Possible TPM uses in fprintd/libfprint
by Benjamin Berg
Hi,
I was wondering if someone has ideas about integrating the TPM with
Fingerprint readers.
Recently I started looking into supporting Secure Device Connection
Protocol (SDCP, [1]) in libfprint. The general idea is to verify that
the Fingerprint reader can be trusted, but I initially also imagined
that further use-cases like unsealing data in a TPM may be possible
(e.g. to retrieve disk encryption keys).
However, looking into it more, my current conclusion is that there is
little to no advantage to use the TPM. At least not unless one also has
a trusted (userspace) program which is capable of signing TPM
authorizations. One could easily offload the required parts into a
small helper, but that may require ensuring it runs in a trusted
execution environment.
Microsoft seems to run relevant parts as trustlets that are walled off
from the rest of the system. That seems sensible to me, but it also
means requiring all the infrastructure for execution and signing and I
doubt that is feasible currently.
Right now I'll probably go the way of not using the TPM at all. But I
am really not an expert for this. So should someone see scenarios where
a TPM is actually helpful in this context, then I would like to hear
about them.
Benjamin
PS: A quick summary of how SDCP works:
* Device has a private ECC key that signs the firmware and ephemeral
keys during boot (and is inaccessible afterwards)
* A certificate proofs that this key was provisioned in factory
* Device builds a shared secret with the host (s)
* Device sends id, HMAC_SHA256(s, "identify" || nonce || id)
when the finger "id" was presented.
* The HMAC proofs knowledge of the shared secret and authorizes the
print.
[1] https://github.com/microsoft/SecureDeviceConnectionProtocol/wiki/Secure-D...
1 week, 3 days
New FAPI Policy Editor
by Fuchs, Andreas
Hi all,
I just wanted to announce the availability of a policy editor for tpm2-tss libtss2-fapi.so and the tpm2-tools tss2_* tools
on our community page:
https://tpm2-software.github.io/fapipolicies/
This is based on an effort by Peter Huewe and Jürgen Repp.
It's still _very_ beta, so be careful when using.
Cheers,
Andreas
1 year, 8 months
[Release Candidate] tpm2-tools 5.0-rc0
by Imran Desai
I am pleased to announce the pre-release of tpm2-tools version 5.0 available
here: https://github.com/tpm2-software/tpm2-tools/releases/tag/5.0-rc0
Thank you to all the contributors for participating in this release.
Your feedback for this major release is much appreciated.
Some highlights:
Update tpm2-tss dependency version to 3.0.1 and tpm2-abrmd dependency version to 2.3.3
tpm2_tools and tss2_tools are now a busybox style commandlet. Ie tpm2_getrandom
becomes tpm2 getrandom. make install will install symlinks to the old tool names.
Important enhancements and bug fixes to the FAPI tools.
New tools that support TPM2 commands: TPM2_CC_CertifyX509,
TPM2_CC_GetSessionAuditDigest, TPM2_CC_GetCommandAuditDigest,
TPM2_CC_SetCommandCodeAuditStatus, TPM2_CC_ECC_Parameters, TPM2_CC_EC_Ephemeral,
TPM2_CC_Commit, TPM2_CC_ECDH_KeyGen, TPM2_CC_ECDH_ZGen, TPM2_CC_ZGen_2Phase.
Numerous bug fixes and enhancements. Please see the full release note for all the details.
Thanks and Regards,
Imran Desai
1 year, 8 months
CFP: TPM.DEV Miniconference Oct 21/22
by Ian Oliver
Call For Participation: First TPM.DEV Miniconference 2020
https://hopin.to/events/tpm-dev-2020-miniconf
Agenda:
Day 1 - Wednesday 21st of October
7 am PDT / 17:00 EEST Making Remote Attestation a mass practice Dimitar
Tomov, Founder of TPM.dev
8 am PDT / 18:00 EEST Device ID considerations: PKI and Trust Anchors
Michael Richardson
9 am PDT / 19:00 EEST Trustworthy 2020 Platforms: Mighty Mini AMD for
Digital Work, Play, and Currencies Piotr Król, 3mdeb
10 am PDT / 20:00 EEST Real-life examples of wolfTPM and wolfBoot David
Garske, wolfSSL
Day 2 - Thursday 22nd of October
7 am PDT / 17:00 EEST Attestation meets Safety-Critical Systems Ian
Oliver, Nokia Bell Labs
8 am PDT / 18:00 EEST Remote Attestation at Enterprise Scale Mathew
Garret, Google
9 am PDT / 19:00 EEST An introduction to Keylime’s Remote Attestation
Michael Peters, RedHat
10 am PDT / 20:00 EEST The Secure Enclaves and Attestation Ilhan Gurel,
Ericsson
We lower the barrier to using hardware-based security.
Cloud application or IoT device, a modern connected system is at risk
without a way to verify the integrity of the systems in the network. Join
our mini-conference to learn how to use hardware-based security to protect
your software and infrastructure. We want to remove the knowledge barrier
that limits the adoption of this state-of-the-art security.
Who are we? See http://tpm.dev
We are a group of developers who want to make our applications and systems
trusted using hardware-based security. So, the Users can verify the (cloud)
servers that are used to run their applications. We want our IoT devices to
existing in an Ecosystem of Trust thanks to a hardware root of trust and
remote attestation. To do this we are sharing experience, we meet online
every Wednesday and collaborate openly at TPM.dev
Welcome to the TPM.dev 2020 Mini Conference!
Please note that the Conference is open & free to attend.
1 year, 8 months
Re: QUEMU and TPM2 device emulation
by Roberts, William C
> -----Original Message-----
> From: Serge E. Hallyn <serge(a)hallyn.com>
> Sent: Wednesday, October 14, 2020 10:58 AM
> To: Roberts, William C <william.c.roberts(a)intel.com>
> Cc: tpm2(a)lists.01.org; ryaharpe(a)cisco.com; scmoser(a)cisco.com; linux-
> integrity(a)vger.kernel.org
> Subject: Re: QUEMU and TPM2 device emulation
>
> On Wed, Oct 14, 2020 at 03:27:53PM +0000, Roberts, William C wrote:
> > Has anyone ever setup a QUEMU instance with a virtualized TPM? I need
> > to try and replicate an issue with the in-kernel Resource manager. My goal is to
> use the integrated QUEMU support To bring up an emulated TPM device and it's
> associated RM node @ /dev/tpmrm0.
> >
> > I am looking at:
> > https://android.googlesource.com/platform/external/qemu/+/emu-master-d
> > ev/docs/specs/tpm.txt
> >
> > Which shows this command:
> >
> > qemu-system-x86_64 -display sdl -enable-kvm \
> > -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
> > -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
> > -tpmdev emulator,id=tpm0,chardev=chrtpm \
> > -device tpm-tis,tpmdev=tpm0 test.img
> >
> > <snip>
> > #> dmesg | grep -i tpm
> > [ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1)
> >
> > I have a few questions around this that I cannot seem to dig up any
> documentation on:
> > 1. How to specify TPM2.0 device? The project
> https://github.com/stefanberger/swtpm/wiki seems to indicate it would be
> supported.
> >
> > 2. Does anyone know the minimum QUEMU version for this support? I
> > looked in the CHANGELOG here, https://wiki.qemu.org/ChangeLog from
> version 2.8 to 5.2 and never saw anything Call out TPM 2.0 specifically.
>
> 2.11 should suffice.
>
> > 3. Does anyone have or know of better documentation to set this up? If their
> isn't better documentation, should we (read I) create it? This seems like a pretty
> handy feature.
>
> I'm not sure how relevant this is any more, but I did this about two years ago and
> documented it at https://s3hh.wordpress.com/2018/06/03/tpm-2-0-in-qemu/
Thanks, yeah I stumbled into this, it was super helpful. I got it working and posted back
With my commands.
1 year, 8 months
Question: standardized development environment for TPM2 testing, regressions, etc.
by matthew@giassa.net
Good day,
Are there any "standardized" setups for TPM2 development, automated regression testing, etc.? I ask because I've replicated an existing setup where a QEMU-based VM exposes a virtualized TPM2 device that's actually just offloading to an SWTPM simulator (i.e. https://www.qemu.org/docs/master/specs/tpm.html). I created a top-level Docker-in-Docker (aka "DIND") setup where a top-level container instantiates the QEMU VM (plus some customizations, custom kernel, etc.) in one sub-container, and the simulator in another sub-container, then "wires" the two together. All 3x containers expose an SSH server instance, so it's pretty easy to access them all directly, run automated regression tests against them, etc.; without requiring a real physical TPM2 device. It's mainly intended for use as an easy-to-recreate tool for training and automated regression tests.
