microsoft / lsvmtools Goto Github PK

Linux Shielded VM Tools -- Tools for managing shielded Linux VMs for use in Hyper-V

License: Other

Makefile 2.12% C 94.39% Shell 3.40% Batchfile 0.08% Vim Script 0.01%

lsvmtools's Introduction

LSVMTools

Overview

The LSVMTools project provides tools for shielding Linux VMs operating in the Microsoft(R) Windows Hyper-V environment. LSVMTools aims to protect Linux VMs from attack while at rest and in flight. It builds on the following technologies.

Windows Server 2016 Guarded Fabric
Hyper-V Shielded VMs
UEFI
TPM 2.0
Linux Unified Key Setup (LUKS)
dm-crypt

LSVMTools provides two main tools.

LSVMPREP - Prepares the image for shielding
LSVMLOAD - The primary boot loader for the image

LSVMPREP

LVSMPREP prepares the Linux enviroment for shielding. After the image is prepared, it must be templatized and provisioned as described in the LSVM How-To document. LSVMPREP performs the following steps.

Encrypts the boot partition with a well-known passphrase
Patches the system to automatically mount the encyrpted boot parition
Installs LSVMLOAD on the EFI System Partition (ESP)
TPM-seals the passphrases and stores them on the ESP
Copies the SHIM and GRUB2 to the encrypted boot partition
Patches the initial ramdisk configuration to get passphrases non-interactively
Regenerates the initial ramdisks and GRUB2 configuration
Applies any UEFI dbx updates (for black-listed boot loaders)

After these steps are performed, the image is ready to be templatized. See the LSVM How-To document for details.

LSVMLOAD

LSVMLOAD becomes the primary EFI boot loader for the Linux VM. UEFI loads LSVMLOAD, assuming it passes certificate verification (LSVMLOAD must be signed by a certificate that Hyper-V trusts). LSVMLOAD performs the following steps.

Uses TPM to unseal a keyfile (containing the disk partition passphrases)
Maps the ESP onto an ESP ramdisk
Maps the encrypted boot partition onto an unencrypted boot ramdisk
Patches the initial ramdisk with the keyfile (on the boot ramdisk)
Loads the Linux SHIM from the boot ramdisk
Launches the SHIM, which is redirected to the ESP ramdisk

The SHIM finds GRUB2 on the ESP ramdisk (copied from the encrypted boot partition by LSVMLOAD). The SHIM executes GRUB2, which is redirected to the boot ramdisk, where it finds:

A patched GRUB2 configuration file
A patched initial ramdisk (patched by LSVMLOAD with the keyfile)
The Linux kernel

GRUB2 executes the kernel and the initial ramdisk. The initial ramdisk mounts the boot and root partitions using the keyfile injected by LSVMLOAD.

LSVMLOAD works using unmodified SHIM and GRUB2 executables, making it possible to configure a Linux environment for shielding without having to change any programs along the boot chain.

Documents

Supported Linux distributions

LSVMTool current supports the following Linux distributions.

Ubuntu 16.04 LTS with the 4.4 kernel
Red Hat Enterprise Linux 7.3
SUSE Linux Enterprise Server 12 Service Pack 2

Installing

This section explains how to install from a binary distribution. Binary distributions can be downloaded from the following link.

Binary Distributions

These distributions include LSVMPREP and a signed LSVMLOAD.

Use the following commands to install the distibution.

# tar zxvf lsvmtools-1.0.0-x86_64.tar.gz
# cd lsvmtools-1.0.0-x86_64
# ./install

Created /opt/lsvmtools-1.0.0

This installs LSVMTools in the following location.

/opt/lsvmtools-1.0.0

Running LSVMPREP

Caution: Running LSVMPREP encrypts the boot partition and makes irreversible configuration changes to a virtual machine. Only run LSVMPREP to prepare an image for templatization.

To run LSVMPREP, execute the following commands as root.

