PoC : Flashprog, cryptsetup, msi board, basic introspection: staging all pending PRs for testing #1773
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Thierry Laurion <[email protected]>
cryptsetup2 2.6.1 is a new release that supports reencryption of Q4.2 release LUKS2 volumes. This is a critical feature for the Qubes OS 4.2 release. cryptsetup 2.6.1 requires lvm2 2.03.23, which is also included in this PR. lvm2 in turn requires libaio, which is also included in this PR. util-linux 2.39 is also included in this PR and a dependency of lvm2. patches for reproducible builds are included for all packages. luks-functions is updated to support the new cryptsetup2 version calls reencryption happen in direct-io, offline mode and without locking. from tests, this is best for performance and reliability in single-user mode TODO: - async (AIO) calls are not used. direct-io is used instead. libaio could be hacked out - this could be subject to future work - time to deprecated legacy boards the do not enough space for the new space requirements - x230-legacy, x230-legacy-flash, x230-hotp-legacy - t430-legacy, t430-legacy-flash, t430-hotp-legacy already deprecated Signed-off-by: Thierry Laurion <[email protected]>
The x230-hotp-legacy, x230-legacy-flash, and x230-legacy boards are officially deprecated. They have been moved to the unmaintained_boards directory. CircleCI has been updated to reflect this change. Signed-off-by: Thierry Laurion <[email protected]>
cloudfare patches to speed up LUKS encryption were upstreamed into linux kernel and backported to 5.10.9: cloudflare/linux#1 (comment) Therefore, we bump to latest of 5.10.x (bump from 5.10.5 which doesn't contain the fixes) Trace: sed -i 's/5.10.5/5.10.214/g' boards/*/*.config find ./boards/*/*.config | awk -F "/" {'print $3'}| while read board; do echo "make BOARD=$board linux"; make BOARD=$board linux; echo make BOARD=$board linux.save_in_oldconfig_format_in_place || make BOARD=$board linux.modify_and_save_oldconfig_in_place; done git status | grep modified | awk -F ":" {'print $2'}| xargs git add git commit --signoff Signed-off-by: Thierry Laurion <[email protected]>
…rnel IO queuing on kernel 5.10.9+ kernels TODO: any positive impact if AIO is added in kernel config for async ops (otherwise direct-io fallback as of now)? Signed-off-by: Thierry Laurion <[email protected]>
…ons thought about future changes config/linux-*: Deactivate AIO for new round of tests on clean Q4.2.1 install for perf diff Signed-off-by: Thierry Laurion <[email protected]>
…eck which slots unlocks against passphrase, and wipe all other slots with user confirmation when not 1/8, then create DUK in slot 8 not 1 Signed-off-by: Thierry Laurion <[email protected]>
…ce DUK code is now dynamic TODO: multi LUKS volumes (Q4.2.1 non-default BRTFS deployment) not supported still with reencryption. Not a regression, just not yet handled since no OEM known to ship such setup. Signed-off-by: Thierry Laurion <[email protected]>
Otherwise we get ehci-pci and xhci_hcd kernel messages in dmesg debug AFTER "Verifying presence of GPG card" which explains why dongle might not be found in time and fails in oem-factory-reset Fixes Nitrokey#48 Signed-off-by: Thierry Laurion <[email protected]>
…slot testing and reuse found keyslot unlocked by passphrase to reencrypt Signed-off-by: Thierry Laurion <[email protected]>
…f kexec -l when BOARD is in DEBUG+TRACE mode (configuration settings menu + flash) Signed-off-by: Thierry Laurion <[email protected]>
DO_WITH_DEBUG traces command exit status (if failed), stdout/stderr (if not empty), and PATH (if command was not found). The caller still observes the exit status, and stdout/stderr still go to the caller as well. This way, DO_WITH_DEBUG can be inserted anywhere with minimal spam in the logs and without affecting the script. Signed-off-by: Jonathon Hall <[email protected]>
"$1 err:" looked like an error, but often there's output on stderr that's diagnostic (like kexec -d). "$1 stderr:" is clearer. Signed-off-by: Jonathon Hall <[email protected]>
`eval "$kexeccmd"` should become `DO_WITH_DEBUG eval "$kexeccmd"` when adding DO_WITH_DEBUG, command invocation is still the same, still needs eval. Restore DO_WITH_DEBUG in front of kexec-parse-boot that had been removed. Signed-off-by: Jonathon Hall <[email protected]>
LOG() is added to log to the log only (not kmsg, more verbose than TRACE). DO_WITH_DEBUG only captures stdout/stderr to the log with LOG(). kexec-boot silences stderr from kexec, we don't want it on the console. No need to repeat the kexec command when asking in debug to continue boot, it's no longer hidden behind verbose output from kexec. Signed-off-by: Jonathon Hall <[email protected]>
Log the board and version when entering the recovery shell. Extract the firmware version logic from init. Currently this is the only way to get the debug log. If we add a way from the GUI, we may want to log the board and version somewhere else too. Signed-off-by: Jonathon Hall <[email protected]>
…what state is the USB Security dongle Signed-off-by: Thierry Laurion <[email protected]>
