2035888 – Managedsave-edit should forbid modify some tpm configs such as pcrbank

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 2035888 - Managedsave-edit should forbid modify some tpm configs such as pcrbank

Summary: Managedsave-edit should forbid modify some tpm configs such as pcrbank

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 9
Classification:	Red Hat
Component:	libvirt
Sub Component:
Version:	9.0
Hardware:	x86_64
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Michal Privoznik
QA Contact:	Yanqiu Zhang
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2021-12-28 10:59 UTC by Yanqiu Zhang
Modified:	2022-05-17 13:06 UTC (History)
CC List:	10 users (show)
Fixed In Version:	libvirt-8.0.0-0rc1.1.el9
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2022-05-17 12:45:52 UTC
Type:	Bug
Target Upstream Version:	8.0.0
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Github	autotest tp-libvirt pull 4111	None	Merged	tpm_device: add pcrbank modify scenarios	2022-05-10 06:39:36 UTC
Red Hat Issue Tracker	RHELPLAN-106636	None	None	None	2021-12-28 11:05:33 UTC
Red Hat Product Errata	RHBA-2022:2390	None	None	None	2022-05-17 12:46:20 UTC

Description Yanqiu Zhang 2021-12-28 10:59:48 UTC

Description of problem:
Modification when managedsave-edit for tpm pcrbanks only behaves in guest xml, not take actual effect on vtpm device inside guest.  Since restore does not trigger new swtpm_setup, so the changed of pcrbank will never take effect. Managedsave-edit should forbid modify some tpm configs such as pcrbanks.

Version-Release number of selected component (if applicable):
libvirt-7.10.0-1.el9.x86_64
qemu-kvm-6.2.0-1.el9.x86_64
swtpm-0.7.0-1.20211109gitb79fd91.el9.x86_64
libtpms-0.9.1-0.20211126git1ff6fe1f43.el9.x86_64
edk2-ovmf-20210527gite1999b264f1f-7.el9.noarch

How reproducible:
100%

Steps to Reproduce:
1.Start a guest vtpm device with sha384 pcrbank
# virsh start vm2-ovmf
Domain 'vm2-ovmf' started
# virsh dumpxml vm2-ovmf |grep /tpm -B10
    </input>
    <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
        <encryption secret='b4a117f1-8af2-44a4-91b8-7f0d2d4d68a3'/>
      >
        <active_pcr_banks>
          <sha384/>
        </active_pcr_banks>
      </backend>
      <alias name='tpm0'/>
    </tpm>

2.Check pcr bank in guest os, only pcrbank sha384 has pcr values:
# virsh console vm2-ovmf
[root@localhost ~]# tpm2_getrandom --hex 16
68170e8a865a9c647a09cba2b6e6b06b[root@localhost ~]# tpm2_pcrread
sha1:
sha256:
sha384:
  0 : 0x4733994C26A92B2FA846147945864EB788C3D1A55401A0A647008B006DF2878A5609C0491FA1937E5FC56640B3835245
  1 : 0x6C340682CE451190A62A323D3AFA396289725C1BA094A91A32CFBC800486CAD0DC50D88C33C05A15BDAC92F274CB258F
  ...
  23: 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
sha512:

3.Managedsave and edit guest to use sha512 instead:
# virsh managedsave vm2-ovmf

Domain 'vm2-ovmf' state saved by libvirt

# virsh managedsave-edit vm2-ovmf
Managed save image of Domain 'vm2-ovmf' XML configuration edited.
 
# virsh start vm2-ovmf
Domain 'vm2-ovmf' started

# virsh dumpxml vm2-ovmf |grep /tpm -B9
    <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
        <encryption secret='b4a117f1-8af2-44a4-91b8-7f0d2d4d68a3'/>
      >
        <active_pcr_banks>
          <sha512/>
        </active_pcr_banks>
      </backend>
      <alias name='tpm0'/>
    </tpm>

4. Check pcrbanks in guest os again, guest still uses sha384 pcrbank:
[root@localhost ~]# tpm2_getrandom --hex 16
befbb6bd2ec985b2ec963c03a81bb4f3[root@localhost ~]# tpm2_pcrread
sha1:
sha256:
sha384:
  0 : 0x4733994C26A92B2FA846147945864EB788C3D1A55401A0A647008B006DF2878A5609C0491FA1937E5FC56640B3835245
  1 : 0x6C340682CE451190A62A323D3AFA396289725C1BA094A91A32CFBC800486CAD0DC50D88C33C05A15BDAC92F274CB258F
...
  23: 0x000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
sha512:


Actual results:
As in step3 and step4, guest restored with modified pcrbank in guest xml, but that didn't take effect for vtpm device in guest OS.

Expected results:
Managedsave-edit should forbid modify some tpm configs such as pcrbank.


