Shim 15.8 for ZeeOS (x86_64)

[zeetim]

Confirm the following are included in your repo, checking each box:

• completed README.md file with the necessary information
• shim.efi to be signed
• public portion of your certificate(s) embedded in shim (the file passed to VENDOR_CERT_FILE)
• binaries, for which hashes are added to vendor_db ( if you use vendor_db and have hashes allow-listed )
• any extra patches to shim via your own git tree or as files
• any extra patches to grub via your own git tree or as files
• build logs
• a Dockerfile to reproduce the build of the provided shim EFI binaries

---

What is the link to your tag in a repo cloned from rhboot/shim-review?

---

https://github.com/zeetim/shim-review/tree/zeetim-shim-x64-20240906

---

What is the SHA256 hash of your final SHIM binary?

---

26cb646f44e7592bfce836206f2dc81f9aa80b7cdcbd1b440e5b2e49e4962a6f shimx64.efi

---

What is the link to your previous shim review request (if any, otherwise N/A)?

---

N/A. This is our first application

---

If no security contacts have changed since verification, what is the link to your request, where they've been verified (if any, otherwise N/A)?

---

N/A. This is our first application

[steve-mcintyre]

Contact verification emails sent

[Kal42]

Hi,

Verification for [email protected] :

eunuchs drowned milkier awkwardness dilute coiffuring deserve similarities lingoes trotters

[zeetim]

Hello,
Contact verification for [email protected]:
mulishness Ewing furnish calamity emblems remounts infinitesimals Swansea fusing protrusion

[evilteq]

Just to clarify: "We use an ephemeral key to sign kernel modules" or "Kernel modules are signed using the same vendor keypair used inside shim image." ?

[zeetim]

Just to clarify: "We use an ephemeral key to sign kernel modules" or "Kernel modules are signed using the same vendor keypair used inside shim image." ?

We are using a different keypair to sign kernel modules. Vendor keypair included in shim image is only used to sign mokmanager (mmx64.efi), fallback (fbx64.efi), grub (grubx64.efi) and kernel image (bzImage).

[evilteq]

And that key is unique for each release (ephemeral) or is it fixed?

[zeetim]

And that key is unique for each release (ephemeral) or is it fixed?

The key is unique for each release

[evilteq]

Shim is pretty much by the book, only one patch to make it NX and non-NX (only the the NX is used).
Reproduced it with the same sha256.

Certificate inside is valid for 30 years, 4K, key inside a yubike, these details:
Subject: C = FR, ST = Ile-de-France, L = Vitry-Sur-Seine, O = ZEETIM SAS, OU = ZEETIM SAS CERTIFICATE AUTHORITY, CN = ZEETIM SAS ROOT CA

Grub has many patches, but all known. (I found them exactly in the ubuntu sources).

I guess there is a mistake in the grub .sbat as it says 2.06 version, then states to be 2.12. I guess its just forgotten to add the new one for this review?

Looks good to me!

[zeetim]

I guess there is a mistake in the grub .sbat as it says 2.06 version, then states to be 2.12. I guess its just forgotten to add the new one for this review?

Thank you for your review! We have fixed the grub sbat mismatch in our repository.

[costinchen]

I'm not an official reviewer, but I want to help speed up reviewing.

• Build is reproducible with the same sha256sum:
  26cb646f44e7592bfce836206f2dc81f9aa80b7cdcbd1b440e5b2e49e4962a6f shimx64.efi

• Revoked certs in dbx - None, first submission

• Embedded cert is CA cert:

  • Subject: C = FR, ST = Ile-de-France, L = Vitry-Sur-Seine, O = ZEETIM SAS, OU = ZEETIM SAS CERTIFICATE AUTHORITY, CN = ZEETIM SAS ROOT CA
  • Valid begin: Sep 6 10:00:12 2024 GMT, until: Aug 30 10:00:12 2054 GMT (30 years)
  • 4096 bit RSA key
  • Key in YubiKey

• SBAT sections look reasonable:

shim:
sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
shim,4,UEFI shim,shim,1,https://github.com/rhboot/shim
shim.zeetim,1,Zeetim,shim,15.8,mail:[email protected]

grub:
sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
grub,4,Free Software Foundation,grub,2.12,https://www.gnu.org/software/grub/
grub.zeetim,1,Zeetim,grub,2.12,mail:[email protected]

• Build shim with official tarball and only one patch from ubuntu to set the NX bit:

objdump -x shimx64.efi | grep -E 'SectionAlignment|DllCharacteristics'
SectionAlignment        00001000
DllCharacteristics      00000100

• Grub has many patches, but all of those are from well-known distributions.

