diff mbox series

[isar-cip-core] added pcr_bank for clevis

Message ID DU0PR10MB6898A9738AF1110D653D5DE5F0A7A@DU0PR10MB6898.EURPRD10.PROD.OUTLOOK.COM (mailing list archive)
State Superseded
Headers show
Series [isar-cip-core] added pcr_bank for clevis | expand

Commit Message

Sari, Sercan Nov. 1, 2023, 5:17 p.m. UTC 
clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.

Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
---
 .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Jan Kiszka Nov. 2, 2023, 6:10 a.m. UTC | #1 
On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
> 
> clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.
> 
> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
> ---
>  .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
> index 899f20e..957a3fd 100644
> --- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
> @@ -61,7 +61,7 @@ open_tpm2_partition() {
>  
>  enroll_tpm2_token() {
>  	if [ -x /usr/bin/clevis ]; then
> -		 clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
> +		clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256", "pcr_ids":"7"}' < "$2"
>  	else
>  		panic "clevis not available cannot enroll tpm2 key!"
>  	fi

Is sha265 the only reasonable setting here? Just asking as we are
hard-coding.

Quirin, any remarks?

Jan
Sari, Sercan Nov. 2, 2023, 6:45 a.m. UTC | #2 
Yes, it is definitely open to a discussion, sha1, or sha384 may also be applicable. 

Please take a look at the 4.7 section: https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p04_r0p37_pub-1.pdf

-----Original Message-----
From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com> 
Sent: 2 Kasım 2023 Perşembe 09:10
To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>; cip-dev@lists.cip-project.org; Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>
Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis

On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
> 
> clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.
> 
> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
> ---
>  .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 2 
> +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git 
> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
> s.script 
> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
> s.script
> index 899f20e..957a3fd 100644
> --- 
> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
> s.script
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.c
> +++ levis.script
> @@ -61,7 +61,7 @@ open_tpm2_partition() {
>  
>  enroll_tpm2_token() {
>  	if [ -x /usr/bin/clevis ]; then
> -		 clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
> +		clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256", "pcr_ids":"7"}' < "$2"
>  	else
>  		panic "clevis not available cannot enroll tpm2 key!"
>  	fi

Is sha265 the only reasonable setting here? Just asking as we are hard-coding.

Quirin, any remarks?

Jan

--
Siemens AG, Technology
Linux Expert Center
Jan Kiszka Nov. 2, 2023, 7:02 a.m. UTC | #3 
On 02.11.23 07:45, Sari, Sercan (ADV D EU TR C&E) wrote:
> Yes, it is definitely open to a discussion, sha1, or sha384 may also be applicable. 
> 

Is SHA1 still an option today, from security perspective?

Jan

> Please take a look at the 4.7 section: https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p04_r0p37_pub-1.pdf
> 
> -----Original Message-----
> From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com> 
> Sent: 2 Kasım 2023 Perşembe 09:10
> To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>; cip-dev@lists.cip-project.org; Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>
> Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis
> 
> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>
>> clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.
>>
>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>> ---
>>  .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 2 
>> +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git 
>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
>> s.script 
>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
>> s.script
>> index 899f20e..957a3fd 100644
>> --- 
>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
>> s.script
>> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.c
>> +++ levis.script
>> @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>  
>>  enroll_tpm2_token() {
>>  	if [ -x /usr/bin/clevis ]; then
>> -		 clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>> +		clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256", "pcr_ids":"7"}' < "$2"
>>  	else
>>  		panic "clevis not available cannot enroll tpm2 key!"
>>  	fi
> 
> Is sha265 the only reasonable setting here? Just asking as we are hard-coding.
> 
> Quirin, any remarks?
> 
> Jan
> 
> --
> Siemens AG, Technology
> Linux Expert Center
>
Sari, Sercan Nov. 2, 2023, 7:20 a.m. UTC | #4 
It is definitely more vulnerable than sha256, sha256 is kinda default one. Afaik, TPM 2.0 brings the sha256 and sha384 over sha1 which is not a good option today.

