[CentOS-virt] virsh support for TPM?

George Dunlap

dunlapg at umich.edu
Thu Sep 13 10:14:38 UTC 2018

On Tue, Sep 11, 2018 at 4:16 PM Dag Nygren <dag at newtech.fi> wrote:
> Hi again!
> Succeeded in creating vtpmmgr-stubdom.gz from
> the source RPM with some shortcuts.
> ow the next problem seems to be that the
> libvirt we have will not support the XEN vtpm:s
> For example:
> virsh dumpxml <vm-machine>
> will not contain any info on the vtpm :-(
> Am I really the first one around with a need for
> TPM support in the VM:s ??

Almost certainly the first Virt SIG user to try it. :-)

4 years ago, I don't think any of the big enterprises contributing to
Xen (Citrix, SuSE, Oracle) cared about vTPMs; only niche players like
the NSA, who typically downloaded and ran things themselves.  (This is
probably why vTPM is disabled in RH's KVM.)

This will be changing in the future, as Windows requires vTPM (version
2 in fact) for some features, so that's in the process of being
implemented.  It will take a bit for that to make its way into
upstream however.

In the mean time, you can probably get much better technical answers
to your questions by asking on the xen-devel mailing list; and if you
manage to improve the CentOS vTPM support, please consider feeding
your changes back by sending pull requests to
https://github.com/CentOS-virt7/xen .


More information about the CentOS-virt mailing list