Additional info:
1.After step1, check log we can see, when fresh start, swtpm_setup used new sha384 pcrbank to reconfigure tpm:
# grep 'to run /usr/bin/swtpm' /var/log/libvirt/libvirtd.log
2021-12-28 09:26:32.015+0000: 2780715: debug : virCommandRunAsync:2629 : About to run /usr/bin/swtpm_setup --tpm2 --pwdfile-fd 33 --cipher aes-256-cbc --tpm-state /var/lib/libvirt/swtpm/699960f3-9eaa-4804-8263-ce1206e34054/tpm2 --vmid vm2-ovmf:699960f3-9eaa-4804-8263-ce1206e34054 --logfile /var/log/swtpm/libvirt/qemu/vm2-ovmf-swtpm.log --createek --create-ek-cert --create-platform-cert --lock-nvram --not-overwrite
2021-12-28 09:26:32.117+0000: 2780715: debug : virCommandRunAsync:2629 : About to run /usr/bin/swtpm_setup --tpm2 --pwdfile-fd 33 --cipher aes-256-cbc --tpm-state /var/lib/libvirt/swtpm/699960f3-9eaa-4804-8263-ce1206e34054/tpm2 --logfile /var/log/swtpm/libvirt/qemu/vm2-ovmf-swtpm.log --pcr-banks sha384 --reconfigure
2021-12-28 09:26:32.153+0000: 2780715: debug : virCommandRunAsync:2629 : About to run /usr/bin/swtpm socket --daemon --ctrl type=unixio,path=/run/libvirt/qemu/swtpm/44-vm2-ovmf-swtpm.sock,mode=0600 --tpmstate dir=/var/lib/libvirt/swtpm/699960f3-9eaa-4804-8263-ce1206e34054/tpm2,mode=0600 --log file=/var/log/swtpm/libvirt/qemu/vm2-ovmf-swtpm.log --terminate --tpm2 --pid file=/run/libvirt/qemu/swtpm/44-vm2-ovmf-swtpm.pid --key pwdfd=33,mode=aes-256-cbc --migration-key pwdfd=35,mode=aes-256-cbc
# grep sha /var/log/swtpm/libvirt/qemu/vm2-ovmf-swtpm.log
Successfully activated PCR banks sha256 among sha1,sha256,sha384,sha512.
Successfully activated PCR banks sha384 among sha1,sha256,sha384,sha512.

2. After step4 check log again, we can see restore does not trigger new swtpm_setup, so the changed pcrbank512 will never take effect:
2021-12-28 09:31:37.131+0000: 2780381: debug : virCommandRunAsync:2629 : About to run /usr/bin/swtpm socket --daemon --ctrl type=unixio,path=/run/libvirt/qemu/swtpm/45-vm2-ovmf-swtpm.sock,mode=0600 --tpmstate dir=/var/lib/libvirt/swtpm/699960f3-9eaa-4804-8263-ce1206e34054/tpm2,mode=0600 --log file=/var/log/swtpm/libvirt/qemu/vm2-ovmf-swtpm.log --terminate --tpm2 --pid file=/run/libvirt/qemu/swtpm/45-vm2-ovmf-swtpm.pid --key pwdfd=34,mode=aes-256-cbc --migration-key pwdfd=36,mode=aes-256-cbc

3. Do migrate --xml can also modify tpm pcrbanks on target live xml, but inside guest tpm pcrbank is also not changed. Even with swtpm_setup cmd executed, but no pcrbank related change:
# virsh migrate vm-ovmf --live qemu+ssh://dell-per730-39.lab.eng.pek2.redhat.com/system --verbose --p2p  --xml vm-ovmf.xml-mig 
Migration: [100 %]

[targethost]#  grep 'to run /usr/bin/swtpm' /var/log/libvirt/libvirtd.log
2021-12-28 09:47:26.364+0000: 2780715: debug : virCommandRunAsync:2629 : About to run /usr/bin/swtpm_setup --tpm2 --pwdfile-fd 33 --cipher aes-256-cbc --tpm-state /var/lib/libvirt/swtpm/bbd16783-8077-43f3-bf37-3f0c486cc586/tpm2 --overwrite
2021-12-28 09:47:26.393+0000: 2780715: debug : virCommandRunAsync:2629 : About to run /usr/bin/swtpm socket --daemon --ctrl type=unixio,path=/run/libvirt/qemu/swtpm/46-vm-ovmf-swtpm.sock,mode=0600 --tpmstate dir=/var/lib/libvirt/swtpm/bbd16783-8077-43f3-bf37-3f0c486cc586/tpm2,mode=0600 --log file=/var/log/swtpm/libvirt/qemu/vm-ovmf-swtpm.log --terminate --tpm2 --pid file=/run/libvirt/qemu/swtpm/46-vm-ovmf-swtpm.pid --key pwdfd=33,mode=aes-256-cbc --migration-key pwdfd=35,mode=aes-256-cbc
[targethost]# grep sha /var/log/swtpm/libvirt/qemu/vm2-ovmf-swtpm.log
(nothing)

Comment 1 Michal Privoznik 2022-01-04 08:19:26 UTC

I believe the same issue exists on migration, e.g. when an additional XML is provided during migration that changes <active_pcr_banks/>. The fix should be simple - we are lacking ABI stability check.

