-
Notifications
You must be signed in to change notification settings - Fork 78
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
What specific measurements does TrustedGRUB2 make? #25
Comments
For PCR 8 and PCR 9 have a look in the Wiki PCR 10: yes, that would be the easiest. PCR 11: yes, that should work. Feel free to ask if you have more questions |
I tried to compute the PCR 8 and worked perfectly the sha1sum of the dump matched the measurement values in For PCR 9, however,
And the output of (Please note though that I haven't yet built the modules into core.img.) |
I can confirm that precomputation of PCR 9 does not work as described in the Wiki. I think thik this is related to the HP workaround introduced in version 1.2.1. Could you please try if it works with version 1.2.0 ? |
It works with v1.2.0! Would it be possible to have a compile-time option to enable the HP workarounds (or vice-versa, to disable them)? That way I won't be stuck with an older version. If you prefer, I could do the work involved if you could help me along the way. And thanks for all the help so far! I am going to try it with the modules built-in and I am going to try PCR 11 next which be some trial and error. Just to double-check, what TrustedGRUB2 does is it chain-hashes all the commands it executes, correct? If so, there's for example a |
Glad to hear that it is working with v1.2.0. Disabling the workaround in default mode is already on my todo list: #18 I also try to lookup how to do the precomputation in case the workaround is activated.
Yes, exactly. Hopefully i have some time in the future to write a tool that automatically precomputes the PCR for a given grub.cfg
Only the commands that are executed are measured. |
Is there a way to get some debug output to see what commands are executed on boot? |
Also, would it be simpler to just measure grub.cfg? Are there any downsides to it? Is that the case that user might execute other commands besides the ones executed in grub.cfg? |
If you define Thats probably too fast therefore you should add an sleep with
I'm not really sure about this. You could measure grub.cfg but that does not mean that everything is actually executed in there. So i felt safer to measure at least additionally all commands that are executed. |
I tried your suggestion of defining
So I suggest following changes to measuring commands:
This change should be fairly straightforward from reading the code and I can send a pull request if you think you will accept it. Thanks for all the help so far! 😄 |
I'm fine with that change. One remark: if there is a command between those Looking forward to your PR ;-) |
Fix event log prefix
I am using
tpm-luks
to store keys in the TPM NVRAM and the initramfs has a module (provided by tpm-luks) which retrieves the key from TPM and mounts the LUKS partition using that key. These keys can also be sealed using the TPM and are only retrievable if the TPM is in the correct state.The issue is that when I upgrade the kernel etc., the PCR states will change on next boot and I won't be able to unseal the data. So my question is, what specific things does TrustedGRUB2 measure that I can measure using
tpm-luks
kernel update hook so that the key can be reasealed using the correct PCR states?In particular, from the question here: #2, I gather:
dd if=/dev/sdX bs=512 skip=1 count=1 | sha1sum
and thenPCR8 = sha1sum( 0000000000000000000000000000000000000000 || SHA1 from command above )
.menuentry
string itself? This assumption is from reading the TrustedGRUB2 code so I am not 100% sure - would appreciate if you could confirm!And of course I can easily verify this on the machine to make sure that
tpm-luks
andTrustedGRUB2
are making the same measurements.Thanks a lot for being so helpful! 😄
The text was updated successfully, but these errors were encountered: