similar to: TPM and secure boot

On onsdag 29 augusti 2018 kl. 10:00:39 EEST Sandro Bonazzola wrote: > 2018-08-28 13:52 GMT+02:00 Dag Nygren <dag at newtech.fi>: > > > We have a desperate need for TPM support and: > > > > 1. Tried the "standard" distro install. linvirt supports > > TPM passthrough but kvm-qemu barfs: > > "unsupported configuration: The QEMU executable

Hi all! Just setting up a cluster using Centos 7 We have a desperate need for TPM support and: 1. Tried the "standard" distro install. linvirt supports TPM passthrough but kvm-qemu barfs: "unsupported configuration: The QEMU executable /usr/libexec/qemu-kvm does not support TPM backend type passthrough" 2. The activated the qemu-ev repo and updated qemu-kvm to version

On onsdag 29 augusti 2018 kl. 15:37:47 EEST Alvin Starr wrote: > On 08/29/2018 07:38 AM, Dag Nygren wrote: > > > On onsdag 29 augusti 2018 kl. 10:00:39 EEST Sandro Bonazzola wrote: > >> 2018-08-28 13:52 GMT+02:00 Dag Nygren <dag at newtech.fi>: > >> > >>> We have a desperate need for TPM support and: > >>> > >>> 1. Tried the

On Thu, Jul 09, 2020 at 14:14:32 +0200, Milan Zamazal wrote: > Milan Zamazal <mzamazal@redhat.com> writes: > > > Hi, > > > > I would like to clarify how to make snapshots of running VMs with > > emulated TPM devices. As far as I understand QEMU documentation, it's > > possible to make snapshots of running VMs with TPM, but it's important >

On Thu, Jul 09, 2020 at 17:54:23 +0200, Milan Zamazal wrote: > Peter Krempa <pkrempa@redhat.com> writes: > > > On Thu, Jul 09, 2020 at 14:14:32 +0200, Milan Zamazal wrote: > >> Milan Zamazal <mzamazal@redhat.com> writes: > >> > > > >> > Hi, > >> > > >> > I would like to clarify how to make snapshots of running

Hi, i am using Xen 3.2.0 and want to use the TPM in dom0. I have activated vtpm and everything runs fine in my domUs. The question is, how can I access the TPM in dom0? As far as I know vtpm_managerd exclusively locks /dev/tpm0. As soon as I start vtpm_managerd my own program cannot access the TPM anymore. Is there a vtpm instance for dom0 like the ones for the user domains? Thanks in advance

Hi, I would like to clarify how to make snapshots of running VMs with emulated TPM devices. As far as I understand QEMU documentation, it's possible to make snapshots of running VMs with TPM, but it's important to retain the state of swtpm. Does libvirt assist with that in any way or is it completely user's responsibility? libvirt pauses the VM internally when making a snapshot,

This patch adds a TPM device model to the qemu dm for fully virtualized VMs. It is enabled in the VM only if the user requests a TPM device in the vm configuration file using the ''vtpm=[...]'' line. It enables the qemu device model command line with a ''vtpm_instance <instance number>'' parameter. Signed-off-by: David Safford <safford@watson.ibm.com>

Hi. I am very interested in the security properties a totally open TPM can give our users? - its use as a universal smartcard to protect all types of keys. When adding the virtual 1.2 or 2.0 TPM I get the vague error below. OS is Debian stable with standard packages. Error starting domain: Unable to find 'swtpm' binary in $PATH: No such file or directory Traceback (most recent call

On onsdag 29 augusti 2018 kl. 15:37:47 EEST Alvin Starr wrote: > You could try using Xen. > A quick search implies that Xen from 4.3 onward will virtualize TPM. > I am not sure if the libvirt drivers for xen will support the feature > but some work around may be possible. Nice attitude and helpfulness in this list! Just had a look and it doesn't seem to be that an intrusive

