Commit Graph

263 Commits

Author SHA1 Message Date
Lennart Poettering
a758a12870 cryptsetup: pass AskPasswordFlags down into pkcs11 module
The pkcs11 cryptsetup token module is a bit different from the tpm2 +
fido2 ones: it asks for the PIN itself, rather than bubbling up a
request to get a PIN. That's because it might need multiple, and because
we don't want to destroy a the pkcs11 session half-way and thus risk
increasing pin counters.

Hence, we sometimes ask for PINs from our code, rather than let the
libcryptsetup caller do that. So far we didn't pass the AskPasswordFlags
field down into the module though. Fix that.

Fixes: #28665
2023-11-03 09:51:53 +01:00
Lennart Poettering
00392b1437 cryptsetup: disable activation via token plugin if we shall measure the volume key
if we allow cryptsetup to activate a volume via token plugin we never
get access to the volume key, which we'd like to measure. Hence disable
token plugins in that case.

(I tempted to say we probably should disable them entirely, and only use
them if classic cryptsetup is used, but that's a discussion for another
day.)

Fixes: #29790
2023-11-02 22:37:52 +01:00
Lennart Poettering
58925605e7 cryptsetup: honour configured ask password flags also when activating via token
See: #28665 (this is not a fix for that PR though)
2023-11-02 22:37:46 +01:00
Lennart Poettering
c50a7776c1 cryptsetup: rename usrptr to userdata
Across our codebase we call the generic pointer "userdata", not
"userptr". Do so here too.
2023-11-02 22:37:17 +01:00
Dan Streetman
f9a0ee7554 tpm2: downgrade most log functions from error to debug
Because most TPM2 functions here are 'library-like' functions, they should be
at debug level, not error level.

The only functions not reduced to logging at debug are tpm2_list_devices(),
since it is expected to print output, and the tpm2_parse_pcr_argument_*()
functions, since the system-wide parse_*_argument() functions generally log at
error level.
2023-10-03 17:13:50 +01:00
Lennart Poettering
174e8e9897 Merge pull request #29345 from poettering/measured-uki-condition
pid1: introduce ConditionSecurity=measured-uki
2023-09-27 16:39:46 +02:00
Lennart Poettering
be8f478c0f efi-loader: rename efi_stub_measured() → efi_measured_uki()
Let's say "uki" rather than "stub", since that is just too generic, and
we shouldn't limit us to our own stub anyway, but generally define a
concept of a "measured UKI", which is a UKI that measures its part to
PCR 11.

This is mostly preparation for exposing this check to the user via
ConditionSecurity=.
2023-09-27 11:51:13 +02:00
Zbigniew Jędrzejewski-Szmek
5bae80bd44 cryptsetup: fail with error if extraneous arguments are specified
So far the program would silently ignore those… I think it's better to fail.
2023-09-26 16:21:31 +02:00
Zbigniew Jędrzejewski-Szmek
166015faf5 cryptsetup: add parse_argv() and implement --version
All public programs are expected to have that. The --help output is adjusted to
follow the usual style (highlighting, listing of options). The OPTIONS
positional argument is renamed to "CONFIG", because we now also have "OPTIONS…"
to describe the non-positional options.
2023-09-26 16:20:29 +02:00
Lennart Poettering
cb19bdaebf tpm2: whenever we measure, also write a tpm log record
Previously we only logged our measurements to the journal. This is not a
great solution though, since regular logs are subject to rotation, which
is something we really cannot have for measurements (as it means we can
never reproduce the PCR values from the data). Hence, let's maintain an
explicit log.

Ideally, we'd just use the TCG Canonical Event Log format 1:1
(https://trustedcomputinggroup.org/resource/canonical-event-log-format/).
However it's not a perfect fit fo us, for various reasons. But let's
follow it (in its JSON incantation) as closely at it makes sense, so
that it can easily be converted to the full format by programs consuming
it.

Code comments explain where we deviate from the TCG CEL-JSON, and what
to do about it when reading the data.
2023-08-30 12:59:34 +02:00
Lennart Poettering
e0e1f4f7a2 fundamental: rename tpm-pcr.h → tpm2-pcr.h
I always found it confusing that most of our TPM related definitions are
in tpm2-util.h, but the PCR names in tpm-pcr.h, without the "2". Let's
fix that and make this systematic, in particular as the definitions in
the file all start with TPM2_ already.

No code flow changes, just some renaming.
2023-08-24 13:40:37 +02:00
Lennart Poettering
2099cd6289 tpm2: unify symbolic name infra for PCRs
We so far maintained two places for symboic names for PCRs. One in
tpm2-util.h and one in tpm-pcr.h.

Let's unify this into one, i.e. move the full list from tpm2-util.h into
tpm-pcr.h, replacing the short list placed so far there.

Systematically prefix the definitions with TPM2_ or tpm2_, to follow how
we do this for all other defines in this context.

No change in behaviour, just unification of tables.
2023-08-24 13:40:37 +02:00
Zbigniew Jędrzejewski-Szmek
bb44fd0734 various: use _NEG_ macros to reduce indentation
No functional change intended.
2023-08-16 12:52:56 +02:00
Dan Streetman
07c0406117 tpm2: change tpm2_parse_pcr_argument() parameters to parse to Tpm2PCRValue array
In order to allow users to specify expected PCR values, change the
tpm2_parse_pcr_argument() to parse the text argument into an array of
Tpm2PCRValue objects, which provide not only the selected PCR indexes, but also
(optionally) the hash algorithm and hash value for each PCR index.
2023-08-04 10:57:07 -04:00
Dan Streetman
323eb4803a tpm2: add Tpm2PCRValue struct and associated functions
Add a new struct that can represent a PCR index, hash, and value all
together. This replaces code (e.g. the tpm2_pcr_read() parameters) that
required using both a TPML_PCR_SELECTION as well as array of TPM2B_DIGEST
entries, which was difficult to correlate the selection hash/index to each
digest.
2023-08-04 10:57:05 -04:00
Dmitry V. Levin
fbce715195 cryptsetup: cleanup use of ERRNO_IS_NOT_SUPPORTED()
Given that ERRNO_IS_NOT_SUPPORTED() also matches positive values,
make sure this macro is not called with arguments that do not have
errno semantics.

In this case the argument passed to ERRNO_IS_NOT_SUPPORTED() is the
value returned by find_tpm2_auto_data() which is not expected to return
any positive values, but let's be consistent anyway and move the
ERRNO_IS_NOT_SUPPORTED() invocation to the branch where
the return value is known to be negative.
2023-07-28 12:28:35 +00:00
Dan Streetman
1dc8f51841 tpm2: replace _cleanup_tpm2_* macros with _cleanup_()
Remove _cleanup_tpm2_context_ and _cleanup_tpm2_handle_ macros, replacing their
use with _cleanup_(tpm2_context_unrefp) and _cleanup_(tpm2_handle_freep),
respectively.
2023-06-08 01:09:08 +02:00
Frantisek Sumsal
cdece7e30a cryptsetup: avoid calling strv_find() on a NULL pointer
When the header= option comes before any other type= defining one, we
trip over an assertion:

