Shim 15.7 for 10ZiG Linux

[ClaudioGranatiero-10zig]

Confirm the following are included in your repo, checking each box:

• [x] completed README.md file with the necessary information
• [x] shim.efi to be signed
• [x] public portion of your certificate(s) embedded in shim (the file passed to VENDOR_CERT_FILE)
• [x] binaries, for which hashes are added to vendor_db ( if you use vendor_db and have hashes allow-listed )
• [x] any extra patches to shim via your own git tree or as files
• [x] any extra patches to grub via your own git tree or as files
• [x] build logs
• [x] a Dockerfile to reproduce the build of the provided shim EFI binaries

---

What is the link to your tag in a repo cloned from rhboot/shim-review?

---

https://github.com/ClaudioGranatiero-10zig/shim-review/tree/10zig-shim-x64-20231120

---

What is the SHA256 hash of your final SHIM binary?

---

102a7ba88a13c3bc88cd6d4c30e39d78946c62776779bc228a5d309edb4a84d8

---

What is the link to your previous shim review request (if any, otherwise N/A)?

---

N/A

[dennis-tseng99]

• I'm not an authorized reviewer. I just wan to help.
• reproducible is okay:

  gcc -std=gnu11 -Og -g3 -Wall -Wextra -Wno-missing-field-initializers -Werror -o post-process-pe /build/shim-15.7/post-process-pe.c
  objcopy -D -j .text -j .sdata -j .data -j .data.ident \
      -j .dynamic -j .rodata -j .rel* \
      -j .rela* -j .dyn -j .reloc -j .eh_frame \
      -j .vendor_cert -j .sbat -j .sbatlevel \
      --target efi-app-x86_64 shimx64.so shimx64.efi
  ./post-process-pe -vv  shimx64.efi
  set_dll_characteristics():360: Updating DLL Characteristics from 0x0000 to 0x0100
  ms_validation():375: NX-Compat-Flag: PASS
  ms_validation():380:   4K-Alignment: PASS
  ms_validation():394: Section-Wr-Exe: PASS
  fix_checksum():446: Updating checksum from 0x000eb52d to 0x000eb62d
  objcopy -D -j .text -j .sdata -j .data \
      -j .dynamic -j .rodata -j .rel* \
      -j .rela* -j .dyn -j .reloc -j .eh_frame -j .sbat \
      -j .sbatlevel \
      -j .debug_info -j .debug_abbrev -j .debug_aranges \
      -j .debug_line -j .debug_str -j .debug_ranges \
      -j .note.gnu.build-id \
      shimx64.so shimx64.efi.debug
      .......
  STEP 17: RUN mkdir /build/output
  STEP 18: RUN cp build-x64/shimx64.efi /build/output
  STEP 19: RUN cp ${CERT_FILE} /build/output
  STEP 20: RUN objdump -s -j .sbatlevel /build/output/shimx64.efi

• hash value is matched:

  cbd7b5b8a73483268102955c28fd467f830cbd0f0b1de92904c90371392daa97

• sbat for shimx64 seems okay:

  Contents of section .sbat:
  d2000 73626174 2c312c53 42415420 56657273  sbat,1,SBAT Vers
  d2010 696f6e2c 73626174 2c312c68 74747073  ion,sbat,1,https
  d2020 3a2f2f67 69746875 622e636f 6d2f7268  ://github.com/rh
  d2030 626f6f74 2f736869 6d2f626c 6f622f6d  boot/shim/blob/m
  d2040 61696e2f 53424154 2e6d640a 7368696d  ain/SBAT.md.shim
  d2050 2c332c55 45464920 7368696d 2c736869  ,3,UEFI shim,shi
  d2060 6d2c312c 68747470 733a2f2f 67697468  m,1,https://gith
  d2070 75622e63 6f6d2f72 68626f6f 742f7368  ub.com/rhboot/sh
  d2080 696d0a73 68696d2e 31307a69 672c312c  im.shim.10zig,1,
  d2090 31305a69 47205465 63686e6f 6c6f6779  10ZiG Technology
  d20a0 2c736869 6d2c3135 2e372c6d 61696c3a  ,shim,15.7,mail:
  d20b0 73656375 7265626f 6f744031 307a6967  secureboot@10zig
  d20c0 2e636f6d 0a                          .com.

