Skip to content

stage0: fail closed unless Secure Boot enabled and Deployed Mode#7

Merged
HarryR merged 1 commit into
mainfrom
secure-boot-deployed-gate
Jul 9, 2026
Merged

stage0: fail closed unless Secure Boot enabled and Deployed Mode#7
HarryR merged 1 commit into
mainfrom
secure-boot-deployed-gate

Conversation

@HarryR

@HarryR HarryR commented Jul 8, 2026

Copy link
Copy Markdown
Contributor

What

stage0 reads SecureBoot and DeployedMode from the UEFI global variables at the very top of run() (before network bring-up) and refuses to boot -- via the existing fail-closed shutdown -- unless both are exactly 1. Reading them here, pre-ExitBootServices, is reliable, unlike later from Linux.

Why

It makes the platform state part of stage0's measured behaviour: since stage0's binary is pinned by its firmware measurement, "authentic stage0 ran" now implies Secure Boot was enabled and the platform was in Deployed Mode -- even on firmware that doesn't fold DeployedMode into PCR 7. State only: the release signing cert is ephemeral and unknown at build time, so key identity stays bound by the attested PCRs, not by anything checked here.

Verification

  • Compiles for x86_64-unknown-uefi via make.
  • make smoke-boot-x86_64: 5/5 modes still PASS -- the test boot.disk enrolls PK/KEK/db and virt-fw-vars --set-true DeployedMode --secure-boot, so the gate passes under the harness (and would fail-closed with a specific error otherwise).

🤖 Generated with Claude Code

Read SecureBoot and DeployedMode from the UEFI global variables at the top of
run() (before network bring-up) and refuse to boot -- routed to the existing
fail-closed shutdown -- unless both are exactly 1. Reading the variables here,
pre-ExitBootServices, is reliable (unlike later from Linux).

This folds the platform-state requirement into stage0's own behaviour: because
stage0's binary is pinned by its firmware measurement, "authentic stage0 ran"
now implies Secure Boot was enabled and the platform was in Deployed Mode --
even on firmware that does not measure DeployedMode into PCR 7. State only: the
release signing cert is ephemeral and unknown at build time, so key identity is
bound by the attested PCRs, not here.

Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
@HarryR HarryR marked this pull request as ready for review July 9, 2026 07:31
@HarryR HarryR merged commit 0bf7e9f into main Jul 9, 2026
3 checks passed
@HarryR HarryR deleted the secure-boot-deployed-gate branch July 9, 2026 07:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant