Re: [systemd-devel] dm-integrity volume with TPM key?
On Fr, 08.10.21 21:15, Sebastian Wiesner (sebast...@swsnr.de) wrote: > Am Montag, dem 04.10.2021 um 14:49 +0200 schrieb Lennart Poettering: > > On Do, 30.09.21 21:20, Sebastian Wiesner (sebast...@swsnr.de) wrote: > > > > > Hello, > > > > > > thanks for quick reply, I guess this explains the lack of > > > instructions > > > > btw, coincidentally this was posted on github on the day you posted > > this: > > > > https://github.com/systemd/systemd/pull/20902 > > > > so hopefully we'll have te missing tools in place soon too. > > Great, so it looks as if everything's in place with systemd 250 > perhaps? Dunno, we'll see, if the submitter rolls another revision possibly, but it all depends on that. Would love to see this happen, but right now the ball is in the field of the submitter of that PR. Lennart -- Lennart Poettering, Berlin
Re: [systemd-devel] dm-integrity volume with TPM key?
Am Montag, dem 04.10.2021 um 14:49 +0200 schrieb Lennart Poettering: > On Do, 30.09.21 21:20, Sebastian Wiesner (sebast...@swsnr.de) wrote: > > > Hello, > > > > thanks for quick reply, I guess this explains the lack of > > instructions > > btw, coincidentally this was posted on github on the day you posted > this: > > https://github.com/systemd/systemd/pull/20902 > > so hopefully we'll have te missing tools in place soon too. Great, so it looks as if everything's in place with systemd 250 perhaps? > > As a workaround you'd use a regular file key for dm-integrity and > > put > > that on a TPM-protected partition, if I understand you correctly? > > yes. > > > I.e. you'd > > > > 1. enable secureboot (custom keys or shim), > > 2. bundle kernel & initrd into signed UEFI image for systemd-boot, > > 3. make / a LUKS-encrypted parition with systemd-cryptenroll, bound > > to > > the TPM (perhaps PCR 0 and 7) aund unlocked automatically at boot, > > only pcr 7, for the reasons explained in the blog story. Alright :) > > 4. make /home a dm-integrity partition, with a regular keyfile from > > e.g. /etc/integrity.key (which is on the encrypted partition), and > > actually, after thinking a bit more about this I figure the ultimate > path for this would be /etc/integritysetup-keys.d/home.key – because > we already implemented in systemd-cryptsetup a scheme where we search > for the encryption key for volume xyz in > /etc/cryptsetup-keys.d/xyz.key, and we should probably do it similar > for verity keys, too. > > > 5. use homed for LUKS-encrypted home areas on /home? > > > > Does this sound reasonable? > > Yes! Thanks :) Looking forward to try this. Cheers, Basti
Re: [systemd-devel] dm-integrity volume with TPM key?
On Do, 30.09.21 21:20, Sebastian Wiesner (sebast...@swsnr.de) wrote: > Hello, > > thanks for quick reply, I guess this explains the lack of > instructions btw, coincidentally this was posted on github on the day you posted this: https://github.com/systemd/systemd/pull/20902 so hopefully we'll have te missing tools in place soon too. > As a workaround you'd use a regular file key for dm-integrity and put > that on a TPM-protected partition, if I understand you correctly? yes. > I.e. you'd > > 1. enable secureboot (custom keys or shim), > 2. bundle kernel & initrd into signed UEFI image for systemd-boot, > 3. make / a LUKS-encrypted parition with systemd-cryptenroll, bound to > the TPM (perhaps PCR 0 and 7) aund unlocked automatically at boot, only pcr 7, for the reasons explained in the blog story. > 4. make /home a dm-integrity partition, with a regular keyfile from > e.g. /etc/integrity.key (which is on the encrypted partition), and actually, after thinking a bit more about this I figure the ultimate path for this would be /etc/integritysetup-keys.d/home.key – because we already implemented in systemd-cryptsetup a scheme where we search for the encryption key for volume xyz in /etc/cryptsetup-keys.d/xyz.key, and we should probably do it similar for verity keys, too. > 5. use homed for LUKS-encrypted home areas on /home? > > Does this sound reasonable? Yes! Lennart -- Lennart Poettering, Berlin
Re: [systemd-devel] dm-integrity volume with TPM key?
