Le 10/03/2025 à 21:42, aplanas a écrit :
On 2025-03-10 18:25, Diorcet Yann wrote:
Le 10/03/2025 à 17:27, Adrian Vovk a écrit :
2) Just before opening the var LUKS:
PCR15=0 or something predictable
cryptsetup is used to open var and update PCR15 thanks to
tpm2-measure-pcr=yes. but in this case /dev/sda1 is replaced with the
original /dev/sda1 partition.
I think that you mean that /dev/sda2 (/var) is replaced with the
original /dev/sda1 (rootfs), so mounting the original root in /var,
right?
Yes that it, sorry for the mistake.
PCR15=hash1
3) initrd makes the mount of the fs, makes multiple measurements
(notably on PCR11 with leave-initrd) then chroots and executes
malicious init.
Is PCR15 checked against a pre-calculated value saved in the signed
initrd before leaving initrd? If it's not the case, then when
executing the init from the chrooted malicious partition, the original
/dev/sda1 LUKS will be opened and mounted as var.
You need a service in the initrd to do that. systemd AFAIK is not
currently providing one, but the plumbing is there to bring your own.
Thanks for the links btw
Regards,
Yann