All looks good from my perspective!

A small suggestion:
Since you have updated the .sbat info of grub in your repo, you could add a new tag and update this issue with that new tag.

[christopherco]

I am not an official reviewer but also looking to help reviewers out.

Shim

• Using official shim 15.8 as starting source? Yes
• Patches to shim? Yes, a NX shim patch is applied, sourced from Canonical
• dockerfile reproduces the shimx64.efi? Yes
• Note: The shim binary is the NX shim efi version.
• First time submission? Yes

Certificate

$ openssl x509 -inform der -in zeetim-uefi-ca.der -text -noout
Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            44:8f:49:8a:fd:4d:ae:eb:9c:89:a1:d0:9e:d7:b9:80:b9:49:b7:f8
        Signature Algorithm: sha256WithRSAEncryption
        Issuer: C = FR, ST = Ile-de-France, L = Vitry-Sur-Seine, O = ZEETIM SAS, OU = ZEETIM SAS CERTIFICATE AUTHORITY, CN = ZEETIM SAS ROOT CA
        Validity
            Not Before: Sep  6 10:00:12 2024 GMT
            Not After : Aug 30 10:00:12 2054 GMT
        Subject: C = FR, ST = Ile-de-France, L = Vitry-Sur-Seine, O = ZEETIM SAS, OU = ZEETIM SAS CERTIFICATE AUTHORITY, CN = ZEETIM SAS ROOT CA
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                Public-Key: (4096 bit)
                Modulus:
                    00:db:cd:ab:7f:13:d9:45:b5:8a:45:1a:77:f5:1d:
                    47:f7:4b:a5:ee:24:4d:5c:72:d5:f4:b9:57:8d:22:
                    3b:94:96:d4:9c:4c:6f:c5:75:04:f5:d8:26:37:25:
                    ee:92:34:02:89:38:5e:ed:dd:e8:34:ba:9a:f2:1d:
                    f7:05:3b:fd:65:ff:32:9b:2c:1f:9f:86:8a:4b:13:
                    13:63:b7:86:e7:ea:a2:4f:f6:ad:f5:48:9f:25:90:
                    29:66:ff:7b:37:d7:2e:5e:f9:af:53:87:a4:30:63:
                    74:04:84:75:48:1c:b3:52:40:4f:e2:6d:93:8c:22:
                    80:bb:f7:d8:37:1c:d2:be:5b:ab:a9:60:2a:42:24:
                    cd:8f:38:6c:57:af:b8:5b:b8:87:85:60:f9:99:4e:
                    73:e0:67:ab:27:2d:4b:06:5e:24:2b:eb:84:9c:da:
                    ff:14:a5:44:cd:60:c0:8c:2c:fb:c6:d3:a5:e2:9a:
                    ea:15:07:b9:34:9c:e9:ea:ba:95:e5:93:ce:f9:e6:
                    11:9e:c1:f7:8a:d0:f6:2f:90:a8:a0:58:c1:8c:8f:
                    93:d6:0e:50:c7:bf:e5:61:9c:94:08:99:89:ec:4b:
                    78:7f:9c:af:0d:34:8b:a5:55:84:99:b3:e8:71:22:
                    12:6e:4c:39:7a:ba:ec:56:f3:7c:38:49:4c:91:57:
                    5a:27:80:ff:58:70:f3:10:33:77:51:a6:b1:34:5b:
                    9f:f5:eb:68:78:69:47:98:35:a3:e5:80:af:dd:84:
                    48:73:d1:ef:4e:2a:f9:3f:1e:9c:54:d5:c4:c1:19:
                    19:2e:94:30:49:7f:a0:31:3c:81:b8:61:7b:a1:67:
                    a0:c9:48:1b:1d:87:82:76:f4:92:7f:b4:c3:92:e5:
                    58:ce:1d:e3:11:e0:e3:db:c1:e1:d8:18:d3:90:96:
                    e3:a7:49:e2:1a:63:00:84:24:39:af:3f:8a:e0:59:
