| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
| |
Prompted by https://github.com/systemd/systemd/pull/35110#discussion_r1835885340
|
| |
|
|
|
| |
Let's move these to shared so we can reuse pe_hash() in the upcoming
systemd-sbsign.
|
| |
|
|
|
| |
All other tools (sbsigntools, osslsigncode, sbctl, goblin) do this
as well so let's follow suite.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We often used a pattern like if (!FLAGS_SET(flags, SD_JSON_FORMAT_OFF)),
which is rather verbose and also contains a double negative, which we try
to avoid. Add a little helper to avoid an explicit bit check.
This change clarifies an aditional thing: in some cases we treated
SD_JSON_FORMAT_OFF as a flag (flags & SD_JSON_FORMAT_OFF), while in other cases
we treated it as an independent enum value (flags == SD_JSON_FORMAT_OFF).
In the first form, flags like SD_JSON_FORMAT_SSE do _not_ turn the json
output on, while in the second form they do. Let's use the first form
everywhere.
No functional change intended.
Initially I wasn't sure if this helper should be made public or just internal,
but it seems such a common pattern that if we expose the flags, we might just
as well expose it too, to make life easier for any consumers.
|
| |
|
|
|
| |
If VirtualSize > SizeOfRawData, measure extra zeros to take into
account the extra zeros also measured by the stub.
|
| | |
|
| |
|
|
|
|
| |
The latest clang has started catching more integer promotions which
cause us to pass the wrong type to printf() format specifiers so let's
fix those.
|
| |
|
|
|
|
|
| |
This is a rework of e7a93e75219b22424bab95fe45982f5eef21d581: instead of
handling components with n_variants being zero at every step of the way, we instead
remove it from our list after loading all components, given that such a
component simply makes not sense for the rest of our logic.
|
| |
|
|
| |
Fixes: #33917
|
| |
|
|
|
|
|
|
|
|
| |
Such a policy won't provide any protection, but it's still entirely fine
to have it like this in various contexts, for example at OS install
time, to allocate the nvindex and reference it in enrollments. However,
it does deserve mention, hence log about it at LOG_NOTICE level.
This is based on a similar patch by Arnaud Patard
<arnaud.patard@collabora.com> proposed at #33663.
|
| |
|
|
|
|
|
|
| |
The .cred suffix is stripped from a credential as it is imported from
the ESP, hence it should not be included in the credential name embedded
in the credential.
Fixes: #33497
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Running the following commands:
# mkdir -p /var/lib/pcrlock.d/123-empty.pcrlock.d
# /usr/lib/systemd/systemd-pcrlock predict --pcr=1+2+3+4+5+16
Will result in:
...
Floating point exception
Running the following commands:
# mkdir -p /var/lib/pcrlock.d/123-empty.pcrlock.d
# /usr/lib/systemd/systemd-pcrlock make-policy --pcr=1+2+3+4+5+16
Will result to this (partial) log:
...
Predicted future PCRs in 133us.
[]
...
Written policy digest 0000000000000000000000000000000000000000000000000000000000000000 to NV index 0x1921da6
...
So, add missing checks to handle gracefully cases where there's no variant
inside the component.
Signed-off-by: Arnaud Patard <arnaud.patard@collabora.com>
|
| |
|
|
|
|
|
|
|
|
| |
It's time. sd-json was already done earlier in this cycle, let's now
make sd-varlink public too.
This is mostly just a search/replace job of epical proportions.
I left some functions internal (mostly IDL handling), and I turned some
static inline calls into regular calls.
|
| | |
|
| |
|
|
|
| |
It's very useful being able to determine the directory where to write
global boot credentials to, that are picked up by all kernels.
|
| |
|
|
|
|
| |
Let's keep the verb_lock_xyz() and verb_unlock_xyz() calls together, and
move event_log_reduce_to_safe_pcrs() which so far was in betwee them all
further down closer to where the function is actually used.
|
| |
|
|
|
|
| |
if we pass NULL boot_entry_token_ensure() will use its own default,
which is the same as what we passed so far explicitly, hence let's make
use of that.
|
| |
|
|
| |
into base64 and writes it to a file
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is preparation for making our Varlink API a public API. Since our
Varlink API is built on top of our JSON API we need to make that public
first (it's a nice API, but JSON APIs there are already enough, this is
purely about the Varlink angle).
I made most of the json.h APIs public, and just placed them in
sd-json.h. Sometimes I wasn't so sure however, since the underlying data
structures would have to be made public too. If in doubt I didn#t risk
it, and moved the relevant API to src/libsystemd/sd-json/json-util.h
instead (without any sd_* symbol prefixes).
This is mostly a giant search/replace patch.
|
| |
|
|
|
|
|
| |
If we are looking at a TPM1.2 event log the first log record will not be
the "EfiSpecIdEvent" but something else. Let's improve the log messages
about this, and say explicitly that this is likely not a TPM2.0 event
log.
|
| |
|
|
|
|
|
|
|
|
|
| |
- drop unnecessary SYNTHETIC_ERRNO() when the logger does not propagate
error code,
- drop unnecessary '%m' in error message when the error code is
specified with SYNTHETIC_ERRNO(),
- add missing full stop at the end of log message,
- use RET_GATHER(),
- add missing ", ignoring.",
- upeercase the first letter, etc., etc...
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
tpm2_context_new and logs about errors
We so far just print a short log message that is not very useful, let's
add some recognizable error codes, and output better log messages if we
can't get TPM stuff to work.
Fixes: #31925
|
| |
|
|
|
|
|
|
|
|
| |
To hash long files (like initrd) add the funcion
make_pcrlock_record_from_stream, that will read a long file (or stdin)
to generate the digests of multiple hashes, redading block by block.
Use this new function in verb_lock_raw and verb_lock_kernel_initrd.
Signed-off-by: Alberto Planas <aplanas@suse.com>
|
| |\
| |
| | |
Replace PolicyAuthValue by PolicySigned as access policy for pcrlock policy nvindex
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reworkds --recovery-pin= from a parameter that takes a boolean to
an enum supporting one of "hide", "show", "query".
If "hide" (default behaviour) we'll generate a recovery pin
automatically, but never show it, and thus just seal it and good.
If "show" we'll generate a recovery pin automatically, but display it in
the output, so the user can write it down.
If "query" we'll ask the user for a recovery pin, and not automatically
generate any.
For compatibility the old boolean behaviour is kept.
With this you can now do "systemd-pcrlock make-policy
--recovery-pin=show" to set up the first policy, write down the recovery
PIN. Later, if the PCR prediction didn't work out one day you can then
do "systemd-pcrlock make-policy --recovery-pin=query" and enter the
recovery key and write a new policy.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
We already have infrastructure for generating nice recovery keys, for
the usual cryptenroll recovery keys. Let's reuse them here, as they are
nicer to read and type than the base64 encoded randomness we so far
used.
Previously valid recovery keys remain valid, in their original format.
For future enrollments we'll however have nicer, easier recovery keys to
deal with.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
authValue anymore for the policy nvindex
We have now switched from PolicyAuthValue to PolicySigned to control
access to the policy nvindex to. This means there's no point in setting
an authValue on the nvindex anymore, hence drop this.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
PolicyAuthValue to PolicySigned (with an HMAC-SHA256 key)
So far the nvindex to store the pcrlock policy in was protected via a
PolicyAuthValue policy (i.e. with a simple PIN set on the nvindex).
That's a bad idea however, as it means an attacker can simply remove and
re-create the nvindex and the "name" of the nvindex does not change,
thus defeating the logic. (This is because the authValue is *not* part
of the "name" of an nvindex!).
Fix this by switching from PolicyAuthValue to PolicySigned with an
HMAC-SHA256 key. Behaviour is very similar: however, the PIN is now part
of of the access policy hash, which *is* part of the "name" of an
nvindex. Thus, if an attacker removes and recreates the nvindex it has
to provide the same PIN again or the "name" of the nvindex will change.
Mission accomplished.
