Affected by 
Documentation
¶
Overview ¶
Copyright (C) 2024 Canonical Ltd *
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License version 3 as
published by the Free Software Foundation. *
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. *
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. *
Copyright (C) 2024 Canonical Ltd *
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License version 3 as
published by the Free Software Foundation. *
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details. *
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>. *
Package fdestate implements the manager and state responsible for managing full disk encryption keys.
- Copyright (C) 2024 Canonical Ltd *
- This program is free software: you can redistribute it and/or modify
- it under the terms of the GNU General Public License version 3 as
- published by the Free Software Foundation. *
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details. *
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>. *
Index ¶
- func EFISecureBootDBManagerStartup(st *state.State) error
- func EFISecureBootDBUpdateCleanup(st *state.State) error
- func EFISecureBootDBUpdatePrepare(st *state.State, db EFISecurebootKeyDatabase, payload []byte) error
- func MockDMCryptUUIDFromMountPoint(f func(mountpoint string) (string, error)) (restore func())
- func MockGetPrimaryKeyDigest(f func(devicePath string, alg crypto.Hash) ([]byte, []byte, error)) (restore func())
- func MockSecbootGetPCRHandle(f func(devicePath, keySlot, keyFile string) (uint32, error)) (restore func())
- func MockVerifyPrimaryKeyDigest(...) (restore func())
- type EFISecurebootKeyDatabase
- type ExternalOperationStatus
- type FDEManager
- func (m *FDEManager) Ensure() error
- func (m *FDEManager) GetParameters(role string, containerRole string) (hasParameters bool, bootModes []string, models []secboot.ModelForSealing, ...)
- func (m *FDEManager) ReloadModeenv() error
- func (m *FDEManager) StartUp() error
- func (m *FDEManager) UpdateParameters(role string, containerRole string, bootModes []string, ...) error
- type FdeState
- type KeyDigest
- type KeyslotRoleInfo
- type KeyslotRoleParameters
- type Model
- type PrimaryKeyInfo
Constants ¶
This section is empty.
Variables ¶
This section is empty.
Functions ¶
func EFISecureBootDBManagerStartup ¶
EFISecureBootDBManagerStartup indicates that the local EFI key database manager has started.
func EFISecureBootDBUpdateCleanup ¶
EFISecureBootDBUpdateCleanup notifies that the local EFI key database manager has reached a cleanup stage of the update process.
func EFISecureBootDBUpdatePrepare ¶
func EFISecureBootDBUpdatePrepare(st *state.State, db EFISecurebootKeyDatabase, payload []byte) error
EFISecureBootDBUpdatePrepare notifies that the local EFI key database manager is about to update the database.
func MockGetPrimaryKeyDigest ¶
func MockSecbootGetPCRHandle ¶
Types ¶
type EFISecurebootKeyDatabase ¶
type EFISecurebootKeyDatabase int
const ( EFISecurebootPK EFISecurebootKeyDatabase = iota EFISecurebootKEK EFISecurebootDB EFISecurebootDBX )
type ExternalOperationStatus ¶
type ExternalOperationStatus int
ExternalOperationStatus captures the status of operations running externally.
const ( DefaultStatus ExternalOperationStatus = 0 // Preparing means that we are performing preparation steps, but the // operation isn't yet running externally. PreparingStatus ExternalOperationStatus = 1 // DoingStatus means the operation is running externally. DoingStatus ExternalOperationStatus = 2 // DoneStatus means the operation has completed successfully. Done status is // final. DoneStatus ExternalOperationStatus = 3 // CompletingStatus means the operation is completing. CompletingStatus ExternalOperationStatus = 4 // AbortingStatus means the operation is aborting. AbortingStatus ExternalOperationStatus = 5 // ErrorStatus means the operation has failed. Error status is final. ErrorStatus ExternalOperationStatus = 6 )
Admitted status values for changes and tasks. The expected use of status is shown in a diagram below:
Default
|
v
Preparing
| |
v +---------+
Doing |
| |
+------+-----+ |
v v |
Completing Aborting |
| | | |
| | | |
| +-----------+-----+
| |
v v
Done Error
The Done and Error statuses are considered to be final. A newly created operation should be assigned a Preparing status and then Doing after. Doing is where the operation is running externally. Once notified about status change, the status should be changed to Completing or Aborting, proceeded by one of the final statues. The statuses Preparing, Completing, Aborting, are useful when an intermediate step is needed for properly blocking conflicting API calls, where a state is internally unlocked, eg. when resealing.
