XO activation lease replay protection

[mstone]

XOs should accept activation leases exactly once.

[kimquirk]

Michael... is this true? What happens when countries want to reinstall images? As is being done in Uruguay right now?

I don't like this feature without more discussion. Is it really a bug / or a feature request?

[mstone]

It's actually a statement of a security requirement of the "short-term leases" feature. I don't think that it has been implemented. Fortunately, we're not using short-term leases. You should think of this bug as stating that our implementation of the theft-deterrence protocol is not complete until we satisfy ourselves that the initramfs maintains this invariant.

[cscott]

In particular, once a machine is marked 'stolen', it can be reactivated with a new activation lease. But it can *not* be reactivated with an 'old' activation lease.

I don't think this feature is relevant for passive kill, because once the lease expires it's not useful anyway. We don't have to keep track of expired leases, except to try to detect clock-reset attacks -- and the clock reset attacks could just as easily be mounted *before* the lease expires, so trying to be clever here doesn't buy us much actual security.

Does this match your recollection, Michael?

[mstone]

This is a basic property of correct lease-checking initramfsen which is orthogonal to the issue of attacks on the substrate of the lease-checker; i.e. the filesystem and the real-time clock. As the ticket states, a correct implementation should accept activation leases exactly once. At the time this ticket was created, I believe we thought that we had greater ability to make small amounts of information expensive to rewrite, e.g. by storing them in the SPI flash or on a protected part of the filesystem.