SecureBoot---debian---Oracle VM VirtualBox
<p>https://wiki.debian.org/SecureBoot#MOK_-_Machine_Owner_Key</p><p> </p>
<ul id="pagelocation">
<li>SecureBoot</li>
</ul>
<div id="page" lang="en" dir="ltr">
<div id="content" lang="en" dir="ltr">
<div class="table-of-contents">
<p class="table-of-contents-heading">目录</p>
<ol>
<li>What is UEFI?</li>
<li>What is UEFI Secure Boot?</li>
<li>What is UEFI Secure Boot NOT?</li>
<li>Shim</li>
<li>MOK - Machine Owner Key<ol>
<li>Generalities</li>
<li>Has the system booted via Secure Boot?</li>
<li>Generating a new key</li>
<li>Enrolling your key</li>
<li>Using your key to sign your kernel</li>
<li>Using your key to sign modules</li>
<li>Verifing if a module is signed</li>
<li>Disabling/re-enabling Secure Boot</li>
</ol></li>
<li>Supported architectures and packages</li>
<li>Testing UEFI Secure Boot</li>
<li>Secure Boot limitations</li>
<li>Infrastructure - how signing works in Debian</li>
<li>Testing Secure Boot in a virtual machine</li>
<li>arm64 problems</li>
</ol></div>
<p class="line867"> </p>
<h1 id="What_is_UEFI.3F">What is UEFI?</h1>
<p class="line862">Unified Extensible Firmware Interface. See the main UEFI page for <span id="line-6" class="anchor">more details. <span id="line-7" class="anchor"><span id="line-8" class="anchor"></span></span></span></p>
<p class="line867"> </p>
<h1 id="What_is_UEFI_Secure_Boot.3F">What is UEFI Secure Boot?</h1>
<p class="line874">UEFI Secure Boot (SB) is a verification mechanism for ensuring that <span id="line-11" class="anchor">code launched by a computer's UEFI firmware is trusted. It is designed <span id="line-12" class="anchor">to protect a system against malicious code being loaded and executed <span id="line-13" class="anchor">early in the boot process, before the operating system has been <span id="line-14" class="anchor">loaded. <span id="line-15" class="anchor"><span id="line-16" class="anchor"></span></span></span></span></span></span></p>
<p class="line874">SB works using cryptographic checksums and signatures. Each program <span id="line-17" class="anchor">that is loaded by the firmware includes a signature and a checksum, <span id="line-18" class="anchor">and before allowing execution the firmware will verify that the <span id="line-19" class="anchor">program is trusted by validating the checksum and the signature. When <span id="line-20" class="anchor">SB is enabled on a system, any attempt to execute an untrusted program <span id="line-21" class="anchor">will not be allowed. This stops unexpected / unauthorised code from <span id="line-22" class="anchor">running in the UEFI environment. <span id="line-23" class="anchor"><span id="line-24" class="anchor"></span></span></span></span></span></span></span></span></p>
<p class="line874">Most x86 hardware comes from the factory pre-loaded with Microsoft <span id="line-25" class="anchor">keys. This means the firmware on these systems will trust binaries <span id="line-26" class="anchor">that are signed by Microsoft. Most modern systems will ship with SB <span id="line-27" class="anchor">enabled - they will <em>not</em> run any unsigned code by default, but it <span id="line-28" class="anchor">is possible to change the firmware configuration to either disable SB <span id="line-29" class="anchor">or to enrol extra signing keys. <span id="line-30" class="anchor"><span id="line-31" class="anchor"></span></span></span></span></span></span></span></p>
<p class="line874">Most of the programs that are expected to run in the UEFI environment <span id="line-32" class="anchor">are boot loaders, but others exist too. There are also programs to <span id="line-33" class="anchor">deal with firmware updates before operating system startup (like <span id="line-34" class="anchor">fwupdate and fwupd), and other utilities may live <span id="line-35" class="anchor">here too. <span id="line-36" class="anchor"><span id="line-37" class="anchor"></span></span></span></span></span></span></p>
