Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-127953

Limit PCR 8 measurements to config files which are not built in to the grub image.

Linking RHIVOS CVEs to...Migration: Automation ...RHELPRIO AssignedTeam ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • rhel-10.0
    • grub2
    • None
    • None
    • None
    • 1
    • rhel-bootloader
    • None
    • False
    • False
    • Hide

      None

      Show
      None
    • None
    • Bootloader Sprint 2025.4
    • None
    • None
    • Unspecified
    • Unspecified
    • Unspecified
    • x86_64
    • None

      What were you trying to do that didn't work?

      Get a GRUB binary that embeds a small config that:

      • only supports booting UKIs
      • only supports reading a limited set of options from a grub.cfg file (menu timeout, etc.)
      • does not measure the commands or config used in PCR 8

      As part of the Confidential Clusters work, we would like to reduce the number of PCR values that we have to compute to reduce the complexity of the implementation, reduce the likelyness of issues and thus increase our security posture.

      We thus would like to use a GRUB binary that does not measure its config as it would not impact its beahvior. The initial config would be embedded in the binary and would only allow booting UKI using bootloader entries in the ESP.

      It would notably not measure the commands it uses to boot the UKI as the measurement of the booted UKI should (to be confirmed for GRUB) be covered by what is measured in PCR 4 & 7 from the perspective of the bootloader (then 11, 12 and 13 from the perspective of systemd-stub).

      It would accept only a very limited set of options from an external config file. The accepted options must not alter the behavior of GRUB beyond cosmetic / interface changes (menu timeout, console setup, etc.).

      Not having GRUB use PCR 8 would also let us use this PCR bank to measure what Trustee calls "initdata", which in our case would notably include the Ignition config on first-boot, and an ID on later boots.

      For more details about Trustee initdata, see:

      What is the impact of this issue to you?

      Significantly reduced amount of work to implement remote attestation in Confidential Clusters:

      • Less PCR values to pre-compute and manage (PCR 8 removed)
      • No GRUB config management
      • No code/config changes to other projects that expects to be able to use PCR 8

      Please provide the package NVR for which the bug is seen:

      Tested on Fedora 43 Cloud image.

      How reproducible is this bug?:

      Always

      Steps to reproduce

      • Boot a system with GRUB
      • Look at the elements that are measured in PCR banks via the event log

      Expected results

      No element measured in PCR 8

      Actual results

      GRUB config measured in PCR 8

              bootloader-eng-team bootloader -eng-team
              travier@redhat.com Timothée Ravier
              bootloader -eng-team bootloader -eng-team
              Release Test Team Release Test Team
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

                Created:
                Updated: