Meeting 13/03/19

[lukehinds]

Project Board

https://github.com/orgs/keylime/projects/1

Attendees

• [X] @lukehinds (Luke Hinds)
• [X] @jetwhiz (Charlie)
• [X] @frozencemetery (Robbie Harwood)
• [X] @leonjia0112 (Leo Jia)
• [X] @nabilschear (Nabil Schear)
• [X] @mbestavros (Mark Bestavros)

Topics

• TPM 2.0 port https://github.com/keylime/rust-keylime/issues/44 @mbestavros
• vTPM port https://github.com/keylime/python-keylime/issues/29 @nabilschear @lukehinds
• Discuss RPM packaging structure (keylime , ibm emu) https://github.com/keylime/python-keylime/issues/72 @leonjia0112
• Implement rhboot https://github.com/keylime/python-keylime/issues/63 @lukehinds
• Unexpected Get quote https://github.com/keylime/python-keylime/issues/71 @lukehinds
• keylime_ima_emulator incorrectly parses token from ascii_runtime_measurements @lukehinds https://github.com/keylime/python-keylime/issues/62
• Back-porting the Intel tpm2-tools to the 3.X branch @jetwhiz
• Any other business

Actions

Meeting notes

TPM 2.0 port

@leonjia0112 commented that the following are required first:

https://github.com/keylime/rust-keylime/pull/28 https://github.com/keylime/rust-keylime/issues/40

@leonjia0112 States progress is 50% after PR#28

vTPM support

@lukehinds to acquire machine for @nabilschear and set up the swtpm

@nabilschear commented:

I think that deepquote won't be very difficult. that change will go into swtpm2 emulator i need to look at how we can register and manage vtpms that part will be different from kvm and xen

Discuss RPM packaging structure

@leonjia0112 will package separate

@nabilschear mentioned we should make sure folks understand the security context. @nabilschear opened https://github.com/keylime/python-keylime/issues/78

Implement rhboot

@lukehinds will gather steps to install rhboot shim

Unexpected Get quote

keylime_ima_emulator incorrectly parses token

@jetwhiz has a patch, will supply to @lukehinds to test.

Back-porting the Intel tpm2-tools to the 3.X branch

@lukehinds to contact maintainer

Any other business

@jetwhiz to supply IMA set up steps with @lukehinds

@lukehinds to work on @nabilschear access rights

[jetwhiz]

It might also be good to discuss back-porting the Intel tpm2-tools to the 3.X branch (for use in RHEL).

[lukehinds]

It might also be good to discuss back-porting the Intel tpm2-tools to the 3.X branch (for use in RHEL).

Good call, I will make a GH issue for this so that its tracked as well.

[lukehinds]

full meeting log

Luke Hinds @lukehinds 15:00 ok @/all welcome to the first keylime meeting ! If we could do a quick rollcall - e.g. just say hi or o/ that way I can see who is in attendance Charlie @jetwhiz 15:01 I'm here Luke Hinds @lukehinds 15:01 hey @jetwhiz ! Charlie @jetwhiz 15:01 hi @lukehinds :) nabilschear @nabilschear 15:01 nabil here Mark Bestavros @mbestavros 15:01 Hello! Luke Hinds @lukehinds 15:01 hey guys! Robbie Harwood @frozencemetery 15:02 hello Luke Hinds @lukehinds 15:02 i think @leonjia0112 is here too leonjia0112 @leonjia0112 15:02 Hi Mark Bestavros @mbestavros 15:02 He's here Luke Hinds @lukehinds 15:02 wow, a full house, excellent leonjia0112 @leonjia0112 15:02 We both here Luke Hinds @lukehinds 15:02 ok, let's kick it off will follow topics in order, not importannce TPM 2.0 port keylime/rust-keylime#44 @mbestavros Just a quick round up, on where you are or if you need some support @mbestavros I say @mbestavros . as its assigned to you, but I can see @leonjia0112 puts his hand up on the issue Mark Bestavros @mbestavros 15:04 Yeah I'm not directly working on that issue at the moment leonjia0112 @leonjia0112 15:05 Yes, because I wrote most of the tpm code in keylime-rust, I might be useful for porting to tpm 2.0. Luke Hinds @lukehinds 15:05 do you plan to, or lack bandwidth ? we could get someone else to start on it if you're maxed out with other tasks Mark Bestavros @mbestavros 15:05 Right now I'm looking through some of the paths a POST request takes through the Python client and figuring out how to do the same thing in rust Discussed that offline w/ @frozencemetery and @leonjia0112 Luke Hinds @lukehinds 15:05 Ah I see, so for the port, I believe a bulk of the work is porting the shell executions from TPM1 or 2.0? Mark Bestavros @mbestavros 15:05 We figure one of the blockers for TPM2 support is: keylime/rust-keylime#40 and Leo's working on that leonjia0112 @leonjia0112 15:06 @lukehinds yes, this is what I am thinking. Luke Hinds @lukehinds 15:07 thanks @mbestavros , @leonjia0112 are you active on

