diff options
Diffstat (limited to 'nixos/modules')
-rw-r--r-- | nixos/modules/hardware/cpu/intel-sgx.nix | 47 | ||||
-rw-r--r-- | nixos/modules/module-list.nix | 2 | ||||
-rw-r--r-- | nixos/modules/services/security/aesmd.nix | 227 |
3 files changed, 276 insertions, 0 deletions
diff --git a/nixos/modules/hardware/cpu/intel-sgx.nix b/nixos/modules/hardware/cpu/intel-sgx.nix new file mode 100644 index 00000000000..04647940058 --- /dev/null +++ b/nixos/modules/hardware/cpu/intel-sgx.nix @@ -0,0 +1,47 @@ +{ config, lib, ... }: +with lib; +let + cfg = config.hardware.cpu.intel.sgx.provision; + defaultGroup = "sgx_prv"; +in +{ + options.hardware.cpu.intel.sgx.provision = { + enable = mkEnableOption "access to the Intel SGX provisioning device"; + user = mkOption { + description = "Owner to assign to the SGX provisioning device."; + type = types.str; + default = "root"; + }; + group = mkOption { + description = "Group to assign to the SGX provisioning device."; + type = types.str; + default = defaultGroup; + }; + mode = mkOption { + description = "Mode to set for the SGX provisioning device."; + type = types.str; + default = "0660"; + }; + }; + + config = mkIf cfg.enable { + assertions = [ + { + assertion = hasAttr cfg.user config.users.users; + message = "Given user does not exist"; + } + { + assertion = (cfg.group == defaultGroup) || (hasAttr cfg.group config.users.groups); + message = "Given group does not exist"; + } + ]; + + users.groups = optionalAttrs (cfg.group == defaultGroup) { + "${cfg.group}" = { }; + }; + + services.udev.extraRules = '' + SUBSYSTEM=="misc", KERNEL=="sgx_provision", OWNER="${cfg.user}", GROUP="${cfg.group}", MODE="${cfg.mode}" + ''; + }; +} diff --git a/nixos/modules/module-list.nix b/nixos/modules/module-list.nix index 3cc9ea88e17..1f826220a0f 100644 --- a/nixos/modules/module-list.nix +++ b/nixos/modules/module-list.nix @@ -45,6 +45,7 @@ ./hardware/ckb-next.nix ./hardware/cpu/amd-microcode.nix ./hardware/cpu/intel-microcode.nix + ./hardware/cpu/intel-sgx.nix ./hardware/corectrl.nix ./hardware/digitalbitbox.nix ./hardware/device-tree.nix @@ -928,6 +929,7 @@ ./services/search/kibana.nix ./services/search/meilisearch.nix ./services/search/solr.nix + ./services/security/aesmd.nix ./services/security/certmgr.nix ./services/security/cfssl.nix ./services/security/clamav.nix diff --git a/nixos/modules/services/security/aesmd.nix b/nixos/modules/services/security/aesmd.nix new file mode 100644 index 00000000000..bb53bc49e25 --- /dev/null +++ b/nixos/modules/services/security/aesmd.nix @@ -0,0 +1,227 @@ +{ config, pkgs, lib, ... }: +with lib; +let + cfg = config.services.aesmd; + + sgx-psw = pkgs.sgx-psw.override { inherit (cfg) debug; }; + + configFile = with cfg.settings; pkgs.writeText "aesmd.conf" ( + concatStringsSep "\n" ( + optional (whitelistUrl != null) "whitelist url = ${whitelistUrl}" ++ + optional (proxy != null) "aesm proxy = ${proxy}" ++ + optional (proxyType != null) "proxy type = ${proxyType}" ++ + optional (defaultQuotingType != null) "default quoting type = ${defaultQuotingType}" ++ + # Newline at end of file + [ "" ] + ) + ); +in +{ + options.services.aesmd = { + enable = mkEnableOption "Intel's Architectural Enclave Service Manager (AESM) for Intel SGX"; + debug = mkOption { + type = types.bool; + default = false; + description = "Whether to build the PSW package in debug mode."; + }; + settings = mkOption { + description = "AESM configuration"; + default = { }; + type = types.submodule { + options.whitelistUrl = mkOption { + type = with types; nullOr str; + default = null; + example = "http://whitelist.trustedservices.intel.com/SGX/LCWL/Linux/sgx_white_list_cert.bin"; + description = "URL to retrieve authorized Intel SGX enclave signers."; + }; + options.proxy = mkOption { + type = with types; nullOr str; + default = null; + example = "http://proxy_url:1234"; + description = "HTTP network proxy."; + }; + options.proxyType = mkOption { + type = with types; nullOr (enum [ "default" "direct" "manual" ]); + default = if (cfg.settings.proxy != null) then "manual" else null; + example = "default"; + description = '' + Type of proxy to use. The <literal>default</literal> uses the system's default proxy. + If <literal>direct</literal> is given, uses no proxy. + A value of <literal>manual</literal> uses the proxy from + <option>services.aesmd.settings.proxy</option>. + ''; + }; + options.defaultQuotingType = mkOption { + type = with types; nullOr (enum [ "ecdsa_256" "epid_linkable" "epid_unlinkable" ]); + default = null; + example = "ecdsa_256"; + description = "Attestation quote type."; + }; + }; + }; + }; + + config = mkIf cfg.enable { + assertions = [{ + assertion = !