Hello, thanks for quick reply, I guess this explains the lack of instructions ^^ As a workaround you'd use a regular file key for dm-integrity and put that on a TPM-protected partition, if I understand you correctly? I.e. you'd 1. enable secureboot (custom keys or shim), 2. bundle kernel & initrd into signed UEFI image for systemd-boot, 3. make / a LUKS-encrypted parition with systemd-cryptenroll, bound to the TPM (perhaps PCR 0 and 7) aund unlocked automatically at boot, 4. make /home a dm-integrity partition, with a regular keyfile from e.g. /etc/integrity.key (which is on the encrypted partition), and 5. use homed for LUKS-encrypted home areas on /home? Does this sound reasonable? That's actually not too hard to setup on Arch :) Cheers, Basti Am Donnerstag, dem 30.09.2021 um 10:15 +0200 schrieb Lennart Poettering: > On Mi, 29.09.21 21:53, Sebastian Wiesner (sebast...@swsnr.de) wrote: > > > Hello, > > > > "Authenticated Boot and Disk Encryption on Linux" [1] suggests to > > "make > > /home/ its own dm-integrity volume with a HMAC, keyed by the TPM" > > when > > using systemd-homed for user home directories. > > > > I'd like to try that but… how? I can use systemd-cryptenroll to > > make a > > encrypted volume with a TPM key, but how do I make a dm-integrity > > volume with a TPM key? I've gone through the manpage for > > integritysetup and did a few unsuccessful google searches, but I've > > not > > found any answer. > > It's not easy to find, because it doesn't exist. ;-) > > We have the TPM stuff in place, and we cover both cryptsetup + > veritysetup pretty nicely. We are still missing the final glue here > though. systemd-integritysetup + /etc/integritytab. The hard plumbing > problems are all solved, what's missing is just putting together the > porcelain for it. > > I had hope that libcryptsetup would support a mode where we can use a > LUKS2 superblock with only dm-integrity without dm-crypt (which would > give us proper key management for this thing). But the idea is not > attractive to the libcryptsetup people unfortunately, as it turns > out. > > My current thinking how I'd personally deploy this is actually not > necessarily by directly enrolling the HMAC key for dm-integrity with > the TPM, but instead just piggyback things to an otherwise protected > /etc/ or /var/. i.e. define a key file /etc/integrity.key (with a > fallback to /var/lib/integrity.key) or similar, that is used as > implicit HMAC key for all dm-integrity needs. Then, because (at least > in my idealized view) /etc or /var are authenticated territory (bound > to TPM) we get the property we want, indirectly. > > Lennart > > -- > Lennart Poettering, Berlin
Re: [systemd-devel] dm-integrity volume with TPM key?
On Mi, 29.09.21 21:53, Sebastian Wiesner (sebast...@swsnr.de) wrote: > Hello, > > "Authenticated Boot and Disk Encryption on Linux" [1] suggests to "make > /home/ its own dm-integrity volume with a HMAC, keyed by the TPM" when > using systemd-homed for user home directories. > > I'd like to try that but… how? I can use systemd-cryptenroll to make a > encrypted volume with a TPM key, but how do I make a dm-integrity > volume with a TPM key? I've gone through the manpage for > integritysetup and did a few unsuccessful google searches, but I've not > found any answer. It's not easy to find, because it doesn't exist. ;-) We have the TPM stuff in place, and we cover both cryptsetup + veritysetup pretty nicely. We are still missing the final glue here though. systemd-integritysetup + /etc/integritytab. The hard plumbing problems are all solved, what's missing is just putting together the porcelain for it. I had hope that libcryptsetup would support a mode where we can use a LUKS2 superblock with only dm-integrity without dm-crypt (which would give us proper key management for this thing). But the idea is not attractive to the libcryptsetup people unfortunately, as it turns out. My current thinking how I'd personally deploy this is actually not necessarily by directly enrolling the HMAC key for dm-integrity with the TPM, but instead just piggyback things to an otherwise protected /etc/ or /var/. i.e. define a key file /etc/integrity.key (with a fallback to /var/lib/integrity.key) or similar, that is used as implicit HMAC key for all dm-integrity needs. Then, because (at least in my idealized view) /etc or /var are authenticated territory (bound to TPM) we get the property we want, indirectly. Lennart -- Lennart Poettering, Berlin
[systemd-devel] dm-integrity volume with TPM key?
Hello, "Authenticated Boot and Disk Encryption on Linux" [1] suggests to "make /home/ its own dm-integrity volume with a HMAC, keyed by the TPM" when using systemd-homed for user home directories. I'd like to try that but… how? I can use systemd-cryptenroll to make a encrypted volume with a TPM key, but how do I make a dm-integrity volume with a TPM key? I've gone through the manpage for integritysetup and did a few unsuccessful google searches, but I've not found any answer. I'd appreciate some pointers into the right direction. Cheers, Basti [1]:https://0pointer.net/blog/authenticated-boot-and-disk-encryption-on-linux.html