…ard configs. Next step is creating fbwhiptail/whiptail/tpm1/tpm2 mk files and include them in all boards Signed-off-by: Thierry Laurion <[email protected]>
Signed-off-by: Christian Foerster <[email protected]>
Signed-off-by: Christian Foerster <[email protected]>
Signed-off-by: Christian Foerster <[email protected]>
This reverts commit cc70e77. Signed-off-by: Christian Foerster <[email protected]>
This reverts commit be65c4b. Signed-off-by: Christian Foerster <[email protected]>
This reverts commit ba20d98. Signed-off-by: Christian Foerster <[email protected]>
Signed-off-by: Christian Foerster <[email protected]>
Signed-off-by: Christian Foerster <[email protected]>
…em-factory-reset scripts Signed-off-by: Thierry Laurion <[email protected]>
The coreboot power failure state Kconfig options are wired up to the Power on AC feature on Clevo mainboards. Set the power failure state to 0 to prevent these boards from powering on or waking up with AC attach. Signed-off-by: Michał Kopeć <[email protected]>
Ease cleaning up everything. IMOH better then real.clean target Signed-off-by: Thierry Laurion <[email protected]>
…sk Unlock Key. Fixes linuxboot#1092. Supersedes linuxboot#1093 - Cherry-picks ed1c23a (credit to @hardened-vault) thank you!) - Addresses and correct self-review under linuxboot#1093 (@hardened-vault: you don't answer often here!) - kexec-unseal-key: Warn a user who attempts to default boot while his Disk Unlock Key passphrase fails to unseal because LUKS headers changed. (linuxboot#1093 (comment)) - kexec-seal-key: Identical as in ed1c23a - kexec-add-key: Tell the user that the Headers did not change when changing TPM released Disk Unlock Key (Through changing default boot at Options->Boot Options -> Show OS boot options: select a new boot option and set a Disk Unlock Key in TPM, accept to modify disk and sign /boot options) - Here, we cancel the diff output shown on screen linuxboot#1093 (comment) - And we change the warning given to the user to past tense "Headers of LUKS containers to be unlocked via TPM Disk Unlock Key passphrase did not change." Signed-off-by: Thierry Laurion <[email protected]>
Per docs, noverify-all: -N | --noverify-all verify included regions only (cf. -i) Where noverify: -n | --noverify don't auto-verify Seems like we always intended to skip verification since we use internal programmer here and there would not be any misconnection from probe/clip. Also, on nv41, verification fails, which made me write older rom before rebooting and caused a brick. Could not replicate. But reviewing board configs options made noverify-all obviously not pertinent outside of boards specifying -i/--ifd, which still is non-sense for internal programmer. Signed-off-by: Thierry Laurion <[email protected]>
cbfs-init: remove temp files, measure direct cbfs output, extend PCR with proper introspection tracing flash.sh: do not die but go to recovery if flashrom fails, cosmetic fix for warning given to user kexec-insert-key: extend PCR with proper introspection tracing kexec-select-boot: extend PCR with proper introspection tracing kexec-measure-luks: extend PCR with proper introspection tracing tpmr: Add missing TRACE_FUNC, fix comments, extend give hash that was extended to tpm call in DEBUG, fix TPM startsession unsuppressed output still present ash_functions: extend PCR with proper introspection tracing insmod: DEBUG info more pertinent, extend PCR with proper introspection tracing Signed-off-by: Thierry Laurion <[email protected]>
…m_Dasharo-Heads_msi_to_upstream
Signed-off-by: Thierry Laurion <[email protected]>
Co-authored-by: JonathonHall-Purism <[email protected]> Signed-off-by: Thierry Laurion <[email protected]>
…for tarballs download - Add Makefile new app dep verification - Add modules/flashprog pointing to review.sourcearcade.org: website faisl to produce reproducible tarballs. Notes: - Unfortunately, we cannot use review platform to renerate reproducible tarballs, those don't have the same checksum on each download: user@heads-tests-deb12-nix:~/heads$ wget https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz -O test.tar.gz --2024-08-31 09:38:14-- https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz Resolving review.sourcearcade.org (review.sourcearcade.org)... 88.99.35.89 Connecting to review.sourcearcade.org (review.sourcearcade.org)|88.99.35.89|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [application/x-gzip] Saving to: ‘test.tar.gz’ test.tar.gz [ <=> ] 508.19K 225KB/s in 2.3s 2024-08-31 09:38:18 (225 KB/s) - ‘test.tar.gz’ saved [520389] user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz af2fb823c2699d37db284c1b3066352a59446b7ea491a585df4eeaa25d932a29 test.tar.gz user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz af2fb823c2699d37db284c1b3066352a59446b7ea491a585df4eeaa25d932a29 test.tar.gz user@heads-tests-deb12-nix:~/heads$ wget https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz -O test.tar.gz --2024-08-31 09:38:37-- https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz Resolving review.sourcearcade.org (review.sourcearcade.org)... 