(config.boot.specialFileSystems."/dev".options ? "noexec"); + message = "SGX requires exec permission for /dev"; + }]; + + hardware.cpu.intel.sgx.provision.enable = true; + + systemd.services.aesmd = + let + storeAesmFolder = "${sgx-psw}/aesm"; + # Hardcoded path AESM_DATA_FOLDER in psw/ae/aesm_service/source/oal/linux/aesm_util.cpp + aesmDataFolder = "/var/opt/aesmd/data"; + aesmStateDirSystemd = "%S/aesmd"; + in + { + description = "Intel Architectural Enclave Service Manager"; + wantedBy = [ "multi-user.target" ]; + + after = [ + "auditd.service" + "network.target" + "syslog.target" + ]; + + environment = { + NAME = "aesm_service"; + AESM_PATH = storeAesmFolder; + LD_LIBRARY_PATH = storeAesmFolder; + }; + + # Make sure any of the SGX application enclave devices is available + unitConfig.AssertPathExists = [ + # legacy out-of-tree driver + "|/dev/isgx" + # DCAP driver + "|/dev/sgx/enclave" + # in-tree driver + "|/dev/sgx_enclave" + ]; + + serviceConfig = rec { + ExecStartPre = pkgs.writeShellScript "copy-aesmd-data-files.sh" '' + set -euo pipefail + whiteListFile="${aesmDataFolder}/white_list_cert_to_be_verify.bin" + if [[ ! -f "$whiteListFile" ]]; then + ${pkgs.coreutils}/bin/install -m 644 -D \ + "${storeAesmFolder}/data/white_list_cert_to_be_verify.bin" \ + "$whiteListFile" + fi + ''; + ExecStart = "${sgx-psw}/bin/aesm_service --no-daemon"; + ExecReload = ''${pkgs.coreutils}/bin/kill -SIGHUP "$MAINPID"''; + + Restart = "on-failure"; + RestartSec = "15s"; + + DynamicUser = true; + Group = "sgx"; + SupplementaryGroups = [ + config.hardware.cpu.intel.sgx.provision.group + ]; + + Type = "simple"; + + WorkingDirectory = storeAesmFolder; + StateDirectory = "aesmd"; + StateDirectoryMode = "0700"; + RuntimeDirectory = "aesmd"; + RuntimeDirectoryMode = "0750"; + + # Hardening + + # chroot into the runtime directory + RootDirectory = "%t/aesmd"; + BindReadOnlyPaths = [ + builtins.storeDir + # Hardcoded path AESM_CONFIG_FILE in psw/ae/aesm_service/source/utils/aesm_config.cpp + "${configFile}:/etc/aesmd.conf" + ]; + BindPaths = [ + # Hardcoded path CONFIG_SOCKET_PATH in psw/ae/aesm_service/source/core/ipc/SocketConfig.h + "%t/aesmd:/var/run/aesmd" + "%S/aesmd:/var/opt/aesmd" + ]; + + # PrivateDevices=true will mount /dev noexec which breaks AESM + PrivateDevices = false; + DevicePolicy = "closed"; + DeviceAllow = [ + # legacy out-of-tree driver + "/dev/isgx rw" + # DCAP driver + "/dev/sgx rw" + # in-tree driver + "/dev/sgx_enclave rw" + "/dev/sgx_provision rw" + ]; + + # Requires Internet access for attestation + PrivateNetwork = false; + + RestrictAddressFamilies = [ + # Allocates the socket /var/run/aesmd/aesm.socket + "AF_UNIX" + # Uses the HTTP protocol to initialize some services + "AF_INET" + "AF_INET6" + ]; + + # True breaks stuff + MemoryDenyWriteExecute = false; + + # needs the ipc syscall in order to run + SystemCallFilter = [ + "@system-service" + "~@aio" + "~@chown" + "~@clock" + "~@cpu-emulation" + "~@debug" + "~@keyring" + "~@memlock" + "~@module" + "~@mount" + "~@privileged" + "~@raw-io" + "~@reboot" + "~@resources" + "~@setuid" + "~@swap" + "~@sync" + "~@timer" + ]; + SystemCallArchitectures = "native"; + SystemCallErrorNumber = "EPERM"; + + CapabilityBoundingSet = ""; + KeyringMode = "private"; + LockPersonality = true; + NoNewPrivileges = true; + NotifyAccess = "none"; + PrivateMounts = true; + PrivateTmp = true; + PrivateUsers = true; + ProcSubset = "pid"; + ProtectClock = true; + ProtectControlGroups = true; + ProtectHome = true; + ProtectHostname = true; + ProtectKernelLogs = true; + ProtectKernelModules = true; + ProtectKernelTunables = true; + ProtectProc = "invisible"; + ProtectSystem = "strict"; + RemoveIPC = true; + RestrictNamespaces = true; + RestrictRealtime = true; + RestrictSUIDSGID = true; + UMask = "0066"; + }; + }; + }; +} |