On 4/7/25 4:29 AM, Gary Lin wrote:
Reset 'ret' to 0 when a test case fails so that the other test cases
could continue.
Also set the exit status to 1 when encountering a failure to reflect the
test result.
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
-
Lin
Reviewed-by: Daniel Kiper
Reviewed-by: Stefan Berger
---
INSTALL | 1 +
1 file changed, 1 insertion(+)
diff --git a/INSTALL b/INSTALL
index 6b04e3016..724584c57 100644
--- a/INSTALL
+++ b/INSTALL
@@ -74,6 +74,7 @@ Prerequisites for make-check:
* wamerican, for grub-fs-tester
On 3/24/25 10:29 AM, Vladimir 'phcoder' Serbinenko wrote:
Is there a risk here of missing the failures? It's common that no one
looks at the output unless it causes a failed build on some CI/CD Le
Good point. Maybe the test script should return '1' when a single error
occurred but run all t
--tpm2-pcrs=0,1 \
+ --tpm2-keyfile="${lukskeyfile}" \
+ --tpm2-nvindex="${nv_index}" || ret=$?
if [ "${ret}" -ne 0 ]; then
- echo "Failed to seal the secret key into ${nv_index}" >&2
+ echo "Failed
sts+=("persistent raw")
+nvtests+=("nvindex raw")
+nvtests+=("nvindex tpm2key")
+
+for i in "${!nvtests[@]}"; do
+tpm2_seal_unseal_nv ${nvtests[$i]} || ret=$?
+if [ "${ret}" -eq 0 ]; then
+ echo "TPM2 [NV Index][${nvtests[$i]}]: PAS
"${ret}" -eq 1 ]; then
echo "TPM2 [NV Index]: FAIL"
+ ret=0
else
echo "Unexpected failure [NV index]" >&2
exit ${ret}
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On 1/12/25 10:07 PM, Gary Lin via Grub-devel wrote:
This commit updates the NV index mode section and the grub-protect
section to reflect the recent changes in TPM2 key protector and
grub-protect.
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
{nv_index}" || :
+grub-protect \
+ --tpm2-device="${tpm2dev}" \
+ --protector=tpm2 \
+ --action=remove \
+ --tpm2-nvindex=${nv_index} \
+ --tpm2-evict || :
if [ "${ret}" -eq 0 ]; then
if ! grep -q "^${vtext}$" "${testoutput}"; then
@@ -366,24 +304,33 @@ srktests+=("ECC transient fallback_srk")
for i in "${!srktests[@]}"; do
tpm2_seal_unseal ${srktests[$i]} || ret=$?
if [ "${ret}" -eq 0 ]; then
-echo "TPM2 [${srktests[$i]}]: PASS"
+echo "TPM2 [SRK][${srktests[$i]}]: PASS"
This should use a \t.
elif [ "${ret}" -eq 1 ]; then
-echo "TPM2 [${srktests[$i]}]: FAIL"
+echo "TPM2 [SRK][${srktests[$i]}]: FAIL"
+ ret=0
Same here.
With these 2 nits fixed:
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
ot;, handle, rc);
+ return GRUB_ERR_BAD_DEVICE;
+}
+
+ return GRUB_ERR_NONE;
+}
+
+static grub_err_t
+protect_tpm2_nv_undefine (TPM_HANDLE_t handle)
+{
+ TPM_RC_t rc;
+ TPM2B_NV_PUBLIC_t nv_public;
+ TPMS_AUTH_COMMAND_t authCmd = {0};
+ TPM2B_NAME_t nv_name;
+
+ /* Find the nvindex handle */
+ rc = grub_tpm2_nv_readpublic (handle, NULL, &nv_public, &nv_name);
+ if (rc != TPM_RC_SUCCESS)
+{
+ fprintf (stderr, "Handle 0x%x not found.\n", handle);
+ return GRUB_ERR_BAD_ARGUMENT;;
s/;;/;
With this nit fixed:
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On 1/8/25 10:58 PM, Gary Lin wrote:
Previously, NV index mode only supported persistent handles which are
only for TPM objects.