Jun 04 15:45:33 H testsuite-24.sh[752]: + systemctl start systemd-cryptsetup@detached.service
Jun 04 15:45:33 H systemd[1]: Starting systemd-cryptsetup@detached.service...
Jun 04 15:45:33 H systemd-cryptsetup[4641]: Assertion 'name' failed at src/basic/strv.c:21, function strv_find(). Aborting.
...
Jun 04 15:45:33 H systemd-coredump[4643]: Process 4641 (systemd-cryptse) of user 0 dumped core.
...
                                          Stack trace of thread 4641:
                                          #0  0x00007ff9256afe5c __pthread_kill_implementation (libc.so.6 + 0x8ce5c)
                                          #1  0x00007ff92565fa76 raise (libc.so.6 + 0x3ca76)
                                          #2  0x00007ff9256497fc abort (libc.so.6 + 0x267fc)
                                          #3  0x00007ff926076047 log_assert_failed (libsystemd-shared-253.so + 0x276047)
                                          #4  0x00007ff9260ab317 strv_find (libsystemd-shared-253.so + 0x2ab317)
                                          #5  0x0000000000405927 parse_one_option (systemd-cryptsetup + 0x5927)
                                          #6  0x0000000000407793 parse_options (systemd-cryptsetup + 0x7793)
                                          #7  0x000000000040fa0c run (systemd-cryptsetup + 0xfa0c)
                                          #8  0x000000000041137f main (systemd-cryptsetup + 0x1137f)
                                          #9  0x00007ff92564a510 __libc_start_call_main (libc.so.6 + 0x27510)
                                          #10 0x00007ff92564a5c9 __libc_start_main@@GLIBC_2.34 (libc.so.6 + 0x275c9)
                                          #11 0x0000000000403915 _start (systemd-cryptsetup + 0x3915)
                                          ELF object binary architecture: AMD x86-64
2023-06-05 16:50:13 +02:00
Lennart Poettering
ffe0da297d {crypt|verity}setup: mention volume name in some error messages 2023-06-01 18:49:43 +02:00
Lennart Poettering
6747d9a13f cryptsetup: fix whitespace issue 2023-06-01 18:49:16 +02:00
Dan Streetman
9944909e68 tpm: remove external calls to dlopen_tpm2()
The calls outside tpm2-util.c are redundant, as tpm2_context_new()
is always called immediately after, which then calls dlopen_tpm2().
2023-05-31 09:23:21 -04:00
Klaus Zipfel
703902400d crypttab: Support for VeraCrypt PIM and detached headers for TrueCrypt/VeraCrypt (#27548)
* Added veracrypt-pim=<PIM> LUKS option for crypttab
2023-05-06 21:55:05 +01:00
Lennart Poettering
b96cc40a95 cryptsetup: downgrade a bunch of log messages that to LOG_WARNING
In all these cases we ignore the failure, hence per our rule the log
level should be below LOG_ERR. Fix that.
2023-05-04 05:03:16 +09:00
William Roberts
acbb504eaf tpm2: add support for a trusted SRK
Prevent attackers from spoofing the tpmKey portion of the AuthSession by
adding a trusted key to the LUKS header metadata. Also, use a persistent
object rather than a transient object.

This provides the following benifits:
1. No way to MITM the tpmKey portion of the session, see [1] for
details.

2. Strengthens the encrypted sessions, note that the bindKey could be
   dropped now.

3. Speed, once it's created we just use it.

4. Owner Auth is needed to call create primary, so using the SRK
   creates a scratch space for normal users.

This is a "first to set" model, in where the first person to set the key
in the LUKS header wins. Thus, setup should be done in a known good
state. If an SRK, which is a primary key at a special persistent
address, is found, it will use whatever is there. If not, it creates an
SRK. The SRK follows the convetions used through the tpm2-software
organization code on GitHub [2], however, a split has occured between
Windows and Linux with respect to SRK templates. The Linux SRK is
generated with the unique field size set to 0, in Windows, it properly
sets the size to key size in bytes and the unique data to all 0's of that
size. Note the proper templates for SRKs is covered in spec [3].
However, the most important thing, is that both SRKs are passwordless,
and thus they should be interchangable. If Windows is the first to make
the SRK, systemd will gladly accept it and vice-versa.

1. Without the bindKey being utilized, an attacker was able to intercept
this and fake a key, thus being able to decrypt and encrypt traffic as
needed. Introduction of the bindKey strengthened this, but allows for
the attacker to brute force AES128CFB using pin guesses. Introduction of
the salt increases the difficulty of this attack as well as DA attacks
on the TPM objects itself.

2. https://github.com/tpm2-software

3. https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf

Fixes: #20668
Fixes: #22637

Signed-off-by: William Roberts <william.c.roberts@intel.com>
2023-04-03 13:10:49 +02:00
Dan Streetman
aa07a4fa35 tpm2: add TPM2_PCR_VALID() 2023-03-09 10:46:19 -05:00
Dan Streetman
23e9ccc24a tpm2: use Tpm2Context* instead of ESYS_CONTEXT*
This is needed for later patches that use Tpm2Handle, which requires access
to the Tpm2Context.
2023-02-01 12:51:17 -05:00
Dan Streetman
68d084cee5 tpm2: use ref counter for Tpm2Context
This will be used by Tpm2Handle instances, which is added in later patches.

