From nobody Tue Nov 30 12:29:31 2021 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 9115F18C6856 for ; Tue, 30 Nov 2021 12:29:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4J3M3b20Tgz4tCP for ; Tue, 30 Nov 2021 12:29:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 245E5162D1 for ; Tue, 30 Nov 2021 12:29:31 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 1AUCTVKv084854 for ; Tue, 30 Nov 2021 12:29:31 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 1AUCTVw0084853 for bugs@FreeBSD.org; Tue, 30 Nov 2021 12:29:31 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 260138] TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase Date: Tue, 30 Nov 2021 12:29:31 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: feature, loader, patch-ready, security, uefi X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: s.adaszewski@gmail.com X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status keywords bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1638275371; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=O9rhoHy0O8u54tyRdH2l3mSSDtTFPAZCMKT1gHCs1nM=; b=jRl8GtnWoe2libBdnl8HMfiwDGBJyZoZspZ8Ea6BS8FaleACIseRaXFp/4ilgXivB4Wfzq ocly/VTMu7QGNkfnLH1Hlc1ed4m0c3yqrFewKK5k8r8tZmsnKwHvNRRM86FBCRKbR4f1a4 67a3/LTkZJaGTqEQ6ofJe0RnRw0AQxrnSrG7ek4EdinjbXyIpNfWRQmS77dJARZGf/dYPs py+YKXhD+l4I5nsdg6mIxrNet/JkKPXTMd5TsVEJ+pfrIOvlCoYMP46qthnd01w8gqPI55 XU9Lf/xYAoDYVxe7eAFrZjqFfmHzVuqCMulMLL/6lHlwUL7/jcnfwYh+6UZgbQ== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1638275371; a=rsa-sha256; cv=none; b=o4EQ5SE/zYVUjLsEtTUXaL2K7em/5PDKwd5ksK8F6yHk/sXgenHFY/f6gElnbXYl5HVGSH nxrdBhVrFu+1r0mJMVWDApCGFxRfaeJYirm18BWUtkqsqQXvEjCyVcGUV9N+70kJedWqek QlK5SKZpXq7CcBV6QlxObmkfBg3+QmTfdkxhEaISAJmEEePvL3hWzZHWUZ0GHmtfULQP97 3Qj7NAmmOlfY/aSlTkMpAkZ0Sf1CmxGbeGwIM+f77Sc3RQ0gcUsN613N7YTfKIE0w0ZliC iA12wdZ2oc8iXN8pK45SCegt9JEMEOfgPd47BetWv/gjjwNIqV8P9AGhiC9QJA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D260138 Bug ID: 260138 Summary: TPM2 Support in bootloader / kernel in order to retrieve GELI passphrase Product: Base System Version: 13.0-RELEASE Hardware: amd64 OS: Any Status: New Keywords: feature, loader, patch-ready, security, uefi Severity: Affects Many People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: s.adaszewski@gmail.com This is a PULL REQUEST for: https://github.com/sadaszewski/freebsd-src/compare/main...main-cherry-pick-= tpm-support-in-stand See https://lists.freebsd.org/archives/freebsd-hackers/2021-November/000504.html for the discussion. The referenced patch implements the support for TPM2 in the EFI bootloader and in the kernel in order to allow for storage and retrievel of a GELI passphrase in a TPM2 module, protected with a PCR policy, and boot into (and only into) the corresponding "safe" boot filesystem and root filesystem, identified by means of a secret marker. The way the bootloader behavior is modified is the following: 1) before calling efipart_inithandles(), an attempt to retrieve the passphrase from a TPM2 module might be performed - how this is achieved is described later on. 2) if a passphrase is indeed retrieved, then after determining currdev, the currdev is checked for the presence of a /.passphrase_marker file which must contain the sha256 of the passphrase as retrieved from the TPM (and an optional salt). This is supposed to ensure that we do not end up booting an environment not on the device we just unlocked with the passphrase. 3a) If all is go, the autoboot_delay is set to -1 in order to prevent any interaction and continue the boot process of the "safe" environment. A 'kern.geom.eli.passphrase.from_tpm2.passphrase' variable is set to the passphrase from TPM in order for kernel use later, as well as a kern.geom.eli.passphrase.from_tpm2.was_retrieved'=3D'1' variable. 3b) If the passphrase marker does not match, the bootloader cleans up GELI keys, the TPM passphrase and kern.geom.eli.passphrase and exits. The way the kernel behavior is modified is the following: 1) In init_main.c, after vfs_mountroot() a check is performed (by means of EVENTHANDLER_REGISTER). 2a) If kern.geom.eli.passphrase.from_tpm2.was_retrieved is not set to 1, then we do nothing and continue the boot process 2b) If the was_retrieved variable is set to '1' then we check for the same passphrase marker as the bootloader, its content compared against the 'kern.geom.eli.passphrase.from_tpm2.passphrase' variable. 3a) If all is go, the passphrase variable is unset and the boot process continues, 3c) If the passphrase marker does not match, we panic. The configuration of the bootloader for this procedure looks the following: 1) We set an efivar KernGeomEliPassphraseFromTpm2NvIndex to contain the TPM2 NV Index we store our passphrase in, e.g. 0x1000001 2) We set an efivar KernGeomEfiPassphraseFromTpm2PolicyPcr to contain the PCR policy used to secure the passphrase, e.g. sha256:0,2,4,7 3a) If both are set, the bootloader will attempt to retrieve the passphrase and behave in the modified way described above 3b) Otherwise, it behaves as the vanilla version and will ask for GELI passphrases if necessary The configuration of the TPM and the passphrase marker looks the following: 1) echo -n "passphrase" | sha256 >/.passphrase_marker 2) chmod 600 /.passphrase_marker 3) tpm2_createpolicy -L policy.digest --policy-pcr -l sha256:0,2,4,7 4) tpm2_nvdefine -Q 0x1000001 -s `wc -c /.passphrase_marker` -L policy.digest -A "policyread|policywrite" 5) tpm2_nvwrite -Q 0x1000001 -i /.passphrase_marker -P pcr:sha256:0,2,4,7 --=20 You are receiving this mail because: You are the assignee for the bug.=