UEFI Firmware Enhances Linux* Security and Adds New Benefits

PTAS001

Qin Long, Software Architect, Intel Corp.

Jeff Bobzin, Vice President, Insyde Software Corp.

Ivan Hu, BIOS Engineer, Canonical Ltd.

2

Agenda

• UEFI Considerations for Linux*

• Secure Boot for the Enterprise System – From Insyde*

• Ubuntu* UEFI/Secure Boot Enablement and Tool

• Summary

The PDF for this Session presentation is available from our Technical Session Catalog at the end of the day at: intel.com/go/idfsessionsBJ

URL is on top of Session Agenda Pages in Pocket Guide

3

Agenda Item 1

UEFI Considerations for Linux*

• UEFI Secure Boot Overview • Secure Boot Challenges for Linux* • Brief Updates on Linux Distributions

4

UEFI Secure Boot Overview

• Current issues with boot – Growing class of malware targets the boot path – Often the only fix is to reinstall the operating systems

• UEFI Secure Boot harden the boot process – All firmware and software in the boot process must be

signed by a trusted Certificate Authority (CA)

– Gives users a way of protecting their systems from external intrusion

– Reduces the likelihood of rootkits, bootkits and other possible malwares

5

Secure Boot Challenges for Linux*

• Dual OS deployment challenge – Users can disable UEFI Secure Boot to install Linux*

but this isn’t the best deployment plan

– Users must have an option to install Linux alongside an OS, even when UEFI Secure Boot is enabled

• Linux can benefit from UEFI Secure Boot, if… – Customers can install Linux without disabling the feature – Platform owner can set security policy and customize system

• Distributions have other considerations for UEFI – How the kernel handles signed and unsigned code – Migrating drivers from legacy BIOS calls (INTxx) to UEFI

Linux distributions must determine how to implement secure boot

6

Updates from Linux* Distributions • Ubuntu* 12.10 – 64-bit version of Ubuntu 12.10

shipped with Shim to support secure boot • Fedora* 18 – included Shim with MOK (Machine

Owned Key) functionality • Both Red Hat* and SUSE* will be supporting 3rd

party signing in their releases • OpenSuse* 12.3 release supports MOK manager

and multisigned Shim loader • Linux Foundation Secure Boot System Released • UEFI Technology Adopted by Linux Community†

Linux distro implementation with MOK 3rd party

manager signing list implemented already

† http://www.businesswire.com/news/home/20130319006268/en/UEFI-Technology-Adopted-Linux-Community

7

Agenda Item 1 UEFI, Secure Boot and the Enterprise System

Jeff Bobzin Vice President, Insyde Software Corporation

8

Agenda • Securing the boot process for Enterprise Systems • Why the Enterprise system needs Secure Boot • The Engineering of Secure Boot Feature • Secure System Firmware Update for Linux*

• Is my platform ready for Secure Boot Linux?

Agenda Item 1

9

Much Progress in 2012

UEFI Versions of Fedora* and Ubuntu* Launched “UEFI would provide a foundation for a chain of trust that would connect all the way up to the software layer, which could thwart attempts to install illicit, and harmful, software on [Linux*] computers.”

Joab Jackson, pcworld.com

Windows* 8 and Windows Server 2012 Launched “I would add that security improvements alone may justify the purchase for many enterprises. […] Like Windows 8, Windows Server 2012 has replaced the traditional ROM-BIOS with the new and improved industry boot standard known as UEFI using the security-hardened 2.3.1 version.”

Roger Grimes, infoworld.com

10

Ecosystem is Ready for Secure Boot

System Firmware OpRom Firmware

System Boards Add-in Cards

Recovery Software Operating Systems

11

Agenda • Securing the boot process for Enterprise Systems • Why the Enterprise system needs Secure Boot • The Engineering of Secure Boot Feature • Secure System Firmware Update for Linux*

• Is my platform ready for Secure Boot Linux?

