Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[WIP] base: recipes-core: initrdscripts: clear RPMB if aktualizr is configured to use PKCS11 #1115

Draft
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

bravl
Copy link

@bravl bravl commented Apr 20, 2023

If aktualizr-lite was configured to used RPMB in order to store it certifactes, the slot used by aktualizr-lite should be cleared in order to prevent keys and certificates for being exposed after a factory reset.

…red to use PKCS11

If aktualizr-lite was configured to used RPMB in order to store it
certifactes, the slot used by aktualizr-lite should be cleared in order
to prevent keys and certificates for being exposed after a factory reset.

Signed-off-by: Bram Vlerick <[email protected]>
@bravl
Copy link
Author

bravl commented Apr 20, 2023

Still WIP, need to further test but wanted to validate if this would be an acceptable approach.


# Reinitializing a PKCS11 token destroys all objects which
# were associated with that slot.
pkcs11-tool --module ${ptool_module} --init-token --label "unused" --slot ${AKTUALIZR_SLOT}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here I assume you are using the pkcs11 OP-TEE implementation (due RPMB access), so this call will only really work in a generic way with the right module, as we could have other pkcs11 providers that are not necessarily provided by OP-TEE (e.g. softhsm2, pkcs11-tpm2, etc).

Since we can assume we're using pkcs11 OP-TEE we can search if the module is libckteec, and skip otherwise.

You might also need the sopin to initialize, but needs testing (it is also available in sota.toml if needed).

One other thing, since the pkcs11 OP-TEE implementation requires that the pkcs11 trusted application to be loaded and operational in optee, you will need to make sure tee-supplicant is running before executing this command (libckteec will request the TA to be loaded via tee-supplicant on first access). You can use https://github.com/foundriesio/meta-lmp/blob/main/meta-lmp-base/recipes-core/initrdscripts/initramfs-framework/cryptfs_pkcs11 as a guide, since it is also executed as part of the initrd.

Copy link
Author

@bravl bravl Apr 21, 2023

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Here I assume you are using the pkcs11 OP-TEE implementation (due RPMB access), so this call will only really work in a generic way with the right module, as we could have other pkcs11 providers that are not necessarily provided by OP-TEE (e.g. softhsm2, pkcs11-tpm2, etc).

Since we can assume we're using pkcs11 OP-TEE we can search if the module is libckteec, and skip otherwise.

I'm not really familiar with the softhsm2 or tpm2 implementations but if they are both using the PKCS11 interface should this call not be generic? (As long as the right --module parameter is provided)

You might also need the sopin to initialize, but needs testing (it is also available in sota.toml if needed).

Hmm indeed, this call needs an SO pin which will be set during initialisation, No sure if we should re-use the one that was present before or just some static placeholder? I've checked, only the user pin seems to be stored in the sota.toml file. I've got some patches ready to store the hsm_so_pin in fiovb since it's a bit more security sensitive than the user pin but after some testing, even though the spec mentioned when re-initialising you should provide the active SO pin, this does not seem to be enforced in OP-TEE implementation.

One other thing, since the pkcs11 OP-TEE implementation requires that the pkcs11 trusted application to be loaded and operational in optee, you will need to make sure tee-supplicant is running before executing this command (libckteec will request the TA to be loaded via tee-supplicant on first access). You can use https://github.com/foundriesio/meta-lmp/blob/main/meta-lmp-base/recipes-core/initrdscripts/initramfs-framework/cryptfs_pkcs11 as a guide, since it is also executed as part of the initrd.

Thanks for the pointer, I'll have a look at that and add the initialisation.

fi
if [ "${keep_docker}" = "true" ]; then
msg "Keeping current docker content"
FIND_EXCLUDE="${FIND_EXCLUDE} ! -name 'lib'"
fi

cd ${OSTREE_VAR}
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not related to this PR, but to help testing this approach you can just call sh and iterate over the commands manually.

@ricardosalveti
Copy link
Member

Still WIP, need to further test but wanted to validate if this would be an acceptable approach.

Yup, thanks for starting this one, this is the approach I would take as well.

@bravl bravl changed the title WIP: base: recipes-core: initrdscripts: clear RPMB if aktualizr is configured to use PKCS11 [WIP] base: recipes-core: initrdscripts: clear RPMB if aktualizr is configured to use PKCS11 Apr 24, 2023
@bravl bravl marked this pull request as draft April 24, 2023 07:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants