Conversation
Jarkko Sakkinen
jarkko
Edited 6 months ago
TPM2-measured boot with bus protection is pretty nice actually for Linux installations where secure boot is not enabled, like the default Arch Linux installation for instance.
For the sake of "defence in depth", I'd enable both if it is out-of-the-box feature but would not probably bother with secure boot if it requires extra work.
So, the takeaway from this is that it would make a lot of sense to make measured boot happen in arch-install installation as opt-in feature. No Microsoft key required.
Still so far the most informative overview for the shenanigans is https://microos.opensuse.org/blog/2023-12-20-sdboot-fde/ but I'd also look for more recent references.
Policy hash calculation per kernel package update for LUKS2 is what needs to happen over time whenever a new kernel package is installed with hooks/scripts.
So the thing that was hyped to DRM the world into a locked down hellhole rendered out the Microsoft key hard binding instead 🤷
#tpm #linux #archlinux #opensuse #secureboot #security
For the sake of "defence in depth", I'd enable both if it is out-of-the-box feature but would not probably bother with secure boot if it requires extra work.
So, the takeaway from this is that it would make a lot of sense to make measured boot happen in arch-install installation as opt-in feature. No Microsoft key required.
Still so far the most informative overview for the shenanigans is https://microos.opensuse.org/blog/2023-12-20-sdboot-fde/ but I'd also look for more recent references.
Policy hash calculation per kernel package update for LUKS2 is what needs to happen over time whenever a new kernel package is installed with hooks/scripts.
So the thing that was hyped to DRM the world into a locked down hellhole rendered out the Microsoft key hard binding instead 🤷
#tpm #linux #archlinux #opensuse #secureboot #security
3
0
2
Štěpán Škorpil 
stepan@skorpil.cz
@jarkko I have set it up in a way that does not need to reseal the key on every kernel update. I use a combination of secure boot with kernel signed with my custom keys and tpm revealing luks secret only if bios or bios options haven't been tampered with. With this setup I only need to reseal the key on bios upgrades and on changed bios options.
1
0
1
Morten Linderud
Foxboron@chaos.socialIt's quite trivial to get Secure Boot working, in general, without MS keys.
https://github.com/Foxboron/sbctl
But admittedly we (as in Arch) should really get the SB situation sorted.
0
0
1
Štěpán Škorpil
stepan@skorpil.cz
0
0
0
@Foxboron @stepan With this measured boot stuff I'd wait maybe a while so that Fedora and OpenSUSE catch up and stabilize the integration. Should give a good overall reference model. And obviously weight if it makes "existentially" sense for Arch Linux (I personally think it does but not my call 🙂 ).
It is orthogonal feature towards secure boot, i.e. they do not fight with each other. You can have either or both enabled/disable. All combinations should work. Obvious plus with measured boot is that it does not required *any* special keys. You can still have a recovery passphrase in luks2 if something goes terribly wrong, e.g if in the kernel update process the policy hash is not correctly updated, and similar situations.
It is orthogonal feature towards secure boot, i.e. they do not fight with each other. You can have either or both enabled/disable. All combinations should work. Obvious plus with measured boot is that it does not required *any* special keys. You can still have a recovery passphrase in luks2 if something goes terribly wrong, e.g if in the kernel update process the policy hash is not correctly updated, and similar situations.
1
0
0
@Foxboron @stepan Right missed somehow the cryptenroll part. Well I don't use Arch Linux, it was an example, and this stuff is not universally enabled yet. So was more broad and before the v6.10 changes measured boot was wide-open for online attacks, which is now fixed with bus encryption and integrity protection. I just use stock OpenSUSE installation.
I'm neither sure how well this is enabled in arch-install which i sometimes use for VM's mainly for kernel testing. Manual configuration is no-go because they are VM's that don't have long lifetime. I use this route for kernel testing only if arch-install fulfills those needs. Does it BTW already take care of LUKS2?
I'm neither sure how well this is enabled in arch-install which i sometimes use for VM's mainly for kernel testing. Manual configuration is no-go because they are VM's that don't have long lifetime. I use this route for kernel testing only if arch-install fulfills those needs. Does it BTW already take care of LUKS2?
1
0
0
Adam Chovanec
staticnoisexyz@infosec.exchange@jarkko the urge to repartition my drive and switch to systemd-boot is strong, but I will resist. Sounds super interesting though!
0
0
1