<p class="line874">Other Linux distros (Red Hat, Fedora, SUSE, Ubuntu, etc.) have had SB <span id="line-38" class="anchor">working for a while, but Debian was slow in getting this working. This <span id="line-39" class="anchor">meant that on many new computer systems, users had to first disable SB <span id="line-40" class="anchor">to be able to install and use Debian. The methods for doing this vary <span id="line-41" class="anchor">massively from one system to another, making this potentially quite <span id="line-42" class="anchor">difficult for users. <span id="line-43" class="anchor"><span id="line-44" class="anchor"></span></span></span></span></span></span></span></p>
<p class="line874">Starting with Debian version 10 ("Buster"), Debian included working <span id="line-45" class="anchor">UEFI Secure Boot to make things easier. <span id="line-46" class="anchor"><span id="line-47" class="anchor"></span></span></span></p>
<p class="line867"> </p>
<h1 id="What_is_UEFI_Secure_Boot_NOT.3F">What is UEFI Secure Boot NOT?</h1>
<p class="line862">UEFI Secure Boot is <strong>not</strong> an attempt by Microsoft to lock Linux <span id="line-50" class="anchor">out of the PC market here; SB is a security measure to protect against <span id="line-51" class="anchor">malware during early system boot. Microsoft act as a Certification <span id="line-52" class="anchor">Authority (CA) for SB, and they will sign programs on behalf of other <span id="line-53" class="anchor">trusted organisations so that their programs will also run. There are <span id="line-54" class="anchor">certain identification requirements that organisations have to meet <span id="line-55" class="anchor">here, and code has to be audited for safety. But these are not too <span id="line-56" class="anchor">difficult to achieve. <span id="line-57" class="anchor"><span id="line-58" class="anchor"></span></span></span></span></span></span></span></span></span></p>
<p class="line862">SB is also <strong>not</strong> meant to lock users out of controlling their own <span id="line-59" class="anchor">systems. Users can enrol extra keys into the system, allowing them to <span id="line-60" class="anchor">sign programs for their own systems. Many SB-enabled systems also <span id="line-61" class="anchor">allow users to remove the platform-provided keys altogether, forcing <span id="line-62" class="anchor">the firmware to only trust user-signed binaries. <span id="line-63" class="anchor"><span id="line-64" class="anchor"></span></span></span></span></span></span></p>
<p class="line867"> </p>
<h1 id="Shim">Shim</h1>
<p class="line867">shim is a simple software package that is designed to work <span id="line-67" class="anchor">as a first-stage bootloader on UEFI systems. <span id="line-68" class="anchor"><span id="line-69" class="anchor"></span></span></span></p>
<p class="line874">It was developed by a group of Linux developers from various distros, <span id="line-70" class="anchor">working together to make SB work using Free Software. It is a common <span id="line-71" class="anchor">piece of code that is safe, well-understood and audited so that it can <span id="line-72" class="anchor">be trusted and signed using platform keys. This means that Microsoft <span id="line-73" class="anchor">(or other potential firmware CA providers) only have to worry about <span id="line-74" class="anchor">signing shim, and not all of the other programs that distro vendors <span id="line-75" class="anchor">might want to support. <span id="line-76" class="anchor"><span id="line-77" class="anchor"></span></span></span></span></span></span></span></span></p>
<p class="line874">Shim then becomes the root of trust for all the other distro-provided <span id="line-78" class="anchor">UEFI programs. It embeds a further distro-specific CA key that is <span id="line-79" class="anchor">itself used for signing further programs (e.g. Linux, GRUB, <span id="line-80" class="anchor">fwupdate). This allows for a clean delegation of trust - the distros <span id="line-81" class="anchor">are then responsible for signing the rest of their packages. Shim <span id="line-82" class="anchor">itself should ideally not need to be updated very often, reducing the <span id="line-83" class="anchor">workload on the central auditing and CA teams. <span id="line-84" class="anchor"><span id="line-85" class="anchor"></span></span></span></span></span></span></span></span></p>