-----Original Message-----
From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
Sent: 2 Kasım 2023 Perşembe 10:02
To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>; cip-dev@lists.cip-project.org; Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>
Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis

On 02.11.23 07:45, Sari, Sercan (ADV D EU TR C&E) wrote:
> Yes, it is definitely open to a discussion, sha1, or sha384 may also be applicable.
>

Is SHA1 still an option today, from security perspective?

Jan

> Please take a look at the 4.7 section: https://trustedcomputinggroup.org/wp-content/uploads/PC-Client-Specific-Platform-TPM-Profile-for-TPM-2p0-v1p04_r0p37_pub-1.pdf
>
> -----Original Message-----
> From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
> Sent: 2 Kasım 2023 Perşembe 09:10
> To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>; cip-dev@lists.cip-project.org; Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>
> Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis
>
> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>
>> clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.
>>
>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>> ---
>>  .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 2
>> +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git
>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
>> s.script
>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
>> s.script
>> index 899f20e..957a3fd 100644
>> ---
>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
>> s.script
>> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.c
>> +++ levis.script
>> @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>
>>  enroll_tpm2_token() {
>>      if [ -x /usr/bin/clevis ]; then
>> -             clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>> +            clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256", "pcr_ids":"7"}' < "$2"
>>      else
>>              panic "clevis not available cannot enroll tpm2 key!"
>>      fi
>
> Is sha265 the only reasonable setting here? Just asking as we are hard-coding.
>
> Quirin, any remarks?
>
> Jan
>
> --
> Siemens AG, Technology
> Linux Expert Center
>

--
Siemens AG, Technology
Linux Expert Center
Gylstorff Quirin Nov. 2, 2023, 8:08 a.m. UTC | #5 
On 11/2/23 07:10, Jan Kiszka wrote:
> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>
>> clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.
>>
>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>> ---
>>   .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
>> index 899f20e..957a3fd 100644
>> --- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
>> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
>> @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>   
>>   enroll_tpm2_token() {
>>   	if [ -x /usr/bin/clevis ]; then
>> -		 clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>> +		clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256", "pcr_ids":"7"}' < "$2"
>>   	else
>>   		panic "clevis not available cannot enroll tpm2 key!"
>>   	fi
> 
> Is sha265 the only reasonable setting here? Just asking as we are
> hard-coding.
> 
> Quirin, any remarks?

I would make it configurable. clevice supports SHA1(default) and SHA256.
Quirin

> 
> Jan
>
Jan Kiszka Nov. 9, 2023, 11:24 a.m. UTC | #6 
On 02.11.23 09:08, Gylstorff Quirin wrote:
> 
> 
> On 11/2/23 07:10, Jan Kiszka wrote:
>> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>>
>>> clevis will fail to encrypt data when the TPM has multiple banks,
>>> such as SHA1 and SHA256, adding the pcr_bank information resolves
>>> this issue.
>>>
>>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>>> ---
>>>   .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 2 +-
>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git
>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
>>> index 899f20e..957a3fd 100644
>>> ---
>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
>>> +++
>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
>>> @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>>     enroll_tpm2_token() {
>>>       if [ -x /usr/bin/clevis ]; then
>>> -         clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>>> +        clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256",
>>> "pcr_ids":"7"}' < "$2"
>>>       else
>>>           panic "clevis not available cannot enroll tpm2 key!"
>>>       fi
>>
>> Is sha265 the only reasonable setting here? Just asking as we are
>> hard-coding.
>>
>> Quirin, any remarks?
> 
> I would make it configurable. clevice supports SHA1(default) and SHA256.
> Quirin
> 

Some follow-up already scheduled, Sercan?

Jan
Sari, Sercan Nov. 9, 2023, 12:26 p.m. UTC | #7 
Is there a possibility to have a TPM 2.0 with pcr_bank: sha256 unavailable? I don't understand the exact reason why it should be configurable?