12

Benefits of Secure Boot to Enterprise • UEFI Boot inherently has lots of value to Enterprise

– Support for large disk drives – Support for complex partition structures – Rich Network support including IPv6 – Better PXE provisioning and boot from iSCSI – Better Error Reporting and Management Tools

• But UEFI Boot needs Secure Boot to lock down access to the critical boot files

13

Project Planning is Critical

• Benefits of a hardened system boot are clear, but,

• Always remember, reliable Enterprise products with strong Security protection, starting in the firmware, and continuing throughout the Linux* boot process, require selecting partners that prioritize security

Partners can help you reach your security goals!

14

Agenda • Securing the boot process for Enterprise Systems • Why the Enterprise system needs Secure Boot • The Engineering of Secure Boot Feature • Secure System Firmware Update for Linux*

• Is my platform ready for Secure Boot Linux?

15

Quick Review – What is Secure Boot?

• UEFI Secure Boot is a technology to eliminate a major security hole during handoff from UEFI firmware to UEFI OS

• Option ROMs and OS bootloaders need to be Signed by private key corresponding to a Certificate in the systems Security Database

• Database is always provisioned at factory and maintained by OS if required for revocation

UEFI Firmware UEFI OS

16

Secure Boot – Step by Step

PK KEK db

dbx

Update Enable

Update Enable

If Signed by key in db, driver or loader can Run!

If Signed by key in dbx, driver/loader forbidden!

Update Enable

2. UEFI Secure Boot Database:

1. UEFI Driver Signing: PE Image

PE Header Certificate Directory

Section 1

Section N Type

Attribute Cert. Label

PKCS #7 + Authenticode Ext

ContentInfo

PE File Hash

Certificate

X.509 Cert.

Sign Info

Signed Hash of ContentInfo

17

Secure Boot – Step by Step 3. Platform does UEFI Driver Checking:

System

UEFI Driver Cert

Factory

Sig

Cert. Authority

UEFI Firmware

Firmware verifies signature and signer in database and if all match, drivers are approved to run.

18

Microsoft* hosts a CA for UEFI use • UEFI Option ROMs need to be signed by a widely

trusted Certificate Authority • Microsoft* has CA experience and volunteered to

host the first all-industry UEFI CA • Manufacturers are encouraged to put MS CA

certificate into “Allowed” database • Microsoft policies are non-discriminatory, for

example Microsoft CA signed the Linux* ‘Shim’ boot driver

• Could there emerge another trusted CA? - Possible, plenty of room in the database - Need to convince OEMs to include

19

Secure Boot, Linux* & Chain of Trust

Boot Shim

Linux* Boot

Loader

UEFI Firmware

Root of Trust

Cert

Microsoft* UEFI CA

Signed

20

Agenda • Securing the boot process for Enterprise Systems • Why the Enterprise system needs Secure Boot • The Engineering of Secure Boot Feature • Secure System Firmware Update for Linux*

• Is my platform ready for Secure Boot Linux?

21

Firmware is the Root of Trust • Effectiveness of Secure Boot depends upon

protection of the firmware code and data store from attack

• Todays Hardware Protection: – Elevates all flash changes to protected privileged code in

SMI – SMI-resident code tests signing of any changes to code

store or secure boot database

• Needs an Update Launcher appropriate to the OS being used

• Insyde provides OEM with Secure Update Launcher tools for Windows* and now Linux*

22

Prepared signed capsule file

Secure Firmware Update Today

Sign Tool Update Tool

Certificate Store (OEM Private) Key)

Prepared signed capsule file

Firmware Update IMG

System Manufacturer

OS-Specific Launcher

SMI Handler

Firmware Root of Trust

Locally in Machine

23

Preparing for Secure Firmware Update on Linux* Systems

OEM Steps 1. Build the signed capsule containing update (same as Windows*) 2. Build Linux* Flash* launcher appropriate to Target OS

