Adding verification to FreeBSD loader

Cite

Related Material

Berkeley Software Distribution (BSD)

Gerraty, Simon

Formal Metadata

Title

Adding verification to FreeBSD loader

Subtitle

aka; loader verified exec

Title of Series

The Technical BSD Conference 2018

Number of Parts

Author

Gerraty, Simon

License

CC Attribution 3.0 Unported:
You are free to use, adapt and copy, distribute and transmit the work or content in adapted or unchanged form for any legal purpose as long as the work is attributed to the author in the manner specified by the author or licensor.

Identifiers

10.5446/45302 (DOI)

Publisher

Berkeley Software Distribution (BSD)

Release Date

2018

Language

English

Content Metadata

Subject Area

Computer Science

Genre

Conference/Talk

Abstract

Secure boot is a popular topic these days. Junos (a FreeBSD based OS) has shipped with Verified Exec (from NetBSD) for over a decade, but there is a big gap between firmware power on and veriexec enforcement. Adding the equivalent of verified exec to the loader addresses this gap. Fixing the loader to verify modules and kernel has been on our roadmap for ages, but trying to squeeze enough of OpenSSL into the loader to handle verification of X.509 certificate chains, was simply not feasible. Thomas Pornin's talk last year on BearSSL, changed the game. With this tiny library in hand I was able to add verification to the FreeBSD loader in a manner compatible with Verified Exec, while adding only about 100K to the size of the loader. This talk will discuss the background, design decisions and implementation.