On 25.05.2024 10:00, Felix Rubio wrote:
Hi everybody,
For some time now I have been using UKIs, with SB enabled and tying FDE
decryption on PCRs 7+11+14, with the PCR 11 being measured during UKI
creation. Then, I use systemd-cryptenroll to update the secret:
PCR11=$(/usr/lib/systemd/ukify -c /etc/kernel/uki.conf --measure
--output=/tmp/arch-linux.efi build | grep 11:sha256)
systemd-cryptenroll --unlock-key-file=/root/creds/fdepassword.txt
--wipe-slot=tpm2 --tpm2-device=auto --tpm2-pcrs=7+11:sha256=d05ee4...+14
/dev/nvme0n1p5
This works, flawlessly. Now, I am exploring the possibility to not bind
to the value of those PCRS but to their signature, given that I am also
embedding that in the UKI (the correspondent .pcrsig section is in
place). However, I am a bit lost:
* in .pcrsig there is only the signature for pcr11, and there seems to
be no way to embed the signatures for other PCR values.
systemd-measure/ukify is only intended for measuring UKI in PCR 11.
* when used in cryptenroll, how should I use this? So far, seems should
be a call like
systemd-cryptenroll --unlock-key-file=/root/creds/fdepassword.txt
--wipe-slot=tpm2 --tpm2-device=auto
--tpm2-public-key=/root/creds/tpm2-pcr-public.pem
--tpm2-public-key-pcrs=
... but then I do not see what should be provided in
tpm2-public-key-pcrs.
These are PCRs for which you intend to provide signed policy. These PCRs
must be listed in JSON file that is given to systemd-cryptsetup as
tpm2-signature= parameter. The only PCR for which there is systemd tool
to compute it is PCR 11. You should be able to add other PCRs to this
JSON file and it should work, but you will need to compute the values
yourself.
Unfortunately, this is yet another case where systemd pretends to be
generic while in reality it is not.
Another problem is that systemd will silently add the literal PCR policy
for PCR 7 *in addition* to the signed policy you specify. See
https://github.com/systemd/systemd/issues/32946.
The same values I am currently giving to
--tpm2-pcrs?
Only PCR11 will work as it is the only PCR for which systemd-measure
will create the signature file. Other PCRs can additionally be used in
--tpm2-pcrs, but that sort of invalidates the whole point of the signed
policy.
You may consider using systemd-pcrlock instead.
the signatures that I get from the .pcrsig for 11 + the
calculated signatures for the current values of the PCRs 7 and 14?
Thank you very much for your time,
--
Felix Rubio