40 above

keylime/rust-keylime#40 leonjia0112 @leonjia0112 15:07 Yes, I am working on it. Robbie Harwood @frozencemetery 15:08 (the other blocker for porting to tpm2 was making sure we had an environment that could set up and run tpm2 code, which leonjia0112 had been working on in conjunction with the ansible stuff) Luke Hinds @lukehinds 15:08 @leonjia0112 , how aer you getting on, say 25% 50 % ? @frozencemetery let me know if you guys need help here, I have put up a few envs now I can also loan a machine with a hardware tpm2.0 chiip Robbie Harwood @frozencemetery 15:09 lukehinds: thanks. I think we should be okay but I'll let leonjia0112 speak to that more fully Luke Hinds @lukehinds 15:10 just taking some minutes leonjia0112 @leonjia0112 15:10 I was working on PR#28 which is a main part of #40 I believe. I guest it is 50% after PR#28. Mark Bestavros @mbestavros 15:11 @leonjia0112 just for clarity, you mean the stuff you're adding onto PR #28 will help satisfy #40, correct? leonjia0112 @leonjia0112 15:11 Yes Luke Hinds @lukehinds 15:12 anything you need help with @leonjia0112 ? leonjia0112 @leonjia0112 15:12 for porting, everything is in good shape here. Luke Hinds @lukehinds 15:13 cool, lets jump on to the next one vTPM port keylime/python-keylime#29 @nabilschear @lukehinds so @nabilschear , I remember I sent you the script, but have been a bit slack and not checked in with you? how are things your side here? nabilschear @nabilschear 15:14 i haven't yet gotten the vtpm up and running one sec Luke Hinds @lukehinds 15:15 I am thinking maybe I could get a machine set up and you give me a public ssh key for access nabilschear @nabilschear 15:15 that could work i've been trying to get it up and running on a fedora vm maybe that won't work quite right in vmware Luke Hinds @lukehinds 15:16 might be a nested virtualization issue i don't know vmware to well nabilschear @nabilschear 15:16 actually i think it is our network proxy it's always the proxy =( Mark Bestavros @mbestavros 15:17 having worked at MITRE for a summer, I feel that :( nabilschear @nabilschear 15:17 i'll spend a little time today and see if i can get it working Luke Hinds @lukehinds 15:18 how much code changes do you think will be involved once you have a functioning vTPM (putting aside the set up of the vTPM). Does the deep quote have enough abstraction to work without too many changes? nabilschear @nabilschear 15:18 i thnk that deepquote won't be very difficult. that change will go into swtpm2 emulator Luke Hinds @lukehinds 15:18 e.g. does it just work with a vTPM, or there are some zen specifics that need changing nabilschear @nabilschear 15:18 i need to look at how we can register and manage vtpms that part will be different from kvm and xen Charlie @jetwhiz 15:19 we might want to pull the vtpm code into tpm1.py and tpm2.py (if there are TPM-specific differences) nabilschear @nabilschear 15:19 yeah, there's probably some refactoring to be done Luke Hinds @lukehinds 15:20 not sure that the swtpm supports 1.2 maybe nabilschear @nabilschear 15:20 i think it's fair to implement tpm2 only in kvm Luke Hinds @lukehinds 15:20 we can find out @nabilschear ack k, jump on to the next Charlie @jetwhiz 15:20 so we'd have tpm1.2 supporting xen and tpm2 supporting kvm? nabilschear @nabilschear 15:21 we probably need a vtpmmgr-xen and vtpmmgr-kvm implementation rather than changing tpm1 vs 2 @jetwhiz i think so Luke Hinds @lukehinds 15:21 I really don't mind, as long as we have kvm tpm 2.0 I am happy :) nabilschear @nabilschear 15:22 agreed Luke Hinds @lukehinds 15:22 but not against which ever varations, and still support xen is good for me. nabilschear @nabilschear 15:22 most likely to get used kvm that is Luke Hinds @lukehinds 15:22 I think we are going to go over 30 mins folks. whoever can stay on please do nabilschear @nabilschear 15:22 i've got to run at 11:30 or so Luke Hinds @lukehinds 15:22 I will try to speed through things nabilschear @nabilschear 15:22 anything else you need from me? Luke Hinds @lukehinds 15:22 understood nabilschear @nabilschear 15:23 @lukehinds do you awnt to sync up separately to talk about the issues with the loop/delete issue? Luke Hinds @lukehinds 15:23 I think you mighjt be ok @nabilschear @nabilschear sure, I still need to debug that some more and try your latest patch (iirc) Discuss RPM packaging structure (keylime , ibm emu) keylime/python-keylime#72 @leonjia0112 so @leonjia0112 - I think this is about packing the tpm emu in the SPEC / RPM? My view here, is we should package it seperately leonjia0112 @leonjia0112 15:25 For now I am working on packaging python-keylime. Per what we discuss on github issue, I think separately packaging is a good idea here. nabilschear @nabilschear 15:25 agree Luke Hinds @lukehinds 15:25 ok, sounds good! nabilschear @nabilschear 15:25 one note of caution we don't want people to deploy keylime with the emulator and think they are secure. that's really just for debug/test etc leonjia0112 @leonjia0112 15:26 Then there is going to be package for tpm2-tools/tom2-tss/tpm2-abrmd/swtpm/python-keylime each. nabilschear @nabilschear 15:26 in tpm1 the tools actually get built differently leonjia0112 @leonjia0112 15:26 Then people can pick the one they need nabilschear @nabilschear 15:26 in tpm2 how does it know whether to talk to the emulator? @jetwhiz Luke Hinds @lukehinds 15:27 Its handled by tpm2-abrmd everything goes via there or the TCTI_TOOLS var, if runing on the CLI Charlie @jetwhiz 15:27 yeah it should be handled by the resource manager, or you can override with TPM2TOOLS_TCTI leonjia0112 @leonjia0112 15:27 exactly resource manager is the main tool for software tpm nabilschear @nabilschear 15:27 so an env variable? Charlie @jetwhiz 15:27 yeah, it defaults to tabrmd Luke Hinds @lukehinds 15:27 its acutall a service nabilschear @nabilschear 15:28 got it Luke Hinds @lukehinds 15:28 systemd managed https://github.com/keylime/python-keylime/blob/master/.ci/test_wrapper.sh#L18 Charlie @jetwhiz 15:28 i considered it non-standard to talk to the tpm directly with tpm2, so someone has to manually override TPM2TOOLS_TCTI to do that nabilschear @nabilschear 15:28 ok, i think i'll open an issue to make a big nasty message in the log if you're using the emulator. just to be sure that people know that's how they are using it. but keylime can tell if it is talking to the emulator, even if it goes through the resource manager based on tpm manuf? Luke Hinds @lukehinds 15:29 @nabilschear ack, sounds good Charlie @jetwhiz 15:29 for tpm2 you might not be able to tell from keylime's perspective if you're using the resource manager then it's abstracted from keylime nabilschear @nabilschear 15:30 there's no equivalent of get tpm manufacturer? in 2 Charlie @jetwhiz 15:30 yeah you could get manufacturer nabilschear @nabilschear 15:30 that's how we did 1.2 Luke Hinds @lukehinds 15:30 you could also check whats passed to --tcti= in the abrmd service file but manufactorer sounds better more realiable Charlie @jetwhiz 15:31 yeah we still have tpm.is_emulator available that we can check nabilschear @nabilschear 15:31 yep ok, i'll do that Luke Hinds @lukehinds 15:31 Implement rhboot keylime/python-keylime#63 @lukehinds reference : https://github.com/rhboot/shim there is a TPM 2.0 centric shim available "On systems with a TPM chip enabled and supported by the system firmware, shim will extend various PCRs with the digests of the targets it is loading. A full list is in the file README.tpm ." https://github.com/rhboot/shim/blob/master/README.tpm @jetwhiz we were discussing in the demo PR that you have some tenant commands used to establish boot status in trusted grub I was thinking we might be able to do something similiar with the above? maybe not possible to answer here, but I would like to start investigating. Charlie @jetwhiz 15:33 yeah as long as the booter extends relevant messages to a PCR then we can detect deviations with the demo it sounds like PCR-9 based on that README Luke Hinds @lukehinds 15:34 awesome, so it could be quite seamless ? just changing the PCR's Charlie @jetwhiz 15:34 yeah it should be I think trustedgrub puts that kind of stuff in 10 and 11 Luke Hinds @lukehinds 15:35 in time it would be nice to bring this attestation into the main keylime code as a check, so if a node fails, we notify and revoke if that sounds viable or there might be an even better use case? nabilschear @nabilschear 15:35 i think that would just work as is in keylime. right @jetwhiz ? Charlie @jetwhiz 15:36 i think we can pull that off with PCR-8 (tgrub's PCR-11) and PCR-9 (tgrub's PCR-10) yeah that just works as-is Luke Hinds @lukehinds 15:36 this is very good I will take on how to get rhboot shin set up @jetwhiz