heads/initrd/bin/kexec-insert-key

#!/bin/bash
# Unseal a disk key from TPM and add to a new initramfs
set -e -o pipefail
. /etc/functions

TRACE "Under /bin/kexec-insert-key"

TMP_KEY_DEVICES="/tmp/kexec/kexec_key_devices.txt"
TMP_KEY_LVM="/tmp/kexec/kexec_key_lvm.txt"

INITRD="$1"

if [ -z "$INITRD" ]; then
	die "Usage: $0 /boot/initramfs... "
fi

if [ ! -r "$TMP_KEY_DEVICES" ]; then
	die "No devices defined for disk encryption"
fi

if [ -r "$TMP_KEY_LVM" ]; then
	# Activate the LVM volume group
	VOLUME_GROUP=`cat $TMP_KEY_LVM`
	if [ -z "$TMP_KEY_LVM" ]; then
		die "No LVM volume group defined for activation"
	fi
	lvm vgchange -a y $VOLUME_GROUP \
		|| die "$VOLUME_GROUP: unable to activate volume group"
fi

# Measure the LUKS headers before we unseal the disk key
cat "$TMP_KEY_DEVICES" | cut -d\  -f1 | xargs /bin/qubes-measure-luks \
	|| die "LUKS measure failed"

# Unpack the initrd and fixup the crypttab
# this is a hack to split it into two parts since
# we know that the first 0x3400 bytes are the microcode
INITRD_DIR=/tmp/secret/initrd
SECRET_CPIO=/tmp/secret/initrd.cpio
bootdir=$(dirname "$INITRD")
mkdir -p "$INITRD_DIR/etc"

# Attempt to unseal the disk key from the TPM
# should we give this some number of tries?
unseal_failed="n"
if ! kexec-unseal-key "$INITRD_DIR/secret.key" ; then
	unseal_failed="y"
	echo "!!! Failed to unseal the TPM LUKS disk key"
fi

# Override PCR 4 so that user can't read the key
tpmr extend -ix 4 -ic generic \
	|| die 'Unable to scramble PCR'

# Check to continue
if [ "$unseal_failed" = "y" ]; then
	confirm_boot="n"
	read \
		-n 1 \
		-p "Do you wish to boot and use the disk recovery key? [Y/n] " \
		confirm_boot

	if [ "$confirm_boot" != 'y' \
		-a "$confirm_boot" != 'Y' \
		-a -n "$confirm_boot" ] \
	; then
		die "!!! Aborting boot due to failure to unseal TPM disk key"
	fi
fi

echo '+++ Building initrd'
# pad the initramfs (dracut doesn't pad the last gz blob)
# without this the kernel init/initramfs.c fails to read
# the subsequent uncompressed/compressed cpio
dd if="$INITRD" of="$SECRET_CPIO" bs=512 conv=sync \
|| die "Failed to copy initrd to /tmp"

if [ "$unseal_failed" = "n" ]; then
	# kexec-save-default might have created crypttab overrides to be injected in initramfs through additional cpio 
	if [ -r "$bootdir/kexec_initrd_crypttab_overrides.txt" ]; then
		echo "+++ $bootdir/kexec_initrd_crypttab_overrides.txt found..."
		echo "+++ Preparing initramfs crypttab overrides as defined under $bootdir/kexec_initrd_crypttab_overrides.txt to be injected through cpio at next kexec call..."
		# kexec-save-default has found crypttab files under initrd and saved them
		cat "$bootdir/kexec_initrd_crypttab_overrides.txt" | while read line; do
			crypttab_file=$(echo "$line" | awk -F ':' {'print $1'})
			crypttab_entry=$(echo "$line" | awk -F ':' {'print $NF'})
			# Replace each initrd crypttab file with modified entry containing /secret.key path
			mkdir -p "$INITRD_DIR/$(dirname $crypttab_file)"
			echo "$crypttab_entry" | tee -a "$INITRD_DIR/$crypttab_file" > /dev/null
			echo "+++ initramfs's $crypttab_file will be overriden with: $crypttab_entry"
		done
	else
		# No crypttab files were found under selected default boot option's initrd file
		crypttab_file="etc/crypttab"
		mkdir -p "$INITRD_DIR/$(dirname $crypttab_file)"
		# overwrite crypttab to mirror behavior of seal-key
		echo "+++ The following /etc/crypttab lines will be passed through cpio into kexec call for default boot option:"
		for uuid in `cat "$TMP_KEY_DEVICES" | cut -d\  -f2`; do
			# NOTE: discard operation (TRIM) is activated by default if no crypptab found in initrd
			echo "luks-$uuid UUID=$uuid /secret.key luks,discard" | tee -a "$INITRD_DIR/$crypttab_file"
		done
	fi
	( cd "$INITRD_DIR" ; find . -type f | cpio -H newc -o ) >> "$SECRET_CPIO"
fi
Add dual support for real bash and busybox's bash(ash) - modify bash to have it configured with -Os 2023-02-08 21:01:48 +00:00			`#!/bin/bash`
Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00			`# Unseal a disk key from TPM and add to a new initramfs`
			`set -e -o pipefail`
			`. /etc/functions`