-----Original Message-----
From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com> 
Sent: 9 Kasım 2023 Perşembe 14:24
To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>
Cc: Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>; cip-dev@lists.cip-project.org
Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis

On 02.11.23 09:08, Gylstorff Quirin wrote:
> 
> 
> On 11/2/23 07:10, Jan Kiszka wrote:
>> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>>
>>> clevis will fail to encrypt data when the TPM has multiple banks, 
>>> such as SHA1 and SHA256, adding the pcr_bank information resolves 
>>> this issue.
>>>
>>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>>> ---
>>>   .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  | 
>>> 2 +-
>>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>>
>>> diff --git
>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>> vis.script 
>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>> vis.script
>>> index 899f20e..957a3fd 100644
>>> ---
>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>> vis.script
>>> +++
>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>> vis.script @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>>     enroll_tpm2_token() {
>>>       if [ -x /usr/bin/clevis ]; then
>>> -         clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>>> +        clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256",
>>> "pcr_ids":"7"}' < "$2"
>>>       else
>>>           panic "clevis not available cannot enroll tpm2 key!"
>>>       fi
>>
>> Is sha265 the only reasonable setting here? Just asking as we are 
>> hard-coding.
>>
>> Quirin, any remarks?
> 
> I would make it configurable. clevice supports SHA1(default) and SHA256.
> Quirin
> 

Some follow-up already scheduled, Sercan?

Jan

--
Siemens AG, Technology
Linux Expert Center
Gylstorff Quirin Nov. 10, 2023, 12:20 p.m. UTC | #8 
If I look at the official documentation of Microsoft. It looks like 
there is a possiblity :-(.
```
Windows checks which PCR banks are active and supported by the BIOS. 
Windows also checks if the measured boot log supports measurements for 
all active PCR banks. Windows will prefer the use of the SHA-256 bank 
for measurements and will fall back to SHA1 PCR bank if one of the 
pre-conditions isn't met.
```


https://learn.microsoft.com/en/windows/security/hardware-security/tpm/switch-pcr-banks-on-tpm-2-0-devices

Also there are the SHA384 banks.

Quirin

On 11/9/23 13:26, Sari, Sercan (ADV D EU TR C&E) wrote:
> Is there a possibility to have a TPM 2.0 with pcr_bank: sha256 unavailable? I don't understand the exact reason why it should be configurable?
> 
> -----Original Message-----
> From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
> Sent: 9 Kasım 2023 Perşembe 14:24
> To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>
> Cc: Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>; cip-dev@lists.cip-project.org
> Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis
> 
> On 02.11.23 09:08, Gylstorff Quirin wrote:
>>
>>
>> On 11/2/23 07:10, Jan Kiszka wrote:
>>> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>>>
>>>> clevis will fail to encrypt data when the TPM has multiple banks,
>>>> such as SHA1 and SHA256, adding the pcr_bank information resolves
>>>> this issue.
>>>>
>>>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>>>> ---
>>>>    .../initramfs-crypt-hook/files/encrypt_partition.clevis.script  |
>>>> 2 +-
>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git
>>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>>> vis.script
>>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>>> vis.script
>>>> index 899f20e..957a3fd 100644
>>>> ---
>>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>>> vis.script
>>>> +++
>>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cle
>>>> vis.script @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>>>      enroll_tpm2_token() {
>>>>        if [ -x /usr/bin/clevis ]; then
>>>> -         clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>>>> +        clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256",
>>>> "pcr_ids":"7"}' < "$2"
>>>>        else
>>>>            panic "clevis not available cannot enroll tpm2 key!"
>>>>        fi
>>>
>>> Is sha265 the only reasonable setting here? Just asking as we are
>>> hard-coding.
>>>
>>> Quirin, any remarks?
>>
>> I would make it configurable. clevice supports SHA1(default) and SHA256.
>> Quirin
>>
> 
> Some follow-up already scheduled, Sercan?
> 
> Jan
> 
> --
> Siemens AG, Technology
> Linux Expert Center
>
Sari, Sercan Nov. 11, 2023, 2:07 p.m. UTC | #9 
I see, I'll send the configurable version.

-----Original Message-----
From: Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>
Sent: 10 Kasım 2023 Cuma 15:21
To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>; Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
Cc: cip-dev@lists.cip-project.org
Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis

If I look at the official documentation of Microsoft. It looks like there is a possiblity :-(.
```
Windows checks which PCR banks are active and supported by the BIOS.
Windows also checks if the measured boot log supports measurements for all active PCR banks. Windows will prefer the use of the SHA-256 bank for measurements and will fall back to SHA1 PCR bank if one of the pre-conditions isn't met.
```


https://learn.microsoft.com/en/windows/security/hardware-security/tpm/switch-pcr-banks-on-tpm-2-0-devices

Also there are the SHA384 banks.