• Your CA key validity period is 100 years ? Normally, it should be shorter than 10 years. Please correct me if I'm wrong.

  Certificate:
  Data:
      Version: 3 (0x2)
      Serial Number:
          3b:3e:ff:59:28:b2:94:3d:c0:81:9d:05:03:41:83:95:8e:c6:e2:b5
      Signature Algorithm: sha256WithRSAEncryption
      Issuer: C = US, ST = AZ, L = Phoenix, O = 10ZiG Technology, CN = 10ZiG Technology Secure Boot Signing 2022, emailAddress = secureboot@10zig.com
      Validity
          Not Before: Dec  1 11:23:20 2022 GMT
          Not After : Nov  7 11:23:20 2122 GMT

[ClaudioGranatiero-10zig]

Hi Dennis, thanks for your time. Yes, you're right, usually the validity period is shorter, but since Secure Boot does not consider it, I have taken a conservative position. But if that is beyond the specifications, no problem in changing to a more acceptable value.

[ClaudioGranatiero-10zig]

Hi all,

I just changed the certificate (as reported by https://github.com/dennis-tseng99), changing the validity from 100 years to 10 years. The new tag is https://github.com/ClaudioGranatiero-10zig/shim-review/tree/10zig-shim-x64-20230328.

If I understood correctly, we need to provide proof of our PGP identity, so we're waiting for a verification message. Please, let me know if something else is needed to proceed with the review.

Thank you. Claudio

[ClaudioGranatiero-10zig]

Hi all,

please, can someone (@dennis-tseng99, maybe) check our contact references, so we can advance on the review queue? Let me know if something is missing. Thank you.

[aronowski]

If I understand correctly, you're using Debian's GRUB2 implementation as well as the mainline 5.15 kernel with only these tweaks:

- support for a specific type of EMMC present in our hardware
- 10ZiG Boot Logo
- lockdown: also lock down previous kgdb use (eadb2f47a3ced5c64b23b90fd2a3463f63726066)

If this is correct, then I'd like to remind that they need to have NX support as issue #307 says.

Debian shall have this in their GRUB2 builds soon so keep an eye out for it, but the mainline kernel 5.15 will need to have an additional patch.

Use the IMAGE_DLL_CHARACTERISTICS_NX_COMPAT definition (or hardcode 0x100) in arch/x86/boot/header.S instead of the 0 in the line with the # DllCharacteristics comment and that should do it.
Reference is here.

---

Also, I know that there is indeed a demand for the Debian's GRUB2 implementation to support NX and just FYI, I've been asking around, what can be done to speed up the process.

[ClaudioGranatiero-10zig]

Thank you @aronowski! Yes, you are correct, these are our patch at the moment. Surely I'll take a look at kernel for implement NX_COMPAT (I was thinking it was already in the mainline). As soon as Debian would support NX in GRUB2, I'll give a try.

[ClaudioGranatiero-10zig]

Forced NX_COMPAT in kernel 5.15.39:

objdump -x kernel/linux-5.15.39/arch/x86/boot/bzImage |grep DllCharacteristics
DllCharacteristics  00000100

Updated README.md and referenced tag. Thanks again @aronowski !

[ClaudioGranatiero-10zig]

@aronowski , do you think a binary-modified GRUB is a viable solution in the meantime? I've found a way to change the DllCharacteristics of GRUB2 from the extern (with this program: https://blog.didierstevens.com/2010/10/17/setdllcharacteristics/). So I took the GRUB2 binary extracted from Debian Bookworm and executed setdllcharacteristics +n on that.

