ALP FDE and D-Installer, a love story

fde-alp-d-installer.md

0. About the term FDE:

Full-Disk Encryption simply means that all the OS components are encrypted, with the unavoidable exception of the bootloader (and of the content of /boot/EFI if we are in a UEFI system). That is, a system is FDE as long as directories like /, /boot, /var, etcetera are stored within LUKS volume(s).

Then there are several approaches to do that and, as a consequence, several possible ways to unlock the volumes during boot.

1. Our current solution for image-based ALP:

Our image is an FDE system in which everything is contained in a LUKS2 volume. During first boot, an interactive wizard runs and, apart from re-encrypting the LUKS2 volume to make it secure, it configures it to be unlocked during subsequent boots using:

• (a) A passphrase that must be entered by the user
• (b) A secret stored in the system's TPM that is only accessible when booting with exactly the same Grub binary and exactly the same grub.cfg

Depending on the user's choices during the wizard and on the availability of a functional TPM, the system can be configured to do (a), (b) or both.

There is a third option "CCID capable token" offered by the wizard but it's very likely just a leftover from previous experiments since it's not really implemented and Grub2 can't currently use such tokens to unlock LUKS devices.

2. FDE when deploying ALP via D-Installer instead of by images

In a matter of days, D-Installer will be perfectly capable of installing the system in a newly created LUKS2 volume protected by a passphrase provided by the user during the installation process.

That means the FDE scenario with (a) will be already fully covered since the very first boot after installation. So, strictly speaking FDE will be addressed out-of-the-box without using any intermediate well-known password and without needing any extra step like running the wizard mentioned at section 1.

If the user wants (b) in addition to (a), that can be done at any point from the new system. It cannot be done during installation for technical reasons that go beyond D-Installer. Running the current wizard described at section 1 is clearly overkill in this case. It would be better to offer a simple tool that simply performs that concrete task: adding a new TPM-based unlocking mechanism to the otherwise already fully-functional FDE system.

That's simpler for all the involved parts. There is no need to modify the wizard to act differently in case of image-based vs installation-based because it will only be used in image-based scenarios.

Sounds like a sane approach to me.

It would be nice if d-installer would also ask the user whether they want to use the TPM to protect the OS partition - and if the user selects this, I would attempt an automatic TPM enrollment on first boot.

To make this automatic TPM enrollment work, d-installer would need to do these things in addition:

• generate a random 128 byte secret from /dev/urandom, and use this as secondary key
• create a second key slot in the LUKS header using this secondary key
• write the secondary key to /root/.root.keyfile of the new system

On first boot, I would test for the presence of this key file, and if it exists:

• generate a new 128 byte key, and replace the secondary key with the new key (cryptsetup changeKey)
• protect the new key using TPM sealing, and update grub.cfg in the EFI boot partition
• remove /root/.root.keyfile

We cannot blindly protect the secondary key in /root/.root.keyfile, because there's a risk of compromise. The secondary key is written to disk, even if just for some time, and may be included in some btrfs snapshot