Define stboot threat model
Some types of access potentially available to the attacker:
- Physical access: can connect attacker's hardware inside and outside of the machine
- Console access: attacker can access "bios menus", e.g., modify settings related to secure boot. Could be locally, or remote access via the BMC.
- Access to local network, e.g., the LAN used for management, downloading OS packages for booting, etc.
- Access to run code inside the OS package, as root or as some other user. E.g., effect of a remote exploit.
- Time: Does attacker get only temporary access (of some of the above types), or continuous access?
Some potential attack objectives:
- Unauthorized use networking and computational resources, e.g., joining a bot network.
- Access to server storage (many flavors of storage, both "real" disks and the assortment of flash memory used, either read or write access).
- Access to restricted hardware, e.g., getting the TPM to sign or decrypt. Access to security sensitive flash memory can also be placed in this bucket rather than the general "storage" bucket.
- Attacking the operator's interests in the server, e.g., getting access to operator's private data.
- Attacking the users' interests in the server, e.g., getting access to user data.
- Impersonation of the machine identity or user identities to others.
We need to document which kind of attackers and attacks we aim for stboot to prevent or detect. Some may be infeasible to protect against, or require additional defenses than just deploying stboot.
According to stprov#19 (closed), there may be some related analysis for the internal predecessor of the stprov tool.