Quirin

On 11/9/23 13:26, Sari, Sercan (ADV D EU TR C&E) wrote:
> Is there a possibility to have a TPM 2.0 with pcr_bank: sha256 unavailable? I don't understand the exact reason why it should be configurable?
>
> -----Original Message-----
> From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
> Sent: 9 Kasım 2023 Perşembe 14:24
> To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>
> Cc: Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>;
> cip-dev@lists.cip-project.org
> Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis
>
> On 02.11.23 09:08, Gylstorff Quirin wrote:
>>
>>
>> On 11/2/23 07:10, Jan Kiszka wrote:
>>> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>>>
>>>> clevis will fail to encrypt data when the TPM has multiple banks,
>>>> such as SHA1 and SHA256, adding the pcr_bank information resolves
>>>> this issue.
>>>>
>>>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>>>> ---
>>>>    .../initramfs-crypt-hook/files/encrypt_partition.clevis.script
>>>> |
>>>> 2 +-
>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git
>>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e
>>>> vis.script
>>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e
>>>> vis.script
>>>> index 899f20e..957a3fd 100644
>>>> ---
>>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e
>>>> vis.script
>>>> +++
>>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e vis.script @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>>>      enroll_tpm2_token() {
>>>>        if [ -x /usr/bin/clevis ]; then
>>>> -         clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>>>> +        clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256",
>>>> "pcr_ids":"7"}' < "$2"
>>>>        else
>>>>            panic "clevis not available cannot enroll tpm2 key!"
>>>>        fi
>>>
>>> Is sha265 the only reasonable setting here? Just asking as we are
>>> hard-coding.
>>>
>>> Quirin, any remarks?
>>
>> I would make it configurable. clevice supports SHA1(default) and SHA256.
>> Quirin
>>
>
> Some follow-up already scheduled, Sercan?
>
> Jan
>
> --
> Siemens AG, Technology
> Linux Expert Center
>
Sari, Sercan Nov. 11, 2023, 2:11 p.m. UTC | #10 
Configurable hash type for pcr_bank information. clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.

Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
---
 .../files/encrypt_partition.clevis.script                     | 3 ++-
 .../initramfs-crypt-hook/files/encrypt_partition.env.tmpl     | 1 +
 .../initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb          | 4 +++-
 3 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
index 899f20e..6d8f209 100644
--- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
+++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
@@ -40,6 +40,7 @@ modprobe tpm_crb
 tpm_device=/dev/tpmrm0
 partition_sets="$PARTITIONS"
 create_file_system_cmd="$CREATE_FILE_SYSTEM_CMD"
+hash_type="$HASH_TYPE"

 if [ -z "${create_file_system_cmd}" ]; then
        create_file_system_cmd="mke2fs -t ext4"
@@ -61,7 +62,7 @@ open_tpm2_partition() {

 enroll_tpm2_token() {
        if [ -x /usr/bin/clevis ]; then
-                clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
+               clevis luks bind -d "$1" tpm2 '{"pcr_bank":"'"$hash_type"'","pcr_ids":"7"}' < "$2"
        else
                panic "clevis not available cannot enroll tpm2 key!"
        fi
diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl
index 52dbd00..bf2cc78 100644
--- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl
+++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl
@@ -2,3 +2,4 @@ PARTITIONS="${CRYPT_PARTITIONS}"
 CREATE_FILE_SYSTEM_CMD="${CRYPT_CREATE_FILE_SYSTEM_CMD}"
 SETUP_TIMEOUT="${CRYPT_SETUP_TIMEOUT}"
 WATCHDOG_DEV="${INITRAMFS_WATCHDOG_DEVICE}"
+HASH_TYPE="${CRYPT_HASH_TYPE}"
diff --git a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
index 3c3f6bb..0dbac2a 100644
--- a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
+++ b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
@@ -37,9 +37,11 @@ CRYPT_CREATE_FILE_SYSTEM_CMD ??= "/usr/sbin/mke2fs -t ext4"
 CRYPT_SETUP_TIMEOUT ??= "600"
 # Watchdog to service during the initial setup of the crypto partitions
 INITRAMFS_WATCHDOG_DEVICE ??= "/dev/watchdog"
+# clevis needs tpm hash algorithm type
+CRYPT_HASH_TYPE = "sha256"

