Re: [CentOS-virt] TPM

On onsdag 29 augusti 2018 kl. 15:46:54 EEST Dag Nygren wrote:

On onsdag 29 augusti 2018 kl. 15:37:47 EEST Alvin Starr wrote:

...

You could try using Xen. A quick search implies that Xen from 4.3 onward will virtualize TPM. I am not sure if the libvirt drivers for xen will support the feature but some work around may be possible.

Thanks! Seems to be exactly what is needed.

Had a look at this and am still full of questions..

1. the XEN TPM virtualization doesn't seem to support TPM 2.0 up to the guest - Only down to the HW TPM. Not entirely a showstopper, but 2.0 was a wish from the customer...

2. Still investigating the security implications in going from QEMU to XEN ...

Appreciate the good advice I have been getting so far!

Best Dag