Verified Boot for Oracle VM Server (LDoms) on SPARC Solaris

Guest article by Naoki Tanaka

Introduction

Solaris Verified Boot verifies the RSA signatures of SPARC boot blocks and Solaris kernel modules before execution. Until now, Verified Boot has been available on Solaris for the host domain and also for Kernel Zones, but not for the Oracle VM Server (LDoms) guest domains. With LDoms 3.4, Oracle Solaris introduces Verified Boot for LDoms guests.

In Verified Boot, we maintain a chain of trust, in which only verified code can verify other code.

We don't trust root user or current filesystem. Thus, the RSA public key(s) used for signature verification is stored in ILOM and transmitted to OpenBoot and Solaris via the Hypervisor. ILOM also stores the boot-policy setting for the host domain. For LDoms guest domains, the boot-policy setting is configured in the host domain.

The boot-policy is one of the following: none, warning (default), and enforce. For "none", no verification is performed. For "warning" and "enforce", Verified Boot logs an error message on the console or syslog or both. Additionally, for "enforce", the module fails to load.

Example

We are going to demonstrate this new feature by following an example.

By default, the boot-policy for LDoms guest domains is "warning". "ldm list -l" command reveals this setting:

# ldm list -l ldm1 | more NAME STATE FLAGS CONS VCPU MEMORY UTIL NORM UPTIME ldm1 inactive ------ ... CONTROL ...   boot-policy=warning ...

We can change the boot-policy setting with "ldm set-domain" command. Note that you need to reboot the guest domain to make the new setting effective because a chain of trust needs to be reestablished.

# ldm set-domain boot-policy=enforce ldm1 # reboot # ldm list -l ldm1 | more NAME STATE FLAGS CONS VCPU MEMORY UTIL NORM UPTIME ldm1 inactive ------ ... CONTROL ...   boot-policy=enforce

In contrast, the boot-policy for the host domain needs to be set in ILOM as before because the host domain receives its properties from ILOM through hypervisor calls.

As shown in the example below, the primary host domain's boot-policy property in the output of "ldm list -l" command is 'n/a':

# ldm list -l primary | more NAME STATE FLAGS CONS VCPU MEMORY UTIL NORM UPTIME primary active -n-c-- UART 128 127G 0.0% 0.0% 46m CONTROL ...   boot-policy=n/a ...

If you try to set it with "ldm set-domain" command, you will see a warning:

# ldm set-domain boot-policy=enforce primary Cannot set boot-policy for primary domain

Now, let's see how Verified Boot actually works in LDoms guest domains.

With boot_policy set to 'enforce', LDOMs domain guests will print out a warning message to the console without loading the module if elfsign verification fails during the module load:

root@ldm1:~# modload invalid_rsa Jun 12 12:24:17 ldm1 krtld: Signature verification of module /root/invalid_rsa failed; policy is set to "enforce". can't load module: Invalid argument: Invalid argument

With boot_policy set to 'warning', LDOMs domain guests will print out a warning message to console if elfsign verification fails during the boot.

WARNING: Bootblk signature verification failed, continuing with boot WARNING: Signature verification of UNIX kernel image failed

Availability

This functionality is available in LDoms 3.4, which is available on Solaris 11.3 SRU 8 or higher. SPARC T5/M5/M6/T7/M7 hardware with SysFW 9.5.0 or higher is also required.

More Information

You can find more information on Verified Boot concepts at Dan Anderson's blog article:

• Solaris Verified Boot, https://blogs.oracle.com/danx/solaris-verified-boot