Re: Windows 11 VMs
On Sun, 2021-07-18 at 19:38 -0400, Tom Horsley wrote: > The %errorlevel% is 10 which means "I can't do it, waah!" > (or specifically "Conversion failed due to error while applying GPT > layout.") > > So I'll probably just give Windows 11 a pass :-). I'd give it a fail, tell it to go back and repeat the training course. -- uname -rsvp Linux 3.10.0-1160.31.1.el7.x86_64 #1 SMP Thu Jun 10 13:32:12 UTC 2021 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
In other Windows 11 VM news: I experimented with the mbr2gpt tool in Windows 10 to see if it could really switch my KVM to UEFI. The /validate option works fine. It says my disk is good to convert, then the /convert option says: Cannot perform layout conversion. Error: 0x0001 The %errorlevel% is 10 which means "I can't do it, waah!" (or specifically "Conversion failed due to error while applying GPT layout.") So I'll probably just give Windows 11 a pass :-). Used the instructions here: https://www.maketecheasier.com/convert-legacy-bios-uefi-windows10/ Also found I had to run net user administrator /active:yes before I could follow those instructions. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 15/7/21 16:15, Samuel Sieb wrote: On 7/14/21 4:37 PM, Stephen Morris wrote: On 14/7/21 22:43, Ed Greshko wrote: On 14/07/2021 20:30, Patrick O'Callaghan wrote: On Wed, 2021-07-14 at 21:34 +1000, Stephen Morris wrote: The OS in the VM can't see any of the hardware on the host system unless the VM specifically passes it through. Normally, all "hardware" in the VM is virtual. qemu has an option to add a TPM by either creating a virtual one or passing the hardware one through. I have no idea about vmware or virtualbox. I thought that if the tpm is in the cpu as the bios in my motherboard is indicating, whether the vm supported adding the hardware tpm as a device or not, because the vm has access to the cpu, the tpm would then be automatically available to the vm. None of your hardware is automatically available. The virtual CPU may not even be the same as the real one. That's for sure. My VM's think they have Intel i7 CPU's while my host system is actually i5. If I look at /proc/cpuinfo and it lists the 4 cpu's I've given to the vm as being the same name as the physical cpu and that it is an 8 core cpu in the modelname section and in the vendorid section is says it is an AuthenticAMD, isn't that telling me the vm is seeing the physical cpu? Not really. It depends on the VM system, but at least for some, the default is to pass the real CPU's cpuid into the VM's "CPU". The virtual OS is running on the physical CPU (emulation is *SLOW*), but the bits that identify the CPU are special instructions. These are intercepted by the VM and adjusted to give the answers you want. I suspect that the actual extended instructions (like AVX, SSEx, or whatever) would still be usable even if the cpuid was adjusted to exclude them. Found an interesting issue with virtualbox on a Windows 10 host. As the Windows 11 installer I have requires Windows 10 to already be installed, I installed Windows 10 in a virtualbox vm, and with the vm running in the default window mode Windows 11 complained it wasn't an environment where Windows 11 could be installed, but if I switched the vm into fullscreen mode Windows 11 installed quite happily. regards, Steve ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 17, 2021 at 11:03 PM Samuel Sieb wrote: > > > On 2021-07-17 6:01 p.m., mcgarrett wrote: > > > >> On July 16, 2021 at 6:36 AM Patrick O'Callaghan > >> wrote: > >> > >> > >> On Thu, 2021-07-15 at 16:47 -0700, Samuel Sieb wrote: > >>> On 7/15/21 3:47 PM, mcgarrett wrote: > Is there some app that will tell you if your mobo (or cpu) has the > tpm? > >>> > >>> If you're running Linux, you can check with "ls /dev/tpm*" or > >>> "journalctl | grep -i tpm". In Windows, it should be somewhere in > >>> the > >>> device manager. > >> > >> Windows has a command-line utility called "tpm". > >> > >> poc > > > > Tested on almost new computer with OpenSUSE Leap 15-3: > > > > doug@linux1:~> ls /dev/tpm > > ls: cannot access '/dev/tpm': No such file or directory (tried again