289

Microsoft's Secure Boot UEFI bootloader signing key expires in September, posing problems for Linux users (www.tomshardware.com)

submitted 5 days ago by throws_lemy@lemmy.nz to c/linux@programming.dev

70 comments fedilink hide all child comments

Linux users may face yet another hurdle related to Secure Boot when the Microsoft-signed key used by many distributions to support the firmware-based security feature expires on September 11, leaving users at the mercy of distribution from OEMs, and systems possibly not receiving a necessary firmware update.

As LWN reported (paywall) that Microsoft will stop using the expiring key to sign the shim in September. "But the replacement key, which has been available since 2023, may not be installed on many systems; worse yet, it may require the hardware vendor to issue an update for the system firmware, which may or may not happen," LWN said. "It seems that the vast majority of systems will not be lost in the shuffle, but it may require extra work from distributors and users."

The report said manufacturers could add support for the new key in a full firmware update or by updating the KEK database. The former assumes that manufacturers would be interested in distributing a firmware update for a wide variety of products so a small percentage of their users could use Secure Boot with a non-Windows OS; the latter is an unproven mechanism that isn't guaranteed to work on all devices. Both seem likely to leave at least some people to figure out a solution on their own.

top 50 comments

sorted by: hot top controversial new old

[-] fubarx@lemmy.world 67 points 5 days ago

If you start with a reasonably recent Windows machine, there's a TPM with secure boot (and MS keys) enabled. If setting up dualboot Windows/Linux, you're going through BIOS/UEFI, so expiring keys will affect you. Booting into Windows and doing an update should fix the problem.

If you disabled secureboot/FDE, then installed Linux and left it at that, you should be OK.

But under Linux, those who reenable fulldisk encryption or secure boot via the TPM may be impacted by this, and since they've removed Windows, they may be screwed: https://allthings.how/how-to-enable-tpm-encryption-and-secure-boot-on-ubuntu-24-04/

[-] FizzyOrange@programming.dev 17 points 5 days ago

So why can't Linux just do whatever the Windows update does?

[-] ben@feddit.dk 35 points 5 days ago

Tools to do that exists. fwupd is a tool to update firmwares. I just tested it on a thinkpad and went from 351 keys to 518 secureboot keys.

GNOME Software also uses fwupd, that should take care of a good chunk of users.

[-] kadup@lemmy.world 17 points 5 days ago

So this is an exaggerated non-issue that is phrased as if it was the end of Linux? Crazy, this never happened before! See you all next week when Linux is doomed again.

[-] groet@feddit.org 15 points 5 days ago

Its an exaggerated ~~non-~~issue

Linux is not a uniform userbase. Many systems will be affected by this. Many users will be fine because they use a well used and maintained distro. Many servers and embedded systems will not be fine.

That raspi running your pihole that is never updated? Yeah that might just stop booting next time there is a poweroutage and you wouldn't know what's up.

[-] kadup@lemmy.world 18 points 5 days ago

What Raspberry Pi is booting with SecureBoot and default keys? Give me a break.

load more comments (1 replies)

[-] fubarx@lemmy.world 6 points 5 days ago

The Windows update loads a chain of trust that tells the bootloader the device is OK and your version of Windows is real and your full-disk-encryption is fine. Linux folks don't have (or need) all that. They can create their own chain of trust if they want, but they don't have read/write access to the Microsoft one.

If they did, we would be reading a completely different article starting with why the world was on fire.

[-] ArcaneSlime@lemmy.dbzer0.com 5 points 5 days ago* (last edited 5 days ago)

So my framework 16 that has never seen Windows running FedoraKDE with FDE (but not auto-unlock, typed pass every boot) enabled is going to explode?

Half kidding, but like, should I disable secure boot or something? Run fwupd?

[-] fubarx@lemmy.world 5 points 5 days ago

If it's never seen Windows you may be fine.

