Loadpin: Possibility of exceptions for certain firmwares?

Martin.U.Lang at bmw.de Martin.U.Lang at bmw.de
Thu Aug 13 15:14:05 UTC 2020 

Hi Kees, hi LSM community,

I'm currently struggling a bit with the bare simplicity of loadpin and trying to understand which options exist for me.

We have the following situation: 
Our root file system is integrity protected with dm-verity. During the development/validation stage, we create builds that use a test key for secure boot.  For certain builds that successfully passed validation, we would like to "promote" these builds to be a real release and sign them with the real secure-boot/verified-boot release keys. This requires us to re-sign all secure-boot signed artifacts (bootloaders, TEE, kernel, ...) including the dm-verity root hash(es) of the filesystem(s). During this re-signing process we do not want to touch the root file system (due to validation concerns) but only to provide new signatures for the dm-verity root hash.
As it turns out, some of the firmware blobs of our system are signed with the secure boot keys of the system and this signature is validated somewhere outside of the Linux kernel (by other firmware, by the TEE...). So, we wanted to move those outside of the root filesystem in order to avoid changing the file system as part of the release re-signing process. However, we then noticed that the kernel driver seems to load these firmwares using the usual firmware loader infrastructure of Linux. Consequently, loadpin kicks in, does its job and denies loading the firmware as it comes now from this extra partition.

So, I was wondering if adding an exception list to loadpin could be a reasonable approach to this issue. If I understand the whole infrastructure correctly, the driver requests a firmware (file) by name. If I know on my system that the firmware with this name is self-contained secure-boot signed and later-on validated independently anyways, there is no security benefit in letting loadpin enforce that it must come from my root fs. Consequently, I was thinking of adding a (configurable) exception list mechanism to loadpin to accept certain firmwares (by name) even if they are not loaded from the pinned fs.

Would you be open to such an extension of loadpin? If there are other suggestions how this issue could be addressed, I'm also grateful for input. I would like to see a solution that enables us to use loadpin as it saves quite some effort on kernel module signing.

Best Regards,

Martin

More information about the Linux-security-module-archive mailing list