as > > root--NG.) > > You missed the asterisk. "ls /dev/tpm*" > You're absolutely right. Works fine that way! Doesn't even need root. doug@linux1:~> ls /dev/tpm* /dev/tpm0 /dev/tpmrm0 ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-17 6:01 p.m., mcgarrett wrote: On July 16, 2021 at 6:36 AM Patrick O'Callaghan wrote: On Thu, 2021-07-15 at 16:47 -0700, Samuel Sieb wrote: On 7/15/21 3:47 PM, mcgarrett wrote: Is there some app that will tell you if your mobo (or cpu) has the tpm? If you're running Linux, you can check with "ls /dev/tpm*" or "journalctl | grep -i tpm". In Windows, it should be somewhere in the device manager. Windows has a command-line utility called "tpm". poc Tested on almost new computer with OpenSUSE Leap 15-3: doug@linux1:~> ls /dev/tpm ls: cannot access '/dev/tpm': No such file or directory (tried again as root--NG.) You missed the asterisk. "ls /dev/tpm*" journalctl | grep -i tpm (This command required root permission.) Jul 16 15:00:48 localhost kernel: efi: TPMFinalLog=0x7e3e4000 ACPI 2.0=0x7df3 ACPI=0x7df3 SMBIOS=0x7edc3000 SMBIOS 3.0=0x7edc2000 ESRT=0x79365818 MEMATTR=0x790e2018 MOKvar=0x79089000 RNG=0x7edc4718 TPMEventLog=0x7566b018 Jul 16 15:00:48 localhost kernel: ACPI: TPM2 0x7DF5E678 34 (v04 ALASKA A M I0001 AMI ) I don't know what all this means, but I guess it does indicate TPM presence. WOW! Yes. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 16, 2021 at 6:36 AM Patrick O'Callaghan wrote: > > > On Thu, 2021-07-15 at 16:47 -0700, Samuel Sieb wrote: > > On 7/15/21 3:47 PM, mcgarrett wrote: > > > Is there some app that will tell you if your mobo (or cpu) has the > > > tpm? > > > > If you're running Linux, you can check with "ls /dev/tpm*" or > > "journalctl | grep -i tpm". In Windows, it should be somewhere in > > the > > device manager. > > Windows has a command-line utility called "tpm". > > poc Tested on almost new computer with OpenSUSE Leap 15-3: doug@linux1:~> ls /dev/tpm ls: cannot access '/dev/tpm': No such file or directory (tried again as root--NG.) journalctl | grep -i tpm (This command required root permission.) Jul 16 15:00:48 localhost kernel: efi: TPMFinalLog=0x7e3e4000 ACPI 2.0=0x7df3 ACPI=0x7df3 SMBIOS=0x7edc3000 SMBIOS 3.0=0x7edc2000 ESRT=0x79365818 MEMATTR=0x790e2018 MOKvar=0x79089000 RNG=0x7edc4718 TPMEventLog=0x7566b018 Jul 16 15:00:48 localhost kernel: ACPI: TPM2 0x7DF5E678 34 (v04 ALASKA A M I0001 AMI ) I don't know what all this means, but I guess it does indicate TPM presence. WOW! --doug ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Thu, 2021-07-15 at 16:47 -0700, Samuel Sieb wrote: > On 7/15/21 3:47 PM, mcgarrett wrote: > > Is there some app that will tell you if your mobo (or cpu) has the > > tpm? > > If you're running Linux, you can check with "ls /dev/tpm*" or > "journalctl | grep -i tpm". In Windows, it should be somewhere in > the > device manager. Windows has a command-line utility called "tpm". poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 7/15/21 3:47 PM, mcgarrett wrote: Is there some app that will tell you if your mobo (or cpu) has the tpm? If you're running Linux, you can check with "ls /dev/tpm*" or "journalctl | grep -i tpm". In Windows, it should be somewhere in the device manager. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 14, 2021 at 8:13 PM Chris Adams wrote: > > > Once upon a time, Stephen Morris said: > > I thought the TPM was in the cpu, because someone I work with was > > indicating it was in the cpu, and in my motherboard's bios the > > activation/deactivation of the fTPM is in the cpu configuration > > section. > > There are different implementations of the TPM spec. Both Intel and AMD > have CPU-based versions in more recent models; for AMD, this is called > fTPM. It's also possible to have a discrete TPM module, which a bunch > of motherboards include a header for. > > The rush to buy modules is uninformed; probably a lot of those systems > could just enable the CPU-based TPM in their BIOS. I don't remember > when Intel added it (5 years ago?) and don't know if they added it for > all CPU models or just some. I think AMD added their fTPM when they > introduced socket AM4 (almost 