On the other hand, the "NV index" handle allows the user-defined data,
so it can be an alternative to the key file and support TPM 2.0 Key
File format immediately.
T
On 1/8/25 10:58 PM, Gary Lin wrote:
This commit updates the NV index mode section and the grub-protect
section to reflect the recent changes in TPM2 key protector and
grub-protect.
Signed-off-by: Gary Lin
---
docs/grub.texi | 188 +++--
1 file ch
On 12/19/24 3:12 AM, Gary Lin via Grub-devel wrote:
This commit updates the NV index mode section and the grub-protect
section to reflect the recent changes in TPM2 key protector and
grub-protect.
Signed-off-by: Gary Lin
---
docs/grub.texi | 185 +++--
On 12/19/24 3:12 AM, Gary Lin wrote:
Since 'grub-protect' already supports NV index mode, tpm2_seal_nv() is
replaced with one 'grub-protect' command to simplify the test script.
Two more NV index test cases are also added to test key sealing and
unsealing with the NV index handle, 0x100.
On 12/19/24 3:12 AM, Gary Lin wrote:
This commit implements the missing NV index mode support in
'grub-protect'. NV index mode stores the sealed key in the TPM
non-volatile memory (NVRAM) instead of a file. There are two supported
types of TPM handles.
1. Persistent handle (0x8100~0x81
On 12/19/24 3:12 AM, Gary Lin wrote:
Previously, NV index mode only supported persistent handles which are
only for the TPM objects. Without introducing new parameters, it is
for TPM objects.
difficult to support authorized policy.
I am not sure how this sentence relates to the patch. Rem
uot;));
+
+ err = tpm2_protector_srk_read_file (filepath, &file_bytes, &file_size);
+ if (err != GRUB_ERR_NONE)
+return err;
+
+ err = tpm2_protector_unseal_buffer (ctx, file_bytes, file_size, key,
key_size);
+
grub_free (file_bytes);
return err;
}
With nits fixed:
Reviewed-by:
_t) 0x0176)
#define TPM_CC_PolicyPCR((TPM_CC_t) 0x017f)
+#define TPM_CC_NV_DefineSpace ((TPM_CC_t) 0x012a)
#define TPM_CC_NV_Read ((TPM_CC_t) 0x014e)
#define TPM_CC_NV_ReadPublic((TPM_CC_t) 0x0169)
+#de
&in);
grub_Tss2_MU_TPMT_PUBLIC_PARMS_Marshal (&in, parms);
+ if (authCommand != NULL)
+grub_Tss2_MU_TPMS_AUTH_COMMAND_Marshal (&in, authCommand);
if (in.error != 0)
return TPM_RC_FAILURE;
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On 12/19/24 3:12 AM, Gary Lin via Grub-devel wrote:
The user may need to inspect the TPM 2.0 PCR values with the GRUB shell,
so the new 'tpm2_dump_pcr' command is added to print all PCRs of the
specified bank.
Signed-off-by: Gary Lin
Tested-by: Stefan Berger
---
..
{sha384}, and @samp{sha512}. If @var{bank}
+is not specified, @samp{sha256} is chosen by default.
+
+Since GRUB measures every command into PCR 8, invoking @command{tpm2_dump_pcr}
+also extends PCR 8, so PCR 8 will not be a stable value in GRUB shell.
Good to know.
