acbb504eaf
Prevent attackers from spoofing the tpmKey portion of the AuthSession by adding a trusted key to the LUKS header metadata. Also, use a persistent object rather than a transient object. This provides the following benifits: 1. No way to MITM the tpmKey portion of the session, see [1] for details. 2. Strengthens the encrypted sessions, note that the bindKey could be dropped now. 3. Speed, once it's created we just use it. 4. Owner Auth is needed to call create primary, so using the SRK creates a scratch space for normal users. This is a "first to set" model, in where the first person to set the key in the LUKS header wins. Thus, setup should be done in a known good state. If an SRK, which is a primary key at a special persistent address, is found, it will use whatever is there. If not, it creates an SRK. The SRK follows the convetions used through the tpm2-software organization code on GitHub [2], however, a split has occured between Windows and Linux with respect to SRK templates. The Linux SRK is generated with the unique field size set to 0, in Windows, it properly sets the size to key size in bytes and the unique data to all 0's of that size. Note the proper templates for SRKs is covered in spec [3]. However, the most important thing, is that both SRKs are passwordless, and thus they should be interchangable. If Windows is the first to make the SRK, systemd will gladly accept it and vice-versa. 1. Without the bindKey being utilized, an attacker was able to intercept this and fake a key, thus being able to decrypt and encrypt traffic as needed. Introduction of the bindKey strengthened this, but allows for the attacker to brute force AES128CFB using pin guesses. Introduction of the salt increases the difficulty of this attack as well as DA attacks on the TPM objects itself. 2. https://github.com/tpm2-software 3. https://trustedcomputinggroup.org/wp-content/uploads/TCG-TPM-v2.0-Provisioning-Guidance-Published-v1r1.pdf Fixes: #20668 Fixes: #22637 Signed-off-by: William Roberts <william.c.roberts@intel.com>
System and Service Manager
Details
Most documentation is available on systemd's web site.
Assorted, older, general information about systemd can be found in the systemd Wiki.
Information about build requirements is provided in the README file.
Consult our NEWS file for information about what's new in the most recent systemd versions.
Please see the Code Map for information about this repository's layout and content.
Please see the Hacking guide for information on how to hack on systemd and test your modifications.
Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.
When preparing patches for systemd, please follow our Coding Style Guidelines.
If you are looking for support, please contact our mailing list or join our IRC channel.
Stable branches with backported patches are available in the stable repo.