Add TRACE function tracing function to output on console when enabled - Add TRACE function tracing output under etc/functions, depending on CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT enabled in board configs - Replace current DEBUG to TRACE calls in code, reserving DEBUG calls for more verbose debugging later on (output of variables etc) - add 'export CONFIG_ENABLE_FUNCTION_TRACING_OUTPUT=y' in qemu-coreboot(fb)whiptail-tpm1(-hotp) boards to see it in action 2023-02-20 16:01:17 +00:00			`TRACE "Under /bin/kexec-insert-key"`
All scripts and functions: Add DEBUG calling trace on console when CONFIG_DEBUG_OUTPUT is exported in board config -qemu-coreboot-*whiptail-tpm1(-hotp) boards have 'export CONFIG_DEBUG_OUTPUT=y' by default now 2023-02-18 17:58:43 +00:00
Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00			`TMP_KEY_DEVICES="/tmp/kexec/kexec_key_devices.txt"`
			`TMP_KEY_LVM="/tmp/kexec/kexec_key_lvm.txt"`

			`INITRD="$1"`

			`if [ -z "$INITRD" ]; then`
			`die "Usage: $0 /boot/initramfs... "`
			`fi`

			`if [ ! -r "$TMP_KEY_DEVICES" ]; then`
			`die "No devices defined for disk encryption"`
			`fi`

			`if [ -r "$TMP_KEY_LVM" ]; then`
			`# Activate the LVM volume group`
			VOLUME_GROUP=`cat $TMP_KEY_LVM`
			`if [ -z "$TMP_KEY_LVM" ]; then`
			`die "No LVM volume group defined for activation"`
			`fi`
			`lvm vgchange -a y $VOLUME_GROUP \`
			`\|\| die "$VOLUME_GROUP: unable to activate volume group"`
			`fi`

			`# Measure the LUKS headers before we unseal the disk key`
			`cat "$TMP_KEY_DEVICES" \| cut -d\ -f1 \| xargs /bin/qubes-measure-luks \`
			`\|\| die "LUKS measure failed"`

Make the path to crypttab within initramfs overridable Not all distro put crypttab under /etc/ within initramfs, but finding it at runtime needs unpacking, which may be hard to do, so it is made overridable with a file at /boot/kexec_initrd_crypttab_path.txt, whose content could be obtained with $ cpio -t < ${uncompressed_initrd} \| grep crypttab . The "target" field of the record within the crypttab stored in the root file system for the luks container which is going to be unlocked via kexec-insert-key should be modified into the same "luks-$uuid" format, otherwise the boot sequence will get stuck when OS is trying to unlock them again, in order to map them according to "target" fields written in the crypttab stored in the root fs. 2020-11-06 06:03:44 +00:00			`# Unpack the initrd and fixup the crypttab`
Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00			`# this is a hack to split it into two parts since`
			`# we know that the first 0x3400 bytes are the microcode`
			`INITRD_DIR=/tmp/secret/initrd`
			`SECRET_CPIO=/tmp/secret/initrd.cpio`
Make the path to crypttab within initramfs overridable Not all distro put crypttab under /etc/ within initramfs, but finding it at runtime needs unpacking, which may be hard to do, so it is made overridable with a file at /boot/kexec_initrd_crypttab_path.txt, whose content could be obtained with $ cpio -t < ${uncompressed_initrd} \| grep crypttab . The "target" field of the record within the crypttab stored in the root file system for the luks container which is going to be unlocked via kexec-insert-key should be modified into the same "luks-$uuid" format, otherwise the boot sequence will get stuck when OS is trying to unlock them again, in order to map them according to "target" fields written in the crypttab stored in the root fs. 2020-11-06 06:03:44 +00:00			`bootdir=$(dirname "$INITRD")`
TPM disk unlock key setup: Automatically override selected default boot option's initrd's crypttab file(s) to point to LUKS decryption key in injected cpio - kexec-save-default extracts initrd crypttab files and creates /boot/kexec_initrd_crypttab_overrides.txt entries pointing to /secret.key - kexec-insert-key applies /boot/kexec_initrd_crypttab_overrides.txt to replace initrd's crypttabs files pointing to inserted /secret.key through cpio - Both scripts inform the user of applied magic on screen 2023-01-16 20:15:21 +00:00			`mkdir -p "$INITRD_DIR/etc"`
Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00
			`# Attempt to unseal the disk key from the TPM`
			`# should we give this some number of tries?`
Allow boot without unseal of TPM LUKS key Closes issue #226 Also changed to procedure to show LVM volume groups and block device ids to aid in choosing the right combination during the TPM LUKS key sealing process. 2017-07-29 17:24:34 +00:00			`unseal_failed="n"`
Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00			`if ! kexec-unseal-key "$INITRD_DIR/secret.key" ; then`
Allow boot without unseal of TPM LUKS key Closes issue #226 Also changed to procedure to show LVM volume groups and block device ids to aid in choosing the right combination during the TPM LUKS key sealing process. 2017-07-29 17:24:34 +00:00			`unseal_failed="y"`
			`echo "!!! Failed to unseal the TPM LUKS disk key"`
Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00			`fi`

