Support importing mokx keys into revocation list from the mok table

Bug #1928679 reported by Dimitri John Ledkov
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned
Bionic
Undecided
Unassigned
Focal
Medium
Unassigned
Hirsute
Undecided
Unassigned
linux-azure-5.8 (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned
Bionic
Undecided
Unassigned
Focal
Undecided
Unassigned
Hirsute
Undecided
Unassigned
linux-hwe-5.8 (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned
Bionic
Undecided
Unassigned
Focal
Medium
Unassigned
Hirsute
Undecided
Unassigned
linux-oem-5.10 (Ubuntu)
Undecided
Unassigned
Xenial
Undecided
Unassigned
Bionic
Undecided
Unassigned
Focal
Undecided
Unassigned
Hirsute
Undecided
Unassigned

Bug Description

[Impact]

 * Ubuntu's 15.4 based shim ships a very large vendor-dbx (aka mokx) which revokes many Ubuntu kernel hashes and 2012 signing key.

 * Kernel should import those into it's %:.blacklist keyring such that it prohibits signed kexec of the revoked kernels.

 * v5.13-rc1 kernel has learned how to import mokx and how to import full certs into the %:.blacklist keyring.

 * However, it only does so by reading MokListXRT efi variable.

 * Due to the large size of Ubuntu's vendor-dbx, shim does not create MokListXRT efi variable, but instead creates MokListXRT1 MokListXRT2 MokListXRT3 which currently v5.13-rc1 kernel cannot read. Shim also exposes MokListXRT via mokvar table, which is easier to parse and contains all the revocations in full. Kernel needs a patch to read MokListXRT via mokvar table.

 * We have two options on how to proceed from here, either we include the same hashes and certs as our vendordbx in in the kernel as revocation list, or we fix kernel to read MokListXRT via mokvar table

 * The above is known as CVE-2020-26541

 * Separately it would be nice to add informational dmesg messages when revoking signing certificates, as a good indication that signing key rotation events have happened and have been applied correctly.

[Test Plan]

 * Boot kernel with 15.4 based Ubuntu shim

 * Install keyutils package

 * Execute $ sudo keyctl list %:.blacklist it should list in exccess of 300+ hash entries. It also must list assymetric Canonical signing key from 2012.

 * Separately check dmesg to observe that asymmetric canonical signing key from 2012 is revoked.

  * $ sudo ls /sys/firmware/efi/mok-variables
    MokListRT MokListXRT SbatLevelRT

When booted with shim, the mok-variables directory above should exist, and contain at least `MokListRT MokListXRT SbatLevelRT` files.

In kernel messages, the CA certificate should be loaded via MOKvar table i.e:

   * $ sudo journalctl -b -k | grep -A1 'MOKvar table'
Sep 27 13:11:04 champion-spaniel kernel: integrity: Loading X.509 certificate: UEFI:MokListRT (MOKvar table)
Sep 27 13:11:04 champion-spaniel kernel: integrity: Loaded X.509 cert 'Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63

[Where problems could occur]

 * EFI variable storage can be full thus preventing shim to mirror efivars and the moktable. On decent hardware this should not happen, but has been observed to be corrupted on some older EDKII based OVMF instances with small EFI variable storage space (pre-4MB).

[Other Info]

 * The patches to fix the above have been submitted upstream

https://<email address hidden>/

https://<email address hidden>/

This will now be submitted as SAUCE patches for the Ubuntu UNSTABLE kernel, until accepted upstream.

Related branches

summary: - Supporting importing dbx keys into revocation list from mok table
+ Support importing mokx keys into revocation list from the mok table
information type: Public → Public Security
Changed in linux (Ubuntu):
status: New → Confirmed
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-focal' to 'verification-done-focal'. If the problem still exists, change the tag 'verification-needed-focal' to 'verification-failed-focal'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-focal
Changed in linux (Ubuntu Hirsute):
status: New → Fix Committed
Revision history for this message
Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-hirsute' to 'verification-done-hirsute'. If the problem still exists, change the tag 'verification-needed-hirsute' to 'verification-failed-hirsute'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-hirsute
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux - 5.13.0-14.14

---------------
linux (5.13.0-14.14) impish; urgency=medium

  * impish/linux: 5.13.0-14.14 -proposed tracker (LP: #1938565)

  * Miscellaneous Ubuntu changes
    - SAUCE: Revert "UBUNTU: SAUCE: random: Make getrandom() ready earlier"
    - SAUCE: random: properly make getrandom() ready earlier