<p class="line874">For extra trust and safety, from version 15 onwards the shim binary <span id="line-86" class="anchor">build is 100% reproducible - you can rebuild the Debian shim binary <span id="line-87" class="anchor">yourself to verify that no unexpected changes have been embedded in <span id="line-88" class="anchor">this key piece of security software. <span id="line-89" class="anchor"><span id="line-90" class="anchor"></span></span></span></span></span></p>
<p class="line867"> </p>
<h1 id="MOK_-_Machine_Owner_Key">MOK - Machine Owner Key</h1>
<p class="line867"> </p>
<h2 id="Generalities">Generalities</h2>
<p class="line874">A key part of the shim design is to allow users to control their own <span id="line-95" class="anchor">systems. The distro CA key is built in to the shim binary itself, but <span id="line-96" class="anchor">there is also an extra database of keys that can be managed by the <span id="line-97" class="anchor">user, the so-called <strong>Machine Owner Key</strong> (MOK for short). <span id="line-98" class="anchor"><span id="line-99" class="anchor"></span></span></span></span></span></p>
<p class="line874">Keys can be added and removed in the MOK list by the user, entirely <span id="line-100" class="anchor">separate from the distro CA key. The <strong>mokutil</strong> utility can be used <span id="line-101" class="anchor">to help manage the keys here from Linux userland, but changes to the <span id="line-102" class="anchor">MOK keys may <strong>only</strong> be confirmed directly from the console at boot <span id="line-103" class="anchor">time. This removes the risk of userland malware potentially enrolling <span id="line-104" class="anchor">new keys and therefore bypassing the entire point of SB. <span id="line-105" class="anchor"><span id="line-106" class="anchor"></span></span></span></span></span></span></span></p>
<p class="line874">There are more docs online for how to work with MOK, for example: <span id="line-107" class="anchor"><span id="line-108" class="anchor"></span></span></p>
<ul>
<li>
<p class="line891">https://www.rodsbooks.com/efi-bootloaders/secureboot.html#initial_shim <span id="line-109" class="anchor"><span id="line-110" class="anchor"></span></span></p>
</li>
</ul>
<p class="line867"> </p>
<h2 id="Has_the_system_booted_via_Secure_Boot.3F">Has the system booted via Secure Boot?</h2>
<p class="line867"> </p>
<pre><span id="line-1" class="anchor">$ sudo mokutil --sb-state
<span id="line-2" class="anchor">SecureBoot enabled</span></span></pre>
<p class="line874">Note that you can be only sure that the above answer is correct if your <span id="line-118" class="anchor">system has not been tampered with in the first place. <span id="line-119" class="anchor"><span id="line-120" class="anchor"></span></span></span></p>
<p class="line867"> </p>
<h2 id="Generating_a_new_key">Generating a new key</h2>
<p class="line862">Ubuntu puts its MOK key under <tt class="backtick">/var/lib/shim-signed/mok/</tt> and some software such as Oracle's virtualbox package expect the key there so we follow suit (see 989463 for reference) and put it at the same place. <span id="line-123" class="anchor"><span id="line-124" class="anchor"></span></span></p>
<p class="line874">First make sure the key doesn't exist yet: <span id="line-125" class="anchor"><span id="line-126" class="anchor"></span></span></p>
<p class="line867"> </p>
<pre><span id="line-1-1" class="anchor">$ ls /var/lib/shim-signed/mok/</span></pre>
<p class="line862">If you see the key there (consisting of the files <tt class="backtick">MOK.der</tt>, <tt class="backtick">MOK.pem</tt> and <tt class="backtick">MOK.priv</tt>) then you should not need to regenerate the key. <span id="line-131" class="anchor"><span id="line-132" class="anchor"></span></span></p>
<p class="line874">Otherwise if there's no key: <span id="line-133" class="anchor"><span id="line-134" class="anchor"></span></span></p>
<p class="line867"> </p>
<pre><span id="line-1-2" class="anchor"># mkdir -p /var/lib/shim-signed/mok/
<span id="line-2-1" class="anchor"># cd /var/lib/shim-signed/mok/
<span id="line-3" class="anchor"># openssl req -new -x509 -newkey rsa:2048 -keyout MOK.priv -outform DER -out MOK.der -days 36500 -subj "/CN=My Name/" -nodes
<span id="line-4" class="anchor"># openssl x509 -inform der -in MOK.der -out MOK.pem</span></span></span></span></pre>