88.99.35.89 Connecting to review.sourcearcade.org (review.sourcearcade.org)|88.99.35.89|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [application/x-gzip] Saving to: ‘test.tar.gz’ test.tar.gz [ <=> ] 508.22K 855KB/s in 0.6s 2024-08-31 09:38:38 (855 KB/s) - ‘test.tar.gz’ saved [520417] user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz 9225002d508bd8e2fc42a2bdcd0741cb93ed2cfc811fcd7e03b0242205d4954b test.tar.gz user@heads-tests-deb12-nix:~/heads$ wget https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz -O test.tar.gz --2024-08-31 09:38:43-- https://review.sourcearcade.org/changes/flashprog~72991/revisions/5/archive?format=tgz Resolving review.sourcearcade.org (review.sourcearcade.org)... 88.99.35.89 Connecting to review.sourcearcade.org (review.sourcearcade.org)|88.99.35.89|:443... connected. HTTP request sent, awaiting response... 200 OK Length: unspecified [application/x-gzip] Saving to: ‘test.tar.gz’ test.tar.gz [ <=> ] 508.18K 367KB/s in 1.4s 2024-08-31 09:38:45 (367 KB/s) - ‘test.tar.gz’ saved [520378] user@heads-tests-deb12-nix:~/heads$ sha256sum test.tar.gz ebdb7ac0c964178bc312d50547cc7ec82c1c5ffb7d04167fe0ac83deca94ee81 test.tar.gz - Github mirror is only for commited code. Will have to work around that somehow : https://github.com/SourceArcade/flashprog Signed-off-by: Thierry Laurion <[email protected]>
…tal branch This is https://github.com/SourceArcade/flashprog/tree/wp_cli Signed-off-by: Thierry Laurion <[email protected]>
Signed-off-by: Thierry Laurion <[email protected]>
…pecify flash program in board configs - boards: switch flashrom->flashprog, FLASH_OPTIONS: flashprog memory --progress --programmer internal TODO: check, Might break: - xx20 : x220/t420/t520: used hwseq: verify compat - legacy : not sure --ifd bios are support: verify compat (and drop, future PR drop legacy boards anyway...) - talos: linux_mtd is used: verify compat Tested: - x230 works with awesome progress bar on read, erase and write. Signed-off-by: Thierry Laurion <[email protected]>
…nternal programmer? Signed-off-by: Thierry Laurion <[email protected]>
Signed-off-by: Thierry Laurion <[email protected]>
…e returning to caller without being useful Signed-off-by: Thierry Laurion <[email protected]>
… going DEBUG/undoing can work reproducibly Signed-off-by: Thierry Laurion <[email protected]>
ash_functions: add unset_user_config; unset variable, delete from configs and source /tmp/config in running console Signed-off-by: Thierry Laurion <[email protected]>
…BLE_FUNCTION_TRACING_OUTPUT back to set_user_config 'n' for security reason By playing with this, I came to realize an attacker could: - Turn machine on, Enable DEBUG mode, flash user.config to CBFS, reboot - Refuse to reseal TOTP/HOTP, Extract secrets from DEBUG screen captures/mount-usb --mode rw + cp /tmp/debug.log /media, reboot - Turn Machine on, Disable DEBUG mode which called unset_user_config, flash user.config back to CBFS, reboot TOTP/HOTP/TpM DUK would be unchanged from prior commit where new unset_user_config was called TODO: Debate this. Convenience: - User could switch debug on, output log without resealing, send to devs, swith debug mode off Security: - We arrive to a point where authentication to prevent flashing/booting from usb/going to recovery shell is needed. The only possible trade-off between UX convenience without security loss is by enabling Authenticated Heads. Signed-off-by: Thierry Laurion <[email protected]>
…NFIG_ENABLE_FUNCTION_TRACING_OUTPUT back to set_user_config 'n' for security reason" I prefer this with Authenticated Heads. Todo: maybe we want to use log vs DEBUG calls to log under /tmp/debug.log for PCRs and stuff, requiring access to console to get traces behind auth. This reverts commit c745e04.
…ix-hard_debug-easy_undo-staging_all_pending Signed-off-by: Thierry Laurion <[email protected]>
…hprog_init_fix-hard_debug-easy_undo-staging_all_pending
…ashprog_init_fix-hard_debug-easy_undo-staging_all_pending Signed-off-by: Thierry Laurion <[email protected]>
tlaurion
changed the title
tlaurion
changed the title
|
Quick videos no editing (no time for that) x230 test results (TPM1: no debug)Resealing TPMTOTP+HOTP on reboot: V0919_20220803_210333.mp4Default boot, no TPM DUK: V0919_20220803_210451.mp4Nv41 (TPM2: No debug)TPTMTOP+HOTP+TPM DUK, default booting: |
|
@JonathonHall-Purism This is what i'm talking about, permitting users to provide debug logs while turning DEBUG mode on without resealing secrets. So they can enable debug, provide logs, and then disable debug resulting in sealed secrets unsealing correctly. Shows flashprog in action as well as basic introspection additions: output.mp4 |
This was referenced Sep 2, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This is placeholder PR merging on top of master:
Tested ok (reownership, TPM DUK, DEBUG ON/OFF, with Authenticated Heads enabled):
So I see no regression as of now. Maybe @JonathonHall-Purism you would want to test roms of this for functional testings?