Features:
+* during the initrd → host transition measure a fixed value into TPM PCR 11
+ (where we already measure the UKI into), so that unlock policies for disk
+ enryption/credential encryption can be put together that only work in the
+ initrd or only on the host (or both).
+
* Add support for extra verity configuration options to systemd-reart (FEC, hash type, etc)
* chase_symlinks(): take inspiraton from path_extract_filename() and return
* systemd-measure tool:
- pre-calculate PCR 12 (command line) + PCR 13 (sysext) the same way we can precalculate PCR 11
- - sign pre-calculated hashes in a way compatible with TPM2 PCR hash signature
- policies, in a way they can be included in unified PE kernel images, and
- made available to userspace. There, this should be consumed by
- systemd-cryptsetup to implement PCR signature based TPM volume unlock
- policies.
* in sd-boot: load EFI drivers from a new PE section. That way, one can have a
"supercharged" sd-boot binary, that could carry ext4 drivers built-in.
* repart: allow defining additional partitions via credential
-* tmpfiles: add snippet that provisions /etc/hosts, /etc/motd,
- /root/.ssh/authorized_keys from credential
+* tmpfiles: add snippet that provisions /root/.ssh/authorized_keys from credential
* timesyncd: pick NTP server info from credential
* given that /etc/ssh/ssh_config.d/ is a thing now, ship a drop-in for that
that hooks up userbdctl ssh-key stuff.
-* allow embedding a signature blob for PCR hashes into separate section in
- unified kernel binaries. This section should be picked up by sd-stub, and
- passed in a file to the booted kernel (via initrd cpio, as usual). Usecase:
- this way we can implement disk encryption policies that bind to specific
- kernel PCR state, without breaking things on every kernel update. As long as
- the kernel includes the PCR signature blob we should be good, as disk
- encryption can then pass the signature to the TPM to unlock their secrets.
- Why do this via a separate PE section? That's because the PCR state depends
- on the measured kernel/initrd of course, thus we cannot put the signature
- into the kernel/initrd itself, because that would require a time machine.
- Hence we have to find a separate place. A simple solution is a PE section
- of its own, because then it is next to the kernel and initrd which after all
- are stored in PE sections of their own too. Building a unified kernel would
- thus mean, calculating PCR values for the raw kernel image, and raw initrd
- image, then signing those PCR values with a vendor key, and then combining
- sd-stub, raw kernel image, raw initrd, and PCR signature into a unified
- kernel image.
-
-* a new tool "systemd-trust" or so, that can calculate PCR hashes offline, and
- optionally sign them. for that we should extend our syntax for specifying pcr
- policies (e.g. the string like "4+7+9") so that it can also include explicit
- hash values, i.e.
- 4=sha256:0ef149998289474e4bb31813edda6ad7f3c991b2d8dec6e8fe4db7a1f039f2d1+7=sha256:87428fc522803d31065e7bce3cf03fe475096631e5e07bbd7a0fde60c4cf25c7+9=sha256:0263829989b6fd954f72baaf2fc64bc2e2f01d692d4de72986ea808f6e99813f
- and file names to calculate hashes from, i.e.
- 4=file:/boot/vmlinuz+7=file:/boot/initrd/+9=file:/etc/fstab"
- The systemd-trust tool should then be able to resolve any "underspecifed"
- form into the form with explicit hash values.
-
* maybe add support for binding and connecting AF_UNIX sockets in the file
system outside of the 108ch limit. When connecting, open O_PATH fd to socket
inode first, then connect to /proc/self/fd/XYZ. When binding, create symlink
to target dir in /tmp, and bind through it.
-* tmpfiles: for f/F/w lines, if the argument columns is left unspecified, look
- for a service credential named after the file path to write to, and load
- contents to write from there. Usecase: provision arbitrary files from
- credentials. Example use: with a line like "f /root/.ssh/authorized-keys
- 0644 root root" in a tmpfiles.d/ snippet add
- LoadCredential=root.ssh.authorized-keys via drop-in to
- systemd-tmpfiles.service, and then provision an SSH access key through
- nspawn's --load-credential=, through qemu's fw_cfg, or via systemd-stub's
- credntial pick-up. The latter is particularly interesting to implement SSH
- access to an initrd.
-
* systemd-homed: when initializing, look for a credential sysemd.homed.register
or so with JSON user records to automatically register if not registered yet.
Usecase: deploy a system, and add an account one can directly log into.
set up the directory so that it can only be accessed if host and app are in
order.
-* TPM2: add auth policy for signed PCR values to make updates easy. i.e. do
- what tpm2_policyauthorize tool does. To be truly useful scheme needs to be a
- bit more elaborate though: policy probably must take some nvram based
- generation counter into account that can only monotonically increase and can
- be used to invalidate old PCR signatures. Otherwise people could downgrade to
- old signed PCR sets whenever they want. Usecase: encrypt the rootfs with LUKS
- with a key that can only be unlocked via a pristine pre-built Fedora
- kernel+initrd.
+* TPM2: extend unlock policy to protect against version downgrades in signed
+ policies: policy probably must take some nvram based generation counter into
+ account that can only monotonically increase and can be used to invalidate
+ old PCR signatures. Otherwise people could downgrade to old signed PCR sets
+ whenever they want.
* update HACKING.md to suggest developing systemd with the ideas from:
https://0pointer.net/blog/testing-my-system-code-in-usr-without-modifying-usr.html