[PATCH 00/14] Automatic Disk Unlock with TPM2

[Gary Lin]

The patch series "Automatic TPM Disk Unlock" posted by Hernan Gatta
introduces the key protector framework and TPM2 stack to GRUB2, and it's
a useful feature for the systems to implement full disk encryption.
However, it seems the development was stalled for a while, and I'd like
to push it forward.

Patch 1~5 are Hernan Gatta's patch series(*) with a few modifications:
- Converting 8 spaces into 1 tab
- Merging the minor build fix from Michael Chang
  - Replacing "lu" with "PRIuGRUB_SIZE" for grub_dprintf
  - Adding "enable = efi" to the tpm2 module in grub-core/Makefile.core.def
- Rebasing "cryptodisk: Support key protectors" to the git master

To minimize the changes to Patch 1~5, the follow-up fixes (Patch 6~14)
from my colleagues and me are committed separately. Those patches fix
the problems we found while testing the original patchset.

Quote from Hernan Gatta's cover letter:

"
Updates since v1:

1. One key can unlock multiple disks:
   It is now possible to use key protectors with cryptomount's -a and -b
   options.

2. No passphrase prompt on error if key protector(s) specified:
   cryptomount no longer prompts for a passphrase if key protectors are
   specified but fail to provide a working unlock key seeing as the user
   explicitly requested unlocking via key protectors.

3. Key protector parameterization is separate:
   Previously, one would parameterize a key protector via a colon-separated
   argument list nested within a cryptomount argument. Now, key protectors
   are expected to provide an initialization function, if necessary.

   As such, instead of:

   cryptomount -k tpm2:mode=srk:keyfile=KEYFILE:pcrs=7,11...

   one now writes:

   tpm2_key_protector_init --mode=srk --keyfile=KEYFILE --pcrs=7,11 ...
   cryptomount -k tpm2

   Additionally, one may write:

   cryptomount -k protector_1 -k protector_2 ...

   where cryptomount will try each in order on failure.

4. Standard argument parsing:
   The TPM2 key protector now uses 'struct grub_arg_option' and the
   grub-protect tool uses 'struct argp_option'. Additionally, common
   argument parsing functionality is now shared between the module and
   the tool.

5. More useful messages:
   Both the TPM2 module and the grub-protect tool now provide more
   useful messages to help the user learn how to use their functionality
   (--help and --usage) as well as to determine what is wrong, if
   anything. Furthermore, the module now prints additional debug output
   to help diagnose problems.

I forgot to mention last time that this patch series intends to address:
https://bugzilla.redhat.com/show_bug.cgi?id=1854177

Previous series:
https://lists.gnu.org/archive/html/grub-devel/2022-01/msg00125.html
"

(*) https://lists.gnu.org/archive/html/grub-devel/2022-02/msg00006.html

Gary Lin (8):
  tpm2: Don't measure the sealed key
  tpm2: adjust the input parameters of TPM2_EvictControl
  tpm2: declare the input arguments of TPM2 functions as const
  tpm2: resend the command on TPM_RC_RETRY
  tpm2: check the command parameters of TPM2 commands
  tpm2: pack the missing authorization command for TPM2_PCR_Read
  tpm2: allow some command parameters to be NULL
  tpm2: remove the unnecessary variables

Hernan Gatta (5):
  protectors: Add key protectors framework
  tpm2: Add TPM Software Stack (TSS)
  protectors: Add TPM2 Key Protector
  cryptodisk: Support key protectors
  util/grub-protect: Add new tool

Michael Chang (1):
  crytodisk: fix cryptodisk module looking up

 .gitignore                             |    1 +
 Makefile.util.def                      |   19 +
 configure.ac                           |    1 +
 grub-core/Makefile.am                  |    1 +
 grub-core/Makefile.core.def            |   12 +
 grub-core/disk/cryptodisk.c            |  176 +++-
 grub-core/kern/protectors.c            |   75 ++
 grub-core/tpm2/args.c                  |  129 +++
 grub-core/tpm2/buffer.c                |  145 +++
 grub-core/tpm2/module.c                |  710 +++++++++++++
 grub-core/tpm2/mu.c                    |  807 +++++++++++++++
 grub-core/tpm2/tcg2.c                  |  143 +++
 grub-core/tpm2/tpm2.c                  |  761 ++++++++++++++
 include/grub/cryptodisk.h              |   14 +
 include/grub/protector.h               |   48 +
 include/grub/tpm2/buffer.h             |   65 ++
 include/grub/tpm2/internal/args.h      |   39 +
 include/grub/tpm2/internal/functions.h |  117 +++
 include/grub/tpm2/internal/structs.h   |  675 ++++++++++++
 include/grub/tpm2/internal/types.h     |  372 +++++++
 include/grub/tpm2/mu.h                 |  292 ++++++
 include/grub/tpm2/tcg2.h               |   34 +
 include/grub/tpm2/tpm2.h               |   38 +
 util/grub-protect.c                    | 1314 ++++++++++++++++++++++++
 24 files changed, 5955 insertions(+), 33 deletions(-)
 create mode 100644 grub-core/kern/protectors.c
 create mode 100644 grub-core/tpm2/args.c
 create mode 100644 grub-core/tpm2/buffer.c
 create mode 100644 grub-core/tpm2/module.c
 create mode 100644 grub-core/tpm2/mu.c
 create mode 100644 grub-core/tpm2/tcg2.c
 create mode 100644 grub-core/tpm2/tpm2.c
 create mode 100644 include/grub/protector.h
 create mode 100644 include/grub/tpm2/buffer.h
 create mode 100644 include/grub/tpm2/internal/args.h
 create mode 100644 include/grub/tpm2/internal/functions.h
 create mode 100644 include/grub/tpm2/internal/structs.h
 create mode 100644 include/grub/tpm2/internal/types.h
 create mode 100644 include/grub/tpm2/mu.h
 create mode 100644 include/grub/tpm2/tcg2.h
 create mode 100644 include/grub/tpm2/tpm2.h
 create mode 100644 util/grub-protect.c

-- 
2.35.3