 TEMPLATE_VARS = "CRYPT_PARTITIONS CRYPT_CREATE_FILE_SYSTEM_CMD \
-    CRYPT_SETUP_TIMEOUT INITRAMFS_WATCHDOG_DEVICE"
+    CRYPT_SETUP_TIMEOUT INITRAMFS_WATCHDOG_DEVICE CRYPT_HASH_TYPE"
 TEMPLATE_FILES = "encrypt_partition.env.tmpl"

 do_install[cleandirs] += " \
--
2.25.1


-----Original Message-----
From: Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>
Sent: 10 Kasım 2023 Cuma 15:21
To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>; Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
Cc: cip-dev@lists.cip-project.org
Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis

If I look at the official documentation of Microsoft. It looks like there is a possiblity :-(.
```
Windows checks which PCR banks are active and supported by the BIOS.
Windows also checks if the measured boot log supports measurements for all active PCR banks. Windows will prefer the use of the SHA-256 bank for measurements and will fall back to SHA1 PCR bank if one of the pre-conditions isn't met.
```


https://learn.microsoft.com/en/windows/security/hardware-security/tpm/switch-pcr-banks-on-tpm-2-0-devices

Also there are the SHA384 banks.

Quirin

On 11/9/23 13:26, Sari, Sercan (ADV D EU TR C&E) wrote:
> Is there a possibility to have a TPM 2.0 with pcr_bank: sha256 unavailable? I don't understand the exact reason why it should be configurable?
>
> -----Original Message-----
> From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com>
> Sent: 9 Kasım 2023 Perşembe 14:24
> To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>
> Cc: Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>;
> cip-dev@lists.cip-project.org
> Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis
>
> On 02.11.23 09:08, Gylstorff Quirin wrote:
>>
>>
>> On 11/2/23 07:10, Jan Kiszka wrote:
>>> On 01.11.23 18:17, Sari, Sercan (ADV D EU TR C&E) wrote:
>>>>
>>>> clevis will fail to encrypt data when the TPM has multiple banks,
>>>> such as SHA1 and SHA256, adding the pcr_bank information resolves
>>>> this issue.
>>>>
>>>> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
>>>> ---
>>>>    .../initramfs-crypt-hook/files/encrypt_partition.clevis.script
>>>> |
>>>> 2 +-
>>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>>>
>>>> diff --git
>>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e
>>>> vis.script
>>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e
>>>> vis.script
>>>> index 899f20e..957a3fd 100644
>>>> ---
>>>> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e
>>>> vis.script
>>>> +++
>>>> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.cl
>>>> e vis.script @@ -61,7 +61,7 @@ open_tpm2_partition() {
>>>>      enroll_tpm2_token() {
>>>>        if [ -x /usr/bin/clevis ]; then
>>>> -         clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
>>>> +        clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256",
>>>> "pcr_ids":"7"}' < "$2"
>>>>        else
>>>>            panic "clevis not available cannot enroll tpm2 key!"
>>>>        fi
>>>
>>> Is sha265 the only reasonable setting here? Just asking as we are
>>> hard-coding.
>>>
>>> Quirin, any remarks?
>>
>> I would make it configurable. clevice supports SHA1(default) and SHA256.
>> Quirin
>>
>
> Some follow-up already scheduled, Sercan?
>
> Jan
>
> --
> Siemens AG, Technology
> Linux Expert Center
>
Jan Kiszka Nov. 13, 2023, 5:09 p.m. UTC | #11 
Please do not send new versions of patches as reply to the old one. I
can't apply this one without editing. When sending the next version,
mark it as such ("[PATCH v2]" e.g.), ...

On 11.11.23 15:11, Sari, Sercan wrote:
> Configurable hash type for pcr_bank information. clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.
> 
> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
> ---

...ideally also including a short changelog here.