<p class="line862">Note that depending on whether Debian will implement automatic genereration of that key (see 989463) you might run into conflicts with that automatic installation. <span id="line-142" class="anchor"><span id="line-143" class="anchor"></span></span></p>
<p class="line867"> </p>
<h2 id="Enrolling_your_key">Enrolling your key</h2>
<p class="line874">If you also have a kernel to sign, you may wish to do the next step first as it will save you one reboot. <span id="line-146" class="anchor"><span id="line-147" class="anchor"></span></span></p>
<p class="line867"> </p>
<pre><span id="line-1-3" class="anchor">$ sudo mokutil --import MOK.der # prompts for one-time password
<span id="line-2-2" class="anchor">$ sudo mokutil --list-new # recheck your key will be prompted on next boot
<span id="line-3-1" class="anchor">
<span id="line-4-1" class="anchor"><rebooting machine then enters MOK manager EFI utility: enroll MOK, continue, confirm, enter password, reboot>
<span id="line-5" class="anchor">
<span id="line-6" class="anchor">$ sudo dmesg | grep cert # verify your key is loaded</span></span></span></span></span></span></pre>
<p class="line867"> </p>
<h2 id="Using_your_key_to_sign_your_kernel">Using your key to sign your kernel</h2>
<p class="line862">First, install sbsigntool <span id="line-159" class="anchor"><span id="line-160" class="anchor"></span></span></p>
<p class="line867"> </p>
<pre><span id="line-1-4" class="anchor">$ sbsign --key MOK.priv --cert MOK.pem /boot/vmlinuz-$ver --output /tmp/vmlinuz-$ver
<span id="line-2-3" class="anchor">$ sudo mv /tmp/vmlinux-$ver /boot/vmlinux-$ver</span></span></pre>
<p class="line867"> </p>
<h2 id="Using_your_key_to_sign_modules">Using your key to sign modules</h2>
<p class="line862">Building and signing modules is <strong>independent</strong> of building and signing your own kernel. You can perfectly build new modules for a kernel provided by Debian. But if you want to use them in a Secure Boot'ed system then you need to enroll your key as shown previously and then you need to sign your modules as shown below. <span id="line-168" class="anchor"><span id="line-169" class="anchor"></span></span></p>
<p class="line862">The example here shows how to sign modules generated by virtualbox. Debian's package puts those under <tt class="backtick">/lib/modules/$KERNEL-VERSION/updates/dkms</tt> Oracle's package puts them under <tt class="backtick">/lib/modules/$KERNEL-VERSION/misc</tt>, so you'll have to set <tt class="backtick">MODULE_DIR</tt> below accordingly. <span id="line-170" class="anchor"><span id="line-171" class="anchor"></span></span></p>
<p class="line867"> </p>
<pre><span id="line-1-5" class="anchor"># MODULE_DIR=/lib/modules/$(uname -r)/updates/dkms
<span id="line-2-4" class="anchor"># cd $MODULE_DIR
<span id="line-3-2" class="anchor"># /usr/lib/linux-kbuild-5.10/scripts/sign-file sha256 /var/lib/shim-signed/mok/MOK.priv /var/lib/shim-signed/mok/MOK.der vboxdrv.ko</span></span></span></pre>
<p class="line874">This will sign all DKMS compiled modules under Bullseye: <span id="line-178" class="anchor"><span id="line-179" class="anchor"></span></span></p>
<p class="line867"> </p>
<pre><span id="line-1-6" class="anchor"># cd /lib/modules/$(uname -r)/updates/dkms
<span id="line-2-5" class="anchor"># for i in *.ko ; do /usr/lib/linux-kbuild-5.10/scripts/sign-file sha256 /var/lib/shim-signed/mok/MOK.priv /var/lib/shim-signed/mok/MOK.der "$i" ; done</span></span></pre>
<p class="line867"> </p>
<h2 id="Verifing_if_a_module_is_signed">Verifing if a module is signed</h2>
<p class="line867"> </p>
<pre><span id="line-1-7" class="anchor"># modinfo vboxdrv
<span id="line-2-6" class="anchor">filename: /lib/modules/5.10.0-9-amd64/misc/vboxdrv.ko
<span id="line-3-3" class="anchor">version: 6.1.28 r147628 (0x00320000)
<span id="line-4-2" class="anchor">license: GPL
<span id="line-5-1" class="anchor">description: Oracle VM VirtualBox Support Driver
<span id="line-6-1" class="anchor">author: Oracle Corporation
<span id="line-7" class="anchor">srcversion: 282AFDD3CE09DCCD935FAF2
<span id="line-8" class="anchor">depends:
<span id="line-9" class="anchor">retpoline: Y
