many: rework the way we allocate counter handles

[valentindavid]

We used 4 handles from 0x01880001-0x01880004 for PCR policies. We always used a pair and would switch to the other pair after factory reset.

No instead we look for free handle in range 0x01880005-0x0188000F. We also use only one handle per primary key.

When we factory reset, we should remove the handles correctly since the old primary key for the save partition should have been the same as the data partition that was removed, thus the handles should be the same.

We also now correctly populate the FDE state with the correct handles.

Thanks for helping us make a better snapd!
Have you signed the license agreement and read the contribution guide?

[codecov]

Codecov Report

Attention: Patch coverage is 55.37849% with 112 lines in your changes missing coverage. Please review.

Please upload report for BASE (fde-manager-features@7005c64). Learn more about missing BASE report.

Files with missing lines	Patch %	Lines
secboot/secboot_tpm.go	50.00%	70 Missing and 15 partials ⚠️
overlord/fdestate/fdestate.go	62.50%	8 Missing and 4 partials ⚠️
overlord/devicestate/handlers_install.go	83.78%	4 Missing and 2 partials ⚠️
secboot/secboot_dummy.go	0.00%	6 Missing ⚠️
overlord/fdestate/backend/seal.go	60.00%	1 Missing and 1 partial ⚠️
overlord/devicestate/devicemgr.go	0.00%	0 Missing and 1 partial ⚠️

Additional details and impacted files

@@                   Coverage Diff                   @@
##             fde-manager-features   #14910   +/-   ##
=======================================================
  Coverage                        ?   78.09%           
=======================================================
  Files                           ?     1170           
  Lines                           ?   155133           
  Branches                        ?        0           
=======================================================
  Hits                            ?   121147           
  Misses                          ?    26449           
  Partials                        ?     7537           

Flag	Coverage Δ
unittests	78.09% <55.37%> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[pedronis]

did a first quick pass, some questions

[pedronis]

this needs a doc comment about what is doing

[valentindavid]

That fixme is not complete...

[pedronis]

thanks for the changes, some small comments, please ping people to get more reviews

[pedronis]

this little bit of logic probably needs a small comment

[pedronis]

given this bit, shouldn't the name say something like swap save key as well?

[pedronis]

s/search on/searched/ ?

[valentindavid]

Maybe "searched on the token of the keySlot from the node". I will change that.

[bboozzoo]

Just some trivial comments. TBH I'm not fond of all the mocking we do right now. On the one hand, it'd be nice to think about it a little, on the other there are things to deliver.

[bboozzoo]

Suggested change

	// * Key files ubuntu-save.recovery.sealed-key has to be replaced by key file ubuntu-save.recovery.sealed-key.factory-reset
	// * Keyslots factory-reset-* have to be removed
	// * TPM handles used by the removed keys have to be released
	// - rotate ubuntu-save key file, replace ubuntu-save.recovery.sealed-key with
	// ubuntu-save.recovery.sealed-key.factory-reset, which was successfully recovered
	// - remove factory-reset-* keyslots
	// - reelase TPM handles used by the removed keys

[bboozzoo]

Suggested change

	// If the fallback save key exists, then it is the new
	// key. That means the default save key is the old save key
	// that needs to be removed.
	// ubuntu-save key rotation, delete old key and use
	// fallback save key if it exists

[valentindavid]

It is more confusing. If the fallback key does not exist, the default one is not the old key, because the rotation might have happened already.

[pedronis]

shouldn't we capture in the comment a bit what are the cases when is missing as well then?

[bboozzoo]

maybe I'm missing something, but is it possible this key doesn't exist?

[valentindavid]

I think it is possible if we already swapped it before but we did not finish clean up.

[bboozzoo]

unless other code is using node already

Suggested change

	func RemoveOldCounterHandles(node string, possibleOldKeys map[string]bool, possibleKeyFiles []string, hintExpectFDEHook bool) error {
	func RemoveOldCounterHandles(device string, possibleOldKeys map[string]bool, possibleKeyFiles []string, hintExpectFDEHook bool) error {

[bboozzoo]

Suggested change

	// RemoveOldCounterHandles tracks and release TPM2 handles used by
	// given keys node and possibleOldKeys point to keyslot tokens. And
	// possibleKeyFiles is a list to paths. hintExpectFDEHook helps
	// reading old key object files. If not TPM2 key is found, nothing
	// happens.
	// RemoveOldCounterHandles releases TPM2 handles of keys used on a given
	// device, which are either stored in key slots matching possibleOldKeys or in key
	// files listed in possibleKeyFiles. If not TPM2 key is found, nothing happens.

[bboozzoo]

this is slightly annoying

[pedronis]

thank you, couple small comments

[pedronis]

do we still need this comment, now that we pass hasHook?

[valentindavid]

Removed.

[pedronis]

maybe this should be called rotateKey to match the doc comment of the function

[valentindavid]

I have changed it.

[bboozzoo]

I would log which handles are in use here

[bboozzoo]

and here, log the free handle

[bboozzoo]

Suggested change

	logger.Noticef("WARNING: cannot figure out if FDE hooks are in use: %v", err)
	logger.Noticef("WARNING: cannot determine whether FDE hooks are in use: %v", err)

[bboozzoo]

FWIW, I would return an int which looks like the actual handles we expect, such that when looking at the logs you'd see familiar values, so eg. 0x1880002