Some tips on setting up OpenStack on a TXT secure boot machine.
Quick instructions for setting up secure boot / TXT plus OpenAttestation with OpenStack
The goal is to have OpenStack compute nodes, which are booted securely with TXT, and marked as good using OpenAttestation.
Part One: Installing RHEL 6.4 with TXT Secure Boot. (Should work similarly with Fedora)
Note: TXT Secure Boot is a new feature and only works on selected hardware. I used an HP 8300 Elite Small Form Factor because Intel said it worked on that exact model. If you pick a random computer, it may not work.
Note: TXT Secure Boot only works with legacy BIOS booting. It will not work with EFI. You need to ensure that only legacy boot is configured in your BIOS.
1. 1)Brought up to BIOS setup, enabled TPM and TXT
a. Power on, ESC key -> Startup Menu -> Computer Setup(F10) b. Security->Setup Password, set setup password then F10 to save. c. Security->System Security, enable vtx/vtd/Embeded Security Device/Trusted
Execution Technology, F10 to save.
d. Storage->Boot Order, then use F5 to toggle all EFI boot services off,
leaving the Legacy Boot Sources enabled, with DVD above the hard drives. (You can disable DVD booting later after the OS is installed.)
e. File->Save Changes and Exit.
2) Boot from the RHEL 6.4 DVD.
a. at the beginning of booting, ESC, enter setup password, F9 -> Boot
Menu -> legacy boot from DVD
b. install RHEL6.4 from DVD. Note: to make grub.conf changed
automatically for tboot, please install tboot during the OS installation like below. Otherwise, the grub.conf need to be modified manually like in previous RHEL system.
i. Customize now-> Customize optional packages for Base group in Base
System category -> select tboot package for base group
ii. Continue installation.
3) rebooted system and verified that /dev/tpm0 existed 4) downloaded 3rd_gen_i5_i7_SINIT_51.zip from below url, copied the .BIN in it to /boot
a.
http://software.intel.com/en-us/articles/intel-trusted-execution-technology/ 5) modify /boot/grub/grub.conf, adding a new stanza before the others, like:
title Secure Red Hat Enterprise Linux (2.6.32-358.el6.x86_64)
root (hd0,1)
kernel /tboot.gz logging=vga,serial,memory
module /vmlinuz-2.6.32-358.el6.x86_64 ro root=/dev/mapper/vg_hp-lv_root intel_iommu=on rd_NO_LUKS rd_LVM_LV=vg_hp/lv_swap LANG=en_US.UTF-8 rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto rd_LVM_LV=vg_hp/lv_root KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet
module /initramfs-2.6.32-358.el6.x86_64.img
module /3rd_gen_i5_i7_SINIT_51.BIN
6)
chkconfig tcsd on
7)
service tcsd restart
8) mount installation DVD to /media
9)
rpm -i /media/Packages/tpm-tools-1.3.4-2.el6.x86_64.rpm
10)
tpm_takeownership -z
Note: Do not forget the -z Note: tpm_takeownership only works once. Once the owner password is set, you cannot reset it without clearing the BIOS. So be sure not to forget the password.
11) reboot machine and select tboot option, verified that /dev/tpm0 existed 12) then try LCP & tboot policy according to policy_v2.txt & lcptools2.txt under /usr/share/doc/tboot-1.7.0/.
