[systemd-devel] TPMs on Linux (was Re: Make systemd-localed modify the kernel commandline for the initrd keymap?)

Fri Sep 27 16:26:11 UTC 2019

On Fri, Sep 27, 2019 at 3:33 PM Mantas Mikulėnas <grawity at gmail.com> wrote:

>
> On Fri, Sep 27, 2019 at 3:18 PM Alberto Ruiz <aruiz at redhat.com> wrote:
>
>>
>>
>> On Fri, Sep 27, 2019 at 12:50 PM Lennart Poettering <mzerqung at 0pointer.de>
>> wrote:
>>
>>> On Mi, 25.09.19 16:50, Hans de Goede (hdegoede at redhat.com) wrote:
>>>
>>> > Hi all,
>>> >
>>> > Currently, at least in Fedora, but I do not believe that this problem
>>> is
>>> > unique to Fedora, there are 2 problems with keymap handling in the
>>> > initrd.
>>>
>>> Hmm, why do you need a correct initrd in the early boot? I can see two
>>> reasons:
>>>
>>> 1. full disk encryption with the user typing in the password on the
>>>    kbd. But isn't the answer to this to link the root OS to the tpm
>>>    instead, and use user-keyed crypto only for $HOME? The OS itself
>>>    doesn't need to be protected after all, everbody should have the
>>>    same files there anyway, it's $HOME that needs protection.
>>>
>>
>> Some counterarguments here:
>> - The TPM does not protect you from someone stealing your entire laptop
>> and booting from external media,
>>
>
> It does, because one of the PCRs has the entire boot sequence embedded
> into it. If you seal the key and then boot something else, the TPM will
> refuse to unseal the key for you. The same can be applied to hash of the
> kernel image (and initrds, if someone patched systemd-boot to include them
> in PCR8), and/or to Secure Boot state as done by Windows.
>
>
>> - There are plenty of systems out there without a TPM module that Fedora
>> cares about
>>
>
> That's the main problem. Only two of my several still-reasonably-modern
> x64 machines have TPMs, and one of them is TPM 1.2 which requires the
> completely unmaintained Trousers stack.
>

As a side topic for systemd-homed, I kind of wish Linux had some actual
daemon that would take care of TPM stuff, like providing an API to seal
keys without requiring the user to care about which PCRs to use and worry
about what happens after kernel upgrades, and would work equally with both
TPM 2.0 and TPM 1.2. (Kind of like what ChromiumOS.git currently has in its
cryptohome bits?)

I'm not sure if that would be part of systemd(-tpmd), or part of SSSD which
has a "secrets" store, or something else.

I do already have a TPM-locked LUKS root filesystem, and some of the tools
involved in setting it up could very well be called "user-hostile". (To be
fair they just faithfully replicate the underlying API, but...)

(As a side topic to the side topic, I've been working on a hack to achieve
password-free unlocking like on Windows, but without involving Secure Boot:
https://github.com/grawity/tpm_futurepcr -- I'm not sure if it's the
brightest idea, but so far it does the job.)

-- 
Mantas Mikulėnas
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20190927/59d636fc/attachment-0001.html>