<span id="line-10" class="anchor">name: vboxdrv
<span id="line-11" class="anchor">vermagic: 5.10.0-9-amd64 SMP mod_unload modversions
<span id="line-12" class="anchor">sig_id: PKCS#7
<span id="line-13" class="anchor">signer: My Name
<span id="line-14" class="anchor">sig_key: 13:FE:C2:ED:A1:40:CE:70:1A:75:91:E5:4C:1F:5F:DA:BD:17:57:A9
<span id="line-15" class="anchor">sig_hashalgo: sha256
<span id="line-16" class="anchor">signature: 0B:72:37:DD:10:97:F2:4F:DF:DF:52:27:38:88:63:7B:CC:2F:98:59:
<span id="line-17" class="anchor"> 66:70:D1:22:94:05:62:77:E9:04:35:B4:2D:9F:6F:92:18:D5:98:C3:
<span id="line-18" class="anchor"> </span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></span></pre>
<p class="line867"> </p>
<h2 id="Disabling.2Fre-enabling_Secure_Boot">Disabling/re-enabling Secure Boot</h2>
<p class="line874">In case it is difficult to control Secure Boot state through the EFI setup program, mokutil can also be used to disable or re-enable Secure Boot for operating systems loaded through shim and GRUB: <span id="line-210" class="anchor"><span id="line-211" class="anchor"></span></span></p>
<ol type="1">
<li>
<p class="line862">Run: <tt class="backtick">mokutil --disable-validation</tt> or <tt class="backtick">mokutil --enable-validation</tt>. <span id="line-212" class="anchor"></span></p>
</li>
<li>Choose a password between 8 and 16 characters long. Enter the same password to confirm it. <span id="line-213" class="anchor"></span></li>
<li>Reboot. <span id="line-214" class="anchor"></span></li>
<li>When prompted, press a key to perform MOK management. <span id="line-215" class="anchor"></span></li>
<li>Select "Change Secure Boot state". <span id="line-216" class="anchor"></span></li>
<li>Enter each requested character of your chosen password to confirm the change. Note that you have to press Return/Enter after each character. <span id="line-217" class="anchor"></span></li>
<li>Select "Yes". <span id="line-218" class="anchor"></span></li>
<li>Select "Reboot". <span id="line-219" class="anchor"><span id="line-220" class="anchor"></span></span></li>
</ol>
<p class="line867"> </p>
<h1 id="Supported_architectures_and_packages">Supported architectures and packages</h1>
<p class="line874">On each architecture, Debian includes various packages containing <span id="line-223" class="anchor">signed binaries: <span id="line-224" class="anchor"><span id="line-225" class="anchor"></span></span></span></p>
<div>
<table>
<tbody>
<tr>
<td>
<p class="line891"><strong>Name</strong></p>
</td>
<td>
<p class="line862"><strong>amd64</strong></p>
</td>
<td>
<p class="line862"><strong>i386</strong></p>
</td>
<td>
<p class="line891"><strong>arm64</strong></p>
</td>
<td>
<p class="line891"><strong>Signed by</strong></p>
</td>
<td>
<p class="line891"><strong>Purpose</strong></p>
</td>
</tr>
<tr>
<td>
<p class="line891"><strong>fwupd</strong></p>
</td>
<td>
<p class="line862">fwupd-amd64-signed</p>
</td>
<td>
<p class="line862">fwupd-i386-signed</p>
</td>
<td>
<p class="line862">fwupd-arm64-signed</p>
</td>
<td>
<p class="line862">Debian</p>
</td>
<td>
<p class="line862">Tools to manage UEFI firmware updates automatically</p>
</td>
</tr>
<tr>
<td>
<p class="line891"><strong>fwupdate</strong></p>
</td>
<td>
<p class="line862">fwupdate-amd64-signed</p>
</td>
<td>
<p class="line862">fwupdate-i386-signed</p>
</td>
<td>
<p class="line862">fwupdate-arm64-signed</p>
</td>
<td>
<p class="line862">Debian</p>
</td>
<td>
<p class="line862">Tools to manage UEFI firmware updates manually (removed after Buster in favour of fwupd)</p>
</td>
</tr>
<tr>
<td>
<p class="line891"><strong>grub</strong></p>
</td>
<td>
<p class="line862">grub-efi-amd64-signed</p>
</td>
<td>
<p class="line862">grub-efi-ia32-signed</p>
</td>
<td>
<p class="line862">grub-efi-arm64-signed</p>
</td>
<td>
<p class="line862">Debian</p>
</td>
<td>
<p class="line862">GRUB boot loader</p>
</td>
</tr>
<tr>
<td>
<p class="line891"><strong>linux</strong></p>
</td>
<td>
<p class="line862">linux-image-*-amd64 (*)</p>
</td>
<td>
<p class="line862">linux-image-*-686* (*)</p>
</td>
<td>
<p class="line862">linux-image-*-arm64 (*)</p>
</td>
<td>
<p class="line862">Debian</p>
</td>
<td>
<p class="line862">Linux kernel, various flavours</p>
</td>
</tr>
<tr>
<td>