I'm wondering if other people have created such setups, and if there's any merit in releasing the Dockerfile + build scripts for this setup (once I've resolved an issue with sysfs in another post: https://lists.01.org/hyperkitty/list/tpm2@lists.01.org/thread/FMBZO6V6QO5...). Also, I'm trying to determine where it would be be stored (i.e. which repo) if there's perceived value to it.
Cheers!
1 year, 8 months
tpm2_clear command misbehaving?
by Petr Gotthard
Hello,
I am trying to become acquainted with a TPM2.0 (an actual chip from ST) and I found an unexplainable behaviour of the tpm2_clear command. (I suspect the fault is on my side though.)
As written on the man page, I did expect the tpm2_clear "Clears lockout, endorsement and owner hierarchy authorization values."
(1)
The -c parameter takes a hierarchy, it works on platform hierarchy, but does not work on owner.
I tried: tpm2_clear -c owner
which fails with "Unexpected handle - TPM2_RH_OWNER", probably because the owner hierarchy is not expected there
https://github.com/tpm2-software/tpm2-tools/blob/master/tools/tpm2_clear....
Is there a reason for that, please?
(2)
I did expect the authorization to be cleared. So, after I set a password "p1" for the platform hierarchy with
tpm2_changeauth -c p p1
I thought it will be cleared after calling
tpm2_clear -c p p1
so a subsequent tpm2_clear or tpm2_changeauth will not need any password anymore, but it does as if nothing was cleared actually.
I need to call
tpm2_changeauth -c p p1 p2
to change the password again, despite I called tpm2_clear before.
What does the tpm2_clear actually clear, please? Am I doing a mistake somewhere, please?
Kind Regards,
Petr
1 year, 8 months
Question: missing "tpm0" in securityfs/sysfs, trying to parse TPM2 event log.
by matthew@giassa.net
Good day,
I have a setup with Ubuntu 20.04 "focal" x86_64 running in a QEMU based VM. I've upgraded the default kernel to 5.8.15, mainly to leverage the patch noted below (bottom of message). My understanding (please correct me if I'm off) is that it would allow a userspace application (i.e. "tpm2_eventlog") to access the TPM2 event log once the OS has fully booted. The QEMU instance itself connects to a Unix domain socket that's owned by a TPM2 simulator running in a Docker container (i.e. https://www.qemu.org/docs/master/specs/tpm.html).
I can run various "tpm2_*" binaries in my QEMU VM, and view the low-level logs in the simulator, so this setup appears to be working. However, there are no "/sys/kernel/security/tpm0" objects, or anything I can find in "sysfs" and/or "securityfs" to get a handle to the TPM2 event logs. My ultimate goal is to be able to acquire these logs, and have a service of mine parse them, and validate each message against the TPM (i.e. verify it it's legitimate TPM_GENERATED content).
To my questions:
1. How would I go about getting access to the TPM2 event logs on a running system (i.e. are certain kernel build-time parameters needed, or does QEMU require specific flags in order to run, or does the simulator need to be executed in a certain manner).
2. Is my appraisal of the features provided by the kernel patch (below) correct?
3. In general, is a UEFI-enabled BIOS required to get access to the TPM2 event log (i.e. for BIOS' other than SeaBios, for example)?
commit 85467f63a05c43364ba0b90d0c05bb89191543fa
Author: Stefan Berger <stefanb(a)linux.ibm.com>
Date: Mon Jul 6 19:58:07 2020 -0400
tpm: Add support for event log pointer found in TPM2 ACPI table
In case a TPM2 is attached, search for a TPM2 ACPI table when trying
to get the event log from ACPI. If one is found, use it to get the
start and length of the log area. This allows non-UEFI systems, such
as SeaBIOS, to pass an event log when using a TPM2.
