git.ipfire.org Git - thirdparty/grub.git/commit

author	Gary Lin <glin@suse.com>
	Fri, 15 Nov 2024 07:34:58 +0000 (15:34 +0800)
committer	Daniel Kiper <daniel.kiper@oracle.com>
	Thu, 28 Nov 2024 20:50:56 +0000 (21:50 +0100)
commit	135e0bc8863965eabc70f3c539c39135e0a00791
tree	88a72b66a7b328156c27d6d4eaf6f0dd46189288	tree
parent	b35480b48e6f9506d8b7ad8a3b5206d29c24ea95	commit \| diff

diskfilter: Look up cryptodisk devices first

When using disk auto-unlocking with TPM 2.0, the typical grub.cfg may
look like this:

  tpm2_key_protector_init --tpm2key=(hd0,gpt1)/boot/grub/sealed.tpm
  cryptomount -u <PART-UUID> -P tpm2
  search --fs-uuid --set=root <FS-UUID>

Since the disk search order is based on the order of module loading, the
attacker could insert a malicious disk with the same FS-UUID root to
trick GRUB to boot into the malicious root and further dump memory to
steal the unsealed key.

Do defend against such an attack, we can specify the hint provided by
"grub-probe" to search the encrypted partition first:

  search --fs-uuid --set=root --hint='cryptouuid/<PART-UUID>' <FS-UUID>

However, for LVM on an encrypted partition, the search hint provided by
"grub-probe" is:

  --hint='lvmid/<VG-UUID>/<LV-UUID>'

It doesn't guarantee to look up the logical volume from the encrypted
partition, so the attacker may have the chance to fool GRUB to boot
into the malicious disk.

To minimize the attack surface, this commit tweaks the disk device search
in diskfilter to look up cryptodisk devices first and then others, so
that the auto-unlocked disk will be found first, not the attacker's disk.

Cc: Fabian Vogt <fvogt@suse.com>
Signed-off-by: Gary Lin <glin@suse.com>
Reviewed-by: Stefan Berger <stefanb@linux.ibm.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
Tested-by: Stefan Berger <stefanb@linux.ibm.com>