			`# Override PCR 4 so that user can't read the key`
Addition of qemu-(fb)whiptail-tpm2(-hotp) boards -coreboot support of TPM v2.0 (shared config for TPM2 support across all 4 previous variations) -swtpm set to be launched under TPM v2.0 mode under board config -Documentation file under each board.md softlinks to qemu-coreboot-fbwhiptail-tpm1.md (which has been generalized) This is skeleton for TPM v2 integration under Heads ------------- WiP TODO: - libcurl cannot be built as a tpm2-tools dependency as of now not sure why. curl currently needs to be added in board config to be built - Note: tpm-reset (master and here) needs some review, no handle of no tpm use case. Caller is responsible to not call it otherwise does nothing - init tries to bind fd and fails currently - Note: Check if whiptail is different of fbwhiptail in clearing screen. As of now every clear seems to be removed, still whiptail clears previous console output - When no OS' /boot can be mounted, do not try to TPM reset (will fail) - seal-hotpkey is not working properly - setting disk unlock key asks for TPM ownership passphrase (sealing in NV requires ownership, but text is misleading user as if reowning TPM) - We should cache input, feed tpm behind the scene and wipe passphrase and state clearly that this is TPM disk unlock kye passphrase. - primary key from TPM2 is invalid most of the time from kexec-select-boot and verifying global hashes but is setuped correctly at disk unlock key setup - would be nice to take advantage of bash function tracing to understand where we are for debugging purposes, code takes ash in consideration only - tpmr says it implements nv calls but actually doesn't. Removing those falsely wrapped functions would help. - Implementing them would be better - REVIEW TODOS IN CODE - READD CIRCLECI CONFIG Current state: - TPM unseal works without disk unlock key and generates TOTP properly (was missing die condition at unseal to not produce always good TOTP even if invalid) - TPM disk encryption key fails. Hypothesis is that sealing with USB drivers loaded and measures in inconsistent with sealed with/without. - TPM disk unsealing happens without USB modules being loaded in non-HOTP setup. This fails. - Current tests are with fbwhiptail (no clear called so having traces on command line of what happens) - Testing with HOTP implementation for sealing/unsealing since that forces USB module loads on each boot to remove this from failing possibilities 2022-08-25 18:43:31 +00:00			`tpmr extend -ix 4 -ic generic \`
Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00			`\|\| die 'Unable to scramble PCR'`

Allow boot without unseal of TPM LUKS key Closes issue #226 Also changed to procedure to show LVM volume groups and block device ids to aid in choosing the right combination during the TPM LUKS key sealing process. 2017-07-29 17:24:34 +00:00			`# Check to continue`
			`if [ "$unseal_failed" = "y" ]; then`
			`confirm_boot="n"`
			`read \`
			`-n 1 \`
			`-p "Do you wish to boot and use the disk recovery key? [Y/n] " \`
			`confirm_boot`

			`if [ "$confirm_boot" != 'y' \`
			`-a "$confirm_boot" != 'Y' \`
			`-a -n "$confirm_boot" ] \`
			`; then`
			`die "!!! Aborting boot due to failure to unseal TPM disk key"`
			`fi`
			`fi`

