diff options
| author | Alejandro Soto <alejandro@34project.org> | 2025-07-27 16:16:07 -0600 |
|---|---|---|
| committer | Alejandro Soto <alejandro@34project.org> | 2025-07-30 21:14:24 -0600 |
| commit | bc017e57b9cff885d79245748dd45e95a09b961b (patch) | |
| tree | 18c54fbc325dff5ca18719b838aac7421c7bc789 | |
| parent | 33707eb9d2423115f9ae5c4633c774363396abde (diff) | |
sys/boot/tpm: enforce passwordless TPM chain-of-trust for LUKS unlock
| -rw-r--r-- | sys/boot/detached-luks.nix | 29 | ||||
| -rw-r--r-- | sys/boot/tpm.nix | 33 |
2 files changed, 46 insertions, 16 deletions
diff --git a/sys/boot/detached-luks.nix b/sys/boot/detached-luks.nix index 1e7cc2b..8be7de1 100644 --- a/sys/boot/detached-luks.nix +++ b/sys/boot/detached-luks.nix @@ -68,27 +68,28 @@ in mount -o ro -t ${bootFs.fsType} ${bootFs.device} /initrd-boot '' + optionalString tpmInitrd '' mkdir /tpm + touch ${escapeShellArg hardwareKeyPath} - tpm2 createprimary -Q -C owner -g sha256 -G ecc -c /tpm/prim.ctx + unseal_tpm_key() { + tpm2 createprimary -Q -C owner -g sha256 -G ecc -c /tpm/prim.ctx || return - tpm2 loadexternal -Q -C owner -G rsa -u ${tpmPath}/signing-key.pub -c /tpm/signing-key.ctx -n /tpm/signing-key.name - tpm2 verifysignature -Q -c /tpm/signing-key.ctx -g sha256 -m ${tpmPath}/auth.policy -s ${tpmPath}/auth.sig -t /tpm/verified.ticket -f rsassa + tpm2 loadexternal -Q -C owner -G rsa -u ${tpmPath}/signing-key.pub -c /tpm/signing-key.ctx -n /tpm/signing-key.name || return + tpm2 verifysignature -Q -c /tpm/signing-key.ctx -g sha256 -m ${tpmPath}/auth.policy -s ${tpmPath}/auth.sig -t /tpm/verified.ticket -f rsassa || return - tpm2 startauthsession -Q -S /tpm/session.ctx --policy-session + tpm2 startauthsession -Q -S /tpm/session.ctx --policy-session || return - tpm_resets=`tpm2 readclock | grep reset_count | sed 's/.*: //g'` - tpm2 policycountertimer -Q -S /tpm/session.ctx resets="$tpm_resets" - tpm2 policypcr -Q -S /tpm/session.ctx -l sha256:${pcrList} - tpm2 policyauthorize -Q -S /tpm/session.ctx -i ${tpmPath}/auth.policy -n /tpm/signing-key.name -t /tpm/verified.ticket + tpm_resets=`tpm2 readclock | grep reset_count | sed 's/.*: //g'` + tpm2 policycountertimer -Q -S /tpm/session.ctx resets="$tpm_resets" || return + tpm2 policypcr -Q -S /tpm/session.ctx -l sha256:${pcrList} || return + tpm2 policyauthorize -Q -S /tpm/session.ctx -i ${tpmPath}/auth.policy -n /tpm/signing-key.name -t /tpm/verified.ticket || return - tpm2 load -Q -C /tpm/prim.ctx -u ${tpmPath}/key.pub -r ${tpmPath}/key.priv -c /tpm/key.ctx - tpm2 unseal -Q -c /tpm/key.ctx -p session:/tpm/session.ctx -o /tpm/unsealed.luks-key + tpm2 load -Q -C /tpm/prim.ctx -u ${tpmPath}/key.pub -r ${tpmPath}/key.priv -c /tpm/key.ctx || return + tpm2 unseal -Q -c /tpm/key.ctx -p session:/tpm/session.ctx -o ${escapeShellArg hardwareKeyPath} || return - echo "Unsealed!" - cat /tpm/unsealed.luks-key - echo "Unsealed! END" + tpm2 flushcontext /tpm/session.ctx + } - tpm2 flushcontext /tpm/session.ctx + unseal_tpm_key ''; postOpenCommands = mkBefore ('' diff --git a/sys/boot/tpm.nix b/sys/boot/tpm.nix index 4093e47..196c406 100644 --- a/sys/boot/tpm.nix +++ b/sys/boot/tpm.nix @@ -22,9 +22,22 @@ with lib; let # Genera auth.policy y auth.sig tpm2-grant-next-boot = pkgs.writeShellApplication { name = "tpm2-grant-next-boot"; - runtimeInputs = [ pkgs.openssl pkgs.tpm2-tools ]; + + runtimeInputs = [ + pkgs.jq + pkgs.openssl + pkgs.sbctl + pkgs.tpm2-tools + ]; text = '' + if [ -z "$YES_I_DO_WANT_TO_SIGN_WITH_SECURE_BOOT_DISABLED" ] && [ "$(sbctl status --json | jq .secure_boot)" != "truee" ]; then + echo "$0: bad Secure Boot state, check the output of \`sbctl status\`" >&2 + echo "$0: signing a TPM PCR policy with Secure Boot disabled is dangerous" >&2 + echo "$0: set 'YES_I_DO_WANT_TO_SIGN_WITH_SECURE_BOOT_DISABLED' to skip this check" >&2 + exit 1 + fi + ctx_dir="$(mktemp -d)" trap 'rm -rf -- "$ctx_dir"' EXIT @@ -53,7 +66,23 @@ in pcrs = mkOption { type = with types; listOf (ints.between 0 23); - default = [ 0 2 7 8 11 ]; + + # From 'systemd-analyze pcrs' + default = [ + 0 # platform-code + 1 # platform-config + 2 # external-code + 3 # external-config + 4 # boot-loader-code + 5 # boot-loader-config + 7 # secure-boot-policy + 9 # kernel-initrd + 11 # kernel-boot + 12 # kernel-config + 13 # sysexts + 14 # shim-policy + + ]; }; }; }; |