Bug 2109568

Summary: Not able to install windows 11 OS with vTPM in spec (RHEL 8.7) [rhel-8.6.0.z]
Product: Red Hat Enterprise Linux 8 Reporter: RHEL Program Management Team <pgm-rhel-tools>
Component: swtpmAssignee: Marc-Andre Lureau <marcandre.lureau>
Status: CLOSED ERRATA QA Contact: Qinghua Cheng <qcheng>
Severity: high Docs Contact:
Priority: high    
Version: 8.7CC: ailan, berrange, coli, fdeutsch, jinzhao, jlejosne, juzhang, kkiwi, lmen, marcandre.lureau, mdean, mkedzier, mtessun, mzamazal, qizhu, ssorce, stefanb, yanqzhan, ycui, ymankad
Target Milestone: rcKeywords: Triaged, ZStream
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: swtpm-0.7.0-2.20211109gitb79fd91.module+el8.6.0+16063+4f97a3ff Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2097947 Environment:
Last Closed: 2022-09-13 09:46:36 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 2097947    
Bug Blocks:    

Comment 3 Yanqiu Zhang 2022-08-02 14:43:23 UTC 
Verified for linux guest with:
libvirt-8.0.0-5.3.module+el8.6.0+16162+08e7975b.x86_64
qemu-kvm-6.2.0-11.module+el8.6.0+15668+464a1f31.2.x86_64
swtpm-0.7.0-3.20211109gitb79fd91.module+el8.6.0+16156+d5629340.x86_64
libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f.x86_64
edk2-ovmf-20220126gitbb1bba3d77-2.el8.noarch

# fips-mode-setup  --check
FIPS mode is enabled.

    <tpm model='tpm-crb'>
      <backend type='emulator' version='2.0'>
      </backend>
    </tpm>

# virsh start avocado-vt-vm1
Domain 'avocado-vt-vm1' started

# cat /var/log/swtpm/libvirt/qemu/avocado-vt-vm1-swtpm.log 
Starting vTPM manufacturing as tss:tss @ Tue 02 Aug 2022 06:08:24 AM EDT
...
Successfully authored TPM state.
Ending vTPM manufacturing @ Tue 02 Aug 2022 06:08:25 AM EDT
Warning: Disabled OpenSSL FIPS mode

And regression test of vtpm auto cases passed on this host.
Comment 4 Qinghua Cheng 2022-08-08 07:23:39 UTC 
Verified with windows guest:

rhel 8.6 
kernel: 4.18.0-372.19.1.el8_6.x86_64
qemu-kvm: qemu-kvm-6.2.0-11.module+el8.6.0+15668+464a1f31.2.x86_64
swtpm-0.7.0-3.20211109gitb79fd91.module+el8.6.0+16156+d5629340.x86_64
libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+14480+c0a3aa0f.x86_64
edk2-ovmf-20220126gitbb1bba3d77-2.el8.noarch

# fips-mode-setup  --check
FIPS mode is enabled.

Windows 11 guest installed and work normally.

vtpm regression test pass. No new issue found.
Comment 8 errata-xmlrpc 2022-09-13 09:46:36 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (virt:rhel and virt-devel:rhel bug fix and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:6446