./setdllcharacteristics +n grubx64.efi
Original DLLCHARACTERISTICS = 0x0000
 DYNAMIC_BASE    = 0
 NX_COMPAT       = 0
 FORCE_INTEGRITY = 0
Updated  DLLCHARACTERISTICS = 0x0100
 DYNAMIC_BASE    = 0
 NX_COMPAT       = 1
 FORCE_INTEGRITY = 0

root@RPOS165:/opt/Linux-16/src/SecureBoot/shim# objdump -x grubx64.efi |grep DllChar
DllCharacteristics  00000100

Do you (or any other reviewer) think that this is acceptable as a temporary solution until Debian implements it natively?

[julian-klode]

Both the kernel and grub need very substantial patch sets to enable NX support.

[ClaudioGranatiero-10zig]

@julian-klode , thanks to comment. So, if I understand, it's not so simple as changing the DllCharacteristics? Can you please give me some hints on where can I found some informations about all this and go further on?

[aronowski]

@ClaudioGranatiero-10zig I think it's best to just wait for Debian's implementation as they know the best, how it should look like from their side, as well as wait for the review's approval.

Debian got their shims signed 2 months ago so the conclusion is that the support needs to be promised to be added in the future.

Or, if that's not acceptable, a permission needs to be obtained from Microsoft like Oracle got in their reviews (1, 2).

[THS-on]

You might run into issues with your embedded certificate because:

• It is not an CA certificate
• KeyUsage/DigitalSignature and ExtKeyUsage/CodeSigning are not set

Also as already mentioned the validity is rather long. While no component to my knowledge enforces the time validation, can you limit it 20-30 years, which seems to be common.

[ClaudioGranatiero-10zig]

Hi @THS-on, thanks for taking the time to look at our request. As for you concern about validity, maybe you were looking at the original commit. After an analog observation from @dennis-tseng99 in March we've changed the duration to 10 years, as for https://github.com/ClaudioGranatiero-10zig/shim-review/tree/10zig-shim-x64-20230328. The latest tag https://github.com/ClaudioGranatiero-10zig/shim-review/tree/10zig-shim-x64-20230427 should contain the new certificate. Concerning the other two observations:

• CA Certificate vs self signed: do you think it could be useful/required to obtain a full CA certificate? In that case I need to investigate where to buy one and what to ask for.
• ExtKeyUsage CodeSigning: in my tests I found that when the field "codeSigning,1.3.6.1.4.1.311.10.3.6,1.3.6.1.4.1.2312.16.1.2" is used, the SHIM was not valid for my SecureBoot test environments, so I removed it. Is there some guidelines on all this?

Thanks.

[THS-on]

@ClaudioGranatiero-10zig indeed the new certificate has a lifetime of 10 years.

Regarding CA certificates) What you refer to are EV certificates. Those are used to prove that your legal entity exists, e.g. for singing software. You'll need one for submitting the shim to MS. A CA certificate can be used to issue different certificates that then in return can be used for signing the components (e.g. shim, GRUB, kernel). The advantage of that approach is that you can revoke or retire certificates without needing to change the CA certificate embedded in the shim.

How did you generate the certificates? Here is an example OpenSSL configuration that sets the attributes:

[ req ]
default_bits           = 2048
digest                 = sha256
distinguished_name     = req_distinguished_name
days                   = 3650
prompt                 = no
copy_extensions        = copyall

[ req_distinguished_name ]
CN                     = TEST code singing cert

[ cert_ext ]
subjectKeyIdentifier   = hash
authorityKeyIdentifier = keyid:always,issuer:always
keyUsage               = Digital Signature
extendedKeyUsage       = codeSigning

Now to generate an test key and certificate which is self-signed from that you can use:

openssl req -newkey rsa:2048 -nodes -keyout key.pem -x509 -outform DER  -out simple.crt  -extensions cert_ext -config /path/to/conf.cnf 

I've tested a shim + GRUB2 using such a certificate using QEMU and EDK2 and it seems to work fine.

