Add support for TPM
Bug #1963088 reported by
Dimitri John Ledkov
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
linux-kvm (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Medium
|
Dimitri John Ledkov |
Bug Description
LXD, libvirt, openstack support launching qemu-kvm instances with TIS and CRB tpm's passed through from the host.
linux-kvm currently is configured without TCG_TPM meaning it doesn't allow loading TPM modules, nor does it support exposing measurements, and thus allowing to use TPM backed FDE.
Update config to enable TCG_TPM and compile TIS and CRB tpm's as modules. This still keeps linux-kvm fairly minimal in size, and yet able to support modern measured boot.
CVE References
Changed in linux-kvm (Ubuntu Jammy): | |
assignee: | nobody → Dimitri John Ledkov (xnox) |
importance: | Undecided → Medium |
status: | New → In Progress |
Changed in linux-kvm (Ubuntu): | |
status: | In Progress → Invalid |
Changed in linux-kvm (Ubuntu Jammy): | |
status: | In Progress → Fix Committed |
To post a comment you must log in.
https:/ /lists. ubuntu. com/archives/ kernel- team/2022- March/128510. html