5 years ago). > > I think the advantage of a discrete and socketed module would be that > you can take it with you; either literally (unplug it when you leave the > house for example) or just when you replace the motherboard. > -- > Chris Adams Is there some app that will tell you if your mobo (or cpu) has the tpm? --doug ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 7/14/21 4:37 PM, Stephen Morris wrote: On 14/7/21 22:43, Ed Greshko wrote: On 14/07/2021 20:30, Patrick O'Callaghan wrote: On Wed, 2021-07-14 at 21:34 +1000, Stephen Morris wrote: The OS in the VM can't see any of the hardware on the host system unless the VM specifically passes it through. Normally, all "hardware" in the VM is virtual. qemu has an option to add a TPM by either creating a virtual one or passing the hardware one through. I have no idea about vmware or virtualbox. I thought that if the tpm is in the cpu as the bios in my motherboard is indicating, whether the vm supported adding the hardware tpm as a device or not, because the vm has access to the cpu, the tpm would then be automatically available to the vm. None of your hardware is automatically available. The virtual CPU may not even be the same as the real one. That's for sure. My VM's think they have Intel i7 CPU's while my host system is actually i5. If I look at /proc/cpuinfo and it lists the 4 cpu's I've given to the vm as being the same name as the physical cpu and that it is an 8 core cpu in the modelname section and in the vendorid section is says it is an AuthenticAMD, isn't that telling me the vm is seeing the physical cpu? Not really. It depends on the VM system, but at least for some, the default is to pass the real CPU's cpuid into the VM's "CPU". The virtual OS is running on the physical CPU (emulation is *SLOW*), but the bits that identify the CPU are special instructions. These are intercepted by the VM and adjusted to give the answers you want. I suspect that the actual extended instructions (like AVX, SSEx, or whatever) would still be usable even if the cpuid was adjusted to exclude them. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 15/07/2021 08:44, Tom Horsley wrote: Speaking of Windows 11 requiring UEFI. I found this article that says Windows 10 has tools already shipped with it to convert Windows 10 from BIOS to UEFI: https://www.maketecheasier.com/convert-legacy-bios-uefi-windows10/ I may copy my VM image to a safe backup location and see if I can convert my existing Windows 10 KVM from BIOS to UEFI successfully (and not have Microsoft tell me it breaks my activation for my single PC only OEM Windows version). What do I do to the KVM definition to switch to UEFI? I assume I need to point to a different bios in the xml or something like that? Probably. I have a win10 (bios) and win11 (uefi). Looking at their xml definition. win10 hvm win11 hvm /usr/share/edk2/ovmf/OVMF_CODE.fd /var/lib/libvirt/qemu/nvram/win11_VARS.fd So, I suppose you can use that as I guide. I await the results of your "experiment". :-) :-) -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
Speaking of Windows 11 requiring UEFI. I found this article that says Windows 10 has tools already shipped with it to convert Windows 10 from BIOS to UEFI: https://www.maketecheasier.com/convert-legacy-bios-uefi-windows10/ I may copy my VM image to a safe backup location and see if I can convert my existing Windows 10 KVM from BIOS to UEFI successfully (and not have Microsoft tell me it breaks my activation for my single PC only OEM Windows version). What do I do to the KVM definition to switch to UEFI? I assume I need to point to a different bios in the xml or something like that? ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