Cc: Peter Huewe <peterhuewe(a)gmx.de>
Cc: Jason Gunthorpe <jgg(a)ziepe.ca>
Signed-off-by: Stefan Berger <stefanb(a)linux.ibm.com>
Reviewed-by: Jerry Snitselaar <jsnitsel(a)redhat.com>
Signed-off-by: Jarkko Sakkinen <jarkko.sakkinen(a)linux.intel.com>
1 year, 8 months
Re: QUEMU and TPM2 device emulation
by Roberts, William C
> -----Original Message-----
> From: James Bottomley <James.Bottomley(a)HansenPartnership.com>
> Sent: Wednesday, October 14, 2020 11:32 AM
> To: Roberts, William C <william.c.roberts(a)intel.com>; tpm2(a)lists.01.org; linux-
> integrity(a)vger.kernel.org
> Subject: Re: QUEMU and TPM2 device emulation
>
> On Wed, 2020-10-14 at 15:27 +0000, Roberts, William C wrote:
> > Has anyone ever setup a QUEMU instance with a virtualized TPM? I need
> > to try and replicate an issue with the in-kernel Resource manager. My
> > goal is to use the integrated QUEMU support To bring up an emulated
> > TPM device and it's associated RM node @ /dev/tpmrm0.
> >
> > I am looking at:
> > https://android.googlesource.com/platform/external/qemu/+/emu-master-d
> > ev/docs/specs/tpm.txt
> >
> > Which shows this command:
> >
> > qemu-system-x86_64 -display sdl -enable-kvm \
> > -m 1024 -boot d -bios bios-256k.bin -boot menu=on \
> > -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
> > -tpmdev emulator,id=tpm0,chardev=chrtpm \
> > -device tpm-tis,tpmdev=tpm0 test.img
> >
> > <snip>
> > #> dmesg | grep -i tpm
> > [ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1)
> >
> > I have a few questions around this that I cannot seem to dig up any
> > documentation on:
> > 1. How to specify TPM2.0 device? The project
> > https://github.com/stefanberger/swtpm/wiki seems to indicate it would
> > be supported.
>
> All QEMU is doing is passing through a socket to something as a TPM.
> Either TPM 1.2 or 2.0 could be on the end of that socket, so what really matters is
> what's at the other end of /tmp/mytpm1/swtpm-sock.
> If you change that to be TPM 2.0 then QEMU will see it.
Thanks James, once I started fiddling with it, it started to make sense. You need to start the swtpm component
with the option --tpm2, then pass through everything else in qemu the same way, as you point out.
Ill post my commands for anyone else who may stumble into this on their quest:
## Start TPM Emulator
Note that one needs the --tpm2 option to start a TPM2.0 emulator.
mkdir /tmp/mytpm1
swtpm socket --tpmstate dir=/tmp/mytpm1 --ctrl type=unixio,path=/tmp/mytpm1/swtpm-sock --log level=20 --tpm2
## Boot the VM
qemu-system-x86_64 -hda ~/qemu-images/ubuntu-20.04-amd64.img -boot d -m 2048 -enable-kvm -chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock -tpmdev emulator,id=tpm0,chardev=chrtpm -device tpm-tis,tpmdev=tpm0
1 year, 8 months
QUEMU and TPM2 device emulation
by Roberts, William C
Has anyone ever setup a QUEMU instance with a virtualized TPM? I need to try and replicate an issue with the in-kernel Resource manager. My goal is to use the integrated QUEMU support
To bring up an emulated TPM device and it's associated RM node @ /dev/tpmrm0.
I am looking at:
https://android.googlesource.com/platform/external/qemu/+/emu-master-dev/...
Which shows this command:
qemu-system-x86_64 -display sdl -enable-kvm \
-m 1024 -boot d -bios bios-256k.bin -boot menu=on \
-chardev socket,id=chrtpm,path=/tmp/mytpm1/swtpm-sock \
-tpmdev emulator,id=tpm0,chardev=chrtpm \
-device tpm-tis,tpmdev=tpm0 test.img
<snip>
#> dmesg | grep -i tpm
[ 0.711310] tpm_tis 00:06: 1.2 TPM (device=id 0x1, rev-id 1)
I have a few questions around this that I cannot seem to dig up any documentation on:
1. How to specify TPM2.0 device? The project https://github.com/stefanberger/swtpm/wiki seems to indicate it would be supported.
2. Does anyone know the minimum QUEMU version for this support? I looked in the CHANGELOG here, https://wiki.qemu.org/ChangeLog from version 2.8 to 5.2 and never saw anything
Call out TPM 2.0 specifically.
3. Does anyone have or know of better documentation to set this up? If their isn't better documentation, should we (read I) create it? This seems like a pretty handy feature.
Thanks,
Bill
1 year, 8 months