Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
TacticalCoder 5 days ago

Can someone knowledgeable on the subject explain if I understand the following right:

    - on a mobo the motherboard provider signs the PK
    - there's only one PK
    - the PK signs one or more KEK, like "Microsoft Corporation UEFI CA 2011"
If that understanding is correct, can I add myself the new "Microsoft Corporation UEFI CA 2023" (the one that expires in 2038: I think that its name) the same way I can enroll new keys in the dbx? (say my own signed keys?)

If I add the new Microsoft key myself, shall it be as a KEK or in the dbx?

Will motherboard manufacturer release new firmware, with the new Microsoft key already signed? In that case, shall be a KEK ?

Basically instead of thinking, as TFA suggests: "Let's not worry about anything, everything shall be fine and keep working because keys expiration date aren't enforced", can I pro-actively enroll the new Microsoft key myself?

P.S: I don't drink the SecureBoot kool-aid but something has to be said about having a Linux unikernel (kernel+initramfs) signed and enforced by SecureBoot. And SecureBoot does at least somehow work. Source: I modified on bit of my kernel and had a SecureBoot error and the kernel refused to boot. You can try it for yourself.

mjg59 5 days ago | parent | next [-]

Vouched for the parent because it's a reasonable question.

As well as the new root certificates in db, which are used to decide whether signed code will execute or not, there will be a new signed Microsoft key for KEK. This isn't involved in the boot process, but is required for Microsoft to be able to sign further revocation updates. The article is discussing the db case, and if you want to ensure things signed only with the new key will boot on your system, you would want to add them to db.

Microsoft can sign a db update themselves (since there's a valid Microsoft key in KEK and db updates need to be signed with a key in KEK), but KEK updates need to be signed with PK. Microsoft doesn't own PK, so adding the new KEK requires the system vendor produce an update signed with their PK.

If you are in a position to enroll the new keys then you should enroll the new db keys if you want new binaries to be guaranteed to boot, and add the new KEK if you want to be able to apply future Microsoft-signed dbx updates.

ethan_smith 4 days ago | parent | prev [-]

Yes, you can proactively enroll the new Microsoft UEFI CA 2023 certificate in the KEK database using `mokutil --import` on Linux or the UEFI firmware interface directly, though most distros will handle this automatically in upcoming updates.

mjg59 4 days ago | parent [-]

Not like that, you can't. Firstly, that's not a KEK cert - the KEK cert is "Microsoft Corporation KEK CA 2023". And secondly, mokutil manages the MOK database, not the firmware database. MOK keys control what shim will trust, but it's the firmware keys that control whether or not shim will boot in the first place.

Users should absolutely be able to install the db update by hand if they choose to, but it's late and I don't have the commands to hand. I'll write another post on this soon.

TacticalCoder 4 days ago | parent [-]

[dead]