[ClaudioGranatiero-10zig]

@THS-on thank you for your exposition on certificates, I'm quite new to all this, but I'm trying to learn. I'll try to recap everything: some months are passed since I worked on all this, so I'll need some time to realloc my current tasks and get back with my mind on this. I'll do some tests as you suggest, and as soon as I have something new, I'll post it here. Thanks again.

By the way, I'm trying to arrange to be in Brusselles for Fosdem in February, hope to see some of you guys there.

[ClaudioGranatiero-10zig]

Please @THS-on (or everyone else reviewing), take a look at https://github.com/ClaudioGranatiero-10zig/shim-review/tree/10zig-shim-x64-20231006, where I updated the certificate as suggested. Thanks for your help.

[THS-on]

@ClaudioGranatiero-10zig thanks for updating the certificate.

Doing an initial look at the submission, can you explain in more detail why you cannot use the shim + GRUB2 + kernel from another distribution?

• The custom kernel patches are for the appliances. In this case you can also roll your own Secure Boot chain without the need for a shim.
• If you don't do anything specific with the kernels (e.g. custom verification keys for EVM, dm-verity etc. and uncommon kernel options) you can use for 3rd party devices a stack from one of the big Linux distributions.

[ClaudioGranatiero-10zig]

Sure: the reasons for a custom kernel are mainly three:

1. we need to include some patch for some specific hardware on legacy products;
2. we are currently using a simple "rootfs in RAM" mechanism, and so we cannot just add every possible module in the rootfs (it will fill the RAM). Hopefully we would change to a more usual and modern "root on physical device" sooner or later, but for now we are stuck on this.
3. we have two main line of products: the appliance-type (thin client on proprietary hardware) and the generic "install-everywhere" software product (derived from the other one), so we need the best (or the worst, you can say) of the two worlds. For the later (the software solution) we need a generic Secure Boot solution able to install on every customer's hardware, for the first we need custom patches. Sure, we can split the development in two different solutions, but we choose to maintain a single production line for both.

[THS-on]

Yeah I think point 3 is the main thing here. There is a trade-off between splitting the products in two and maintaining your own builds of shim, grub and kernel.

[ClaudioGranatiero-10zig]

Please @THS-on, there's something else I need to answer? I see the tag "question" is still there...

[THS-on]

For now that's all. I'll try to do a full review in the next couple of days.

[THS-on]

Review for 10zig-shim-x64-20231006

OK

• Shim is reproducible using Docker file (0cf9548aff3b614288db93172bca3efd858d21a7e2540c2900bd830da2122ce2)

• Shim is upstream 17.5 with NX enabled

  • 530_Enable_the_NX_compatibility_flag_by_default.patch matches https://github.com/rhboot/shim/commit/7c7642530fab73facaf3eac233cfbce29e10b0ef
  • 535_Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch matches https://github.com/rhboot/shim/commit/657b2483ca6e9fcf2ad8ac7ee577ff546d24c3aa
  • 531_Add_validation_function_for_Microsoft_signing.patch matches https://github.com/rhboot/shim/pull/531 (modulo some slight changes)
    • This patch is not upstream, but ok
    • Is superseded by https://github.com/rhboot/shim/pull/567
• SBAT suffix .10zig is fine
• Certificate is a CA certificate and has Digital Signature and Code Signing set

Questions and issues

• The certificate only seems to be valid for 1 month now:

  Certificate:
  Data:
      Version: 3 (0x2)
      Serial Number:
          6f:1f:bb:03:d6:e6:45:5b:4c:70:d7:b3:34:ac:0d:3f:6f:3b:8c:af
      Signature Algorithm: sha256WithRSAEncryption
      Issuer: C = US, ST = AZ, L = Phoenix, O = 10ZiG Technology, CN = 10ZiG Technology Secure Boot CA 2023, emailAddress = secureboot@10zig.com
      Validity
          Not Before: Oct  5 08:55:17 2023 GMT
          Not After : Nov  4 08:55:17 2023 GMT
      Subject: C = US, ST = AZ, L = Phoenix, O = 10ZiG Technology, CN = 10ZiG Technology Secure Boot CA 2023, emailAddress = secureboot@10zig.com