<p class="line891"><strong>shim</strong></p>
</td>
<td>
<p class="line862">shim-signed</p>
</td>
<td>
<p class="line862">shim-signed</p>
</td>
<td>
<p class="line862">shim-signed</p>
</td>
<td>
<p class="line862">Microsoft</p>
</td>
<td>
<p class="line862">Main shim binary</p>
</td>
</tr>
<tr>
<td>
<p class="line891"><strong>shim-helpers</strong></p>
</td>
<td>
<p class="line862">shim-helpers-amd64-signed</p>
</td>
<td>
<p class="line862">shim-helpers-i386-signed</p>
</td>
<td>
<p class="line862">shim-helpers-arm64-signed</p>
</td>
<td>
<p class="line862">Debian</p>
</td>
<td>
<p class="line862">Shim helper binaries - ?MokManager and ?FallBack</p>
</td>
</tr>
</tbody>
</table>
</div>
<p class="line874">(*) The various linux-image packages in Debian are now signed by <span id="line-234" class="anchor">default. The <em>unsigned</em> packages are called linux-image-*-unsigned. <span id="line-235" class="anchor"><span id="line-236" class="anchor"></span></span></span></p>
<p class="line867"> </p>
<h1 id="Testing_UEFI_Secure_Boot">Testing UEFI Secure Boot</h1>
<p class="line874">Focusing on Debian Buster, some tests have been performed to make sure <span id="line-239" class="anchor">that everything is ready. You can help us testing our setup on real <span id="line-240" class="anchor">hardware, including the installer and the live images. If you want to <span id="line-241" class="anchor">help us testing Secure Boot you can find more information <span id="line-242" class="anchor">here. <span id="line-243" class="anchor"><span id="line-244" class="anchor"></span></span></span></span></span></span></p>
<p class="line867"> </p>
<h1 id="Secure_Boot_limitations">Secure Boot limitations</h1>
<p class="line874">By its very design, SB may affect or limit some things that users want <span id="line-247" class="anchor">to do. <span id="line-248" class="anchor"><span id="line-249" class="anchor"></span></span></span></p>
<p class="line874">If you want to build and run your own kernel (e.g. for development or <span id="line-250" class="anchor">debugging), then you will obviously end up making binaries that are <span id="line-251" class="anchor">not signed with the Debian key. If you wish to use those binaries, you <span id="line-252" class="anchor">will need to either sign them yourself and enrol the key used with MOK <span id="line-253" class="anchor">or disable SB. <span id="line-254" class="anchor"><span id="line-255" class="anchor"></span></span></span></span></span></span></p>
<p class="line874">Using SB activates "lockdown" mode in the Linux kernel. This disables <span id="line-256" class="anchor">various features that can be used to modify the kernel: <span id="line-257" class="anchor"><span id="line-258" class="anchor"></span></span></span></p>
<ul>
<li>
<p class="line862">Loading kernel modules that are not signed by a trusted key. By default, this will block out-of-tree modules including DKMS-managed drivers. However, you can create your own signing key for modules and add its certificate to the trusted list using MOK. <span id="line-259" class="anchor"></span></p>
</li>
<li>Using kexec to start an unsigned kernel image. <span id="line-260" class="anchor"></span></li>
<li>Hibernation and resume from hibernation. <span id="line-261" class="anchor"></span></li>
<li>User-space access to physical memory and I/O ports. <span id="line-262" class="anchor"></span></li>
<li>Module parameters that allow setting memory and I/O port addresses. <span id="line-263" class="anchor"></span></li>
<li>
<p class="line862">Writing to MSRs through <tt class="backtick">/dev/cpu/*/msr</tt>. <span id="line-264" class="anchor"></span></p>
</li>
<li>Use of custom ACPI methods and tables. <span id="line-265" class="anchor"></span></li>
<li>ACPI APEI error injection. <span id="line-266" class="anchor"><span id="line-267" class="anchor"></span></span></li>
</ul>
<p class="line862">You can avoid this by disabling Secure Boot through the EFI setup program or through MOK. <span id="line-268" class="anchor"><span id="line-269" class="anchor"></span></span></p>
<p class="line874">Example docs from elsewhere: <span id="line-270" class="anchor"><span id="line-271" class="anchor"></span></span></p>
<ul>
<li>