Added TPM secret management to generic boot Also cleaned up error handling and boot parsing edge cases 2017-07-12 04:17:45 +00:00			`echo '+++ Building initrd'`
			`# pad the initramfs (dracut doesn't pad the last gz blob)`
			`# without this the kernel init/initramfs.c fails to read`
			`# the subsequent uncompressed/compressed cpio`
			`dd if="$INITRD" of="$SECRET_CPIO" bs=512 conv=sync \`
			`\|\| die "Failed to copy initrd to /tmp"`

Allow boot without unseal of TPM LUKS key Closes issue #226 Also changed to procedure to show LVM volume groups and block device ids to aid in choosing the right combination during the TPM LUKS key sealing process. 2017-07-29 17:24:34 +00:00			`if [ "$unseal_failed" = "n" ]; then`
TPM disk unlock key setup: Automatically override selected default boot option's initrd's crypttab file(s) to point to LUKS decryption key in injected cpio - kexec-save-default extracts initrd crypttab files and creates /boot/kexec_initrd_crypttab_overrides.txt entries pointing to /secret.key - kexec-insert-key applies /boot/kexec_initrd_crypttab_overrides.txt to replace initrd's crypttabs files pointing to inserted /secret.key through cpio - Both scripts inform the user of applied magic on screen 2023-01-16 20:15:21 +00:00			`# kexec-save-default might have created crypttab overrides to be injected in initramfs through additional cpio`
			`if [ -r "$bootdir/kexec_initrd_crypttab_overrides.txt" ]; then`
Small cosmetic/typo related changes, ccache enablement for coreboot and reduction of unseal attempts gui-init: do not consume two unseal attempt to unseal both totp and hotp + cosmetic changes (slow down TPM DA lockout) kexec-seal-key: Add DEBUG statement for PCR precalc seal-totp: add DEBUG statements regarding skipping of PCR5 and PCR6 involvement into TOTP/HOTP sealing ops seal-hotpkey: Add DEBUG statements related to reuse of TOTP sealed secret tpmr: add DO_WITH_DEBUG calls to output pcrread and extend calls tpmr: typo correction stating TRACE calls for tpm2 where it was for tpm1 tpmr: add DO_WITH_DEBUG calls for calcfuturepcr functions: Cosmetic fix on pause_recovery asking user to press Enter to go to recovery shell on host console when board defines CONFIG_BOOT_RECOVERY_SERIAL Not so related but part of output review and corrections: kexec-insert-key: cosmetic changes prepending "+++" to disk related changes kexec-save-default: cosmetic changes prepending "+++" to disk related changes config/coreboot-qemu-tpm*.config: add ccache support for faster coreboot rebuild times 2023-03-09 18:28:04 +00:00			`echo "+++ $bootdir/kexec_initrd_crypttab_overrides.txt found..."`
			`echo "+++ Preparing initramfs crypttab overrides as defined under $bootdir/kexec_initrd_crypttab_overrides.txt to be injected through cpio at next kexec call..."`
TPM disk unlock key setup: Automatically override selected default boot option's initrd's crypttab file(s) to point to LUKS decryption key in injected cpio - kexec-save-default extracts initrd crypttab files and creates /boot/kexec_initrd_crypttab_overrides.txt entries pointing to /secret.key - kexec-insert-key applies /boot/kexec_initrd_crypttab_overrides.txt to replace initrd's crypttabs files pointing to inserted /secret.key through cpio - Both scripts inform the user of applied magic on screen 2023-01-16 20:15:21 +00:00			`# kexec-save-default has found crypttab files under initrd and saved them`
			`cat "$bootdir/kexec_initrd_crypttab_overrides.txt" \| while read line; do`
			`crypttab_file=$(echo "$line" \| awk -F ':' {'print $1'})`
			`crypttab_entry=$(echo "$line" \| awk -F ':' {'print $NF'})`
			`# Replace each initrd crypttab file with modified entry containing /secret.key path`
			`mkdir -p "$INITRD_DIR/$(dirname $crypttab_file)"`
			`echo "$crypttab_entry" \| tee -a "$INITRD_DIR/$crypttab_file" > /dev/null`