                    12:78:71:06:06:43:df:98:4d:4e:2a:84:a7:63:92:
                    b7:d1:22:8c:a2:0c:80:ba:80:aa:2f:5e:f4:e5:c0:
                    b1:a7:d2:3c:e5:da:37:5e:16:d5:1c:1b:90:a3:41:
                    9d:df:62:1f:1d:9b:c5:bf:a4:94:2d:97:10:b7:1c:
                    9d:b5:72:ec:f1:fb:44:c4:8c:4d:f3:d3:6d:43:ba:
                    ee:61:8b:a4:0a:6a:16:7c:dc:22:9c:d6:64:c2:f8:
                    ee:63:4e:5a:ec:6a:7d:cf:51:1e:55:ed:fd:32:16:
                    1f:41:a2:bf:53:5d:b0:6e:be:bb:53:1e:44:51:45:
                    75:10:e7:cd:73:42:88:f7:07:d2:b5:86:54:b3:86:
                    4a:44:d9:d2:8a:88:ec:9a:6a:8f:70:16:ec:79:c6:
                    71:20:a1
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                9A:74:C0:F8:DE:4A:3C:0C:3E:2D:2F:07:60:90:1E:9C:8C:85:CA:EB
            X509v3 Authority Key Identifier:
                9A:74:C0:F8:DE:4A:3C:0C:3E:2D:2F:07:60:90:1E:9C:8C:85:CA:EB
            X509v3 Basic Constraints: critical
                CA:TRUE
    Signature Algorithm: sha256WithRSAEncryption
    Signature Value:
        c0:7f:b6:34:66:19:74:c0:35:0f:e3:c3:18:48:6a:d4:a9:3b:
        98:33:e6:0a:d6:ff:05:8d:83:2e:64:df:23:8c:aa:97:41:69:
        ab:06:f5:e4:ed:1d:7e:81:b7:d9:55:07:a0:ca:a4:83:57:3c:
        18:53:76:e1:2a:8e:f0:ea:ed:f6:b5:e2:c9:cb:d0:8c:b4:6a:
        80:16:23:f0:8e:b4:56:91:b9:22:22:d3:a2:6d:09:15:19:74:
        37:c3:63:cc:99:a7:90:6b:6a:21:d6:23:02:ce:0b:2f:2c:df:
        4a:92:da:56:39:a7:2b:f9:83:ba:eb:cc:f2:18:c0:88:9a:8c:
        29:1d:74:42:cb:9b:f6:79:0c:51:20:1b:73:29:d3:fc:ee:ca:
        ce:5d:c4:2a:5a:a1:90:01:8d:76:d5:e3:22:f3:53:93:bd:23:
        93:29:e2:ea:96:ca:5e:57:5a:34:70:08:86:1a:18:0a:ab:22:
        00:8d:74:47:9a:9a:0d:78:9c:c6:36:81:6a:db:8c:28:86:85:
        bb:4e:1f:f5:16:ad:45:83:9c:89:ed:13:3a:38:4c:2d:ce:8a:
        e4:80:80:01:fe:bf:a2:22:1f:31:3e:f6:60:0c:87:a9:a4:79:
        71:35:a4:ab:4f:0d:40:c4:b9:62:7f:71:d2:06:71:a0:f6:26:
        13:2a:73:9a:f5:0f:30:94:71:41:c3:f7:20:3b:02:b1:07:2d:
        24:98:99:6a:74:e2:37:45:3f:12:96:26:81:2a:c6:b6:e2:47:
        08:c2:51:a2:f2:dc:90:e7:86:cf:c1:3b:4a:77:55:e8:0b:51:
        61:3b:98:23:ec:2f:84:af:d3:09:4a:7a:b3:d9:71:d7:65:6f:
        2e:07:16:d3:47:cf:fb:54:6d:bf:22:06:7c:72:d8:df:0b:d3:
        fc:ce:31:81:0f:b1:c5:a2:8a:13:27:ac:36:21:80:f6:9e:3a:
        2c:b4:0a:2e:e0:ad:dd:91:1c:22:3e:79:a7:d5:e1:4e:ea:d5:
        4e:b0:58:47:2c:58:cf:85:ff:bc:3c:8a:97:38:88:a0:65:4f:
        46:44:6b:3c:55:91:6a:38:4b:86:fb:ec:9b:5e:88:c7:af:4c:
        fb:fd:af:40:dd:fc:f5:15:a6:64:44:4f:16:2a:7e:03:4f:99:
        66:65:f7:8e:52:45:1c:f9:f5:5d:c0:4f:d8:16:fc:78:68:5c:
        08:57:38:49:33:5f:2c:16:15:4f:86:08:36:d3:9b:81:e0:b5:
        fe:0c:ee:4c:74:23:47:e8:9e:03:ac:fd:a1:99:32:34:8c:54:
        0f:4b:6f:e4:42:dc:cf:8b:e4:16:27:af:a0:7d:9e:54:e7:a8:
        5f:dc:ef:cb:cc:44:7d:ae