• Regarding the GRUB CVEs: Debian's GRUB version does not include patches for CVE-2020-15705 and CVE-2021-3418 because they are not affected by that. See as a reference: https://github.com/steve-mcintyre/shim-review/tree/debian-12-shim-amd64-arm64-i386-20230209
• Ideally use directly the new GRUB Debian package 2.06-13+deb12u1, which fixes already some new vulnerabilities
• Please explicitly list the modules that you build into your GRUB EFI binary
• Can you please include the full SBAT entries for shim and GRUB?
• Is your GRUB source package published somewhere?
• Are your kernel source, config and patches published somewhere?
• We added a question about how kernel modules are signed, please add them to the review:
  • Do you use an ephemeral key for signing kernel modules? If not, please describe how you ensure that one kernel build does not load modules built for another kernel.

Small note that forcing the NX flag on the kernel is likely not sufficient alone. Newer kernels (>=6.2) should have all the required patches.

[ClaudioGranatiero-10zig]

Hi @THS-on, sorry for the inconvenience regarding the cert's validity, I missed the "-days" parameter on generating the new cert... Amended on the new commit.

Regarding GRUB: as you suggested, I downloaded the package 2.06-13+deb12u1 from debian repositories (http://security.debian.org/debian-security/pool/updates/main/g/grub2/grub-efi-amd64-bin_2.06-13+deb12u1_amd64.deb ): I extracted and signed directly the monolithic binary as is, no need to change modules or recompile, just the binary. I add this to git. The SBAT is the original one, but here it is:

grubx64.efi: file format pei-x86-64

Contents of section .sbat:
 3ff000 73626174 2c312c53 42415420 56657273  sbat,1,SBAT Vers
 3ff010 696f6e2c 73626174 2c312c68 74747073  ion,sbat,1,https
 3ff020 3a2f2f67 69746875 622e636f 6d2f7268  ://github.com/rh
 3ff030 626f6f74 2f736869 6d2f626c 6f622f6d  boot/shim/blob/m
 3ff040 61696e2f 53424154 2e6d640a 67727562  ain/SBAT.md.grub
 3ff050 2c342c46 72656520 536f6674 77617265  ,4,Free Software
 3ff060 20466f75 6e646174 696f6e2c 67727562   Foundation,grub
 3ff070 2c322e30 362c6874 7470733a 2f2f7777  ,2.06,https://ww
 3ff080 772e676e 752e6f72 672f736f 66747761  w.gnu.org/softwa
 3ff090 72652f67 7275622f 0a677275 622e6465  re/grub/.grub.de
 3ff0a0 6269616e 2c342c44 65626961 6e2c6772  bian,4,Debian,gr
 3ff0b0 7562322c 322e3036 2d31332b 64656231  ub2,2.06-13+deb1
 3ff0c0 3275312c 68747470 733a2f2f 74726163  2u1,https://trac
 3ff0d0 6b65722e 64656269 616e2e6f 72672f70  ker.debian.org/p
 3ff0e0 6b672f67 72756232 0a000000 00000000  kg/grub2........

And this is the shimx64 one:

shimx64.efi:     file format pei-x86-64

Contents of section .sbat:
 d2000 73626174 2c312c53 42415420 56657273  sbat,1,SBAT Vers
 d2010 696f6e2c 73626174 2c312c68 74747073  ion,sbat,1,https
 d2020 3a2f2f67 69746875 622e636f 6d2f7268  ://github.com/rh
 d2030 626f6f74 2f736869 6d2f626c 6f622f6d  boot/shim/blob/m
 d2040 61696e2f 53424154 2e6d640a 7368696d  ain/SBAT.md.shim
 d2050 2c332c55 45464920 7368696d 2c736869  ,3,UEFI shim,shi
 d2060 6d2c312c 68747470 733a2f2f 67697468  m,1,https://gith
 d2070 75622e63 6f6d2f72 68626f6f 742f7368  ub.com/rhboot/sh
 d2080 696d0a73 68696d2e 31307a69 672c312c  im.shim.10zig,1,
 d2090 31305a69 47205465 63686e6f 6c6f6779  10ZiG Technology
 d20a0 2c736869 6d2c3135 2e372c6d 61696c3a  ,shim,15.7,mail:
 d20b0 73656375 7265626f 6f744031 307a6967  secureboot@10zig
 d20c0 2e636f6d 0a                          .com.           