Comment 2 Michal Privoznik 2022-01-04 08:29:46 UTC

Patch posted upstream:

https://listman.redhat.com/archives/libvir-list/2022-January/msg00052.html

Comment 3 Michal Privoznik 2022-01-04 08:47:23 UTC

Merged upstream as:

commit 1ce27fa7761248ab9d8e142eb957432527280df0
Author:     Michal Prívozník <mprivozn>
AuthorDate: Tue Jan 4 09:26:08 2022 +0100
Commit:     Michal Prívozník <mprivozn>
CommitDate: Tue Jan 4 09:42:01 2022 +0100

    conf: Extend TPM ABI stability check for <active_pcr_banks/>
    
    Changing <active_pcr_banks/> means changing the guest ABI and as
    such must be prevented on both restoring from a file or
    migration.
    
    Resolves: https://bugzilla.redhat.com/show_bug.cgi?id=2035888
    Signed-off-by: Michal Privoznik <mprivozn>
    Reviewed-by: Peter Krempa <pkrempa>

v7.10.0-397-g1ce27fa776

Comment 10 Yanqiu Zhang 2022-01-24 11:39:10 UTC

Verify on:
libvirt-8.0.0-1.el9.x86_64
qemu-kvm-6.2.0-3.el9.x86_64

Scenarios:
1.From no pcrbank to has.
 From:   <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
        <encryption secret='e7442270-f813-4e48-a57b-5a5ff9d67ace'/>
      </backend>
      <alias name='tpm0'/>
    </tpm>
To:
    <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
              <encryption secret='e7442270-f813-4e48-a57b-5a5ff9d67ace'/>
         <active_pcr_banks>
          <sha512/>
        </active_pcr_banks>
      </backend>
    </tpm>
2.Change pcrbank value
From:    <active_pcr_banks>
          <sha385/>
        </active_pcr_banks>
To:
        <active_pcr_banks>
          <sha256/>
        </active_pcr_banks>
3.From has to none
    <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
         <encryption secret='e7442270-f813-4e48-a57b-5a5ff9d67ace'/>
         <active_pcr_banks>
          <sha384/>
        </active_pcr_banks>
      </backend>
    </tpm>
To:
    <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
        <encryption secret='e7442270-f813-4e48-a57b-5a5ff9d67ace'/>
      </backend>
    </tpm>
4. Unsupported value

Steps:
1.Managedsave/Save-edit
# virsh managedsave-edit myuefi 
error: unsupported configuration: Target active PCR banks doesn't match source
Failed. Try again? [y,n,f,?]: 

# virsh save-image-edit /var/lib/libvirt/qemu/save/myuefi.save 
error: unsupported configuration: Target active PCR banks doesn't match source
Failed. Try again? [y,n,f,?]: 

# virsh managedsave-edit myuefi
error: unsupported configuration: Unsupported PCR banks 'sha224'
Failed. Try again? [y,n,f,?]: 

# virsh save-image-edit /var/lib/libvirt/qemu/save/myuefi.save 
error: unsupported configuration: Unsupported PCR banks 'sha224'
Failed. Try again? [y,n,f,?]: 

2. Managedsave/Save-define
# virsh managedsave-dumpxml myuefi > myuefisave.xml 
# vim myuefisave.xml 
# virsh managedsave-define myuefi myuefisave.xml 
error: Failed to update myuefi XML configuration
error: unsupported configuration: Target active PCR banks doesn't match source

#  virsh save-image-define  /var/lib/libvirt/qemu/save/myuefi.save  myuefisave.xml
error: Failed to update /var/lib/libvirt/qemu/save/myuefi.save
error: unsupported configuration: Target active PCR banks doesn't match source

# virsh managedsave-define myuefi save.xml 
error: Failed to update myuefi XML configuration
error: unsupported configuration: Unsupported PCR banks 'sha224'

# virsh save-image-define /var/lib/libvirt/qemu/save/myuefi.save save.xml 
error: Failed to update /var/lib/libvirt/qemu/save/myuefi.save
error: unsupported configuration: Unsupported PCR banks 'sha224'

3. Migrate with --xml:
# virsh migrate myuefi --live qemu+ssh://hostb/system --verbose  --xml myuefimig.xml 
error: unsupported configuration: Target active PCR banks doesn't match source

# virsh migrate myuefi --live qemu+ssh://hostb/system --verbose  --xml mig.xml-invalidpcr 
error: unsupported configuration: Unsupported PCR banks 'sha224'

Comment 12 errata-xmlrpc 2022-05-17 12:45:52 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (new packages: libvirt), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:2390

Note You need to log in before you can comment on or make changes to this bug.