func (ExternalOperationStatus) String ¶
func (s ExternalOperationStatus) String() string
type FDEManager ¶
type FDEManager struct {
// contains filtered or unexported fields
}
FDEManager is responsible for managing full disk encryption keys.
func Manager ¶
func Manager(st *state.State, runner *state.TaskRunner) (*FDEManager, error)
func (*FDEManager) Ensure ¶
func (m *FDEManager) Ensure() error
Ensure implements StateManager.Ensure
func (*FDEManager) GetParameters ¶
func (m *FDEManager) GetParameters(role string, containerRole string) (hasParameters bool, bootModes []string, models []secboot.ModelForSealing, tpmPCRProfile []byte, err error)
func (*FDEManager) ReloadModeenv ¶
func (m *FDEManager) ReloadModeenv() error
ReloadModeenv is a helper function for forcing a reload of modeenv. Only useful in integration testing.
func (*FDEManager) StartUp ¶
func (m *FDEManager) StartUp() error
StartUp implements StateStarterUp.Startup
func (*FDEManager) UpdateParameters ¶
func (m *FDEManager) UpdateParameters(role string, containerRole string, bootModes []string, models []secboot.ModelForSealing, tpmPCRProfile []byte) error
type FdeState ¶
type FdeState struct {
// PrimaryKeys are the keys on the system. Key with ID 0 is
// reserved for snapd and is populated on first boot. Other
// IDs are for externally managed keys.
// If key 0 is not present, we are on a legacy system that
// does not have a primary key. We are then in one of these cases:
// * v1 TPM keys are in used because an old snapd was used
// during installation.
// * snap-bootstrap in the kernel is old and does not provide
// a primary key in the keyring.
PrimaryKeys map[int]PrimaryKeyInfo `json:"primary-keys"`
// KeyslotRoles are all keyslot roles indexed by the role name
KeyslotRoles map[string]KeyslotRoleInfo `json:"keyslot-roles"`
// PendingExternalOperations keeps a list of changes that capture FDE
// related operations running outside of snapd.
PendingExternalOperations []externalOperation `json:"pending-external-operations"`
}
FdeState is the root persistent FDE state
type KeyDigest ¶
type KeyDigest struct {
// Algorithm is the algorithm for
Algorithm secboot.HashAlg `json:"alg"`
// Salt is the salt for the Digest digest
Salt []byte `json:"salt"`
// Digest is the result of `Digest(key, salt)`
Digest []byte `json:"digest"`
}
KeyDigest stores a Digest(key, salt) of a key TODO:FDEM: take what is implemented in secboot
type KeyslotRoleInfo ¶
type KeyslotRoleInfo struct {
// PrimaryKeyID is the ID for the primary key found in
// PrimaryKeys field of FdeState
PrimaryKeyID int `json:"primary-key-id"`
// Parameters is indexed by container role name
Parameters map[string]KeyslotRoleParameters `json:"params,omitempty"`
// TPM2PCRPolicyRevocationCounter is the handle for the TPM
// policy revocation counter. A value of 0 means it is not
// set.
TPM2PCRPolicyRevocationCounter uint32 `json:"tpm2-pcr-policy-revocation-counter,omitempty"`
}
KeyslotRoleInfo stores information about a key slot role
type KeyslotRoleParameters ¶
type KeyslotRoleParameters struct {
// Models are the optional list of approved models
Models []*Model `json:"models,omitempty"`
// BootModes are the optional list of approved modes (run, recover, ...)
BootModes []string `json:"boot-modes,omitempty"`
// TPM2PCRProfile is an optional serialized PCR profile
TPM2PCRProfile secboot.SerializedPCRProfile `json:"tpm2-pcr-profile,omitempty"`
}
KeyslotRoleParameters stores upgradeable parameters for a keyslot role
type Model ¶
type Model struct {
SeriesValue string `json:"series"`
BrandIDValue string `json:"brand-id"`
ModelValue string `json:"model"`
ClassicValue bool `json:"classic"`
GradeValue asserts.ModelGrade `json:"grade"`
SignKeyIDValue string `json:"sign-key-id"`
}
Model is a json serializable secboot.ModelForSealing
func (*Model) Grade ¶
func (m *Model) Grade() asserts.ModelGrade
Grade implements secboot.ModelForSealing.Grade
type PrimaryKeyInfo ¶
type PrimaryKeyInfo struct {
Digest KeyDigest `json:"digest"`
}
PrimaryKeyInfo provides information about a primary key that is used to manage key slots
Source Files
Directories