As for the kernel source: at the moment we don't have a public repository for sources, but I think that if it's needed we can arrange something. The kernel now is the vanilla 6.3.7 with only the already indicated patches applied.

Please, update your review to the latest 10zig-shim-x64-20231017 tag.

Thank you Thore for your time and patience.

[THS-on]

• The expiry date of the certificate is now right, but the certificate is no longer a CA. It seems that you have issued an certificate from that CA and included that:

  Certificate:
  Data:
      Version: 1 (0x0)
      Serial Number:
          7d:10:9d:28:40:31:c8:10:f2:84:00:60:c5:3c:60:51:64:3f:ac:61
      Signature Algorithm: sha256WithRSAEncryption
      Issuer: C = US, ST = AZ, L = Phoenix, O = 10ZiG Technology, CN = 10ZiG Technology Secure Boot CA 2023, emailAddress = secureboot@10zig.com
      Validity
          Not Before: Oct 17 06:18:17 2023 GMT
          Not After : Oct 14 06:18:17 2033 GMT
      Subject: C = US, ST = AZ, L = Phoenix, O = 10ZiG Technology, OU = 10ZiG Technolog RnD, CN = 10ZiG Technology Secure Boot Signing 2023
      Subject Public Key Info:
          Public Key Algorithm: rsaEncryption
              Public-Key: (2048 bit)
              Modulus:
                  00:a2:e8:d5:aa:f7:ae:1a:8d:cc:a0:3c:4e:01:ed:
                  09:31:7a:11:ba:b9:d4:13:34:c3:20:c3:3a:98:ac:
                  2b:04:10:ae:d7:c7:28:0d:59:de:aa:aa:81:17:a9:
                  68:b6:7c:6e:e9:5a:bb:b7:95:96:94:48:06:e6:9d:
                  89:7d:f5:5d:d8:74:97:f0:5b:f4:94:9b:ed:82:24:
                  5a:8a:69:97:0b:62:2d:1c:4d:bd:5e:37:df:54:33:
                  26:c0:df:76:8e:11:6b:b9:74:9b:ce:cd:ca:3e:db:
                  f5:70:48:41:6b:68:42:1f:a0:7e:fe:af:da:04:3b:
                  50:a3:71:a7:0b:97:ba:c7:73:77:e3:14:df:08:bf:
                  a1:ae:ef:6c:9b:4b:b9:a9:d4:c3:ee:54:13:87:2c:
                  a8:d3:16:05:aa:80:1d:ae:d2:42:65:dc:f2:d2:b6:
                  e6:03:f6:9f:50:b1:04:79:7d:6a:47:53:0c:62:bb:
                  5e:68:3b:86:42:58:68:26:8d:d0:52:27:ad:06:be:
                  90:09:ca:c0:ab:b9:e3:39:99:4f:90:6b:df:14:79:
                  bc:05:66:4d:2d:01:ec:f6:cf:04:0e:40:a6:12:d3:
                  90:bc:7e:f9:d3:78:08:6e:53:8c:92:87:63:0e:f7:
                  2c:95:84:09:3f:42:98:27:fa:79:da:51:51:67:2f:
                  a4:1f
              Exponent: 65537 (0x10001)
  Signature Algorithm: sha256WithRSAEncryption
  Signature Value:
      4f:33:b3:1d:20:a0:18:54:41:86:4b:dc:08:1a:5d:d5:b7:38:
      6b:3c:85:64:b9:f3:e9:d9:73:ec:67:e3:96:b4:9d:82:66:98:
      68:19:84:54:3d:57:f8:c9:32:c9:84:a8:6f:25:47:05:61:ec:
      79:7b:a7:1d:ff:72:b3:d9:5a:bf:4f:db:22:2d:c2:85:af:43:
      c4:ad:4e:b4:28:c6:86:ea:02:16:02:3c:3c:c4:8f:68:7e:ca:
      e2:ee:76:b6:88:03:91:48:1b:5c:1e:4b:ea:7a:c0:4b:e6:ef:
      bf:b6:5c:82:04:67:43:1a:28:59:fe:15:c9:ab:a8:16:35:bf:
      77:6b:ed:10:e1:b3:83:88:82:0d:55:64:3a:4e:2a:e9:04:bc:
      13:8a:6e:c2:6d:43:17:02:2d:69:b4:82:47:51:13:7c:f2:83:
      9a:d1:24:88:55:d9:9d:8a:f2:82:e6:3e:22:08:05:bb:27:1d:
      f0:5f:eb:9c:26:ca:18:c9:7f:1d:bc:77:11:88:e8:a2:92:35:
      28:58:52:bc:da:3b:25:b3:2e:54:b1:d8:3f:b5:34:32:4c:57:
      e3:45:64:01:c5:d8:df:ab:89:e2:87:f5:61:cd:19:75:4c:58:
      c2:dd:60:a3:0d:df:5c:d6:8e:fe:0f:f7:dc:46:ca:01:f5:44:
      e4:6f:77:e2