  * Miscellaneous upstream changes
    - seq_buf: Fix overflow in seq_buf_putmem_hex()
    - bpf: Fix integer overflow in argument calculation for bpf_map_area_alloc
    - ext4: cleanup in-core orphan list if ext4_truncate() failed to get a
      transaction handle
    - ext4: fix kernel infoleak via ext4_extent_header
    - ext4: fix overflow in ext4_iomap_alloc()
    - ext4: return error code when ext4_fill_flex_info() fails
    - ext4: correct the cache_nr in tracepoint ext4_es_shrink_exit
    - ext4: remove check for zero nr_to_scan in ext4_es_scan()
    - ext4: fix avefreec in find_group_orlov
    - ext4: use ext4_grp_locked_error in mb_find_extent

 -- Andrea Righi <email address hidden> Mon, 02 Aug 2021 14:23:08 +0200

Changed in linux (Ubuntu):
status: Confirmed → Fix Released
Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Verifying using hirsute:

# uname -r
5.11.0-1014-kvm

# grep CODENAME /etc/os-release
VERSION_CODENAME=hirsute
UBUNTU_CODENAME=hirsute

# keyctl list %:.blacklist
Can't find 'keyring:.blacklist'

Upgraded kernel:

# uname -r
5.11.0-1015-kvm

# keyctl list %:.blacklist
1 key in keyring:
330780907: ---lswrv 0 0 asymmetric: Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0

In dmesg:
[ 0.375674] blacklist: Loading compiled-in revocation X.509 certificates
[ 0.376015] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0'

No other blacklist hashes got imported, cause they do not appear in mokvar table nor in MokListRT mirror variable, nor does kvm kernel appear to have platform keyring... which is very odd.... cause UEFI db keys for Microsoft Production PCA 2011 and UEFI CA 2011 are missing.

It seems to me that kvm kernel is a bit broken, and doesn't have support for mokvar or .platform keyring, which is very bad.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

Disabled initrd less boot, and installing linux-generic kernel from proposed.

Revision history for this message
Dimitri John Ledkov (xnox) wrote :

# uname -r
5.11.0-34-generic

# sudo keyctl list %:.platform
3 keys in keyring:
149920180: ---lswrv 0 0 asymmetric: Microsoft Windows Production PCA 2011: a92902398e16c49778cd90f99e4f9ae17c55af53
434591909: ---lswrv 0 0 asymmetric: Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63
404799886: ---lswrv 0 0 asymmetric: Microsoft Corporation UEFI CA 2011: 13adbf4309bd82709c8cd54f316ed522988a1bd4

# sudo keyctl list %:.blacklist | grep bin: | wc
     79 474 8854

# sudo keyctl list %:.blacklist | grep Canonical
1050199374: ---lswrv 0 0 asymmetric: Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0

dmesg

[ 1.074086] blacklist: Loading compiled-in revocation X.509 certificates
[ 1.074714] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0'

[ 1.084216] integrity: Loading X.509 certificate: UEFI:MokListRT (MOKvar table)
[ 1.085028] integrity: Loaded X.509 cert 'Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63'

MOKvar is available, and used to load Master CA into .platform keyring, and hashes into blacklist keyring.

tags: added: verification-done-hirsute
removed: verification-needed-hirsute
Revision history for this message
Dimitri John Ledkov (xnox) wrote (last edit ):

# grep CODENAME /etc/os-release
VERSION_CODENAME=focal
UBUNTU_CODENAME=focal

# uname -r
5.11.0-34-generic

dmesg:
[ 0.797134] blacklist: Loading compiled-in revocation X.509 certificates
[ 0.797696] Loaded X.509 cert 'Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0'

built-in revocation cert is loaded

[ 0.806069] integrity: Loading X.509 certificate: UEFI:MokListRT (MOKvar table)
[ 0.806848] integrity: Loaded X.509 cert 'Canonical Ltd. Master Certificate Authority: ad91990bc22ab1f517048c23b6655a268e345a63'

mokvar table is available, and is used.

# keyctl list %:.blacklist | grep Canonical
613299796: ---lswrv 0 0 asymmetric: Canonical Ltd. Secure Boot Signing: 61482aa2830d0ab2ad5af10b7250da9033ddcef0

# keyctl list %:.blacklist | grep bin: | wc
     79 474 8853

# mokutil --list-enrolled --mokx
[key 1]
  [SHA-256]
  0000000000000000000000000000000000000000000000000000000000000000

Revoked binaries are correctly loaded from MOKvar table, despite not being mirrored into MokListXRT efi variable.

tags: added: verification-done-focal
removed: verification-needed-focal
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (62.5 KiB)