• Does the submitter’s embedded certificate match the organization they are submitting under? Yes Subject: C = FR, ST = Ile-de-France, L = Vitry-Sur-Seine, O = ZEETIM SAS, OU = ZEETIM SAS CERTIFICATE AUTHORITY, CN = ZEETIM SAS ROOT CA
• Does the submitter have reasonable access controls in place (e.g. HSM, etc.) for the private half of the public key embedded in their shim? Yubikey HW token.
• Does the embedded certificate have a reasonable validity period? Yes, 30 years
• Reasonable key length and algo? Yes, RSA4K & SHA256

SBAT

sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
shim,4,UEFI shim,shim,1,https://github.com/rhboot/shim
shim.zeetim,1,Zeetim,shim,15.8,mail:[email protected]

sbat,1,SBAT Version,sbat,1,https://github.com/rhboot/shim/blob/main/SBAT.md
grub,4,Free Software Foundation,grub,2.12,https://www.gnu.org/software/grub/
grub.zeetim,1,Zeetim,grub,2.12,mail:[email protected]

• Is SBAT data present in the provided binaries, and does it match what was provided in the answers to issue template questions? Yes

GRUB

• Does the submitter use grub as a bootloader? Yes
• Does it have the patches stated by the issue template and README.md? Yes
• Are there any custom patches applied? Yes. Patches look to be sourced from Canonical / Debian.
• Which grub modules are built in? part_msdos part_gpt part_msdos fat memdisk squash4 iso9660 cpio loopback keylayouts at_keyboard all_video gfxterm terminal font gettext echo regexp cat gcry_sha256 gcry_sha512 gcry_dsa gcry_rsa password_pbkdf2 pbkdf2 efinet tftp http linux boot halt reboot minicmd sleep test gzio normal configfile peimage

Kernel

• What kernel is loaded, and does it have all the patches stated by the issue template and README.md? Yes, using stable version of Linux kernel 6.10.7 without additional patches
• How is lockdown enforced? Kernel compiled with CONFIG_LOCK_DOWN_KERNEL_FORCE_INTEGRITY, CONFIG_MODULE_SIG_FORCE, CONFIG_INTEGRITY_PLATFORM_KEYRING and CONFIG_INTEGRITY_MACHINE_KEYRING. Grub also uses a builtin GPG key to prevent tampering with grub configs and initrd.

Additional Comments / Questions

• shim and grub seem to derive from Canonical. If this is indeed the case, it is recommend to include Ubuntu's SBAT information as well in case there is a need to revoke a whole family of builds due to a shared vendor patch.
• In the ephemeral key question, you indicate that you use the ephemeral key to sign kernel modules. But in the launched components question, you indicate the kernel modules are signed using the same vendor keypair used inside the shim image. Can you clarify how your kernel modules are signed?