[pve-devel] applied: [RFC v2 edk2-firmware 1/4] enable TPM and TPM2 support

On 23.09.21 16:54, Stefan Reiter wrote: > Necessary for an OS to use a TPM attached to a OVMF VM. > > Signed-off-by: Stefan Reiter > --- > debian/rules | 4 > 1 file changed, 4 insertions(+) > > applied, thanks! ___ pve-devel mailing list pve-

[pve-devel] [RFC v2 qemu-server 3/4] fix #3075: add TPM v1.2 and v2.0 support via swtpm

Starts an instance of swtpm per VM in it's systemd scope, it will terminate by itself if the VM exits, or be terminated manually if startup fails. Before first use, a TPM state is created via swtpm_setup. State is stored in a 'tpmstate0' volume, treated much the same way as an efidisk. It is migr

[pve-devel] [RFC v2 edk2-firmware 1/4] enable TPM and TPM2 support

Necessary for an OS to use a TPM attached to a OVMF VM. Signed-off-by: Stefan Reiter --- debian/rules | 4 1 file changed, 4 insertions(+) diff --git a/debian/rules b/debian/rules index fb85b29..ece77be 100755 --- a/debian/rules +++ b/debian/rules @@ -54,6 +54,8 @@ build-ovmf: setup-build

[pve-devel] [RFC v2 manager 4/4] ui: add support for adding TPM devices

Inspired by HDEfi for efidisks. Extends the DiskStorageSelector to allow hiding the format, since tpmstate can only be stored in 'raw' format (even on directory storages). Signed-off-by: Stefan Reiter --- www/manager6/Makefile| 1 + www/manager6/Utils.js|

[pve-devel] [RFC v2 0/4] Initial TPM support for VMs

Makes Windows 11 (test build) happy: https://i.imgur.com/kZ0Mpnr.jpeg Tested under Linux as well, works with (updated) OVMF and SeaBIOS, though SeaBIOS requires clearing via the BIOS setup screen and may not support all features it seems (e.g. Windows shows the TPM, but doesn't allow BitLocker, pr

[pve-devel] [RFC v2 storage 2/4] import: don't check for 1K aligned size

TPM state disks on directory storages may have completely unaligned sizes, this check doesn't make sense for them. This appears to just be a (weak) safeguard and not serve an actual functional purpose, so simply get rid of it to allow migration of TPM state. Signed-off-by: Stefan Reiter --- PVE

[pve-devel] applied: [PATCH v2 docs] pct: clarify simple restore mode default 'local' storage

with a small follow-up. On September 22, 2021 1:12 pm, Oguz Bektas wrote: > "default local storage" is confusing without the backticks. reword the > sentences to make it clearer about `storage` parameter usage. > > Signed-off-by: Oguz Bektas > --- > pct.adoc | 4 ++-- > 1 file changed, 2 insert

[pve-devel] [PATCH pve-kernel-meta] proxmox-boot: fix #3632 copy kernel+initrd unconditionally

do not use the -u (update) flag when copying kernel images and inird from /boot to the ESPs: * the ESPs are formatted with vfat, which has a 2 second precision for mtime (`linux/fs/fat/misc.c` - `fat_truncate_time`) * cp -u compares the mtimes of source (kernel image in /boot not on vfat) and d