if you could note down fairly detailed steps to follow that would be great? Charlie @jetwhiz 15:37 sure, I need to do that for the IMA demo README Robbie Harwood @frozencemetery 15:37 if you have questions about shim operation I can put you in touch with the maintainer - he has the desk behind me Luke Hinds @lukehinds 15:38 fantasic @frozencemetery - I can see that being very useful Charlie @jetwhiz 15:38 that's very convenient @frozencemetery ! Luke Hinds @lukehinds 15:38 thanks @jetwhiz Back-porting the Intel tpm2-tools to the 3.X branch @jetwhiz do we need need keylime/python-keylime#59 fixed upstream first? @jetwhiz "AK authorizations in tpm2_activatecredential" Charlie @jetwhiz 15:39 that issue only exists for master tpm2-tools Luke Hinds @lukehinds 15:40 ah ok, makes sense Charlie @jetwhiz 15:40 for the 3.x backport we should be able to use Intel's code Luke Hinds @lukehinds 15:40 I will get a call together with Javier who we spoke to last time we can then get it backported Charlie @jetwhiz 15:40 yeah I think he does the 3.x backports Luke Hinds @lukehinds 15:40 it would be really good to start using the rpm packages when we can ok, a quick update on the issues I have listed "keylime_ima_emulator incorrectly parses token from ascii_runtime_measurements" - This is Fedora cloud specific, it works on debian Charlie @jetwhiz 15:42 I think I have a patch to fix that Luke Hinds @lukehinds 15:42 I have no idea as yet, but leave it with me - I have a few other ideas to try out @jetwhiz oh really? the line chomping incorrect? Charlie @jetwhiz 15:42 I replicated it (or very similar) on Fedora in a VM instead of using seek we could change to using itertools.islice for reading the measurements file Luke Hinds @lukehinds 15:43 I remember tracking it down to seek too Charlie @jetwhiz 15:43 it seems to have fixed the issue on my VM Luke Hinds @lukehinds 15:44 I think its a race condition maybe. ascii_runtimemeasurements updates itself and seek loses its place Charlie @jetwhiz 15:44 at least for my VM issue, for some reason we're returning the wrong position (not what seek needs) Luke Hinds @lukehinds 15:45 if you want @jetwhiz I can test here Charlie @jetwhiz 15:45 but only on fedora (not ubuntu from I can see) Luke Hinds @lukehinds 15:45 just send me the code snippet or a .patch output Charlie @jetwhiz 15:45 sure i'll send that out, it's a very simple patch Luke Hinds @lukehinds 15:45 thx! Unexpected Get quote keylime/python-keylime#71 Let's park this for now, I think it might be my env or misunderstanding on how things work / get set up Charlie @jetwhiz 15:46 yeah i haven't been able to replicate that one yet Luke Hinds @lukehinds 15:46 ok, so we have got through the main items. last of all... any other business ? Charlie @jetwhiz 15:47 I built a list of steps to do IMA that I can send out Luke Hinds @lukehinds 15:47 @jetwhiz brillaint! thanks for that Charlie @jetwhiz 15:47 from a base-fedora system to working IMA deviation detection Luke Hinds @lukehinds 15:47 that would be very useful, thanks! nabilschear @nabilschear 15:47 @lukehinds how do i assign issues and tag things? in github. do i need some elevated permissions? Luke Hinds @lukehinds 15:48 @nabilschear python-keylime? nabilschear @nabilschear 15:48 yep Luke Hinds @lukehinds 15:48 hmm, let me take a look for you @nabilschear , if you can, screen capture the github page showing where you're grayed out for instance great first meeting @/all thaks so much for attending I feel this has been super useful keylime/meetings#1 leonjia0112 @leonjia0112 15:50 Thx! Luke Hinds @lukehinds 15:50 I will clean up the minutes and set a new agenda for next week Mark Bestavros @mbestavros 15:50 See y'all next week! Luke Hinds @lukehinds 15:50 thanks! Charlie @jetwhiz 15:51 thanks all! nabilschear @nabilschear 15:51 thanks for organizing @lukehinds Luke Hinds @lukehinds 15:51 my pleasure @nabilschear nabilschear @nabilschear 15:51 Screen Shot 2019-03-13 at 11.51.01 AM.png Luke Hinds @lukehinds 15:51 @nabilschear leave it with me nabilschear @nabilschear 15:51 usually there's little gear icons next to assignees and labels etc. Luke Hinds @lukehinds 15:52 yep, we need to fix that nabilschear @nabilschear 15:52 thanks Luke Hinds @lukehinds 15:52 should be simple I expect nabilschear @nabilschear 15:52 talk to you later Luke Hinds @lukehinds 15:52 yup, thsank again