Hello, I'm was looking through handbook and wikipedia and it appears FreeBSD doesn't support hardware (nor software) nx bit. There also doesn't seem to be any support for TPM (Trusted Platform Module). I was wondering if it is due to a general lack of interest and/or personal preference (gcc?) or are there other issues. The reason I'm asking is I'm currently doing a MSc degree

On torsdag 13 september 2018 kl. 12:58:03 EEST George Dunlap wrote: > Dag, > Just verified after a lengthy compilation of the kernel that the patch really works and now I can see a TPM on the virtual side! > Thanks for tracking this down. Any chance you could send a PR to > https://github.com/CentOS-virt7/xen-kernel? I will definitely join that mailing list. Have a feeling this is

On onsdag 29 augusti 2018 kl. 17:39:18 EEST Stephen John Smoogen wrote: > On Wed, 29 Aug 2018 at 10:25, Dag Nygren <dag at newtech.fi> wrote: > > Anyone here with an experience in transitioning QEMU -> XEN ? > http://www.cse.psu.edu/~pdm12/cse544/slides/cse544-schiffman-vTPM.pdf goes > through some of the problems. Yes, I had a look at that earlier and it seems XEN has

Hi again! Succeeded in creating vtpmmgr-stubdom.gz from the source RPM with some shortcuts. ow the next problem seems to be that the libvirt we have will not support the XEN vtpm:s For example: virsh dumpxml <vm-machine> will not contain any info on the vtpm :-( Am I really the first one around with a need for TPM support in the VM:s ?? Best Dag

Hi all, has anyone here experience with storing BitLocker and TPM data in AD DS on Samba? I have stumbled across this Microsoft page ( https://docs.microsoft.com/en-us/previous-versions/windows/it-pro/windows-8.1-and-8/jj635854%28v%3dws.11%29) stating that Windows 2008 R2 needs a schema extension to handle this. Since this is not listed as a safe update in the wiki (

On Thu, Feb 21, 2019 at 06:14:02PM -0800, David Tolnay wrote: > Add a config TCG_VIRTIO_VTPM which enables a driver providing the guest > kernel side of TPM over virtio. > > Use case: TPM support is needed for performing trusted work from within > a virtual machine launched by Chrome OS. > > Tested inside crosvm, the Chrome OS virtual machine monitor. Crosvm's >

On Fri, Feb 22, 2019 at 12:26:10PM +0200, Jarkko Sakkinen wrote: > On Thu, Feb 21, 2019 at 06:14:02PM -0800, David Tolnay wrote: > > Add a config TCG_VIRTIO_VTPM which enables a driver providing the guest > > kernel side of TPM over virtio. > > > > Use case: TPM support is needed for performing trusted work from within > > a virtual machine launched by Chrome OS.

On 08/29/2018 07:38 AM, Dag Nygren wrote: > On onsdag 29 augusti 2018 kl. 10:00:39 EEST Sandro Bonazzola wrote: >> 2018-08-28 13:52 GMT+02:00 Dag Nygren <dag at newtech.fi>: >> >>> We have a desperate need for TPM support and: >>> >>> 1. Tried the "standard" distro install. linvirt supports >>> TPM passthrough but kvm-qemu

Hi, I am currently running a Debian lenny on top of a Ubuntu 9.04 dom0. (Xen version is 3.4) Now I want to test some tpm functions in the domU, but I am having troubles reaching the TPM. To do so, I am following the tutorial here : https://www.grounation.org/index.php?post/2008/07/04/8-how-to-use-a-tpm-with-linux I have already used this tutorial on a non-virtualised machine, and even on my

Hi everyone, I am using Xen 3.2.1 with the vtpm-12-patch.diff patch posted in [0]. My TPM is an Infineon 1.2. In total I have got three different questions: 1. NVM loading problem at VM creation When I am creating a VM the last few lines of the vtpm_manager output are: TPMD[245]: tpm/tpm_startup.c:45: Info: TPM_Startup(1) Loading NVM. Sending LoadNVM command ERROR[VTPM]: Failed to load