Small cosmetic/typo related changes, ccache enablement for coreboot and reduction of unseal attempts gui-init: do not consume two unseal attempt to unseal both totp and hotp + cosmetic changes (slow down TPM DA lockout) kexec-seal-key: Add DEBUG statement for PCR precalc seal-totp: add DEBUG statements regarding skipping of PCR5 and PCR6 involvement into TOTP/HOTP sealing ops seal-hotpkey: Add DEBUG statements related to reuse of TOTP sealed secret tpmr: add DO_WITH_DEBUG calls to output pcrread and extend calls tpmr: typo correction stating TRACE calls for tpm2 where it was for tpm1 tpmr: add DO_WITH_DEBUG calls for calcfuturepcr functions: Cosmetic fix on pause_recovery asking user to press Enter to go to recovery shell on host console when board defines CONFIG_BOOT_RECOVERY_SERIAL Not so related but part of output review and corrections: kexec-insert-key: cosmetic changes prepending "+++" to disk related changes kexec-save-default: cosmetic changes prepending "+++" to disk related changes config/coreboot-qemu-tpm*.config: add ccache support for faster coreboot rebuild times 2023-03-09 18:28:04 +00:00			`echo "+++ initramfs's $crypttab_file will be overriden with: $crypttab_entry"`
TPM disk unlock key setup: Automatically override selected default boot option's initrd's crypttab file(s) to point to LUKS decryption key in injected cpio - kexec-save-default extracts initrd crypttab files and creates /boot/kexec_initrd_crypttab_overrides.txt entries pointing to /secret.key - kexec-insert-key applies /boot/kexec_initrd_crypttab_overrides.txt to replace initrd's crypttabs files pointing to inserted /secret.key through cpio - Both scripts inform the user of applied magic on screen 2023-01-16 20:15:21 +00:00			`done`
			`else`
			`# No crypttab files were found under selected default boot option's initrd file`
			`crypttab_file="etc/crypttab"`
			`mkdir -p "$INITRD_DIR/$(dirname $crypttab_file)"`
			`# overwrite crypttab to mirror behavior of seal-key`
Small cosmetic/typo related changes, ccache enablement for coreboot and reduction of unseal attempts gui-init: do not consume two unseal attempt to unseal both totp and hotp + cosmetic changes (slow down TPM DA lockout) kexec-seal-key: Add DEBUG statement for PCR precalc seal-totp: add DEBUG statements regarding skipping of PCR5 and PCR6 involvement into TOTP/HOTP sealing ops seal-hotpkey: Add DEBUG statements related to reuse of TOTP sealed secret tpmr: add DO_WITH_DEBUG calls to output pcrread and extend calls tpmr: typo correction stating TRACE calls for tpm2 where it was for tpm1 tpmr: add DO_WITH_DEBUG calls for calcfuturepcr functions: Cosmetic fix on pause_recovery asking user to press Enter to go to recovery shell on host console when board defines CONFIG_BOOT_RECOVERY_SERIAL Not so related but part of output review and corrections: kexec-insert-key: cosmetic changes prepending "+++" to disk related changes kexec-save-default: cosmetic changes prepending "+++" to disk related changes config/coreboot-qemu-tpm*.config: add ccache support for faster coreboot rebuild times 2023-03-09 18:28:04 +00:00			`echo "+++ The following /etc/crypttab lines will be passed through cpio into kexec call for default boot option:"`
TPM disk unlock key setup: Automatically override selected default boot option's initrd's crypttab file(s) to point to LUKS decryption key in injected cpio - kexec-save-default extracts initrd crypttab files and creates /boot/kexec_initrd_crypttab_overrides.txt entries pointing to /secret.key - kexec-insert-key applies /boot/kexec_initrd_crypttab_overrides.txt to replace initrd's crypttabs files pointing to inserted /secret.key through cpio - Both scripts inform the user of applied magic on screen 2023-01-16 20:15:21 +00:00			for uuid in `cat "$TMP_KEY_DEVICES" \| cut -d\ -f2`; do
			`# NOTE: discard operation (TRIM) is activated by default if no crypptab found in initrd`
			`echo "luks-$uuid UUID=$uuid /secret.key luks,discard" \| tee -a "$INITRD_DIR/$crypttab_file"`
			`done`
			`fi`
Allow boot without unseal of TPM LUKS key Closes issue #226 Also changed to procedure to show LVM volume groups and block device ids to aid in choosing the right combination during the TPM LUKS key sealing process. 2017-07-29 17:24:34 +00:00			`( cd "$INITRD_DIR" ; find . -type f \| cpio -H newc -o ) >> "$SECRET_CPIO"`
			`fi`