Private bug reported:
Secure Boot and Secured Update are foundational platform security features designed to ensure system integrity from boot through runtime updates.
Secure Boot establishes a hardware root of trust and verifies the authenticity and integrity of firmware, bootloaders, and the operating system before execution. It prevents unauthorized or malicious code from being loaded during the boot process by enforcing cryptographic signature validation.
Secured Update extends this trust model to firmware and software updates, ensuring that only authenticated, signed, and verified updates are applied to system components such as BIOS/UEFI, BMC firmware, and device firmware. This protects against supply chain attacks, rollback attacks, and unauthorized modifications.
In the Linux kernel, Secure Boot is supported through UEFI Secure Boot mechanisms, kernel signature verification, and trusted key management. Secured Update workflows involve coordination between firmware, OS tools, and management frameworks (e.g., capsule updates, fwupd). However, enhancements are needed for better integration, visibility, and policy enforcement across platform components.
Feature Request:
Requested details to be enabled on OS:
Ensure full support for UEFI Secure Boot (key enrollment, signature verification, revocation lists).
Enable kernel and module signature enforcement under Secure Boot.
Support secure firmware update mechanisms (UEFI capsule updates, signed payloads).
Integrate secured update workflows with OS tools (e.g., fwupd, LVFS where applicable).
Provide mechanisms for rollback protection and version control of firmware updates.
Expose Secure Boot status and configuration via sysfs and user-space tools.
Enable logging and auditing of Secure Boot and update events.
Support secure update of device firmware (PCIe/CXL devices, NICs, storage).
Integrate with platform management frameworks (BMC, Redfish) for remote updates.
Provide policy controls for update authorization and enforcement.
Ensure compatibility with virtualization environments and confidential computing setups.
Document Secure Boot configuration, key management, and secured update workflows.
Business Justification:
Protects system from unauthorized code execution during boot.
Ensures integrity and authenticity of firmware and software updates.
Mitigates supply chain and firmware-level attacks.
Enhances compliance with security standards and regulations.
Improves trustworthiness of platform in enterprise and cloud environments.
Aligns with modern zero-trust and secure infrastructure strategies.
References:
UEFI Secure Boot Specification
Linux Kernel Secure Boot and Module Signing Documentation
fwupd and LVFS Documentation
NIST and Industry Security Guidelines for Firmware Protection
** Affects: linux (Ubuntu)
Importance: Undecided
Status: New
** Information type changed from Public to Private
--
You received this bug notification because you are subscribed to linux
in Ubuntu.
Matching subscriptions: Bgg, Bmail, Nb
https://bugs.launchpad.net/bugs/2146711
Title:
Request for Security Support – Secure Boot and Secured Update
Status in linux package in Ubuntu:
New
Bug description:
Secure Boot and Secured Update are foundational platform security features designed to ensure system integrity from boot through runtime updates.
Secure Boot establishes a hardware root of trust and verifies the authenticity and integrity of firmware, bootloaders, and the operating system before execution. It prevents unauthorized or malicious code from being loaded during the boot process by enforcing cryptographic signature validation.
Secured Update extends this trust model to firmware and software updates, ensuring that only authenticated, signed, and verified updates are applied to system components such as BIOS/UEFI, BMC firmware, and device firmware. This protects against supply chain attacks, rollback attacks, and unauthorized modifications.
In the Linux kernel, Secure Boot is supported through UEFI Secure Boot mechanisms, kernel signature verification, and trusted key management. Secured Update workflows involve coordination between firmware, OS tools, and management frameworks (e.g., capsule updates, fwupd). However, enhancements are needed for better integration, visibility, and policy enforcement across platform components.
Feature Request:
Requested details to be enabled on OS:
Ensure full support for UEFI Secure Boot (key enrollment, signature verification, revocation lists).
Enable kernel and module signature enforcement under Secure Boot.
Support secure firmware update mechanisms (UEFI capsule updates, signed payloads).
Integrate secured update workflows with OS tools (e.g., fwupd, LVFS where applicable).
Provide mechanisms for rollback protection and version control of firmware updates.
Expose Secure Boot status and configuration via sysfs and user-space tools.
Enable logging and auditing of Secure Boot and update events.
Support secure update of device firmware (PCIe/CXL devices, NICs, storage).
Integrate with platform management frameworks (BMC, Redfish) for remote updates.
Provide policy controls for update authorization and enforcement.
Ensure compatibility with virtualization environments and confidential computing setups.
Document Secure Boot configuration, key management, and secured update workflows.
Business Justification:
Protects system from unauthorized code execution during boot.
Ensures integrity and authenticity of firmware and software updates.
Mitigates supply chain and firmware-level attacks.
Enhances compliance with security standards and regulations.
Improves trustworthiness of platform in enterprise and cloud environments.
Aligns with modern zero-trust and secure infrastructure strategies.
References:
UEFI Secure Boot Specification
Linux Kernel Secure Boot and Module Signing Documentation
fwupd and LVFS Documentation
NIST and Industry Security Guidelines for Firmware Protection
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/2146711/+subscriptions
Комментариев нет:
Отправить комментарий