Note: Insyde supplies driver source 3. For uncommon distro user will need to build driver

User Steps 1. Download package including launcher, extract launcher zip to set

permissions 2. Copy the signed binary “isFlash.bin” into the InsydeFlash folder 3. Update Launcher program needs the root privilege to run 4. Run Linux flash, and the application will check if the correct secure

BIOS image exists 5. Yes -> Perform SMI to launch as secure flash mode 6. Platform reboots to apply the update in firmware startup

24

Industry Working to Make Secure Update Easier and more Reliable • UEFI has entry point called UpdateCapsule that is

intended to deliver firmware updates. Look for progress from OS vendors in 2013 adding this important capability for increased reliability. – Built into Linux* so no need for user to compile driver!

• Also look for tools to update the firmware in UEFI-ready expansion cards

Prepared signed capsule file

OS-Specific Launcher

OS Capsule Driver

Firmware Root of Trust

Locally in Machine

25

Agenda • Securing the boot process for Enterprise Systems • Why the Enterprise system needs Secure Boot • The Engineering of Secure Boot Feature • Secure System Firmware Update for Linux*

• Is my platform ready for Secure Boot Linux?

26

DEMO #1 – Is my System Ready?

Download Checkup Tool at http://apps.insyde.com

1. Secure Boot Enabled 2. MS CA Cert Present

27

Enterprise Segment Goals for UEFI Forum in 2013 • Progress toward wide Enterprise adoption is a very

important goal! • Also launching UEFI-style Secure Firmware Update

for smoother user experience

• To achieve this, UEFI community promises: – Attention to all elements of the Ecosystem – systems,

expansion cards, and Enterprise OS – Education on the benefits – Responsive to the needs of the segment

28

Ubuntu* UEFI/Secure Boot Enablement and Tool

Ivan Hu BIOS Engineer, Canonical Ltd.

29

Agenda Item 1

Agenda • UEFI/Secure Boot Enablement • Firmware Test Suite / Firmware

Test Suite - Live • Demo

30

UEFI/Secure Boot Enablement UEFI/Secure boot • Ubuntu* 12.10 implements UEFI Secure Boot • Download: http://www.ubuntu.com/download/desktop

31

UEFI/Secure Boot Enablement BIOS/UEFI Requirement • Complies with version 2.3.1 of the UEFI standard

• UEFI boot/runtime services

• UEFI boot manager

– Variables Boot#### and BootOrder – Bios reset default

32

UEFI/Secure Boot Enablement UEFI/Secure boot • Ubuntu* secure boot process

cert

UEFI firmware

boot shim

sig cert

Grub2 bootloader

Ubuntu kernel

Microsoft* UEFI CA Certificate

Signature generated from MS UEFI CA

Ubuntu CA certificate

Signature generated from Ubuntu CA

cert

sig

cert

Signed with MS UEFI CA

Signed with Canonical UEFI CA

Signed with Canonical UEFI CA

sig sig

sig

Verify & execute

Verify & execute

Verify & execute

33

UEFI/Secure Boot Enablement UEFI/Secure boot • Ubuntu* secure boot process

cert

UEFI firmware

boot shim

sig cert

Grub2 bootloader

Unsigned kernel

Signed with MS UEFI CA

Signed with Canonical UEFI CA

sig

Verify & execute

Verify & execute execute

Microsoft* UEFI CA Certificate

Signature generated from MS UEFI CA

Ubuntu CA certificate

Signature generated from Ubuntu CA

cert

sig

cert

sig

34

UEFI/Secure Boot Enablement Ubuntu* Implementation for secure boot • Ubuntu 12.10 Implementation for Secure Boot

– Boot loader shim signed by Microsoft* UEFI CA – Ubuntu signed boot loader – Ubuntu signed kernel – Unsigned kernel support – Not enforcing module signing

• Ubuntu certification requirement – Initial key database configuration – User key reconfiguration functionality – Facility to enable/disable secure boot

• Support runtime key reconfiguration – Using efivars interface to update PK, KEK, db, dbx – Secure boot sign tool available “sbsingtool”

35

Firmware Test Suite (fwts) What is fwts? • fwts is a Linux* tool that

automates firmware checking. It aims to detect bugs and to get firmware fixed.

