Signed Recovery

NIST SP800-193 defines three principles supporting platform resiliency:

  • Protection,

  • Detection

  • Recovery

Signed UEFI capsule update and Intel® BIOS Guard provide these protections. Intel® Boot Guard and OBB verification provide detection. If firmware corruption is detected, the firmware can perform recovery to prevent a permanent denial of service (PDOS) attack. EDK II implements a signed recovery (see Table 2-10).

Table 2-10: Firmware Recovery Verification

Item Entity Provider Location
TP Firmware Recovery Verification OEM Originally on flash, loaded into DRAM.
CDI Firmware Recovery TCB Code OEM Originally on flash, loaded into DRAM.
Firmware Recovery Signature Database (Policy) OEM Originally on flash, loaded into DRAM.
UDI Firmware Recovery Package OEM Originally on external storage (e.g. Hard drive, USB, Memory, or Flash), loaded into DRAM

Signing

The UDI is provided a new firmware image, the same as the UEFI Capsule Update implementation. The entire firmware binary must be signed using the OEM private key.

Public Key Storage

The OEM public key should be embedded in the original firmware & recovery launcher module.

Verification

If firmware corruption is detected during boot, the recovery boot path is triggered. In this scenario, TP is the firmware recovery launcher module. This module loads the recovery image from a known source and verifies the signature. If TP passes verification, the recovery image is loaded and the recovery launcher module transfers control to the recovery image. If recovery verification fails, the recovery image is discarded and the recovery launcher attempts to locate additional recovery images. If all recovery images fail verification, the recovery process is aborted.

NOTE: The signed recovery image itself may be updatable even if it is on the flash region.