The refcounting allows the context to be retained until all Tpm2Handles have
been cleaned up, and the initial ref is released, before cleaning the context.
2023-02-01 12:51:17 -05:00
Dan Streetman
bd860983a6 tpm2: rename struct tpm2_context to Tpm2Context
This aligns with systemd coding guidelines for struct naming
2023-02-01 12:51:17 -05:00
Zbigniew Jędrzejewski-Szmek
2f6c52b919 shared/efi-loader: fix compilation with !ENABLE_EFI, improve messages
When compiled without ENABLE_EFI, efi_stub_measured() was not defined, so
compilation would fail. But it's not enough to add a stub that returns
-EOPNOTSUPP. We call this function in various places and usually print the error
at warning or error level, so we'd print a confusing message. We also can't add
a stub that always returns 0, because then we'd print a message like "Kernel
stub did not measure", which would be confusing too. Adding special handling for
-EOPNOTSUPP in every caller is also unattractive. So instead efi_stub_measured()
is reworked to log the warning or error internally, and such logging is removed
from the callers, and a stub is added that logs a custom message.
2023-01-24 23:07:21 +00:00
Yu Watanabe
d09df6b94e tree-wide: fix typo 2023-01-20 15:32:16 +09:00
William Roberts
aae6eb9611 tpm2: add salt to pin
Add a salt to the pin and store it in the TPM2 LUKS header for future
this. This adds entropy to user supplied pins and helps brute forcing
the passphrase on the key residing in the TPM or brute forcing bind key
encrypted sessions with low entropy passphrases.

Signed-off-by: malikabhi05 <abhishek.malik@intel.com>
Signed-off-by: William Roberts <william.c.roberts@intel.com>
2023-01-18 21:58:33 +00:00
Lennart Poettering
6c51b49ce0 tpm2: add common helper for checking if we are running on UKI with TPM measurements
Let's introduce a common implementation of a function that checks
whether we are booted on a kernel with systemd-stub that has TPM PCR
measurements enabled. Do our own userspace measurements only if we
detect that.

PCRs are scarce and most likely there are projects which already make
use of them in other ways. Hence, instead of blindly stepping into their
territory let's conditionalize things so that people have to explicitly
buy into our PCR assignments before we start measuring things into them.
Specifically bind everything to an UKI that reported measurements.

This was previously already implemented in systemd-pcrphase, but with
this change we expand this to all tools that process PCR measurement
settings.

The env var to override the check is renamed to SYSTEMD_FORCE_MEASURE,
to make it more generic (since we'll use it at multiple places now).
This is not a compat break, since the original env var for that was not
included in any stable release yet.
2023-01-17 09:42:16 +01:00
Lennart Poettering
94c0c85e30 cryptsetup: add tpm2-measure-pcr= and tpm2-measure-bank= crypttab options
These options allow measuring the volume key used for unlocking the
volume to a TPM2 PCR. This is ideally used for the volume key of the
root file system and can then be used to bind other resources to the
root file system volume in a secure way.

See: #24503
2023-01-17 09:42:16 +01:00
Lennart Poettering
5e476b8512 tree-wide: fix return value handling of base64mem()
This returns an ssize_t, not an int. On populare archs that's the
difference between 64bit and 32bit. hence, let's be more careful here,
and not silently drop half the bits on the ground by assigning the
return value to "int".

As noticed by @malikabhi05:

https://github.com/systemd/systemd/pull/24754#discussion_r1062903159
2023-01-11 10:46:08 +01:00
Peter Cai
52105bb487 cryptsetup-fido2: Remove plain mode parameters from acquire_fido2_key_auto()
`acquire_fido2_key_auto()` will not be used in PLAIN mode, and
parameters such as the salt will be acquired from the LUKS header.
Parameters intended for PLAIN mode are useless in
`acquire_fido2_key_auto()`.
2022-12-22 11:20:56 -05:00
Peter Cai
e6319a102e cryptsetup-fido2: Try all FIDO2 key slots when opening LUKS volume
After #25268, it is now possible to check whether a credential
is present on a FIDO2 token without actually attempting to retrieve said
credential. However, when cryptsetup plugins are not enabled, the
fallback unlock routines are not able to make multiple attempts with
multiple different FIDO2 key slots.

