


















I'm putting together a plan for a future Arch installation, and I'd like people with more knowledge & experience to audit my steps for setting up TPM to automatically decrypt a root LUKS partition on boot.
It's my understanding that binding to just PCR 7 when enrolling in TPM results in a TPM setup that can be bypassed (See https://oddlama.org/blog/bypassing-disk … m2-unlock/), and the wiki's suggestion of also binding to PCR 15 can apparently be bypassed as well. Thus, I'm planning to also bind to PCR 11, but the wiki doesn't do the best job covering this, so I'd like to get my steps checked.
In addition to setting up TPM securely, the goal here includes doing it in such a way that no manual re-enrollment is required after a kernel upgrade.
The steps in dm-crypt/Encrypting an entire system: LUKS on a partition with TPM2 and Secure Boot have been followed, up to but not including "Enrolling the TPM". This includes using sbctl to sign the UKI and boot loader.
For these steps, assume that the encrypted LUKS partition (which will be decrypted and mounted as the filesystem root) is /dev/sda2.
Edit the kernel parameters in /etc/kernel/cmdline to include:
rd.luks.options=tpm2-measure-pcr=yes,tpm2-device=autoInstall ukify, qrencode, and tpm2-tss
Create a high-entropy recovery key for the LUKS partition by running:
sudo systemd-cryptenroll --recovery-key /dev/sda2This will print out a QR code that can be scanned to obtain the key.
Create the keys that will be used to sign the Unified Kernel Image for PCR 11:
cd /etc/systemd
sudo ukify genkey \
--pcr-private-key=tpm2-pcr-private-key.pem \
--pcr-public-key=tpm2-pcr-public-key.pem
sudo ukify genkey \
--pcr-private-key=tpm2-pcr-private-key-initrd.pem \
--pcr-public-key=tpm2-pcr-public-key-initrd.pemConfigure ukify by creating the file /etc/kernel/uki.conf with the contents:
[PCRSignature:all]
PCRPrivateKey=/etc/systemd/tpm2-pcr-private-key.pem
PCRPublicKey=/etc/systemd/tpm2-pcr-public-key.pem
[PCRSignature:initrd]
Phases=enter-initrd
PCRPrivateKey=/etc/systemd/tpm2-pcr-private-key-initrd.pem
PCRPublicKey=/etc/systemd/tpm2-pcr-public-key-initrd.pemI am assuming that I don't need to configure signing of the kernel in a "UKI" section here, as sbctl should take care of that via its mkinitcpio post-hook.
Finally, enroll:
sudo systemd-cryptenroll \
--wipe-slot=0 \
--tpm2-device=auto \
--tpm2-pcrs=7+15:sha256=0000000000000000000000000000000000000000000000000000000000000000 \
--tpm2-public-key=/etc/systemd/tpm2-pcr-public-key-initrd.pem \
--tpm2-public-key-pcrs=11 \
/dev/sda2Will this properly enroll the LUKS key in the TPM so that the root partition is automatically unlocked on boot?
Will this continue to work after a kernel upgrade or initramfs regeneration using mkinitcpio without having to manually run systemd-cryptenroll?
Do I need the "PCRSignature:all" section and its keys, or can I get rid of them?
Can I safely add the "rd.luks.options" kernel parameters to /etc/kernel/cmdline before setting up TPM? Assume there is one or more reboot in between.
Does the use of ukify (which uses systemd-measure, which seems to assume systemd-stub is in use) limit my boot loader options in any way, or does this only work with systemd-boot?
此内容由惯性聚合(RSS阅读器)自动聚合整理,仅供阅读参考。 原文来自 — 版权归原作者所有。