[Skiboot] [PATCH] core/fast-reboot: disable fast-reboot when firmware secureboot is enabled
Eric Richter
erichte at linux.ibm.com
Fri Apr 17 06:05:24 AEST 2020
On 4/14/20 10:54 PM, Oliver O'Halloran wrote:
> On Thu, Apr 9, 2020 at 8:14 AM Eric Richter <erichte at linux.ibm.com> wrote:
>>
>> The possible impact of the current fast-reboot design on secure/trusted
>> boot is unclear and will likely need additional review and testing.
>
> Are you really expecting me to hard disable fast reboot on the basis
> of "I don't understand what this does"?
>
> We looked at it years ago and decided that the interaction with
> firmware secureboot was fine since a fast-reboot is roughlt the same
> as a kexec between host kernels. If you think that's wrong (it might
> be) then provide an actual explanation as to why.
>
> Oliver
>
We had concerns over OS secure boot, but after further discussions, decided
that this is something we will document and potentially address in a later
release.
There is a potential issue regarding trusted boot -- only the firmware
measurement log will be persisted. Any higher-level, non-resettable PCRs will
not be able to be recalculated, which is a definite problem with IMA/kexec
measurements in skiroot for example. Since this isn't a strong blocking issue
however, we will include a strong recommendation against using this feature
in our documentation.
More information about the Skiboot
mailing list