Reviewed-by: Stefan Berger
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
if secure boot enabled with PKS, it set the use_static_keys flag
I was not sure at this point what the patch actually does so I
reformulated it a bit. I would start the patch description with the
reason why you are introducing the use_static_ke
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
if secure boot enabled with PKS and set use_static_keys flag, it
If Secure Boot is enabled with PKS and the use_static_keys flag is set,
then read the DB default keys from the ELF note and store them in the
trusted list buffer.
reads the DB
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
To verify the kernel's: verify the kernel binary against list of binary hashes
To verify the kernel's signature?
against lists of binary hashes
that are distrusted and trusted. If it is not listed in both trusted and
distrusted,
that are ei
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
The trusted certificates and binary hashes, distrusted certificates and
binary/certificate hashes will be extracted from the platform keystore buffer
if Secure Boot is enabled with PKS.
In order to verify the integerity of the kernel, the extracted
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
If secure boot is enabled with PKS, it will read secure boot variables
such as db and dbx from PKS and extract certificates from ESL.
It would be saved in the platform keystore buffer, and
What is 'it'. The certificates would be saved ... ?
the
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
If secure boot is enabled with PKS, it will read secure boot variables
such as db and dbx from PKS and extract certificates from ESL.
It would be saved in the platform keystore buffer, and
the appendedsig (module) would read it later to extract
the
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
enhancing the infrastructure to enable the Platform Keystore (PKS) feature,
which provides access to the SB VERSION, DB, and DBX secure boot variables
from PKS.
Signed-off-by: Sudhakar Kuppusamy
---
grub-core/kern/ieee1275/ieee1275.c | 117
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
From: Daniel Axtens
If the 'ibm,secure-boot' property of the root node is 2 or greater,
enter lockdown.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
docs/grub.texi
d_signature}.
+
@node UEFI secure boot and shim
@section UEFI secure boot and shim support
With nits fixed:
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
From: Daniel Axtens
These tests are run through all_functional_test and test a range
of commands and behaviours.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
grub-core/Makefile.core.def
PGP verifier, it is not a complete secure-boot solution:
other mechanisms, such as a password or lockdown, must be used to ensure
that a user cannot drop to the grub shell and disable verification.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
On 12/18/24 9:56 AM, Sudhakar Kuppusamy wrote:
From: Daniel Axtens
This code allows us to parse:
- PKCS#7 signedData messages. Only a single signerInfo is supported,
which is all that the Linux sign-file utility supports creating
out-of-the-box. Only RSA, SHA-256 and SHA-512 are su
compatible, allowing
us to import it without issue.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
.../commands/appendedsig/gnutls_asn1_tab.c| 121 +
.../commands/appendedsig/pkix_asn1_tab.c | 484 ++
2 files changed
n the grub core image in the same way as PGP keys.
Signed-off-by: Alastair D'Silva
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
grub-core/commands/pgp.c| 2 +-
include/grub/kernel.h | 2 ++
include/grub/util/inst
*grub_crypto_pk_dsa;
+struct gcry_pk_spec *grub_crypto_pk_ecdsa;
+struct gcry_pk_spec *grub_crypto_pk_rsa;
+
void
grub_crypto_hash (const gcry_md_spec_t *hash, void *out, const void *in,
grub_size_t inlen)
Reviewed-by: Stefan Berger
_
better and simpler solution is just to spin rsa_pad out into its own
PKCS#1 v1.5 module.
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
grub-core/Makefile.core.def | 8 +
grub-core/commands/pgp.c| 28 ++
grub-core/lib
(dl: Add support for persistent modules)
Signed-off-by: Daniel Axtens
Signed-off-by: Sudhakar Kuppusamy
Reviewed-by: Stefan Berger
---
include/grub/dl.h | 11 +++
1 file changed, 11 insertions(+)
diff --git a/include/grub/dl.h b/include/grub/dl.h
index 750fc8d3d..fb4476797
Platform limitations
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
orm limitations
@chapter Platform limitations
With nit fixed:
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
e_target->link_addr;
if (image_target->voidp_sizeof == 4)
- grub_mkimage_generate_elf32 (image_target, note, sbat, &core_img,
&core_size,
+ grub_mkimage_generate_elf32 (image_target, note, sbat, appsig_size,
&core_img, &core_size,
target_addr, &layout);
else
- grub_mkimage_generate_elf64 (image_target, note, sbat, &core_img,
&core_size,
+ grub_mkimage_generate_elf64 (image_target, note, sbat, appsig_size,
&core_img, &core_size,
target_addr, &layout);
}
break;
With nit fixed:
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
_protector_context_t
*ctx,
if (err != GRUB_ERR_NONE)
goto exit;
- err = tpm2_protector_unseal (policy_seq, sealed_handle, key, key_size);
+ err = tpm2_protector_unseal (policy_seq, sealed_handle, key, key_size,
&dump_pcr);
+
+ /* Dump PCRs if necessary
instead of grub_ieee1275_tpm_version, which can now be
removed.
