Testing with nested virt and emulated TPM

linuxboot / heads

A minimal Linux that runs as a coreboot or LinuxBoot ROM payload to provide a secure, flexible boot environment for laptops, workstations and servers.

https://osresearch.net/

GNU General Public License v2.0

1.42k stars 187 forks source link

Testing with nested virt and emulated TPM #86

Closed drvdevd closed 7 months ago

drvdevd commented 7 years ago

Has any attempt been made to do this: test heads in KVM with nested virt and an emulated TPM?

Not sure if this has landed in QEMU/KVM yet, but I will research and update this issue. Some more background:

http://wiki.qemu.org/Features/TPM

drvdevd commented 7 years ago

Ok, it would appear Stefan Berger has open sourced at least some part of a qemu fork with TPM support:

https://github.com/stefanberger/qemu-tpm/commits/v2.8.0%2Btpm

I will give this a try and report back.

osresearch commented 7 years ago

I've had trouble starting Xen under Qemu (it starts up, but triple faults when starting the dom0 kernel?) and haven't debugged the nested virtualization yet. If you get it working, I'd be eager to know what needs to be done.

tlaurion commented 5 years ago

@drvdevd any updates on this?

tlaurion commented 7 months ago

qemu-coreboot-* boards do exacrly that, where nested virt is not happened under xen. But qemu tcg works.