Hey devs :) I'm collaborating on the Heads project, which is a linux Coreboot payload which enforces firmware tamper evidence through TPMTOTP and visually through Librem Key HOTP, resulting in the Librem Key/Nitrokey Pro/Nitrokey Storage to flash green if integrity is as expected or red otherwise. Boot integrity is attested through checksumming all /boot files into a digest that is validated automatically against user's signed one with user's public key inserted into the rom.
Heads is meant to be "the other side of tails" to permit trusted persistence in QubesOS installation. I've developped a OEM->User ReOwnership wizard that permits OEM to preinstall QubesOS in a LUKS container, sealing the firmware through TPMTOTP and HOTP (for which the resulting QRCode is sent to customer over secured communication channels prior to reception with actual Disk Recovery Key passphrase) while sending the Librem Key/Nitrokey Pro for the user to validate himself that neither the firmware nor the /boot configurations have been tampered with in transit. The Reownership wizard then takes advantage of the linux recovery environment to enforce the reownership by proposing the user EFF diceware passphrases meeting minimal requirements, reencrypting the provided sdcard and SSD drive with his new Disk Recovery Key passphrase, reowning shipped Librem Key/Nitrokey Pro and generating the public key that is flashed into the rom, reowns the TPM and reseals TPMTOTP and HOTP secrets with his new Librem Key/Nitrokey Pro, while setting a Disk Unlock Key into the LUKS header, released by the TPM only if the firmware measurements matches. The details are here <https://github.com/osresearch/heads/pull/551/> Now the problem. Heads also permits to boot ISOs from USB partition. No problem here since Tails supports usb devices. But it doesn't seem to support mmc and sdhci modules required to be able to boot from the memory expansion slot (ricoh) <https://github.com/osresearch/heads/pull/551/files#diff-893be823b299bd80d45c36112bbbf1e3R24>card on the X230. As a result, the sdcard is mounted <https://github.com/osresearch/heads/pull/551/files#diff-9a66e05586b37d4779ee1eb88802e759R259>, the validatity of Tails ISO integrity <https://github.com/osresearch/heads/blob/master/initrd/bin/kexec-iso-init#L20> against rom internal distro keys <https://github.com/osresearch/heads/blob/master/initrd/etc/distro/keys/tails.key> succeeds, the ISO iso mounted consequently and the kernel is kexec'ed <https://github.com/osresearch/heads/blob/master/initrd/bin/kexec-iso-init#L48>, but the initrd fails to find the original mounted device by uuid <https://github.com/osresearch/heads/issues/581#issuecomment-501414411> to continue init from within booted Tails kernel? Is it possible for you guys to add mmc and sdhci modules <https://github.com/osresearch/heads/pull/551/files#diff-893be823b299bd80d45c36112bbbf1e3R24>? My next goal being to support a stateless X200 inside of heads, the same missing pieces would be required to support integrity validated ISO images from being booted from the memory expension slot' sdcard drive. Thanks for your time! Thierry Laurion / Insurgo Open Technologies
_______________________________________________ Tails-dev mailing list [email protected] https://www.autistici.org/mailman/listinfo/tails-dev To unsubscribe from this list, send an empty email to [email protected].
