Initial card detection can sometimes fail, so prompt the user
to remove/reinsert their GPG card before retrying. Since
errexit is likely set, disable it prior to calling --card-status so
we can handle the error ourself, then re-set if necessary when done.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Next prompt will be to ensure GPG key is attached, which defaults
to Y, so default here as well for consistency
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Check that any files added to cbfs exist before attempting to
add them, so flashing doesn't fail after a reset.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Add Full Reset option to clear all GPG keys and user settings,
both from the local filesystem and running firmware, and
clear/reset the TPM
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
If the boot device is invalid or unabled to be mounted
and the user opts to select a new boot device, jump
directly to that menu option and avoid the additional
step of showing the config main menu.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Updating TOTP/HOTP is mainly necessary after a user updates
their firmware, and no need to force another reboot.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
use similar filtering logic as with USB drives to provide
the user a more sane list of boot device options. Show user
only valid bootable partitions, not block devices.
There's no point in showing /dev/nvme0 and /dev/nvme0n1 (eg)
when /dev/nvme0n1p[1..n] (eg) exist, as the former are not
valid boot devices.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Add optional parameter to bypass menu selection and
immediately select a menu option. This allows us to call
the 'Set Boot Device' option directly, saving the user
an unnecessary step.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Introduce option to remove any existing key(s) from firmware
and add a user-suppled key, before reflashing.
Move existing code for adding a new key to a separate function
so it can be reused for new feature without duplication.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
If CONFIG_BOOT_DEV isn't set or otherwise fails to mount,
we prompt the user to change the /boot device, but never
attempt to mount it to ensure it's sane, leading to
potential failures later in the config/boot process.
Ensure that CONFIG_BOOT_DEV is updated after the /boot device
is changed, and attempt to re-mount /boot after the change.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
If the user has changed the /boot config but not yet flashed,
it's reasonable for them to expect that flashing to add/update
a GPG key won't revert those changes.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
In order to streamline the initial setup, prompt user to
update checksums/sign /boot files after adding a key and
updating the firmware, in order to avoid an extra reboot.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Move the non-GUI component of update_checksums() to
/etc/functions so it can be reused outside of gui-init.
Add check that /boot/kexec_default_hashes.txt exists before parsing
it, since doesn't exist if there's no default boot target set yet.
Eliminates spurious error text and/or premature exit depending on
state of errexit.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
'Options' makes more sense than 'Settings' given the submenu's contents.
Tidy up Boot Options as well
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Before anything else, ensure that a default boot device
is set. If not, prompt the user to set one. If set, ensure
that /boot can be mounted successfully; else prompt the
user to select a new boot device.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
If /boot isn't mounted, we can't read the HOTP secret, so no
point in reading from the TPM. This speeds up getting to the
main menu in the case of an inaccessible or non-existant /boot,
and maintains the warning condition from not being able to
validate the HOTP.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Since a USB boot target can't be the default (at least currently,
/boot must be on internal media), skip the extraneous prompt to
set it as such when booting from USB.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Exclude dot folders from ROM search path, so that files in
.Trash (eg) aren't shown. Sort the remaining options.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Using sort on USB boot options produces a reverse-ordered list,
leading users to often select the wrong option. Add the -r
parameter to sort to correct the list order and make the default
option the first in the list.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Because of the way unseal-hotp is called from gui-init,
dropping to a recovery shell when failing to mount /boot
causes it to hang, leaving the user stranded until they
kill it with CTRL+C. Instead, simply return and continue
to the main GUI menu where the user can address the problem.
Rename the function to clarify difference from other versions
of mount_boot() which do drop to the recovery shell.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Fix HOTP verfication failure if LK admin pin/passphrase contains
spaces by quoting the variables when passed to functions.
Test: set LK admin pin to passphrase with spaces, generate
new TOTP/HOTP, verification passes.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Reading the file into a variable and then redirecting to stdin
via echo() can cause the binary data to be truncated, leading
to an invalid base32 value and failure to properly generate
and validate the HOTP code.
To resolve this, pass the file directly to hotp(), and ensure
it is removed properly regardless of success or failure to
prevent leakage.
Fixes "Invalid base32 string" error seen when attempting to
generate a new TOTP secret.
Signed-off-by: Matt DeVillier <matt.devillier@puri.sm>
Add a main boot menu entry to power off. This enables users to
only verify the firmware integrity using OTP, and do nothing more.
After having left the device out of sight, one might want to do
a quick sanity check only.
Since we already have a script to safely power down, we make use of
it now.
Instead of relying on a hard-coded USB disk, it would be better if the
mount script attempted to dynamically detect available USB disks. This
modification to the USB mount script attempts to handle the common case
of a single USB disk but can also handle the case of multiple disks
where it will present the user with all available USB disks
This mimics tlauion's OEM work in the sense that a user (or OEM) could
choose this option and it will reset an OpenPGP smart card and
automatically generate a random key on it. The idea is to allow an OEM
to set up a Librem Key and Heads on a machine before shipping with a
random key, so the user can test for tampering when they receive the
machine, and then the user can choose to reset all of the keys with
their chosen keys after that fact.
Currently Heads relies on a hard-coded config value to determine which
USB disk to mount. This can be problematic when trying to distribute a
pre-built version of Heads that can work on multiple disk
configurations. I've modified the USB mounting script so that it
attempts to detect all USB boot disks present on the system, pick sane
defaults, and prompt the user when there are multiple choices.
I've also removed the USB configuration option from config-gui.sh as
this config option is no longer used.
