#ReproducibleBuilds bug of the week:

We noticed our rootfs wouldn't reproduce between systems with different file systems. Diffing two rootfs tarballs led us to a diff in packed certificate bundle files.

All packages installed by the rpm-based package manager were pinned by hash, so how could these files differ? We noticed that the total file length was the same, so we assumed an ordering problem. Looking into the SPEC file of the ca-certificates package, we saw that these files were generated in a post install hook with p11-kit.

Checking the code, we noticed that p11-kit would get the certs files using readdir(). But the order in which readdir() returns files is undefined! (and likely depends on the inode numbers of the fs)

So here is our fix, sorting the input files by paths to extract a reproducible bundle output: https://github.com/p11-glue/p11-kit/pull/656

#Linux #RPM

Can you pull a container image with a known good digest from an untrusted registry?

It depends. Following the OCI distribution spec, a client is not required to validate the digest. Instead, the registry can send a header with another hash algorithm, and the client must validate using algo and hash from the header. A malicious registry can deliver both malicious manifests and blobs to a spec conform client.

Docker & containerd seem to check the digest as one might expect, many other clients don't.

My colleague @burger is proposing to tighten the spec and require clients to verify the digest if present: https://github.com/opencontainers/distribution-spec/issues/549

#container #security #OCI #containerd #Docker #Kubernetes #infosec

We just released what I've been working on for the past months: Contrast, a tool for managing Confidential Containers at scale.

https://github.com/edgelesssys/contrast by @edgelesssystems

Seamlessly integrating with managed #Kubernetes, it offers a fully verifiable software stack. Using Confidential Computing, it allows running sensitive workloads in the public cloud with robust security, safeguarding against the cloud provider. Contrast also features a drop-in, attestation-based service mesh solution to secure inter-deployment communication.

#Cloud #Security #ConfidentialComputing #Azure

Next Nix(OS) Learning Group Bochum meetup is around the corner, and we have an exiting new location!

2024/05/14, 18:00
at @daslabor

Learn how to use Nix as build system or discover the power of declarative system configuration!

Full annoncement (de): https://wiki.das-labor.org/w/Veranstaltung/6._Nix(OS)_Learning_Group_Meetup

#Nix #NixOS

Should #coreutils #dd support CoW / reflink / FICLONE / copy_file_range optimizations?

Currently, cp has support for this, but can only copy whole files.
If I want to combine sections of files into an output file, there is no simple userspace tool to do so with #CopyOnWrite semantics.
#linux #filesystem

Can a malicious cloud provider send bad notifications to break confidential VMs?

Disclosing #AhoiAttacks that break confidential computing offered by AMD SEV-SNP and Intel TDX by abusing interrupt delivery.

https://ahoi-attacks.github.io/

Our first attack #Heckler to appear Usenix Security 2024 breaks Intel TDX and AMD SEV-SNP by sending interrupts that trigger existing handlers to change the register state and variables in userspace. We break sshd, sudo, and other apps.

Our second attack #WeSee to appear IEEE Security & Privacy 2024 breaks AMD SEV-SNP by sending an interrupt specially introduced for SEV. Starting from a kernel read to arbitrary code injection, we gain a root shell.

Track CVE-2024-25742, CVE-2024-25743, CVE-2024-25744 for updates on fixes and patches.

A fantastic team effort by Benedict M. Schlüter, Supraja Sridhara, Andrin Bertschi, and Mark Kuhne!

I built a tool for image based linux / discoverable disk images:
https://github.com/malt3/ddi-tool

For now, it can update the embedded kernel cmdline of a UKI.
More features are in the pipeline.

#systemd #uapi #linux