Signed-off-by: Stefan Berger
---
grub-core/commands/ieee1275/ibmvtpm.c | 2 +-
grub-core/lib/ieee1275/tcg2.c | 40 ---
include/grub/ieee1275/tpm.h | 1 -
3 files changed, 18 insertions
Signed-off-by: Stefan Berger
Reviewed-by: Daniel Kiper
---
grub-core/Makefile.core.def | 1 +
1 file changed, 1 insertion(+)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 8ecedf986..f70e02e69 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core
Consoldiate repeated definitions of IEEE1275_IHANDLE_INVALID that are cast
to the type grub_ieee1275_ihandle_t.
Signed-off-by: Stefan Berger
---
grub-core/commands/ieee1275/ibmvtpm.c | 4 +---
grub-core/term/ieee1275/serial.c | 8 +++-
include/grub/ieee1275/ieee1275.h | 1 +
3
The TPM bit fields need to be in reverse order for big endian targets,
such as ieee1275 PowerPC platforms that run grub in big endian mode.
Signed-off-by: Stefan Berger
Reviewed-by: Gary Lin
Reviewed-by: Daniel Kiper
---
grub-core/lib/tss2/tss2_structs.h | 38
.
Regards,
Stefan
v3:
- Applied Daniel's R-b tags
- Added patches 2 & 3/7 for cleaning up of IEEE1275_IHANDLE_INVALID
- Using bools instead of ints
- Fixed commit messages
v2:
- Applied Gary's R-b tag to 1/5
- Split v1 2/2 into 4 patches
- Refactoring of grub_ieee1275_tpm_init
S
Cast 0 to proper type grub_ieee1275_ihandle_t. This type is used for
struct grub_serial_port's handle that assigns or compares with
IEEE1275_IHANDLE_INVALID.
Signed-off-by: Stefan Berger
---
grub-core/term/ieee1275/serial.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --
Move common initialization functions from the ibmvtpm driver module into
tcg2.c that will be moved into the new TCG2 driver in a subsequent patch.
Make the functions available to the ibmvtpm driver as public functions
and variables.
Signed-off-by: Stefan Berger
Reviewed-by: Daniel Kiper
: Stefan Berger
---
grub-core/Makefile.core.def | 3 +-
grub-core/lib/ieee1275/tcg2.c | 104 ++
2 files changed, 106 insertions(+), 1 deletion(-)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index c5fd796d4..8ecedf986 100644
--- a/grub-core
On 11/26/24 9:44 AM, Daniel Kiper wrote:
On Mon, Nov 25, 2024 at 05:41:40PM -0500, Stefan Berger wrote:
Move tpm_get_tpm_version into grub_ieee1275_tpm_init and invalidate
s/tpm_get_tpm_version/tpm_get_tpm_version()/
s/grub_ieee1275_tpm_init/grub_ieee1275_tpm_init
Signed-off-by: Stefan Berger
---
grub-core/Makefile.core.def | 1 +
1 file changed, 1 insertion(+)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index 8ecedf986..f70e02e69 100644
--- a/grub-core/Makefile.core.def
+++ b/grub-core/Makefile.core.def
@@ -2591,6 +2591,7
Move common initialization functions from the ibmvtpm driver module into
the new TCG2 driver that will be turned into a built-in driver soon.