This bug was fixed in the package linux - 5.11.0-34.36

---------------
linux (5.11.0-34.36) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-34.36 -proposed tracker (LP: #1941766)

  * Server boot failure after adding checks for ACPI IRQ override (LP: #1941657)
    - Revert "ACPI: resources: Add checks for ACPI IRQ override"

linux (5.11.0-33.35) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-33.35 -proposed tracker (LP: #1940101)

  * libvirtd fails to create VM (LP: #1940107)
    - sched: Stop PF_NO_SETAFFINITY from being inherited by various init system
      threads

linux (5.11.0-32.34) hirsute; urgency=medium

  * hirsute/linux: 5.11.0-32.34 -proposed tracker (LP: #1939769)

  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.08.16)

  * CVE-2021-3656
    - SAUCE: KVM: nSVM: always intercept VMLOAD/VMSAVE when nested

  * CVE-2021-3653
    - SAUCE: KVM: nSVM: avoid picking up unsupported bits from L2 in int_ctl

  * [regression] USB device is not detected during boot (LP: #1939638)
    - SAUCE: Revert "usb: core: reduce power-on-good delay time of root hub"

  * Support builtin revoked certificates (LP: #1932029)
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - SAUCE: integrity: add informational messages when revoking certs

  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table

  * Include product_sku info to modalias (LP: #1938143)
    - firmware/dmi: Include product_sku info to modalias

  * Fix Ethernet not working by hotplug - RTL8106E (LP: #1930645)
    - net: phy: rename PHY_IGNORE_INTERRUPT to PHY_MAC_INTERRUPT
    - SAUCE: r8169: Use PHY_POLL when RTL8106E enable ASPM

  * [SRU][H/OEM-5.10/OEM-5.13/U] Fix system hang after unplug tbt dock
    (LP: #1938689)
    - SAUCE: igc: fix page fault when thunderbolt is unplugged

  * [Regression] Audio card [8086:9d71] not detected after upgrade from linux
    5.4 to 5.8 (LP: #1915117)
    - [Config] set CONFIG_SND_SOC_INTEL_SKYLAKE_HDAUDIO_CODEC to y

  * Backlight (screen brightness) on Lenovo P14s AMD Gen2 inop (LP: #1934557)
    - drm/amdgpu/display: only enable aux backlight control for OLED panels

  * Touchpad not working with ASUS TUF F15 (LP: #1937056)
    - pinctrl: tigerlake: Fix GPIO mapping for newer version of software

  * dev_forward_skb: do not scrub skb mark within the same name space
    (LP: #1935040)
    - dev_forward_skb: do not scrub skb mark within the same name space

  * Fix display output on HP hybrid GFX laptops (LP: #1936296)
    - drm/i915: Invoke another _DSM to enable MUX on HP Workstation laptops

  * [SRU][OEM-5.10/H] UBUNTU: SAUCE: Fix backlight control on Samsung 16727
    panel (LP: #1930527)
    - SAUCE: drm/i915: Force DPCD backlight mode for Samsung 16727 pa...

Changed in linux (Ubuntu Hirsute):
status: Fix Committed → Fix Released
AceLan Kao (acelankao)
Changed in linux-oem-5.10 (Ubuntu Xenial):
status: New → Invalid
Changed in linux-oem-5.10 (Ubuntu Bionic):
status: New → Invalid
Changed in linux-oem-5.10 (Ubuntu Focal):
status: New → Fix Committed
Changed in linux-oem-5.10 (Ubuntu Hirsute):
status: New → Invalid
Changed in linux-oem-5.10 (Ubuntu):
status: New → Invalid
description: updated
Changed in linux-azure-5.8 (Ubuntu Hirsute):
status: New → Invalid
Changed in linux-azure-5.8 (Ubuntu):
status: New → Invalid
Changed in linux-azure-5.8 (Ubuntu Bionic):
status: New → Invalid
Changed in linux-azure-5.8 (Ubuntu Xenial):
status: New → Invalid
Stefan Bader (smb)
Changed in linux-hwe-5.8 (Ubuntu Xenial):
status: New → Invalid
Changed in linux-hwe-5.8 (Ubuntu Bionic):
status: New → Invalid
Changed in linux-hwe-5.8 (Ubuntu Hirsute):
status: New → Invalid
Changed in linux-hwe-5.8 (Ubuntu Focal):
importance: Undecided → Medium
status: New → In Progress
Changed in linux (Ubuntu Focal):
importance: Undecided → Medium
status: New → In Progress
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package linux-oem-5.10 - 5.10.0-1049.51