• Taking GRUB2 binary from another distribution is unusual, but is fine.

• I don't see the question about how kernel modules are signed answered. Can you add that to the README?

• If the kernel sources are public, it makes it easier to review and spot issues with the configuration. If you can make them easily public available, it would be nice.

• New shim is reproducible:

  #25 [21/21] RUN sha256sum /build/output/*
  #25 0.530 a4b8c08c88bf1efa315907055d083bc4aeda7f40c1e3acdcce50119415ee3ab0  /build/output/10ZiG_SecureBootCA_RootCA.der
  #25 0.535 5bf2387d795c896d6b2400b6885e31e978b84897c0330a8082bd2b4d120747fb  /build/output/shimx64.efi
  #25 DONE 0.6s

[ClaudioGranatiero-10zig]

Hi @THS-on, thanks for the review. I added an answer to the question about ephemeral keys in README, I hope it is acceptable. Corrected the certificate, now it's a CA and the validity is 10 years. About publishing the kernel sources: we are working on that, we need some days to have all online (our team is splitted between time zones, so I need to wait the Phoenix collegues). Please, refer to tag 10zig-shim-x64-20231030.

[ClaudioGranatiero-10zig]

I just amended the README.md with the link to our Linux kernel repo (https://github.com/10ZiG-Technology/linux). Please refer to tag 10zig-shim-x64-20231031.

[ClaudioGranatiero-10zig]

@THS-on, there is something else I can do to go further on? Thanks.

[THS-on]

@ClaudioGranatiero-10zig I'll try to take a closer look hopefully this week again. What you can do is to look at the issues with "extra review wanted" and check their submissions (is the shim reproducible, does the SBAT entries look good, where does the GRUB come from, does the certificate match and how are keys managed etc.).

[ClaudioGranatiero-10zig]

@THS-on: message received, I'll try to squeeze some review between my "official" tasks.

[THS-on]

Review of 10zig-shim-x64-20231031

• This is the first submission by 10ZiG Technology

• A shim is wanted to keep to not split the product line and being able to add modifications

• Security contacts (verification emails are sent):

  • Claudio Granatiero claudiog@10zig.com (3D55 F119 4312 70B3 8CEF C20D 13E4 F603 28E9 4C15)
  • Kevin Greenway keving@10zig.com (95F5 4629 840E 3526 DCD0 68D4 5089 0A18 6CB4 EA18)

• Shim is reproducible using Dockerfile:

HASH

#25 0.396 102a7ba88a13c3bc88cd6d4c30e39d78946c62776779bc228a5d309edb4a84d8  /build/output/shimx64.efi