Already make the functions available to the ibmvtpm driver as public
functions and variables.
Signed-off-by: Stefan Berger
---
grub-core
.
Signed-off-by: Stefan Berger
---
grub-core/Makefile.core.def | 3 +-
grub-core/lib/ieee1275/tcg2.c | 104 ++
2 files changed, 106 insertions(+), 1 deletion(-)
diff --git a/grub-core/Makefile.core.def b/grub-core/Makefile.core.def
index c5fd796d4..8ecedf986
The TPM bit fields need to be in reverse order for big endian targets,
such as ieee1275 PowerPC platforms that run grub in big endian mode.
Signed-off-by: Stefan Berger
Reviewed-by: Gary Lin
---
grub-core/lib/tss2/tss2_structs.h | 38 +++
1 file changed, 38
.
Regards,
Stefan
v2:
- Applied Gary's R-b tag to 1/5
- Split v1 2/2 into 4 patches
- Refactoring of grub_ieee1275_tpm_init
Stefan Berger (5):
tss2: Adjust bit fields for big endian targets
ieee1275/ibmvtpm: Move initializaton functions to TCG2 driver
ieee1275/tcg2: Refactor grub_ie
.
Signed-off-by: Stefan Berger
---
grub-core/commands/ieee1275/ibmvtpm.c | 2 +-
grub-core/lib/ieee1275/tcg2.c | 43 +++
include/grub/ieee1275/tpm.h | 1 -
3 files changed, 18 insertions(+), 28 deletions(-)
diff --git a/grub-core/commands/ieee1275
On 11/25/24 1:22 PM, Daniel Kiper wrote:
On Tue, Nov 12, 2024 at 01:04:39PM -0500, Stefan Berger wrote:
Follow recent extensions of EFI support providing a TCG2 driver with a
public API for getting the maximum TPM command size and passing a TPM
command through to the TPM 2. Implement this
eature for the systems to
implement full disk encryption.
I tested this now again on ppc64 (kvm) with the --tpm2key option (I
would recommend) and without it (-k & -p passed to tpm2_key_protector_init):
Tested-by: Stefan Berger
___
Grub-deve
.
Signed-off-by: Stefan Berger
---
grub-core/Makefile.core.def | 3 +
grub-core/commands/ieee1275/ibmvtpm.c | 46 +--
grub-core/lib/ieee1275/tcg2.c | 167 ++
include/grub/ieee1275/tpm.h | 31 +
4 files changed, 205 insertions(+), 42
The TPM bit fields need to be in reverse order for big endian targets,
such as ieee1275 PowerPC platforms that run grub in big endian mode.
Signed-off-by: Stefan Berger
---
grub-core/lib/tss2/tss2_structs.h | 38 +++
1 file changed, 38 insertions(+)
diff --git a
.
Regards,
Stefan
Stefan Berger (2):
tss2: Adjust bit fields for big endian targets
ieee1275: Add TCG2 driver for ieee1275 PowerPC firmware
grub-core/Makefile.core.def | 3 +
grub-core/commands/ieee1275/ibmvtpm.c | 46 +--
grub-core/lib/ieee1275/tcg2.c
Reviewed-by: Stefan Berger
---
docs/grub.texi | 525 +
1 file changed, 525 insertions(+)
diff --git a/docs/grub.texi b/docs/grub.texi
index fdd49d62e..71bd6d932 100644
--- a/docs/grub.texi
+++ b/docs/grub.texi
@@ -6443,6 +6443,8 @@ you forget a
o load the LUKS image,
try to mount the image with tpm2_key_protector_init and cryptomount, and
verify the result.
Based on the idea from Michael Chang.