---------------
linux-oem-5.10 (5.10.0-1049.51) focal; urgency=medium

  * focal/linux-oem-5.10: 5.10.0-1049.50 -proposed tracker (LP: #1944209)

  * e1000e extremly slow (LP: #1930754)
    - SAUCE: e1000e: Separate TGP board type from SPT
    - SAUCE: e1000e: Fixing packet loss issues on new platforms

  * CVE-2021-41073
    - io_uring: ensure symmetry in handling iter types in loop_rw_iter()

 -- Chia-Lin Kao (AceLan) <email address hidden> Mon, 27 Sep 2021 18:33:36 +0800

Changed in linux-oem-5.10 (Ubuntu Focal):
status: Fix Committed → Fix Released
Stefan Bader (smb)
Changed in linux-hwe-5.8 (Ubuntu):
status: New → Invalid
Stefan Bader (smb)
Changed in linux-hwe-5.8 (Ubuntu Focal):
status: In Progress → Fix Committed
Changed in linux (Ubuntu Focal):
status: In Progress → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (3.2 KiB)

This bug was fixed in the package linux-azure-5.8 - 5.8.0-1043.46~20.04.1

---------------
linux-azure-5.8 (5.8.0-1043.46~20.04.1) focal; urgency=medium

  * focal/linux-azure-5.8: 5.8.0-1043.46~20.04.1 -proposed tracker
    (LP: #1944902)

  * Support builtin revoked certificates (LP: #1932029)
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys

  [ Ubuntu: 5.8.0-66.74 ]

  * focal/linux-hwe-5.8: 5.8.0-66.74 -proposed tracker (LP: #1944903)
  * Packaging resync (LP: #1786013)
    - debian/dkms-versions -- update from kernel-versions (main/2021.09.27)
  * linux: btrfs: fix NULL pointer dereference when deleting device by invalid
    id (LP: #1945987)
    - btrfs: fix NULL pointer dereference when deleting device by invalid id
  * CVE-2021-38199
    - NFSv4: Initialise connection to the server in nfs4_alloc_client()
  * BCM57800 SRIOV bug causes interfaces to disappear (LP: #1945707)
    - bnx2x: Fix enabling network interfaces without VFs
  * CVE-2021-3759
    - memcg: enable accounting of ipc resources
  * CVE-2019-19449
    - f2fs: fix wrong total_sections check and fsmeta check
    - f2fs: fix to do sanity check on segment/section count
  * Support builtin revoked certificates (LP: #1932029)
    - Revert "UBUNTU: SAUCE: Dump stack when X.509 certificates cannot be loaded"
    - integrity: Move import of MokListRT certs to a separate routine
    - integrity: Load certs from the EFI MOK config table
    - certs: Add EFI_CERT_X509_GUID support for dbx entries
    - certs: Move load_system_certificate_list to a common function
    - certs: Add ability to preload revocation certs
    - integrity: Load mokx variables into the blacklist keyring
    - certs: add 'x509_revocation_list' to gitignore
    - SAUCE: Dump stack when X.509 certificates cannot be loaded
    - [Packaging] build canonical-revoked-certs.pem from branch/arch certs
    - [Packaging] Revoke 2012 UEFI signing certificate as built-in
    - [Config] Configure CONFIG_SYSTEM_REVOCATION_KEYS with revoked keys
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679)
    - efi: Support for MOK variable config table
    - efi: mokvar-table: fix some issues in new code
    - efi: mokvar: add missing include of asm/early_ioremap.h
    - efi/mokvar: Reserve the table only if it is in boot services data
    - SAUCE: integrity: add informational messages when revoking certs
  * Support importing mokx keys into revocation list from the mok table
    (LP: #1928679) // CVE-2020-26541 when certificates are revoked via
    MokListXRT.
    - SAUCE: integrity: Load mokx certs from the EFI MOK config table
  * CVE-2020-36311
    - KVM: SVM: Periodically schedule when unregistering regions on destroy
  * CVE-2021-22543
    - KVM: do not allow mapping valid but non-reference-counted pages
  * CVE-2021-3612
    - Input: joydev - prevent use of not validated data in JSIOCSBTNMAP ioctl
  * CVE-2021-38207
    - net: ll_temac: Fix TX BD buffer overwrite
  * CVE-2021-40490
    - ext4: fix race writing to an inline_data file while its xattrs are changing
  * LRMv5: switch primary version handling to kernel-versions data set
    (LP: #1928921)
    - [Pac...

Read more...

Changed in linux-azure-5.8 (Ubuntu Focal):
status: New → Fix Released
To post a comment you must log in.
This report contains Public Security information  Edit
Everyone can see this security related information.

Other bug subscribers