Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.
And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.
scripts/create_allowlist.sh doesn't produce a boot_aggregate item and IMA attestation requires it
See original GitHub issueIs your an issue a feature request? If so, please raise it as an enhancement
I believe it is an issue with the current implementation.
Environment
- OS / version: Fedora Server 33
- Processor architecture: x86_64
- TPM Manufacturer: Microsoft HyperV vTPM
- Keylime version: keylime-5.8.0-1.fc33.noarch
Description
scripts/create_allowlist.sh does not add a boot_aggregate item, nor have an option to add the current one.
After generating the allowlist and using keylime_tenant to set up IMA attestation, I get the following message:
2021-02-12 16:03:32.281 - keylime.ima - WARNING - No boot_aggregate value found in allowlist, adding an empty one
Then, attestation fails because it compares against 0.
To workaround this, add a “boot_aggregate” item with the corresponding digest. To add the current boot_aggregate for the current system:
grep boot_aggregate /sys/kernel/security/ima/ascii_runtime_measurements | awk '{ sub("sha256:","",$4); print $4 " " $5 }' >> allowlist.txt
Expected behavior vs. actual behavior
Expected behaviour is one of the following:
- You should not need to add a boot_aggregate in allowlist. The expected boot_aggregate should be taken from the TPM Quote, by concatenating and digesting the reported PCR 0 to 7 values. The IMA Measurement Log boot_aggregate should be compared with the recontructed boot_aggregate from the TPM Quote. If that matches, then we can start trusting whatever is in the IMA Measurement Log
- The tool should warn about the missing boot_aggregate item, or ask to include the current one (it is taking the current digest of the binaries, so getting the current boot_aggregate make sense here as well)
- Reconstruct the boot_aggregate from the current PCR values an add it to the allowlist?
Steps to reproduce problem
- Run
scripts/create_allowlist.sh allowlist.txt sha256sum - Use
allowlist.txtto add a host with thekeylime_tenantcommand - IMA Attestation will fail
Relevant logs
2021-02-12 16:03:32.281 - keylime.ima - WARNING - No boot_aggregate value found in allowlist, adding an empty one
Attach any relevant log files that can help to debug your issue.
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (8 by maintainers)
Top Results From Across the Web
Top Related Medium Post
Top Related StackOverflow Question
Troubleshoot Live Code
Top Related Reddit Thread
Top Related Hackernoon Post
Top Related Tweet
Top Related Dev.to Post
Top Related Hashnode Post
I think that, to solve the immediate problem of having a demo that just works, adding some commands in
scripts/create_allowlist.shto append the current boot_aggregate (taken from/sys/kernel/security/ima/ascii_runtime_measurementor computed from the output oftpm2_pcrread) to the allowlist output works. I think I can do that @lukehinds 😃But for the future, I really think that keylime should quote PCR 0 to 7 when the
--allowlistis used, compute the boot_aggregate from the quote, and use that value for comparison with the boot_aggregate reported in the IMA measurement log. But this is a much bigger change.I was also going to say something about the SHA1 bank being used by default, arguing that Fedora now uses SHA256 for everything related to IMA by default, but I noticed that still defaults to SHA1 in the PCR bank selection 😦. I filed a bug for this in https://bugzilla.redhat.com/show_bug.cgi?id=1928286
@dnoliver @lukehinds Two quick comments:
allowlist, and the solution that you pointed out (grabbing fromascii_runtime_measurement)is the correct one. We have been using internally a significantly improved version of the script, and I fully intend to open a PR on this.