• Base on Intel’s Linux-ready Firmware Developer Kit which ceased on October 2007

Automatically detect errors

Sanity check core functionality Ensure interactions between Linux and firmware

Catch kernel warnings

Suggest possible workarounds Gather firmware data for debug

36

Firmware Test Suite (fwts) Key feature (1/2) • Command line

– Designed to be used by other test tools – Or to be run stand alone – And to gather data for a developer

• Batch tests – Run without supervision

• Interactive tests – Hot-key, lid, AC power.

• Extensive logging – Per test PASS/FAIL results – Explain reasons for failures (ADVICE lines) – Classify failures (CRITICAL, HIGH, LOW…)

• Summarize results – Output log format can be configured

37

Firmware Test Suite (fwts) Key feature (2/2) • Soak testing

– suspend/resume, hibernate/resume • Utilities

– ACPI, UEFI variable dump… • UEFI runtime service tests

– Variable, time, miscellaneous services • Secure boot tests

– Secure boot variables and certificate tests

38

Firmware Test Suite (fwts)

Fwts test for secure boot • UEFI secure boot variables check

– SetupMode, SecureBoot variables • Signature database (“db”) check for Microsoft* third-

party UEFI CA • KEK check for Ubuntu* master CA certificate

39

Firmware Test Suite Live (fwts-live)

What is fwts-live? • fwts-live is a bootable USB

image that will boot and run the firmware test suite without the need to install Linux*/Ubuntu*. Results of the tests are saved on the USB drive to be analyzed later.

No Installation necessary

Easy to use Release with latest Ubuntu

40

Firmware Test Suite Live (fwts-live)

41

Demo: Firmware Test Suite (fwts)

42

Information

Reporting fwts bugs? • Fwts

– https://bugs.launchpad.net/ubuntu/+source/fwts

Looking for more information • Ubuntu* ODM Portal - http://odm.ubuntu.com/ • Secure Boot Signing Tools - git://kernel.ubuntu.com/jk/sbsigntool • Fwts

– https://wiki.ubuntu.com/Kernel/Reference/fwts • Fwts-live

– https://wiki.ubuntu.com/HardwareEnablementTeam/Documentation/FirmwareTestSuiteLive

43

Ubuntu* Implementation for UEFI

• Ubuntu* 12.10 release is the first version of Ubuntu that supports secure boot

• Ubuntu secure boot maintains flexibility, while the firmware remains protected from untrusted code

• Certification required for user control of security policy

• Firmware Test Suite (FWTS) automates firmware checking- including UEFI and secure boot tests coverage

44

Linux and kernel driver signing support

• Linux distro implementation with MOK 3rd party manager signing list implemented already

• OpenSUSE 12.3 • https://news.opensuse.org/2013/02/28/rc2-is-ready-for-you-are-you-ready-for-rc2/

Summary • UEFI Secure Boot hardens the boot

process

• Ecosystem is ready for UEFI Secure Boot

• Linux* distributions must determine how to implement Secure Boot from the various options available

• Ubuntu* supports UEFI secure boot and offers FWTS for automated firmware checking

45

Call to Action

• Leverage the rich resources available and learn about UEFI secure boot technology

• Assess and evaluate your platform readiness for deploying UEFI secure boot

• Download and test the latest Linux* distributions with support for UEFI & Secure Boot – The link for Ubuntu* Secure boot resources is at:

https://wiki.ubuntu.com/UEFI/SecureBoot – SUSE* secure boot details:

https://www.suse.com/blogs/uefi-secure-boot-details/

46

Additional Sources of Information :

