true]{template box}
+ \begin{scriptsize}
+ \begin{verbatim}
+some other code
+ \end{verbatim}
+ \end{scriptsize}
+ \end{beamerboxesrounded}
+ \end{column}
+\end{columns}
+\end{frame}
+
diff --git a/security/secureboot/pres_secureboot.tex b/security/secureboot/pres_secureboot.tex
new file mode 100644
index 0000000..d659e20
--- /dev/null
+++ b/security/secureboot/pres_secureboot.tex
@@ -0,0 +1,28 @@
+\input{configpres}
+
+% ----------------------------
+\title{Linux Secureboot in Practice}
+\subtitle{Verified Code-Integrity from Reset to Linux}
+\maketitle
+
+% ----------------------------
+\begin{frame}
+\frametitle{Overview}
+\tableofcontents
+\end{frame}
+
+% ----------------------------
+\input{security/secureboot/frm_secboot_basics.tex}
+
+% ----------------------------
+\input{security/secureboot/frm_secboot_hab.tex}
+
+% ----------------------------
+\input{security/secureboot/frm_secboot_u-boot.tex}
+
+% ----------------------------
+\input{security/secureboot/frm_secboot_linux.tex}
+
+% ----------------------------
+\subsection*{}
+\input{tailpres}