Re: [libvirt] [PATCH v5 00/20] Add support for vTPM state encryption

18 Jul 2019

      On 7/12/19 12:23 PM, Stefan Berger wrote:
...
This series of patches addresses the RFE in BZ 172830:
https://bugzilla.redhat.com/show_bug.cgi?id=1728030
This series of patches adds support for vTPM state encryption by passing
the read-end of a pipe's file descriptor to 'swtpm_setup' and 'swtpm'
where they can read a passphrase from and derive a key from that passphrase.
The TPM's domain XML looks to enable state encryption looks like this:
<tpm model='tpm-tis'>
       <backend type='emulator' version='1.2'>
         <encryption secret='2c9ceaba-c6ef-4f38-86fd-6e3adb2df5cd'/>
       </backend>
     </tpm>
Hi Daniel,

   I adapted this now to what you suggested. Can you have a look ?

Stefan