Bug List: (4 of 6)
Bug 2097947 - Not able to install windows 11 OS with vTPM in spec (RHEL 8.7)
Summary: Not able to install windows 11 OS with vTPM in spec (RHEL 8.7)
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 8
Classification: Red Hat
Component: swtpm
Version: 8.7
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Marc-Andre Lureau
QA Contact: Qinghua Cheng
URL: https://github.com/stefanberger/libtp...
Whiteboard:
Depends On: 2090219
Blocks: 2089301 2089955 2097939 2109568
TreeView+ depends on / blocked
 
Reported: 2022-06-17 02:58 UTC by Qinghua Cheng
Modified: 2022-11-08 09:46 UTC (History)
20 users (show)

Fixed In Version: 0.7.0-3.20211109gitb79fd91
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 2090219
: 2109568 (view as bug list)
Environment:
Last Closed: 2022-11-08 09:20:10 UTC
Type: Bug
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Issue Tracker RHELPLAN-125548 0 None None None 2022-06-17 03:05:20 UTC
Red Hat Product Errata RHSA-2022:7472 0 None None None 2022-11-08 09:21:14 UTC

Comment 12 Yanqiu Zhang 2022-06-30 14:36:12 UTC 
Verified for linux guest with:
libvirt-8.0.0-8.module+el8.7.0+15648+3854f89a.x86_64
qemu-kvm-6.2.0-16.module+el8.7.0+15743+c774064d.x86_64
swtpm-0.7.0-3.20211109gitb79fd91.module+el8.7.0+15743+c774064d.x86_64
libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+13725+61ae1949.x86_64
edk2-ovmf-20220126gitbb1bba3d77-2.el8.noarch

# fips-mode-setup --check
FIPS mode is enabled.

# virsh start avocado-vt-vm1
Domain 'avocado-vt-vm1' started

# cat /var/log/swtpm/libvirt/qemu/avocado-vt-vm1-swtpm.log
...
Successfully created EK certificate locally.
Successfully created NVRAM area 0x1c00016 for ECC EK certificate.
Successfully activated PCR banks sha256 among sha1,sha256,sha384,sha512.
Successfully authored TPM state.
Ending vTPM manufacturing @ Thu 30 Jun 2022 09:12:43 AM EDT
Warning: Disabled OpenSSL FIPS mode

And regression test of vtpm auto cases passed on this host.
Comment 13 Qinghua Cheng 2022-07-01 01:07:30 UTC 
Verified with Windows guest:
kernel: 4.18.0-402.el8.x86_64
qemu-kvm: qemu-kvm-6.2.0-16.module+el8.7.0+15743+c774064d.x86_64
libtpms: libtpms-0.9.1-0.20211126git1ff6fe1f43.module+el8.6.0+13725+61ae1949.x86_64
swtpm: swtpm-0.7.0-3.20211109gitb79fd91.module+el8.7.0+15743+c774064d.x86_64
edk2: edk2-ovmf-20220126gitbb1bba3d77-2.el8.noarch

# fips-mode-setup --check
FIPS mode is enabled.

Win11 guest installed successfully and vtpm regression test pass.
Comment 16 errata-xmlrpc 2022-11-08 09:20:10 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: virt:rhel and virt-devel:rhel security, bug fix, and enhancement update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2022:7472
Note You need to log in before you can comment on or make changes to this bug.
Bug List: (4 of 6)