Explore the critical importance of measured boot in Linux distributions and learn why mainstream adoption has been lacking in this 39-minute conference talk by Matthew Garrett from CoreOS. Delve into the reasons behind the slow adoption, the pressing need for improvement, and the necessary steps to achieve better security. Discover how traditional measurement models fall short and how fine-grained, reproducible measurement can be implemented. Gain insights into innovative uses of Trusted Platform Modules (TPMs) for enhancing overall system quality. Learn about additional measures distributions can take to simplify trusted boot deployment for users. Examine topics such as UEFI Secure Boot, compromised servers, hardware attacks, and the role of Platform Configuration Registers. Understand the benefits of using logfiles, policy descriptions, and UEFI variables in improving boot chain security.
Overview
Syllabus
Intro
Security of the boot chain is vital
UEFI Secure Boot
No way to prove verification happened
Compromised servers
Modified laptops
Can't protect against hardware attacks
Trusted Platform Module
Small chip
Platform Configuration Registers
Trusted GRUB
Traditional approach
Unimportant configuration changes alter values
Use the logfile
Log entry contains description of binary and hash of binary
Log entry contains text and hash of text
Policy describes regular expressions
Coreos builds policy automatically on OS release
Use UEFI variables
Disk encryption keys
No secure boot support
Incompatible with runtime UEFI
Ship bootloader support Ship known-good measurements Integration with firmware updates Deterministic initramfs generation
Taught by
Linux Foundation