Cc: Michael Chang
Cc: Stefan Berger
Cc: Glenn Washburn
Signed-off-by: Gary Lin
Reviewed-by: Daniel Kiper
Reviewed-by: Ste
On 11/4/24 2:32 AM, Gary Lin via Grub-devel wrote:
Update the user manual to address TPM2 key protector including the two
related commands, tpm2_key_protector_init and tpm2_key_protector_clear,
and the user-space utility: grub-protect.
Signed-off-by: Gary Lin
---
+@example
+# @kbd{dd if=/d
received from the response.
Cc: Stefan Berger
Signed-off-by: Hernan Gatta
Signed-off-by: Gary Lin
Reviewed-by: Daniel Kiper
---
grub-core/lib/tss2/tss2_mu.c | 1174 +
grub-core/lib/tss2/tss2_mu.h | 397 ++
grub-core/lib/tss2/tss2_structs.h | 796
_tpm2_hash()
* grub_tpm2_verifysignature()
* grub_tpm2_policyauthorize()
* grub_tpm2_testparms()
Cc: Stefan Berger
Signed-off-by: Hernan Gatta
Signed-off-by: Gary Lin
Reviewed-by: Daniel Kiper
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-dev
, so there is no need to specify PCRs when
invoking tpm2_key_protector_init.
Cc: Stefan Berger
Signed-off-by: Hernan Gatta
Signed-off-by: Gary Lin
---
.gitignore|2 +
Makefile.util.def | 26 +
configure.ac | 30 +
docs/man/grub-protect.h2m |
ence is always based on the PCR selection from the command
parameters.
This commit only supports one policy command: TPM2_PolicyPCR. The
command set will be extended to support advanced features, such as
authorized policy, in the later commits.
Cc: Stefan Berger
Cc: James Bottomley
Signed-off-b
On 11/4/24 2:32 AM, Gary Lin via Grub-devel wrote:
Update the user manual to address TPM2 key protector including the two
related commands, tpm2_key_protector_init and tpm2_key_protector_clear,
and the user-space utility: grub-protect.
Signed-off-by: Gary Lin
---
docs/grub.texi | 512 ++
On 10/21/24 4:07 AM, Gary Lin wrote:
From: Hernan Gatta
To utilize the key protectors framework, there must be a way to protect
full-disk encryption keys in the first place. The grub-protect tool
includes support for the TPM2 key protector but other protectors that
require setup ahead of time
On 9/20/24 4:16 AM, Gary Lin wrote:
On Fri, Sep 13, 2024 at 10:25:14AM -0400, Stefan Berger wrote:
+SHA1, SHA256, SHA384, and SHA512, and the default is SHA256.
+
+There are some options only available for the specific mode. The SRK-specific
+options are @option{-T}, @option{-k}, @option
On 9/19/24 3:45 AM, Gary Lin wrote:
On Wed, Sep 18, 2024 at 11:22:16AM -0400, Stefan Berger wrote:
*handle = (TPM_HANDLE_t) num;
How about this change?
- return grub_error (GRUB_ERR_OUT_OF_RANGE, "Value %lu is too large to be a TPM
handle, TPM handles are unsigned 32-bit int
On 9/6/24 5:11 AM, Gary Lin via Grub-devel wrote:
From: Hernan Gatta
The TPM2 key protector is a module that enables the automatic retrieval
of a fully-encrypted disk's unlocking key from a TPM 2.0.
The theory of operation is such that the module accepts various
arguments, most of which are
On 9/18/24 10:09 AM, Stefan Berger wrote:
On 9/17/24 11:05 PM, Gary Lin wrote:
On Mon, Sep 16, 2024 at 01:42:18PM -0400, Stefan Berger wrote:
tests/asn1/tests/Test_overflow.c: In function ‘test_overflow’:
tests/asn1/tests/Test_overflow.c:48:50: error: left shift of negative
value
On 9/17/24 11:05 PM, Gary Lin wrote:
On Mon, Sep 16, 2024 at 01:42:18PM -0400, Stefan Berger wrote:
tests/asn1/tests/Test_overflow.c: In function ‘test_overflow’:
tests/asn1/tests/Test_overflow.c:48:50: error: left shift of negative value
[-Werror=shift-negative-value]
48
On 9/6/24 5:11 AM, Gary Lin wrote:
A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
compose and submit TPM commands and parse reponses.