• Intel UEFI Community - http://intel.com/udk • UEFI Forum Learning Center

– http://www.uefi.org/learning_center/ • Use the TianoCore edk2-devel mailing list for support

from other UEFI developers • Read the “A Tour Beyond BIOS into UEFI Secure Boot”

whitepaper at tianocore.org • For more information on Ubuntu* …

– Ubuntu ODM Portal - http://odm.ubuntu.com/ – Secure Boot Tools - git://kernel.ubuntu.com/jk/sbsigntool

• For more information on Fedora* … – http://fedoraproject.org/

• Latest updates to SUSE* UEFI secure boot plans: https://www.suse.com/blogs/tag/secure-boot/

47

Legal Disclaimer INFORMATION IN THIS DOCUMENT IS PROVIDED IN CONNECTION WITH INTEL PRODUCTS. NO LICENSE, EXPRESS OR IMPLIED, BY ESTOPPEL OR OTHERWISE, TO ANY INTELLECTUAL PROPERTY RIGHTS IS GRANTED BY THIS DOCUMENT. EXCEPT AS PROVIDED IN INTEL'S TERMS AND CONDITIONS OF SALE FOR SUCH PRODUCTS, INTEL ASSUMES NO LIABILITY WHATSOEVER AND INTEL DISCLAIMS ANY EXPRESS OR IMPLIED WARRANTY, RELATING TO SALE AND/OR USE OF INTEL PRODUCTS INCLUDING LIABILITY OR WARRANTIES RELATING TO FITNESS FOR A PARTICULAR PURPOSE, MERCHANTABILITY, OR INFRINGEMENT OF ANY PATENT, COPYRIGHT OR OTHER INTELLECTUAL PROPERTY RIGHT. • A "Mission Critical Application" is any application in which failure of the Intel Product could result, directly or indirectly, in

personal injury or death. SHOULD YOU PURCHASE OR USE INTEL'S PRODUCTS FOR ANY SUCH MISSION CRITICAL APPLICATION, YOU SHALL INDEMNIFY AND HOLD INTEL AND ITS SUBSIDIARIES, SUBCONTRACTORS AND AFFILIATES, AND THE DIRECTORS, OFFICERS, AND EMPLOYEES OF EACH, HARMLESS AGAINST ALL CLAIMS COSTS, DAMAGES, AND EXPENSES AND REASONABLE ATTORNEYS' FEES ARISING OUT OF, DIRECTLY OR INDIRECTLY, ANY CLAIM OF PRODUCT LIABILITY, PERSONAL INJURY, OR DEATH ARISING IN ANY WAY OUT OF SUCH MISSION CRITICAL APPLICATION, WHETHER OR NOT INTEL OR ITS SUBCONTRACTOR WAS NEGLIGENT IN THE DESIGN, MANUFACTURE, OR WARNING OF THE INTEL PRODUCT OR ANY OF ITS PARTS.

• Intel may make changes to specifications and product descriptions at any time, without notice. Designers must not rely on the absence or characteristics of any features or instructions marked "reserved" or "undefined". Intel reserves these for future definition and shall have no responsibility whatsoever for conflicts or incompatibilities arising from future changes to them. The information here is subject to change without notice. Do not finalize a design with this information.

• The products described in this document may contain design defects or errors known as errata which may cause the product to deviate from published specifications. Current characterized errata are available on request.

• Intel product plans in this presentation do not constitute Intel plan of record product roadmaps. Please contact your Intel representative to obtain Intel's current plan of record product roadmaps.

• Intel processor numbers are not a measure of performance. Processor numbers differentiate features within each processor family, not across different processor families. Go to: http://www.intel.com/products/processor_number.

• Contact your local Intel sales office or your distributor to obtain the latest specifications and before placing your product order. • Copies of documents which have an order number and are referenced in this document, or other Intel literature, may be

obtained by calling 1-800-548-4725, or go to: http://www.intel.com/design/literature.htm • Intel, Sponsors of Tomorrow and the Intel logo are trademarks of Intel Corporation in the United States and other countries.