# cd /opt/lsvmtools-1.0.0
# ./lsvmprep

***************************************************
*     ____    _   _   _ _____ ___ ___  _   _      *
*    / ___|  / \ | | | |_   _|_ _/ _ \| \ | |     *
*   | |     / _ \| | | | | |  | | | | |  \| |     *
*   | |___ / ___ \ |_| | | |  | | |_| | |\  |     *
*    \____/_/   \_\___/  |_| |___\___/|_| \_|     *
*                                                 *
*                                                 *
* LSVMPREP is about to encrypt the boot partition *
* and make irreversible configuration changes to  *
* this machine. If you are certain you want to    *
* proceed, type YES in uppercase and then press   *
* enter; else press ENTER to terminate.           *
*                                                 *
***************************************************

> _

If LSVMPREP runs successfully, the image is ready to be templatized. See LSVM How-To for what to do next.

Building

This section explains how to build LSVMTools from source, but note that LSVMPREP requires a signed LSVMLOAD image, which must be downloaded separately (see the previous section for details).

To build LSVMTools, type these commands.

# ./configure
# make

These commands build LSVMPREP and an unsigned LSVMLOAD.

To run the tests, type:

# make tests

Recovering the LUKS keys

In case anything goes wrong, use the following command to recover LUKS keys.

# dmsetup table --showkeys

License

LSVMTools 

MIT License

Copyright (c) Microsoft Corporation. All rights reserved.

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in 
all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE

Code of Conduct

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

lsvmtools's People

Contributors

Stargazers

Watchers

Forkers

ifarhankhan seansp-zz anthonywong killvxk ysminnpu cupertinodude fengjixuchui sycomix bhaskers-blu-org2 taffywrinkle claudiusgonzo global-localhost global19 global19-atlassian-net mattbodd gupta-ak stianfro test-mass-forker-org-1 avamander

lsvmtools's Issues

This repo is missing important files

There are important files that Microsoft projects should all have that are not present in this repository. A pull request has been opened to add the missing file(s). When the pr is merged this issue will be closed automatically.

Microsoft teams can learn more about this effort and share feedback within the open source guidance available internally.

Merge this pull request

Binary release is unsigned

Even though in theory the prebuilt lsvmload "shim" available in Microsoft's Ubuntu 16.04 repositories should be identical to the binary release one, the binary release is unsigned. Which means it is not directly usable with Hyper-V and Shielded Open-Source VMs.

Support for newer Linux distros?

For example Ubuntu 18.04

Install lsvmtools-1.0.0-x86_64.tar.gz on rhel7.5, get some issues and boot failed

Hi,
I am trying to prepare shielded linux vhdx with rhel OS using lsvmtools-1.0.0-x86_64.tar.gz from https://github.com/Microsoft/lsvmtools/tree/master/binaries, after running ./lsvmprep, get error and failed to boot, could you help to check this? If I misunderstand the script, you can correct me, thanks!

Env:
Guest: rhel7.5, gen2, /root partition is encrypted with "passphrase"
Host: windows server 2016

1. Start vm with rhel7.5 OS and install lsvmtools package, when running lsvmprep, get error:

    # ./lsvmprep
    ./lsvmprep: shim not found

    Reason:
    the shim get value "/boot/efi/EFI/redhat/shim.efi
    /boot/efi/EFI/redhat/shimx64.efi"

    Resolve:
    Update lsvmprep line 159:
    shim=`ls /boot/efi/EFI/${vendor}/shim*.efi | grep -E "shim(x64)?.efi"`
    to
    shim=`ls /boot/efi/EFI/${vendor}/shim*.efi | grep -E "shim(x64)?.efi" | tail -1`


2. Check file scripts/encryptboot format /boot with ext3 not as comment says ext2. Should /boot filesystem be ext2 or ext3?

    251 ### Create EXT2 file system:
    252 mke2fs -j /dev/mapper/boot

    Reason:
    'man mke2fs' check that with -j option means: Create the filesystem with an ext3 journal.
    Command does not match the comment

    Resolve:
    Update scripts/encryptboot line 252 to "mke2fs -t ext2 /dev/mapper/boot"

3. After running ./lsvmprep successfully, before reboot check that can not find the key file /etc/lsvmload/rootkey and /etc/lsvmload/bootkey. Are the 2 key files needed and should be created by script?