+static TPM_RC_t
+tpm2_submit_command_real (const TPMI_ST_COMMAND_TAG_t tag,
+ const TPM_CC_t commandCode,
+
On 9/16/24 1:42 PM, Stefan Berger wrote:
On 9/15/24 11:35 PM, Gary Lin wrote:
On Mon, Sep 16, 2024 at 10:24:03AM +0800, Gary Lin wrote:
On Fri, Sep 13, 2024 at 10:32:39AM -0400, Stefan Berger wrote:
On 9/6/24 5:10 AM, Gary Lin wrote:
GIT repo for v19: https://github.com/lcp/grub2/tree
On 9/15/24 11:35 PM, Gary Lin wrote:
On Mon, Sep 16, 2024 at 10:24:03AM +0800, Gary Lin wrote:
On Fri, Sep 13, 2024 at 10:32:39AM -0400, Stefan Berger wrote:
On 9/6/24 5:10 AM, Gary Lin wrote:
GIT repo for v19: https://github.com/lcp/grub2/tree/tpm2-unlock-v19
This patch series is based
On 9/6/24 5:10 AM, Gary Lin wrote:
GIT repo for v19: https://github.com/lcp/grub2/tree/tpm2-unlock-v19
This patch series is based on "Automatic TPM Disk Unlock"(*1) posted by
Hernan Gatta to introduce the key protector framework and TPM2 stack
to GRUB2, and this could be a useful feature for t
On 9/6/24 5:11 AM, Gary Lin wrote:
Update the user manual to address TPM2 key protector including the two
related commands, tpm2_key_protector_init and tpm2_key_protector_clear,
and the user-space utility: grub-protect.
Signed-off-by: Gary Lin
---
docs/grub.texi | 507 ++
Reviewed-by: Stefan Berger
---
grub-core/lib/libtasn1/lib/decoding.c | 8
grub-core/lib/libtasn1/lib/element.c| 2 +-
grub-core/lib/libtasn1/lib/gstr.c | 2 +-
grub-core/lib/libtasn1/lib/int.h| 3 +--
grub-core/lib/libtasn1/lib/parser_aux.c | 2 +-
in
yAuthorize, TPM2_TestParms
Cc: Stefan Berger
Signed-off-by: Hernan Gatta
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/grub-devel
ten in the key file, so there is no need to specify PCRs when
invoking tpm2_key_protector_init.
Cc: Stefan Berger
Signed-off-by: Hernan Gatta
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
___
Grub-devel mailing list
Grub-devel@gnu
d then others, so
that the auto-unlocked disk will be found first, not the attacker's disk.
Signed-off-by: Gary Lin
Cc: Fabian Vogt
Reviewed-by: Stefan Berger
---
grub-core/disk/diskfilter.c | 35 ++-
1 file changed, 26 insertions(+), 9 deletions(-)
di
image,
try to mount the image with tpm2_key_protector_init and cryptomount, and
verify the result.
Based on the idea from Michael Chang.
Cc: Michael Chang
Cc: Stefan Berger
Signed-off-by: Gary Lin
---
Makefile.util.def| 6 +
tests/tpm2_test.in | 311
now set. Print the existing errors out first, before
proceeding with the passphrase.