>  .../files/encrypt_partition.clevis.script                     | 3 ++-
>  .../initramfs-crypt-hook/files/encrypt_partition.env.tmpl     | 1 +
>  .../initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb          | 4 +++-
>  3 files changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
> index 899f20e..6d8f209 100644
> --- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
> @@ -40,6 +40,7 @@ modprobe tpm_crb
>  tpm_device=/dev/tpmrm0
>  partition_sets="$PARTITIONS"
>  create_file_system_cmd="$CREATE_FILE_SYSTEM_CMD"
> +hash_type="$HASH_TYPE"
> 
>  if [ -z "${create_file_system_cmd}" ]; then
>         create_file_system_cmd="mke2fs -t ext4"
> @@ -61,7 +62,7 @@ open_tpm2_partition() {
> 
>  enroll_tpm2_token() {
>         if [ -x /usr/bin/clevis ]; then
> -                clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
> +               clevis luks bind -d "$1" tpm2 '{"pcr_bank":"'"$hash_type"'","pcr_ids":"7"}' < "$2"
>         else
>                 panic "clevis not available cannot enroll tpm2 key!"
>         fi
> diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl
> index 52dbd00..bf2cc78 100644
> --- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.tmpl
> @@ -2,3 +2,4 @@ PARTITIONS="${CRYPT_PARTITIONS}"
>  CREATE_FILE_SYSTEM_CMD="${CRYPT_CREATE_FILE_SYSTEM_CMD}"
>  SETUP_TIMEOUT="${CRYPT_SETUP_TIMEOUT}"
>  WATCHDOG_DEV="${INITRAMFS_WATCHDOG_DEVICE}"
> +HASH_TYPE="${CRYPT_HASH_TYPE}"
> diff --git a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
> index 3c3f6bb..0dbac2a 100644
> --- a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
> +++ b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
> @@ -37,9 +37,11 @@ CRYPT_CREATE_FILE_SYSTEM_CMD ??= "/usr/sbin/mke2fs -t ext4"
>  CRYPT_SETUP_TIMEOUT ??= "600"
>  # Watchdog to service during the initial setup of the crypto partitions
>  INITRAMFS_WATCHDOG_DEVICE ??= "/dev/watchdog"
> +# clevis needs tpm hash algorithm type
> +CRYPT_HASH_TYPE = "sha256"

Better make this override-friendly (" =?? ").

> 
>  TEMPLATE_VARS = "CRYPT_PARTITIONS CRYPT_CREATE_FILE_SYSTEM_CMD \
> -    CRYPT_SETUP_TIMEOUT INITRAMFS_WATCHDOG_DEVICE"
> +    CRYPT_SETUP_TIMEOUT INITRAMFS_WATCHDOG_DEVICE CRYPT_HASH_TYPE"
>  TEMPLATE_FILES = "encrypt_partition.env.tmpl"
> 
>  do_install[cleandirs] += " \
> --
> 2.25.1
> 

Jan
Sari, Sercan Nov. 13, 2023, 7:48 p.m. UTC | #12 
Got it, thanks!

-----Original Message-----
From: Kiszka, Jan (T CED) <jan.kiszka@siemens.com> 
Sent: 13 Kasım 2023 Pazartesi 20:10
To: Sari, Sercan (ADV D EU TR C&E) <sari.sercan@siemens.com>; Gylstorff, Quirin (T CED SES-DE) <quirin.gylstorff@siemens.com>
Cc: cip-dev@lists.cip-project.org
Subject: Re: [isar-cip-core][PATCH] added pcr_bank for clevis

Please do not send new versions of patches as reply to the old one. I can't apply this one without editing. When sending the next version, mark it as such ("[PATCH v2]" e.g.), ...

On 11.11.23 15:11, Sari, Sercan wrote:
> Configurable hash type for pcr_bank information. clevis will fail to encrypt data when the TPM has multiple banks, such as SHA1 and SHA256, adding the pcr_bank information resolves this issue.
> 
> Signed-off-by: Sercan Sari <sari.sercan@siemens.com>
> ---

...ideally also including a short changelog here.

