Verified VM Boot Sequence without Secure Boot
(Same security level as secure boot?)
Talking about VMs only in this post,
We could boot from a virtual, read-only (write protected) boot medium such as another virtual HDD or ISO. Such a boot medium which only contains a bootloader (shim or grub?) which only task is to verify the bootloader on the main hard drive that contains the bootloader, kernel, debian. That boot medium could be shipped on Whonix Host through a deb package.
Presuppositions:
- the virtual BIOS cannot be flashed/compromised
- host not compromised
boot sequence:
VM powered on -> virtual BIOS loads boot DVD ISO (or alternatively another hard drive) (contains a bootloader only) -> this initial bootloader signature is not verified but secure since boot from read-only medium -> verify bootloader on main hard drive -> bootloader of main hard drive does signature verification of kernel -> continue boot
What we need for that: grub-pc (not grub-efi) with signature verification.
By not booting from that initial boot medium (for testing or if that was broken or so), users could do regular boots without verification of the bootloader on the main drive. From the perspective of the main drive, nothing would change. Except we’d enable grub signature verification of the kernel on the main drive.
The boot medium should not load the actual kernel for simplicity of the implementation. Since it is read-only it cannot be easily updated. Kernel packages change and during kernel upgrades /boot and grub.cfg on the main disk changes. If /boot was write protected, that would fail. Therefore the initial boot medium is only a simplified alternative to EFI Secure Boot. By making the initial boot medium as simple as possible, i.e. only chainloading the next bootloader, it does not need frequent updates and does not need to be updated when kernel versions change.
If we could make grub-pc (not grub-efi) use check_signatures=enforce, then maybe we don’t need to port to EFI and/or Secure Boot soon and perhaps never?
Do you see any flaws in this concept?