Hi again!
Succeeded in creating vtpmmgr-stubdom.gz from the source RPM with some shortcuts.
ow the next problem seems to be that the libvirt we have will not support the XEN vtpm:s
For example: virsh dumpxml <vm-machine>
will not contain any info on the vtpm :-(
Am I really the first one around with a need for TPM support in the VM:s ??
Best Dag
On Tue, Sep 11, 2018 at 4:16 PM Dag Nygren dag@newtech.fi wrote:
Hi again!
Succeeded in creating vtpmmgr-stubdom.gz from the source RPM with some shortcuts.
ow the next problem seems to be that the libvirt we have will not support the XEN vtpm:s
For example: virsh dumpxml <vm-machine>
will not contain any info on the vtpm :-(
Am I really the first one around with a need for TPM support in the VM:s ??
Almost certainly the first Virt SIG user to try it. :-)
4 years ago, I don't think any of the big enterprises contributing to Xen (Citrix, SuSE, Oracle) cared about vTPMs; only niche players like the NSA, who typically downloaded and ran things themselves. (This is probably why vTPM is disabled in RH's KVM.)
This will be changing in the future, as Windows requires vTPM (version 2 in fact) for some features, so that's in the process of being implemented. It will take a bit for that to make its way into upstream however.
In the mean time, you can probably get much better technical answers to your questions by asking on the xen-devel mailing list; and if you manage to improve the CentOS vTPM support, please consider feeding your changes back by sending pull requests to https://github.com/CentOS-virt7/xen .
Peace, -George
PLEASE REMOVE MY USERID FROM THE NEWSGROUP
On Thursday, September 13, 2018 6:14 AM, George Dunlap dunlapg@umich.edu wrote:
On Tue, Sep 11, 2018 at 4:16 PM Dag Nygren dag@newtech.fi wrote:
Hi again!
Succeeded in creating vtpmmgr-stubdom.gz from the source RPM with some shortcuts.
ow the next problem seems to be that the libvirt we have will not support the XEN vtpm:s
For example: virsh dumpxml <vm-machine>
will not contain any info on the vtpm :-(
Am I really the first one around with a need for TPM support in the VM:s ??
Almost certainly the first Virt SIG user to try it. :-)
4 years ago, I don't think any of the big enterprises contributing to Xen (Citrix, SuSE, Oracle) cared about vTPMs; only niche players like the NSA, who typically downloaded and ran things themselves. (This is probably why vTPM is disabled in RH's KVM.)
This will be changing in the future, as Windows requires vTPM (version 2 in fact) for some features, so that's in the process of being implemented. It will take a bit for that to make its way into upstream however.
In the mean time, you can probably get much better technical answers to your questions by asking on the xen-devel mailing list; and if you manage to improve the CentOS vTPM support, please consider feeding your changes back by sending pull requests to https://github.com/CentOS-virt7/xen .
Peace, -George _______________________________________________ CentOS-virt mailing list CentOS-virt@centos.org https://lists.centos.org/mailman/listinfo/centos-virt