• *Other names and brands may be claimed as the property of others. • Copyright ©2013 Intel Corporation.

48

• Software Source Code Disclaimer: Any software source code reprinted in this document is furnished under a software license and may only be used or copied in accordance with the terms of that license.

Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

Legal Disclaimer

49

Risk Factors The above statements and any others in this document that refer to plans and expectations for the first quarter, the year and the future are forward-looking statements that involve a number of risks and uncertainties. Words such as “anticipates,” “expects,” “intends,” “plans,” “believes,” “seeks,” “estimates,” “may,” “will,” “should” and their variations identify forward-looking statements. Statements that refer to or are based on projections, uncertain events or assumptions also identify forward-looking statements. Many factors could affect Intel’s actual results, and variances from Intel’s current expectations regarding such factors could cause actual results to differ materially from those expressed in these forward-looking statements. Intel presently considers the following to be the important factors that could cause actual results to differ materially from the company’s expectations. Demand could be different from Intel's expectations due to factors including changes in business and economic conditions; customer acceptance of Intel’s and competitors’ products; supply constraints and other disruptions affecting customers; changes in customer order patterns including order cancellations; and changes in the level of inventory at customers. Uncertainty in global economic and financial conditions poses a risk that consumers and businesses may defer purchases in response to negative financial events, which could negatively affect product demand and other related matters. Intel operates in intensely competitive industries that are characterized by a high percentage of costs that are fixed or difficult to reduce in the short term and product demand that is highly variable and difficult to forecast. Revenue and the gross margin percentage are affected by the timing of Intel product introductions and the demand for and market acceptance of Intel's products; actions taken by Intel's competitors, including product offerings and introductions, marketing programs and pricing pressures and Intel’s response to such actions; and Intel’s ability to respond quickly to technological developments and to incorporate new features into its products. The gross margin percentage could vary significantly from expectations based on capacity utilization; variations in inventory valuation, including variations related to the timing of qualifying products for sale; changes in revenue levels; segment product mix; the timing and execution of the manufacturing ramp and associated costs; start-up costs; excess or obsolete inventory; changes in unit costs; defects or disruptions in the supply of materials or resources; product manufacturing quality/yields; and impairments of long-lived assets, including manufacturing, assembly/test and intangible assets. Intel's results could be affected by adverse economic, social, political and physical/infrastructure conditions in countries where Intel, its customers or its suppliers operate, including military conflict and other security risks, natural disasters, infrastructure disruptions, health concerns and fluctuations in currency exchange rates. Expenses, particularly certain marketing and compensation expenses, as well as restructuring and asset impairment charges, vary depending on the level of demand for Intel's products and the level of revenue and profits. Intel’s results could be affected by the timing of closing of acquisitions and divestitures. Intel’s current chief executive officer plans to retire in May 2013 and the Board of Directors is working to choose a successor. The succession and transition process may have a direct and/or indirect effect on the business and operations of the company. In connection with the appointment of the new CEO, the company will seek to retain our executive management team (some of whom are being considered for the CEO position), and keep employees focused on achieving the company’s strategic goals and objectives. Intel's results could be affected by adverse effects associated with product defects and errata (deviations from published specifications), and by litigation or regulatory matters involving intellectual property, stockholder, consumer, antitrust, disclosure and other issues, such as the litigation and regulatory matters described in Intel's SEC reports. An unfavorable ruling could include monetary damages or an injunction prohibiting Intel from manufacturing or selling one or more products, precluding particular business practices, impacting Intel’s ability to design its products, or requiring other remedies such as compulsory licensing of intellectual property. A detailed discussion of these and other factors that could affect Intel’s results is included in Intel’s SEC filings, including the company’s most recent Form 10-Q, report on Form 10-K and earnings release. Rev. 1/17/13