144 lines
5.5 KiB
ReStructuredText
144 lines
5.5 KiB
ReStructuredText
|
===============
|
||
|
NVDIMM Security
|
||
|
===============
|
||
|
|
||
|
1. Introduction
|
||
|
---------------
|
||
|
|
||
|
With the introduction of Intel Device Specific Methods (DSM) v1.8
|
||
|
specification [1], security DSMs are introduced. The spec added the following
|
||
|
security DSMs: "get security state", "set passphrase", "disable passphrase",
|
||
|
"unlock unit", "freeze lock", "secure erase", and "overwrite". A security_ops
|
||
|
data structure has been added to struct dimm in order to support the security
|
||
|
operations and generic APIs are exposed to allow vendor neutral operations.
|
||
|
|
||
|
2. Sysfs Interface
|
||
|
------------------
|
||
|
The "security" sysfs attribute is provided in the nvdimm sysfs directory. For
|
||
|
example:
|
||
|
/sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/security
|
||
|
|
||
|
The "show" attribute of that attribute will display the security state for
|
||
|
that DIMM. The following states are available: disabled, unlocked, locked,
|
||
|
frozen, and overwrite. If security is not supported, the sysfs attribute
|
||
|
will not be visible.
|
||
|
|
||
|
The "store" attribute takes several commands when it is being written to
|
||
|
in order to support some of the security functionalities:
|
||
|
update <old_keyid> <new_keyid> - enable or update passphrase.
|
||
|
disable <keyid> - disable enabled security and remove key.
|
||
|
freeze - freeze changing of security states.
|
||
|
erase <keyid> - delete existing user encryption key.
|
||
|
overwrite <keyid> - wipe the entire nvdimm.
|
||
|
master_update <keyid> <new_keyid> - enable or update master passphrase.
|
||
|
master_erase <keyid> - delete existing user encryption key.
|
||
|
|
||
|
3. Key Management
|
||
|
-----------------
|
||
|
|
||
|
The key is associated to the payload by the DIMM id. For example:
|
||
|
# cat /sys/devices/LNXSYSTM:00/LNXSYBUS:00/ACPI0012:00/ndbus0/nmem0/nfit/id
|
||
|
8089-a2-1740-00000133
|
||
|
The DIMM id would be provided along with the key payload (passphrase) to
|
||
|
the kernel.
|
||
|
|
||
|
The security keys are managed on the basis of a single key per DIMM. The
|
||
|
key "passphrase" is expected to be 32bytes long. This is similar to the ATA
|
||
|
security specification [2]. A key is initially acquired via the request_key()
|
||
|
kernel API call during nvdimm unlock. It is up to the user to make sure that
|
||
|
all the keys are in the kernel user keyring for unlock.
|
||
|
|
||
|
A nvdimm encrypted-key of format enc32 has the description format of:
|
||
|
nvdimm:<bus-provider-specific-unique-id>
|
||
|
|
||
|
See file ``Documentation/security/keys/trusted-encrypted.rst`` for creating
|
||
|
encrypted-keys of enc32 format. TPM usage with a master trusted key is
|
||
|
preferred for sealing the encrypted-keys.
|
||
|
|
||
|
4. Unlocking
|
||
|
------------
|
||
|
When the DIMMs are being enumerated by the kernel, the kernel will attempt to
|
||
|
retrieve the key from the kernel user keyring. This is the only time
|
||
|
a locked DIMM can be unlocked. Once unlocked, the DIMM will remain unlocked
|
||
|
until reboot. Typically an entity (i.e. shell script) will inject all the
|
||
|
relevant encrypted-keys into the kernel user keyring during the initramfs phase.
|
||
|
This provides the unlock function access to all the related keys that contain
|
||
|
the passphrase for the respective nvdimms. It is also recommended that the
|
||
|
keys are injected before libnvdimm is loaded by modprobe.
|
||
|
|
||
|
5. Update
|
||
|
---------
|
||
|
When doing an update, it is expected that the existing key is removed from
|
||
|
the kernel user keyring and reinjected as different (old) key. It's irrelevant
|
||
|
what the key description is for the old key since we are only interested in the
|
||
|
keyid when doing the update operation. It is also expected that the new key
|
||
|
is injected with the description format described from earlier in this
|
||
|
document. The update command written to the sysfs attribute will be with
|
||
|
the format:
|
||
|
update <old keyid> <new keyid>
|
||
|
|
||
|
If there is no old keyid due to a security enabling, then a 0 should be
|
||
|
passed in.
|
||
|
|
||
|
6. Freeze
|
||
|
---------
|
||
|
The freeze operation does not require any keys. The security config can be
|
||
|
frozen by a user with root privilege.
|
||
|
|
||
|
7. Disable
|
||
|
----------
|
||
|
The security disable command format is:
|
||
|
disable <keyid>
|
||
|
|
||
|
An key with the current passphrase payload that is tied to the nvdimm should be
|
||
|
in the kernel user keyring.
|
||
|
|
||
|
8. Secure Erase
|
||
|
---------------
|
||
|
The command format for doing a secure erase is:
|
||
|
erase <keyid>
|
||
|
|
||
|
An key with the current passphrase payload that is tied to the nvdimm should be
|
||
|
in the kernel user keyring.
|
||
|
|
||
|
9. Overwrite
|
||
|
------------
|
||
|
The command format for doing an overwrite is:
|
||
|
overwrite <keyid>
|
||
|
|
||
|
Overwrite can be done without a key if security is not enabled. A key serial
|
||
|
of 0 can be passed in to indicate no key.
|
||
|
|
||
|
The sysfs attribute "security" can be polled to wait on overwrite completion.
|
||
|
Overwrite can last tens of minutes or more depending on nvdimm size.
|
||
|
|
||
|
An encrypted-key with the current user passphrase that is tied to the nvdimm
|
||
|
should be injected and its keyid should be passed in via sysfs.
|
||
|
|
||
|
10. Master Update
|
||
|
-----------------
|
||
|
The command format for doing a master update is:
|
||
|
update <old keyid> <new keyid>
|
||
|
|
||
|
The operating mechanism for master update is identical to update except the
|
||
|
master passphrase key is passed to the kernel. The master passphrase key
|
||
|
is just another encrypted-key.
|
||
|
|
||
|
This command is only available when security is disabled.
|
||
|
|
||
|
11. Master Erase
|
||
|
----------------
|
||
|
The command format for doing a master erase is:
|
||
|
master_erase <current keyid>
|
||
|
|
||
|
This command has the same operating mechanism as erase except the master
|
||
|
passphrase key is passed to the kernel. The master passphrase key is just
|
||
|
another encrypted-key.
|
||
|
|
||
|
This command is only available when the master security is enabled, indicated
|
||
|
by the extended security status.
|
||
|
|
||
|
[1]: https://pmem.io/documents/NVDIMM_DSM_Interface-V1.8.pdf
|
||
|
|
||
|
[2]: http://www.t13.org/documents/UploadedDocuments/docs2006/e05179r4-ACS-SecurityClarifications.pdf
|