[CentOS-virt] TPM

Fri Aug 31 08:41:22 UTC 2018
Dag Nygren <dag at newtech.fi>

On onsdag 29 augusti 2018 kl. 15:46:54 EEST Dag Nygren wrote:
> On onsdag 29 augusti 2018 kl. 15:37:47 EEST Alvin Starr wrote:

> > You could try using Xen.
> > A quick search implies that Xen from 4.3 onward will virtualize TPM.
> > I am not sure if the libvirt drivers for xen will support the feature 
> > but some work around may be possible.
> Thanks! Seems to be exactly what is needed.

Had a look at this and am still full of questions..

1. the XEN TPM virtualization doesn't seem to support
TPM 2.0 up to the guest - Only down to the HW TPM.
Not entirely a showstopper, but 2.0 was a wish
from the customer...

2. Still investigating the security implications in
  going from QEMU to XEN ...

Appreciate the good advice I have been getting so far!