SBAT

sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
shim,3,UEFI shim,shim,1,https://github.com/rhboot/shim
shim.10zig,1,10ZiG Technology,shim,15.7,mail:secureboot@10zig.com

• SBAT suffix .10zig is fine

• Shim is based on 15.7 with NX enabled

  • 530_Enable_the_NX_compatibility_flag_by_default.patch matches https://github.com/rhboot/shim/pull/530
  • 531_Add_validation_function_for_Microsoft_signing.patch matches https://github.com/rhboot/shim/pull/531
  • This patch is not upstream, but ok
  • Is superseded by https://github.com/rhboot/shim/pull/567
  • 535_Make-sbat_var.S-parse-right-with-buggy-gcc-binutils.patch

• Certificate matches the organisation

  • Subject: C = US, ST = AZ, L = Phoenix, O = 10ZiG Technology, CN = 10ZiG Technology Secure Boot CA 2023, emailAddress = secureboot@10zig.com
  • Valid till: Oct 27 09:08:49 2033 GMT (10 years, OK)
  • Is CA certificate with code singing attributes set

• Keys are stored in a HSM

• GRUB

  • Is the binary from Debian 2.06-13+deb12u1
  • Has all the latest patches and SBAT level 4

• Linux

  • based on 6.3.7
  • Submissions mentions that the kernel is build with LOCK_DOWN_KERNEL_FORCE_INTEGRITY but entry cannot be found in provided .config file
  • ephemeral key signing for kernel modules is used

Question/Notes

• Please add the full SBAT entry of the shim to the submission.
• Note that the idea embedded CA certificate is to then being able to create leaf certificates for singing GRUB2 and Linux. You can for example look at Debian's submissions how they are doing it.
• How do you make sure to actually build with LOCK_DOWN_KERNEL_FORCE_INTEGRITY always enabled?

[ClaudioGranatiero-10zig]

Thore, thanks for the updated review.

1. updated README.md with info about SBAT
2. thank you, I've already tested in my test environment with a leaf certificate generated from our CA, and it's working good.
3. the .config we released in the public repo is the actual one for our current production line, not yet ready for Secure Boot (as we lack a signed shim). I just tested it on an internal release in our test environment. As soon as the Secure Boot stack is completed, we will add the option in .config

[ClaudioGranatiero-10zig]

For my contact verification:

computerization committing overstatements clouded menus condemning semiprofessional tablespoon ranked burger's

[THS-on]

Resend contact verification for Kevin Greenway keving@10zig.com with new PGP key (1D7E 0F09 AF6C 117F 9914 BFF3 4AFD D3B9 069C D9C2)

[ClaudioGranatiero-10zig]

Kevin's verification:

savers presented trap's authorize spotlessness characteristic heuristics intersession's mystification invoice

[ClaudioGranatiero-10zig]

Please, can some of the peer reviewers take a final look at this issue? We're waiting only for an extra review before we're ready to go... thanks to all for the work already done.

[aronowski]

@ClaudioGranatiero-10zig, I'll try to write a review this week.

Have been struggling with several personal things, but most of them have been resolved and I should have more time for that.

Thank you for the updates and for helping out with peer-reviewing other applications. I appreciate that.

[aronowski]

Review done, checksum matches, seems alright! Accepting.

Thank you for the patience.

[ClaudioGranatiero-10zig]

Thank you all for your effort! I hope to see some of you at FOSDEM in February.

[THS-on]

What is the status of this? Did you get a signed shim back or are you creating a new submission for 15.8?

[ClaudioGranatiero-10zig]

Hi Thore,

not yet uploaded to Microsoft (we're trying to obtain an EV certificate and have a bunch of other priorities). So, I think we'll create a new submission as soon as the EV cert arrives.

[ClaudioGranatiero-10zig]

New submission created here: https://github.com/rhboot/shim-review/issues/376 Should I close this one?

[THS-on]

Yes I'll close this one.