>  .../files/encrypt_partition.clevis.script                     | 3 ++-
>  .../initramfs-crypt-hook/files/encrypt_partition.env.tmpl     | 1 +
>  .../initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb          | 4 +++-
>  3 files changed, 6 insertions(+), 2 deletions(-)
> 
> diff --git 
> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
> s.script 
> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
> s.script
> index 899f20e..6d8f209 100644
> --- 
> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevi
> s.script
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.c
> +++ levis.script
> @@ -40,6 +40,7 @@ modprobe tpm_crb
>  tpm_device=/dev/tpmrm0
>  partition_sets="$PARTITIONS"
>  create_file_system_cmd="$CREATE_FILE_SYSTEM_CMD"
> +hash_type="$HASH_TYPE"
> 
>  if [ -z "${create_file_system_cmd}" ]; then
>         create_file_system_cmd="mke2fs -t ext4"
> @@ -61,7 +62,7 @@ open_tpm2_partition() {
> 
>  enroll_tpm2_token() {
>         if [ -x /usr/bin/clevis ]; then
> -                clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
> +               clevis luks bind -d "$1" tpm2 '{"pcr_bank":"'"$hash_type"'","pcr_ids":"7"}' < "$2"
>         else
>                 panic "clevis not available cannot enroll tpm2 key!"
>         fi
> diff --git 
> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.t
> mpl 
> b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.t
> mpl
> index 52dbd00..bf2cc78 100644
> --- 
> a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.env.t
> mpl
> +++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.e
> +++ nv.tmpl
> @@ -2,3 +2,4 @@ PARTITIONS="${CRYPT_PARTITIONS}"
>  CREATE_FILE_SYSTEM_CMD="${CRYPT_CREATE_FILE_SYSTEM_CMD}"
>  SETUP_TIMEOUT="${CRYPT_SETUP_TIMEOUT}"
>  WATCHDOG_DEV="${INITRAMFS_WATCHDOG_DEVICE}"
> +HASH_TYPE="${CRYPT_HASH_TYPE}"
> diff --git 
> a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb 
> b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
> index 3c3f6bb..0dbac2a 100644
> --- 
> a/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.bb
> +++ b/recipes-initramfs/initramfs-crypt-hook/initramfs-crypt-hook_0.1.
> +++ bb
> @@ -37,9 +37,11 @@ CRYPT_CREATE_FILE_SYSTEM_CMD ??= "/usr/sbin/mke2fs -t ext4"
>  CRYPT_SETUP_TIMEOUT ??= "600"
>  # Watchdog to service during the initial setup of the crypto 
> partitions  INITRAMFS_WATCHDOG_DEVICE ??= "/dev/watchdog"
> +# clevis needs tpm hash algorithm type CRYPT_HASH_TYPE = "sha256"

Better make this override-friendly (" =?? ").

> 
>  TEMPLATE_VARS = "CRYPT_PARTITIONS CRYPT_CREATE_FILE_SYSTEM_CMD \
> -    CRYPT_SETUP_TIMEOUT INITRAMFS_WATCHDOG_DEVICE"
> +    CRYPT_SETUP_TIMEOUT INITRAMFS_WATCHDOG_DEVICE CRYPT_HASH_TYPE"
>  TEMPLATE_FILES = "encrypt_partition.env.tmpl"
> 
>  do_install[cleandirs] += " \
> --
> 2.25.1
> 

Jan

--
Siemens AG, Technology
Linux Expert Center
diff mbox series

Patch

diff --git a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
index 899f20e..957a3fd 100644
--- a/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
+++ b/recipes-initramfs/initramfs-crypt-hook/files/encrypt_partition.clevis.script
@@ -61,7 +61,7 @@  open_tpm2_partition() {
 
 enroll_tpm2_token() {
 	if [ -x /usr/bin/clevis ]; then
-		 clevis luks bind -d "$1" tpm2 '{"pcr_ids":"7"}' < "$2"
+		clevis luks bind -d "$1" tpm2 '{"pcr_bank":"sha256", "pcr_ids":"7"}' < "$2"
 	else
 		panic "clevis not available cannot enroll tpm2 key!"
 	fi