The problem is mostly for systems that dual-boot or had Windows at one point, but got Linux installed on top. A lot of people use old Lenovo, HP, or Dell computers and repurpose them for Linux. Those are the ones that may get bit.

load more comments (1 replies)

[-] baines@lemmy.cafe 42 points 5 days ago* (last edited 5 days ago)

can i just not use secure boot?

[-] CrabAndBroom@lemmy.ml 60 points 5 days ago

That's what I do. I never enabled it based on the assumption that because it's a Microsoft thing, it would eventually fuck me over in some way. That attitude has served me well for may years lol.

[-] mholiv@lemmy.world 16 points 5 days ago

You can but then you don’t have secure boot.

[-] baines@lemmy.cafe 17 points 5 days ago

and this is bad because?

[-] mholiv@lemmy.world 30 points 5 days ago* (last edited 5 days ago)

If you don’t care about boot chain attacks it isn’t bad at all.

If you do care about boot chain attacks it’s bad because it allows someone to replace things like the efi binaries, grub, or your kernel with backdoor-ed versions and there would be no way to detect this from the running system.

Secure boot checks for this stuff. You can read more here:

https://www.redhat.com/en/blog/secure-boot-systemtap

[-] CrabAndBroom@lemmy.ml 17 points 5 days ago

But if secure boot happens to brick your system forever because of this expiring key thing, is that worse than a boot chain attack?

[-] mholiv@lemmy.world 13 points 5 days ago* (last edited 5 days ago)

It won’t brick your system forever??? You just turn it off in your bios. Then you have no secure boot. Just like it was never there.

[-] amorpheus@lemmy.world 6 points 5 days ago* (last edited 5 days ago)

Shouldn't a system that was set up with Secure Boot refuse to start if it were disabled? Otherwise there wouldn't be any protection against these attacks.

I don't think setting up the system again is a simple remedy to having problems with this feature.

[-] mholiv@lemmy.world 14 points 5 days ago* (last edited 5 days ago)

It won’t refuse to boot. It’s just that any automatic metric based decryption won’t work.

If you are using a TPM to automatically unlock luks and also manually removed the password backup before hand you could lose your data forever. That is true.

But if you kept the password based decryption stuff you could still manually unlock stuff. Just like secure boot was never there.

The difference would be that there could be no secure attestation that the kernel count trust/use without secure boot.

Like secure boot is really cool on Linux if you learn about it. Like sbctl alone is great for verifying backups and stuff.

I recommend reading through the arch wiki if you want to learn more. It covers a lot of stuff. https://wiki.archlinux.org/title/Unified_Extensible_Firmware_Interface/Secure_Boot

[-] 9tr6gyp3@lemmy.world 4 points 4 days ago

Turning off secure boot wont turn off your TPM, it just turns off all the signature verifications. Your TPM still stores the decryption keys and you can still decrypt your data.

Now if you do a UEFI/BIOS update without disabling your encryption while using a TPM, and dont have password decryption as a backup, yes, you could potentially lose access to your data.

[-] dafta@lemmy.blahaj.zone 4 points 4 days ago

It won't turn off your TPM, but if you've set it up correctly (by using PCR7), the TPM won't allow decrypting your data without secure boot.

[-] mholiv@lemmy.world 3 points 4 days ago

Exactly this. The people who designed secure boot and TPMs were not idiots. You can’t trick a properly set up TPM configured with secure boot in any realistic setup.

[-] Meron35@lemmy.world 9 points 4 days ago

Microsoft's ~~Secure Boot UEFI bootloader signing key expires in September,~~ posing problems for Linux users

[-] Goun@lemmy.ml 43 points 5 days ago

I don't understand, a. Why is Linux using Microsoft keys?, and b. Why isn't this a problem for Windows too?