This change updates the very basic GPG smartcard feature in the GPG GUI
so that it can properly support generating a key from within Heads. It
offers the user the option to copy the generated GPG public key to a USB
thumb drive so it's not lost as well as the option to reflash the
current Heads BIOS with this new public key added to the keyring.
I've moved the common functions required to flash a new ROM with GPG
changes into a shared function at the top of the script.
It makes more logical sense for GPG functions to be split out into their
own menu instead of being part of the "Flash" menu. This creates a
gpg-gui.sh script and moves GPG options there while adding a few
additional features (like listing keys and initial smartcard key
generation support).
key-init makes sure trustdb is updated at run time and user and distro keys are ultimately trusted. Each time a file is signed, the related public key is showed without error on it's trustability.
flash-gui deals with gpg1 to gpg2 migration. If pubring.kbx is found, pubring.gpg is deleted from running rom dump.
.ash_history: add examples to generate keys and otrust in rom
flash-gui: export otrust and import it in rom
key-init: import otrust.txt if present to supress warning about user public key being untrusted
gpg2 needs GPG_TTY set to function properly. We set it in /init so it
is inherited by all children. The call to $(tty) must be after /dev and
(preferably) /dev/pts are mounted.
Signed-off-by: Jason Andryuk <jandryuk@gmail.com>
There are cases when grepping for an option in the config file where
grep will not find it, which is fine in this case, but without adjusting
the exit code in that case it can make an entire script bail out.
We need to handle the case where the specific config file doesn't exist,
or else grep fails, so we touch the file ahead of time. Mounting the usb
storage caused problems when you re-enter the menu a second time, so we
will just load the storage module.
As part of the config gui we want to be able to have the system define
new config options without them being lost if the user makes their own
changes in CBFS. To allow that this change creates a function initiated
in init that combines all /etc/config* files into /tmp/config. All
existing scripts have been changed to source /tmp/config instead of
/etc/config. The config-gui.sh script now uses /etc/config.user to hold
user configuration options but the combine_configs function will allow
that to expand as others want to split configuration out further.
As it stands here are the current config files:
/etc/config -- Compiled-in configuration options
/etc/config.user -- User preferences that override /etc/config
/tmp/config -- Running config referenced by the BIOS, combination
of existing configs
This change will add a new GUI script that will allow users to change
their running configuration (currently just /boot and USB boot options)
and optionally persist that modified configuration with reflashing the
BIOS with a modified cbfs.
The Librem coreboot is labeled with the current version and is visible
from dmidecode and is supposed to reflect the current version of
coreboot, however it was out of date and reflected 4.7 when Heads has
moved on to 4.8.1.
I've also added a simple change to further simplify onboarding by
warning users who have Librem Key configured when they boot without it
being inserted.
We want to catch the missing GPG keyring error regardless of TPM failure
or even in the case of a system without a TPM at all so we need to move
that section up above the TPM check.
To help with onboarding new users to Heads, this change will detect when
Heads does not have any keys in its keyring and will guide the user
through adding a key to the running BIOS. It's important that this
happen *before* guiding them through setting up an initial TOTP/HOTP
secret because adding a GPG key changes the BIOS, so the user would have
to generate TOTP/HOTP secrets 2x unless we handle the keyring case
first.
In addition to this change I've simplified the main menu so that the
majority of the options appear under an 'advanced' menu.
When the Librem Key is enabled, the kernel loads USB modules at boot,
this causes PCR5 to change and breaks unsealing the LUKS key (if set).
This change retains the protection of the PCR5 check unless Librem Key
is enabled.
Granted the user should really be using the Librem Key/phone to check
for tampering (since an attacker could control the Heads background
color) but this provides another visual queue for the user with
the GUI menu to catch less sophisticated tampering.
The HOTP counter isn't a secret but is just used to prevent replay
attacks (the time-based counter in TOTP isn't a secret either) so it
doesn't need to be protected in the TPM and storing it as a TPM
monotonic counter was causing conflicts with the Heads configuration
counter as TPM 1.2 can only increment one counter per reboot.
This change moves the HOTP counter into the file in /boot that was
previously keeping track of the TPM counter id.
TPM v1.2 has a limitation in that only a single monotonic counter can be
incremented between reboots [1]. So in the event we are using HOTP
monotonic counters, we need to reference those for the Heads rollback
counter when we update file signatures in /boot, otherwise the increment
stage at kexec-sign-config will fail since at each boot, the HOTP
monotonic counter has already been incremented.
[1] https://projects.csail.mit.edu/tc/tpmj/UsersGuide.html#inccounter
The Librem Key is a custom device USB-based security token Nitrokey is
producing for Purism and among other things it has custom firmware
created for use with Heads. In particular, when a board is configured
with CONFIG_LIBREMKEY, this custom firmware allows Heads to use the
sealed TOTP secret to also send an HOTP authentication to the Librem
Key. If the HOTP code is successful, the Librem Key will blink a green
LED, if unsuccessful it will blink red, thereby informing the user that
Heads has been tampered with without requiring them to use a phone to
validate the TOTP secret.
Heads will still use and show the TOTP secret, in case the user wants to
validate both codes (in case the Librem Key was lost or is no longer
trusted). It will also show the result of the HOTP verification (but not
the code itself), even though the user should trust only what the Librem
Key displays, so the user can confirm that both the device and Heads are
in sync. If HOTP is enabled, Heads will maintain a new TPM counter
separate from the Heads TPM counter that will increment each time HOTP
codes are checked.
This change also modifies the routines that update TOTP so that if
the Librem Key executables are present it will also update HOTP codes
and synchronize them with a Librem Key.
