[Qemu-devel] TPM passthrough yet Windows 10 advises no compatible TPM fo

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] TPM passthrough yet Windows 10 advises no compatible TPM fo

From:	Kelvin Middleton
Subject:	[Qemu-devel] TPM passthrough yet Windows 10 advises no compatible TPM found?
Date:	Sun, 21 Aug 2016 20:53:09 +0100

Hi all, I can (successfully) passthrough my TPM i.e. Windows 10 reports the
device under security in device manager, the driver etc all loads fine,
however TPM Administrator within Windows advises no compatible TPM devices
can be found?

Host: Ubuntu 16.04, libvirt 1.3.1, qemu 2.5 (ubuntu stock) AND qemu 2.6.1
(tarball) + latest git
Hardware: ASRock Z97 Extreme6 with ASRock TPM v1.2 module

Have proven the hardware booting directly into Win 10 Pro on bare metal
which reports the TPM module as described above as well as opening the TPM
Administrator panel and allowing me to take ownership & clear the TPM etc.
I've also passed the tpm through to a linux guest and successfully used
tpm_nvinfo,

Using Ubuntu 16.04 on bare metal with kvm and qemu I've tried combinations
of seabios, ovmf, q35 and i440fx but all result in the same
condition...Win10 reports the TPM their with the driver successfully loaded
but the TPM Administrator snap-in within Win10 advises there is no
compatible TPM found.  I've also tested this with a Fedora 24 host but this
has the same problem also.

I noted that stock binaries in Ubuntu 16.04 suffer a known bug in qemu 2.5
that prevents the TPM module driver loading successfully (verified via this
fedora thread https://bugzilla.redhat.com/show_bug.cgi?id=1281413), hence I
grabbed the qemu 2.6.1 tarball and built this which does allow the TPM
driver in the Windows guest to load.  I've also cloned the git repo today
and built that with the same outcome.

The qemu cmdline i'm running as root is (for q35 with OVMF)...

qemu-system-x86_64 \
-enable-kvm \
-machine q35 \
-cpu host \
-m 4096 \
-smp 4,sockets=1,cores=2,threads=2 \
-drive file=/usr/share/OVMF/OVMF_CODE.fd,if=pflash,format=raw,unit=0,readonly=on
\
-drive 
file=/var/lib/libvirt/qemu/nvram/generic_VARS.fd,if=pflash,format=raw,unit=1
\
-device i82801b11-bridge,id=pci.1,bus=pcie.0,addr=0x1e -device
pci-bridge,chassis_nr=2,id=pci.2,bus=pci.1,addr=0x1 \
-device nec-usb-xhci,id=usb,bus=pci.2,addr=0x2 \
-drive 
file=/mnt/share/vms/generic.qcow2,format=qcow2,if=none,id=drive-virtio-disk0
\
-device virtio-blk-pci,scsi=off,bus=pci.2,addr=0x3,drive=drive-
virtio-disk0,id=virtio-disk0,bootindex=2 \
-tpmdev 
passthrough,id=tpm-tpm0,path=/dev/tpm0,cancel-path=/sys/class/tpm/tpm0/device/cancel
\
-device tpm-tis,tpmdev=tpm-tpm0,id=tpm0

The guest is a clean Win10 Pro install specifically for TPM
testing/proving.  I'd really appreciate any pointers and guidance or
keywords to research as I've burnt several hours now to no avail.

Kind regards,

Kelvin

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] TPM passthrough yet Windows 10 advises no compatible TPM found?, Kelvin Middleton <=

Prev by Date: Re: [Qemu-devel] [PATCH 0/6] hypertrace: Lightweight guest-to-QEMU trace channel
Next by Date: [Qemu-devel] [PATCH 0/6] Recovery from network failure during Postcopy Migration
Previous by thread: [Qemu-devel] [PATCH v2 1/1] qapi/block-core: add doc describing GlusterServer vs. SocketAddress
Next by thread: [Qemu-devel] [PATCH 0/6] Recovery from network failure during Postcopy Migration
Index(es):
- Date
- Thread