[Rpm-maint] [rpm-software-management/rpm] Add support for fsverity signatures (#1121)

Wed Apr 29 19:43:57 UTC 2020

Here is a more detailed update on the design of the fsverity support I have been working on for rpm.

I now have code which I believe works correctly, and I'd love some feedback on it. I am sure I got some things wrong. The code can be found in my cloned repo here[1]

fsverity itself provides block-level checksumming of files in the file system, which can be signed and authenticated by a public key loaded into the kernel's public keyring. This allows the kernel to validate individual data blocks as they are read from the disk instead of having to validate the entire file's digest before allowing it to be opened.

Instead of a regular digest, fsverity uses a Merkle tree, which is basically a tree of digests. For now only sha256 and sha512 are supported for calculating this tree. The fsverity signature authenticates the root of the Merkle tree, by signing an fsverity descriptor which contains the root digest. This API is defined by the kernel. The code to generate the fsverity descriptor, and the code to sign it, is provided by libfsverity from the fsverity-utils package[2][3].

There is no way to go from the regular digest to the Merkle tree, so the code parses the archive of the rpm to generate the signatures. As the file count of the archive doesn't have to match the metadata file count, ghost files etc, and the file order of the archive and the metadata do not necessarily match, the signatures are placed in an array based on their file index, and signatures for the missing items are generated from the metadata fi.

The code introduces four new tags:
* RPMTAG_VERITYSIGNATURELENGTH (uint32_t): The size of the fs verity signatures
* RPMTAG_VERITYSIGNATURES (char *): Array of fsverity signatures
* RPMTAG_VERITYSIGNATUREALGO (uint32_t): Algorithm used to generate signature
* RPMTAG_VERITYSIGNATUREBLKSZ (uint32_t): Block size used to calculate the Merkle tree

In addition the code provides a new plugin "fsverity" which will install the fsverity signature and enable fsverity on files as they are installed. Similar to IMA file signatures, it will skip installing signatures for config files, unless explicitly requested, and it only installs signatures for regular files as directories and symlinks are not currently supported by fsverity.

To enable fsverity in the build, one must specify --with-fsverity, and have the fsverity-utils header and library installed.

To generate signatures, one must specify three arguments:
 --fskpath= specify siging key (argument is shared with IMA file signing)
 --certpath= specify signing certificate
 --signverity add fsverity signatures to the package

Jes

1: Code adding fsverity support to rpm:  https://github.com/jessorensen/rpm/tree/rpm-fsverity
2: Original fsverity git repo: git://git.kernel.org/pub/scm/linux/kernel/git/ebiggers/fsverity-utils.git
3: fsverity refactoring providing libfsverity:
 * https://www.spinics.net/lists/linux-fscrypt/msg03278.html
 * git://git.kernel.org/pub/scm/linux/kernel/git/jes/fsverity-utils.git/

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/rpm-software-management/rpm/issues/1121#issuecomment-621421288
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.rpm.org/pipermail/rpm-maint/attachments/20200429/595a6f4c/attachment-0001.html>