Instead of looking for one FIDO2 key slot when trying to unlock, we now
attempt to use all key slots applicable.

Fixes #19208.
2022-12-12 21:48:39 +01:00
Daan De Meyer
12e2b70f9b nulstr-util: Declare NULSTR_FOREACH() iterator inline 2022-11-11 16:31:32 +01:00
Yu Watanabe
17bf3c550d tree-wide: set description for device manager 2022-10-19 04:46:24 +09:00
Lennart Poettering
714c586943 cryptsetup: drop redundant parens/drop ternary op
A ternary op is a bit weird to use if we end up assigning a variable to
itself in one of the branches. Hence use a plain if check.
2022-10-17 13:52:54 +02:00
William Roberts
3fab44b2ff cryptsetup: use TPM flags over bool
This works becuase TPM2_FLAGS_USE_PIN is 1 and bool is a 1 so the bits
line up as expected, however if for some reason flags change values and
for clarity check if the boolean indicates this flag and pass the flag
value.

Signed-off-by: William Roberts <william.c.roberts@intel.com>
2022-09-20 08:05:33 +09:00
Lennart Poettering
75a9681ec0 cryptsetup: hook up TPM2 token code with policies based on PCR signatures, too 2022-09-08 16:34:27 +02:00
Lennart Poettering
fdf6c27cba tpm2-util: add common parser for the LUKS2 TPM2 JSON structure
This splits out the JSON parser used by the systemd-cryptsetup code.

This is preparation for later work to reuse it in the tpm2 cryptsetup
token module, which currently uses a separate but very similar parser
for the same data.

No change in behaviour.
2022-09-08 16:34:27 +02:00
Lennart Poettering
dc63b2c909 cryptsetup: hook up signed PCR policies 2022-09-08 16:34:27 +02:00
Jan Janssen
63b9838639 tree-wide: Mark some constants as unsigned
All these are really unsigned and used as such. This silences some
-Wformat-signedness warnings with gcc.
2022-08-30 12:03:33 +02:00
Lennart Poettering
222a951fa4 tpm2-util: introduce tpm2_parse_pcr_argument() helper
Add a new tpm2_parse_pcr_argument() helper that unifies how we merge PCR
masks in a single function, we can use all over the place. Previously we
had basically the same code for this at 4 places.
2022-08-19 21:26:26 +02:00
Lennart Poettering
7484c60ec6 Merge pull request #23653 from aafeijoo-suse/ask-for-recovery-key
cryptsetup: improve password prompt text
2022-08-19 14:55:54 +02:00
Lennart Poettering
a0789e5fb8 cryptsetup: make sure all token-based codepaths are effected by SYSTEMD_CRYPTSETUP_USE_TOKEN_MODULE env var
Previously the env var was only checked when conditionalizing use of our
own libcryptsetup loadable token modules.  But let's also use it for any
other kind of token module, including possible internal ones by
libcryptsetup.
2022-08-19 14:53:54 +02:00
Lennart Poettering
d1b2e04328 cryptsetup: use right internal helper when checking whether to use tokens
The other codepaths get this right, the TPM2 one currently does not. Fix
that.
2022-08-19 14:53:11 +02:00
Antonio Alvarez Feijoo
b6c0bd11fc cryptsetup: improve password prompt text
Instead of always asking for passphrase, if the device has LUKS2 header check:
- If only regular passphrases are registered, ask for passphrase.
- If only recovery keys are registered, ask for recovery key.
- If both regular passphrases and recovery keys are registered, ask for
passphrase or recovery key.
2022-08-19 09:01:56 +02:00
Jonas Witschel
ee6c66acc5 cryptsetup: ask for PIN when trying to activate using a LUKS2 token plugin
crypt_activate_by_token() fails with ENOANO if the token is protected with a
PIN, in this case we need to call crypt_activate_by_token_pin() with a PIN.
This logic is already implemented in
crypt_activate_by_token_pin_ask_password().

This code path is relevant when using systemd-gpt-auto-generator because there
is no a priory information about the type of the used security device, so
systemd-cryptsetup tries to unlock the volume using the corresponding
cryptsetup plugin.
2022-08-05 12:22:27 +02:00