    # cat /etc/crypttab
    luks-283e9244-1072-471d-938e-0f01b85ab88d UUID=283e9244-1072-471d-938e-0f01b85ab88d /etc/lsvmload/rootkey
    boot UUID=c47388aa-2328-4035-88de-135002aa2feb /etc/lsvmload/bootkey luks,discard

    # ls -al /etc/lsvmload/rootkey
    ls: cannot access /etc/lsvmload/rootkey: No such file or directory
    # ls -al /etc/lsvmload/bootkey
    ls: cannot access /etc/lsvmload/bootkey: No such file or directory


4. When running ./lsvmprep successfully, start the vm, after the grub menu get error logs, check the default loaded grub.cfg is /boot/efi/EFI/redhat/grub.cfg, should the default loaded grub.cfg file content as /boot/grub2/grub.cfg?

    error: failure reading sector 0x0 from `hd1`.
    error: failure reading sector 0x0 from `hd1`.   
    error: no such device: a4xxxxx.
    error: unknown filesystem.
    error: you need to load the kernel first.

Press any key to continue...

    Reason:
    Check the content is /boot/efi/EFI/redhat/grub.cfg, not expected /boot/grub2/grub.cfg

    2 ways to resolve:
        1) Update lsvmprep to create the new grub.cfg path to "/boot/efi/EFI/redhat/grub.cfg", and rerun ./lsvmprep

        620 ln -s /boot/grub2/grub.cfg /etc/grub2-efi.cfg
        624 local grubcfg=/boot/grub2/grub.cfg

        to
        620 ln -s /boot/efi/EFI/redhat/grub.cfg /etc/grub2-efi.cfg
        624 local grubcfg=/boot/efi/EFI/redhat/grub.cfg


        2) Or after running ./lsvmprep, before reboot, copy /boot/grub2/grub.cfg to /boot/efi/EFI/redhat/, then load the new config file

        # cp /boot/grub2/grub.cfg /boot/efi/EFI/redhat/grub.cfg.new
        # reboot

        Reboot, on the grub cmd line:
        > configfile (hd0,gpt1)/efi/redhat/grub.cfg.new


5. Start a new vm and run the updated scripts, then reboot, get error logs. Should these modules be included by grubx64.efi or other file?

    error: file 'EFI/redhat/x86_64-efi/cryptodisk.mod' not found
    error: file 'EFI/redhat/x86_64-efi/luks.mod' not found
    error: file 'EFI/redhat/x86_64-efi/gcry_rijndael.mod' not found
    error: file 'EFI/redhat/x86_64-efi/gcry_rijndael.mod' not found
    error: file 'EFI/redhat/x86_64-efi/gcry_sha256.mod' not found


    Resolve:
    before reboot, copy the required modules to /boot/efi/EFI/redhat/, then insmod them on the grub cmd line
    # yum install -y grub2-efi-x64-modules
    # cp /usr/lib/grub/x86_64-efi/{cryptodisk.mod,luks.mod,gcry_rijndael.mod,gcry_sha256.mod,procfs.mod} /boot/efi/EFI/redhat/
    # reboot
    > insmod xx.mod


6. Insmod the required modules on grub cmd line, and remove the search line, still get error logs on console:

    error: failure reading sector 0x0 from `hd1`.
    error: failure reading sector 0x0 from `hd1`.
    error: no such device: d0xx.
    error: no server is specified.
    error: you need to load the kernel first.
    Press any key to continue...

Thanks
hhei

lsvmload.efi's assumptions about partition UUIDs or LUKS are undocumented

After careful artisanal crafting (because the scripts are a bit outdated by now), I've managed to do everything except get lsvmload to unlock a LUKS partition. Even with a manually entered passphrase.

I've tried all four combinations for RootDevice and RootDeviceLUKS values (PARTUUID-UUID, UUID-UUID, PARTUUID-PARTUIID, UUID-PARTUUID). If it's some other UUID then it's not generated or shown by the current lsvmprep utility.

I get the impression that UEFI block IO (BIO) might see something different or the Hyper-V UEFI implementation might, but it's unclear what it might be.

The disk is nicely GPT and the partitions are LUKS v1 (I also tried v2, but that didn't change anything).

Log output:

INFO: progress: Checking boot partition
ERROR: failed to find LUKS BIO for uuid: [[Replace with any UUID or PARTUUID]]
INFO: No LUKS BIO found
ERROR: GetBootDevice() failed
ERROR: failed to open the boot parition