1. 5
  1. 2

    Nice post!

    Deploy tpm2 boot policies to create a Security Violation if boot options are changed

    I did that and while it was nice for security there were numerous practical problems: selecting PCRs to use, if you use too little then the benefit disappears if you use too many (e.g. taking into account currently booting kernel) you may need to input recovery keys frequently (e.g. Arch updates kernels every week or so).

    Additionally TPM chip that I used (Dell XPS 13) randomly failed.

    Ultimately I just scrapped the solution but may return to it with some adjustments.

    Create a fake windows installation partition before your root luks partition

    Yep. Especially interesting is having boot partition on an USB drive and setting up boot to boot to windows if the USB drive is absent.

    1. 3

      Predicting the future kernel checksum value isn’t so hard, you just do the PE/COFF checksuming on the kernel.

      It’s documented as part of the Microsoft Authenticode spec, https://docs.microsoft.com/en-us/windows/win32/debug/pe-format#appendix-a-calculating-authenticode-pe-image-hash

      Grawity has written a tool that helps you do all of this to seal TPM secrets against: https://github.com/grawity/tpm_futurepcr

      I have an implementation of PE/COFF checksuming in my Go UEFI library: https://github.com/Foxboron/goefi/blob/master/efi/pecoff/checksum.go#L23

      1. 1

        Great, thanks for clearing the matter up.

        Is this something that actually works? Are you using it? Why it’s not in extra/community? :)

        1. 2

          Is this something that actually works?

          I think it works! I believe grawity has been trying to use it.

          Are you using it?

          I’m not. I have been largely focusing on fixing my secure boot stuff and look more into the TPM stuff when I’m happy with secure boot.

          Why it’s not in extra/community? :)

          I’d probably consider it experimental honestly. Use at own risk instead of a solution.

      2. 1

        Ultimately I just scrapped the solution but may return to it with some adjustments.

        Good to know. I’ve read online about TPM enforcement being a pain-in-the-arse due to non-standard PCR definitions done by specific manufacturers, but i didn’t know that it was worse because of these random failures.