I'd like to thank Chris Coulson for finding this issue (and helping me
address it). Thank you!
|
| | |
| |
| |
| |
| |
| |
| | |
Just some renaming. I found the old name a bit confusing since it sounds
as if this would get the pin from somewhere, but it really doesn't. It
just converts a PIN into an auth_value, and I think saying so explicitly
makes things easier to grok.
|
| |/
|
|
|
|
|
|
| |
Use FOREACH_ELEMENT where possible. Generated with this command,
and checked manually:
git grep -l 'FOREACH_ARRAY.*ELEMENTSOF' | \
xargs sed -ri 's/FOREACH_ARRAY\((.*), (.*), (ELEMENTSOF.*)\)/FOREACH_ELEMENT(\1, \2)/'
|
| |
|
|
|
|
|
|
| |
different order than in records
Apparently on HyperV the measurement logs announce the hash algs in a
different order in the header than the records have them. Let's handle
this gracefully
|
| |
|
|
|
|
|
|
| |
Let's drop the "systemd-" prefix from the credential name. We do not
prefix credentials that way so far. Don't do so here either.
The name is not really API, it's not documented, hence change it now
where we still can.
|
| |
|
|
|
|
|
|
|
|
|
| |
Rather than adding more and more parameters to ask_password_auto(), let's
pass a structure of the fields that often are constant anyway.
This way, callers can fill in what they need, and we take the filled
structure which we can pass around internally as one.
This is in particular preparation for adding one more field in one of
the next commits.
|
| |
|
|
|
| |
This can be used to make or delete a PCR policy via Varlink. It can also
be used to query the current event log in CEL format.
|
| |
|
|
|
|
| |
This way, we can reuse it later to generate Varlink replies
No change in behaviour, just some trivial split out.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
So far credentials are a concept for system services only: to encrypt or
decrypt credential you must be privileged, as only then you can access
the TPM and the host key.
Let's break this up a bit: let's add a "user-scoped" credential, that
are specific to users. Internally this works by adding another step to
the acquisition of the symmetric encryption key for the credential: if a
"user-scoped" credential is used we'll generate an symmetric encryption
key K as usual, but then we'll use it to calculate
K' = HMAC(K, flags || uid || machine-id || username)
and then use the resulting K' as encryption key instead. This basically
includes the (public) user's identity in the encryption key, ensuring
that only if the right user credentials are specified the correct key
can be acquired.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The OVMF UEFI firmware is measuring PK and KEK when secure boot is
disabled, and those variables are absent. This can be checked via the
event log to see that there are extensions for PCR 7 associated with PK
and KEK events of type EV_EFI_VARIABLE_DRIVER_CONFIG.
When running the "lock-secureboot-policy" verb, pcrlock complains that
those variables are not found and refuse to generate the
240-secureboot-policy.pcrlock.d/generated.pcrlock file.
The "TCG PC Client Platform Firmware Profile Specification Version 1.05
Revision 23"[1] from May 7, 2021, in section "3.3.4.8 PCR[7] - Secure
Boot Policy Measurements", point 10.b:
If reading a UEFI variable returns UEFI_NOT_FOUND, platform firmware
SHALL measure the absence of the variable. The
UEFI_VARIABLE_DATA.VariableDataLength field MUST be set to zero and
UEFI_VARIABLE_DATA.VariableData field will have a size of zero.
This patch mark those variables to be marked as "synthesize empty",
generating the correct hash for those variables.
Signed-off-by: Alberto Planas <aplanas@suse.com>
|
| |\
| |
| | |
Assign noDA attribute to TPM2 objects not dependant on a PIN
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fix the path for the generated.pcrlock files for the cmdline and initrd
cases. Without it the tool complains with:
Failed to parse component file /var/lib/pcrlock.d/720-kernel-initrd.pcrlock, ignoring: Is a directory
Signed-off-by: Alberto Planas <aplanas@suse.com>
|
| |/
|
|
| |
Signed-off-by: Alberto Planas <aplanas@suse.com>
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Follow-up for a43427013949
CID#1523832
|
| |
|
|
|
|
| |
I am sorry, I totally forgot adding emojis reflecting the state of each
PCR. I hope I can do better in future, and hereby I'd like to rectify
the situation a bit.
|