Cc: Stefan Berger
Signed-off-by: Patrick Colp
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
---
grub-core/disk/cryptodisk.c | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a
On 4/15/24 05:45, Gary Lin wrote:
On Fri, Apr 12, 2024 at 12:24:36PM -0400, Stefan Berger wrote:
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
GIT repo for v11: https://github.com/lcp/grub2/tree/tpm2-unlock-v11
This patch series is based on "Automatic TPM Disk Unlock"(*1)
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
From: Patrick Colp
If a protector is specified, but it fails to unlock the disk, fall back
to asking for the passphrase. However, an error was set indicating that
the protector(s) failed. Later code (e.g., LUKS code) fails as
`grub_errno` is no
emory to retrieve the secret key. To defend
such attack, wipe out the cached key when we don't need it.
Signed-off-by: Gary Lin
Cc: Fabian Vogt
Reviewed-by: Stefan Berger
---
grub-core/disk/cryptodisk.c | 6 +-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/grub
the device node on host, it's easy to
implement the essential TCG2 command submission function with the
read/write functions and enable tpm2 module for grub-emu, so that we can
further test TPM key unsealing with grub-emu.
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
---
grub
-by: Patrick Colp
Signed-off-by: Gary Lin
Reviewed-by: Stefan Berger
---
grub-core/tpm2/module.c | 25 -
1 file changed, 20 insertions(+), 5 deletions(-)
diff --git a/grub-core/tpm2/module.c b/grub-core/tpm2/module.c
index 0ed8f2682..b4d588b0c 100644
--- a/grub-core/t
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
From: Hernan Gatta
To utilize the key protectors framework, there must be a way to protect
full-disk encryption keys in the first place. The grub-protect tool
includes support for the TPM2 key protector but other protectors that
require setup a
"
+ "failed to unlock %s%s%s (%s)\n",
+cargs->protectors[i], source->name,
+source->partition != NULL ? "," : "",
+part != NULL ? part : N_("UNKNO
On 4/12/24 04:39, Gary Lin via Grub-devel wrote:
From: Hernan Gatta
The TPM2 key protector is a module that enables the automatic retrieval
of a fully-encrypted disk's unlocking key from a TPM 2.0.
A few minor finds/comments below.
The theory of operation is such that the module accepts
t
+grub_key_protector_unregister (struct grub_key_protector *protector);
+
+grub_err_t
+grub_key_protector_recover_key (const char *protector,
+ grub_uint8_t **key,
+ grub_size_t *key_size);
+
+#endif /* ! GRUB_PROTECTOR_HEADER */
with nit fixed:
R
ibtasn1: compile into asn1 module
-: - > 7: 24c129e64 asn1_test: test module for libtasn1
-: - > 8: 7a1aced55 libtasn1: Add the documentation
-: - > 9: 957b048f2 key_protector: Add key protectors framework
1: ca024f496 ! 10: cbeaf8472 tpm2: Add TPM Software St
,gpt1)/boot/grub2/sealed.tpm
cryptomount -u -P tpm2
For any change in the boot components, just run the 'sign' command again
to update the signature in sealed.tpm, and TPM can unseal the key file
with the updated PCR policy.
(*1) https://www.hansenpartnership.com/draft-bottomley-tpm2-keys.html
On 4/9/24 04:30, Gary Lin via Grub-devel wrote:
For the tpm2 module, the TCG2 command submission function is the only
difference between the a QEMU instance and grub-emu. To test TPM key
unsealing with a QEMU instance, it requires an extra OS image to invoke
grub-protect to seal the LUKS key, r
On 4/12/24 04:39, Gary Lin wrote:
From: Hernan Gatta
A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
compose, submit, and parse TPM commands and responses.
compose and submit TPM commands and parse reponses.
A limited number of TPM commands may be accessed via the E
On 4/9/24 04:30, Gary Lin via Grub-devel wrote:
From: Hernan Gatta
A Trusted Platform Module (TPM) Software Stack (TSS) provides logic to
compose, submit, and parse TPM commands and responses.
A limited number of TPM commands may be accessed via the EFI TCG2
protocol. This protocol exposes f
1 - 100 of 294 matches
Mail list logo