<p class="line891">https://wiki.ubuntu.com/UEFI/SecureBoot/DKMS <span id="line-272" class="anchor"></span></p>
</li>
<li>
<p class="line891">https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Kernel_Administration_Guide/sect-signing-kernel-modules-for-secure-boot.html <span id="line-273" class="anchor"></span></p>
</li>
<li>
<p class="line891">https://www.linuxjournal.com/content/take-control-your-pc-uefi-secure-boot <span id="line-274" class="anchor"><span id="line-275" class="anchor"></span></span></p>
</li>
</ul>
<p class="line867"> </p>
<h1 id="Infrastructure_-_how_signing_works_in_Debian">Infrastructure - how signing works in Debian</h1>
<p class="line874">If you want to know the implementation details and the current <span id="line-278" class="anchor">discussions on improvements, see SecureBoot/Discussion. <span id="line-279" class="anchor"><span id="line-280" class="anchor"></span></span></span></p>
<p class="line867"> </p>
<h1 id="Testing_Secure_Boot_in_a_virtual_machine">Testing Secure Boot in a virtual machine</h1>
<p class="line862">If you want to test Secure Boot in a virtual machine without having to deal with an actual machine, see SecureBoot/VirtualMachine. <span id="line-283" class="anchor"><span id="line-284" class="anchor"></span></span></p>
<p class="line867"> </p>
<h1 id="arm64_problems">arm64 problems</h1>
<p class="line874">Debian no longer supports UEFI Secure Boot on arm64 systems, as of May <span id="line-287" class="anchor">2021. <span id="line-288" class="anchor"><span id="line-289" class="anchor"></span></span></span></p>
<p class="line874">Shim and other EFI programs have always been difficult to build on <span id="line-290" class="anchor">arm64, compared to x86 platforms. Binutils for amd64 and i386 includes <span id="line-291" class="anchor">explicit support for creating programs in the PE/COFF binary format <span id="line-292" class="anchor">that EFI uses, but this has never been added for arm64. <span id="line-293" class="anchor"><span id="line-294" class="anchor"></span></span></span></span></span></p>
<p class="line874">In the past, shim developers added some local hacks into the shim <span id="line-295" class="anchor">package to generate a <strong>mostly</strong>-compliant PE/COFF EFI binary <span id="line-296" class="anchor">without this toolchain support, and that seemed to be sufficient for <span id="line-297" class="anchor">use. Everything seemed to work. <strong>However</strong>, during the development <span id="line-298" class="anchor">and testing phase of shim 15.3 and 15.4, we found found significant <span id="line-299" class="anchor">issues with this approach. New security features needed in shim (SBAT) <span id="line-300" class="anchor">showed up severe problems with the lack of proper toolchain <span id="line-301" class="anchor">support. See https://github.com/rhboot/shim/issues/366 for more <span id="line-302" class="anchor">details. The old hacks around binutils are no longer sustainable. <span id="line-303" class="anchor"><span id="line-304" class="anchor"></span></span></span></span></span></span></span></span></span></span></p>
<p class="line874">Statistics tell us that very few people have attempted to use arm64 <span id="line-305" class="anchor">Secure Boot with Debian so far. In the interests of releasing needed <span id="line-306" class="anchor">updates in a timely manner, we have decided <strong>for the time being</strong> <span id="line-307" class="anchor">to disable signed shim support for Debian arm64. <span id="line-308" class="anchor"><span id="line-309" class="anchor"></span></span></span></span></span></p>
<p class="line874">We hope to re-introduce arm64 Secure Boot support as soon as possible <span id="line-310" class="anchor">in the future. <span id="line-311" class="anchor"><span id="bottom" class="anchor"></span></span></span></p>
</div>
</div>
<div id="footer">
<p id="pageinfo" class="info" lang="zh" dir="ltr">SecureBoot (最后修改时间 2021-11-17 13:20:19)</p>
<ul id="credits">
<li>Debian privacy policy, Wiki team, bugs and config.</li>
<li>Powered by MoinMoin and Python, withhosting provided by Metropolitan Area Network Darmstadt.</li>
</ul>
</div><br><br>
来源:https://www.cnblogs.com/ztguang/p/15777234.html
頁:
[1]