lcp_mlehash -c "logging=vga,serial,memory" /boot/tboot.gz > mle_hash lcp_crtpolelt --create --type mle --ctrl 0x00 --minver 17 --out mle.elt mle_hash cat /sys/devices/pnp0/00\:0e/pcrs |grep -e PCR-00 -e PCR-01 > pcrs lcp_crtpolelt --create --type pconf --out pconf.elt pcrs lcp_crtpollist --create --out list_unsig.lst mle.elt pconf.elt openssl genrsa -out privkey.pem 2048 openssl rsa -pubout -in privkey.pem -out pubkey.pem cp list_unsig.lst list_sig.lst lcp_crtpollist --sign --pub pubkey.pem --priv privkey.pem --out list_sig.lst lcp_crtpol2 --create --type list --pol list.pol --data list.data list_sig.lst tb_polgen --create --type nonfatal vl.pol tb_polgen --add --num 0 --pcr none --hash image --cmdline "ro root=/dev/mapper/vg_jimmyrhel64b-lv_root intel_iommu=on rd_NO_LUKS LANG=en_US.UTF-8 rd_LVM_LV=vg_jimmyrhel64b/lv_root rd_LVM_LV=vg_jimmyrhel64b/lv_swap rd_NO_MD SYSFONT=latarcyrheb-sun16 crashkernel=auto KEYBOARDTYPE=pc KEYTABLE=us rd_NO_DM rhgb quiet" --image /boot/vmlinuz-2.6.32-343.el6.x86_64 vl.pol tb_polgen --add --num 1 --pcr 19 --hash image --cmdline "" --image /boot/initramfs-2.6.32-343.el6.x86_64.img vl.pol tpmnv_defindex -i 0x20000002 -s 8 -pv 0 -rl 0x07 -wl 0x07 -p linux123 tpmnv_defindex -i owner -p linux123 tpmnv_defindex -i 0x20000001 -s 256 -pv 0x02 -p linux123 lcp_writepol -i owner -f list.pol -p linux123 lcp_writepol -i 0x20000001 -f vl.pol -p linux123 cp list.data /boot/
then add below line in the end of tboot menuentry in /boot/grub/grub.conf:
"module /list.data"
reboot to select tboot
After rebooting, run txt-stat. If it gives you several pages of information, then TXT booting worked. If it gives you a short failure message, then it failed.
Installing OAT server:
In the future, oat package should be in Fedora (targeting Fedora 19) and EPEL for RHEL. For now, we need to install it manually from source.
checkout from github/OpenAttestation/OpenAttestation read docs/Build.pdf bash rpm.sh fails without sudo; does too much with root permission with sudo OAT-Appraiser-Base_OATapp RPM wants to install everything to /OAT-Appraiser-Configure
Installing OAT client: For TPMModule, we need trousers-devel. RHEL has a trousers RPM but trousers-devel is in the Optional repo, so you need to enable that first.
cd Source sh download_jar_packages.sh sh distribute_jar_packages.sh sh build.sh
(Manually running ant failed for me, but the scripts worked. I didn't try Eclipse since I was using a headless server.)
typo fix: Step 3.2 Installer -- should run in Source not Installer directory.
cd Installer # security note -- this script should do less as root sudo bash rpm.sh -s ~/git/OpenAttestation/Source makes /root/rpmbuild/RPMS/x86_64/OAT-Appraiser-Base-OATapp-1.0.0-2.fc17.x86_64.rpm yum install php php-mysql # this script does too much in %post%. installing rpm auto-starts server. Also messes with #mysqld, tomcat6, httpd, writes new private key hostname.pem #rpm installs to /OAT-Appraiser-Configure by default -- should probably respect FHS and go under /opt
open port 8443 in server firewall
nova.conf:
# attestation server http (string value) attestation_server=http://localhost/ # attestation server Cert file for Identity verification # (string value) attestation_server_ca_file=<None> # attestation server port (string value) attestation_port=8443 # attestation web API URL (string value) attestation_api_url=/OpenAttestationWebServices/V1.0 # attestation authorization blob - must change (string value) attestation_auth_blob=oatoat # Attestation status cache valid period length (integer value) attestation_auth_timeout=60
client install: No browser on client so manually copy server's /OAT-Appraiser-Configure/ClientInstallForLinux.zip to client None of the sh files have execute permission. general-install.sh needs to be run as root
openssl s_client -connect $hostname_of_oatservice:8443 | tee certfile.cer
$ nova-manage flavor create m1.trusted 256 2 10 0 6 0 0
Gives error:
Must supply valid parameters to create instance_type Invalid input received: 'rxtx_factor' argument must be a positive float
change to:
nova-manage flavor create m1.trusted 256 2 10 1 6 1 1 1
need to yum install tpm-tools and run tpm_createek to initialize endorsement key before client will install.
sudo tpm_createek
Tspi_TPM_CreateEndorsementKey failed: 0x00000008 - layer=tpm, code=0008 (8), The TPM target command has been disabled
I needed to clear secure boot keys from TPM in BIOS. First System Security / TXT disable, then Device Security / Embedded Security Device / Reset to Factory Settings, then save and quit.
After rebooting, txt-stat shows
"unable to find TBOOT log"
so we need to fix secure boot again. (Repeat steps 5-12, with the new kernel version in grub.conf.)