[-] naonintendois@programming.dev 75 points 5 days ago

From https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/8/html/managing_monitoring_and_updating_the_kernel/signing-a-kernel-and-modules-for-secure-boot_managing-monitoring-and-updating-the-kernel: "In addition, the signed first-stage boot loader and the signed kernel include embedded Red Hat public keys. These signed executable binaries and embedded keys enable RHEL 8 to install, boot, and run with the Microsoft UEFI Secure Boot Certification Authority keys. These keys are provided by the UEFI firmware on systems that support UEFI Secure Boot."

Basically the Microsoft keys are ones that the firmware vendor (motherboard or chip manufacturer) recognizes as secure by default (via CA validation). You can override them. It's not a Linux issue but a hardware-vendor-defaulting-to-Microsoft issue.

[-] 30p87@feddit.org 55 points 5 days ago

Another way that secure boot is snake oil, useless, locked in bullshit.

[-] Maiq@lemy.lol 18 points 5 days ago

This one wishes you a happy sweet roll!

[-] RedSnt@feddit.dk 6 points 5 days ago

🥳🎉🎂

load more comments (9 replies)

[-] fruitycoder@sh.itjust.works 6 points 5 days ago

If security is the actual I'd even argue you SHOULD over ride them. It's like the default password on your home router

[-] naonintendois@programming.dev 9 points 5 days ago

You're not wrong, but unfortunately it's not simple and can brick your motherboard if you make a mistake. I wouldn't expect the average Linux user to do it these days. It can also depend on the hardware. If they don't expose any ability to change the keys you're stuck.

load more comments (1 replies)

[-] demizerone@lemmy.world 40 points 5 days ago

Microsoft has spent the time and money to get their key added to the silicone of the BIOS chips on PC hardware. Everyone else needs to get their key signed by Microsoft, including Red Hat and Canonical.

[-] atomicbocks@sh.itjust.works 19 points 5 days ago

Silicone =/= silicon.

[-] ExLisper@lemmy.curiana.net 7 points 5 days ago

What about silly cone?

[-] Whostosay@sh.itjust.works 6 points 5 days ago

=/= ≠ ≠/!=/<>/~=

load more comments (8 replies)

[-] SpaceNoodle@lemmy.world 19 points 5 days ago

BIOS has tiddy implants?

[-] elvith@feddit.org 11 points 5 days ago

Made in silicone valley

[-] princessnorah@lemmy.blahaj.zone 7 points 5 days ago

I hear there's a bad dragon that lives there.

[-] cadekat@pawb.social 18 points 5 days ago

Every manufacturer includes the Microsoft secure boot key in their firmware. I'm not sure if any manufacturer includes a Linux-specific key. So Microsoft signed a bootloader with their key, enabling secure boot to work with Linux without having to load another key onto every device.

[-] CrabAndBroom@lemmy.ml 10 points 5 days ago

AFAIK it's not necessarily about Linux using Microsoft keys, it's more about Microsoft shoe-horning their bullshit into everything they possibly can, including at the hardware/firmware level.

[-] k0e3@lemmy.ca 29 points 5 days ago

I'm fairly new to Linux, so I'm wondering if someone could confirm.

I ran bootctl status in the terminal and saw "Secure Boot: disabled". That means I'm in the clear, right?

[-] setenforce@sh.itjust.works 15 points 5 days ago

Yep!

load more comments (1 replies)

[-] Bluewing@lemmy.world 6 points 4 days ago

It would appear that major distros like RedHat/Fedora, Ubuntu, Debian, etc are not overly concerned at this point. I would suspect that if they truely feared this happening, they would be moving very quickly to create patches or work arounds for this problem.

[-] hbar@lemmy.ml 5 points 4 days ago

So my old Lenovo x220 that started as Windows and since then I wiped and installed pop os with full disk encryption is going to have a problem?

[-] icedterminal@lemmy.world 8 points 4 days ago

Secure boot will fail validation. You can still boot it anyway by disabling secure boot. You just lose a layer of security. You can manually sign boot files yourself and add the relevant certificate to the motherboard firmware database. Assuming it lets you.