Once upon a time, Stephen Morris said: > I thought the TPM was in the cpu, because someone I work with was > indicating it was in the cpu, and in my motherboard's bios the > activation/deactivation of the fTPM is in the cpu configuration > section. There are different implementations of the TPM spec. Both Intel and AMD have CPU-based versions in more recent models; for AMD, this is called fTPM. It's also possible to have a discrete TPM module, which a bunch of motherboards include a header for. The rush to buy modules is uninformed; probably a lot of those systems could just enable the CPU-based TPM in their BIOS. I don't remember when Intel added it (5 years ago?) and don't know if they added it for all CPU models or just some. I think AMD added their fTPM when they introduced socket AM4 (almost 5 years ago). I think the advantage of a discrete and socketed module would be that you can take it with you; either literally (unplug it when you leave the house for example) or just when you replace the motherboard. -- Chris Adams ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 14/7/21 22:43, Ed Greshko wrote: On 14/07/2021 20:30, Patrick O'Callaghan wrote: On Wed, 2021-07-14 at 21:34 +1000, Stephen Morris wrote: The OS in the VM can't see any of the hardware on the host system unless the VM specifically passes it through. Normally, all "hardware" in the VM is virtual. qemu has an option to add a TPM by either creating a virtual one or passing the hardware one through. I have no idea about vmware or virtualbox. I thought that if the tpm is in the cpu as the bios in my motherboard is indicating, whether the vm supported adding the hardware tpm as a device or not, because the vm has access to the cpu, the tpm would then be automatically available to the vm. None of your hardware is automatically available. The virtual CPU may not even be the same as the real one. That's for sure. My VM's think they have Intel i7 CPU's while my host system is actually i5. If I look at /proc/cpuinfo and it lists the 4 cpu's I've given to the vm as being the same name as the physical cpu and that it is an 8 core cpu in the modelname section and in the vendorid section is says it is an AuthenticAMD, isn't that telling me the vm is seeing the physical cpu? regards, Steve ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 15/7/21 04:25, Samuel Sieb wrote: On 7/14/21 4:34 AM, Stephen Morris wrote: I thought that if the tpm is in the cpu as the bios in my motherboard is indicating, whether the vm supported adding the hardware tpm as a device or not, because the vm has access to the cpu, the tpm would then be automatically available to the vm. Unless it's changed recently, the TPM isn't part of the CPU. It's a separate chip on the motherboard or apparently you can get one on an add-on card for computers that don't have one. Although I've heard that because of Windows 11, those cards have become expensive and hard to get. I thought the TPM was in the cpu, because someone I work with was indicating it was in the cpu, and in my motherboard's bios the activation/deactivation of the fTPM is in the cpu configuration section. regards, Steve ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 7/14/21 12:25 PM, Samuel Sieb wrote: Although I've heard that because of Windows 11, those cards have become expensive and hard to get. I doubt that that will last long. Once the early adopters have theirs, the demand will drop, and so will the price. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 7/14/21 4:34 AM, Stephen Morris wrote: I thought that if the tpm is in the cpu as the bios in my motherboard is indicating, whether the vm supported adding the hardware tpm as a device or not, because the vm has access to the cpu, the tpm would then be automatically available to the vm. Unless it's changed recently, the TPM isn't part of the CPU. It's a separate chip on the motherboard or apparently you can get one on an add-on card for computers that don't have one. Although I've heard that because of Windows 11, those cards have become expensive and hard to get. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 14/07/2021 20:30, Patrick O'Callaghan wrote: On Wed, 2021-07-14 at 21:34 +1000, Stephen Morris wrote: The OS in the VM can't see any of the hardware on the host system unless the VM specifically passes it through. Normally, all "hardware" in the VM is virtual. qemu has an option to add a TPM by either creating a virtual one or passing the hardware one through. I have no idea about vmware or virtualbox. I thought that if the tpm is in the cpu as the bios in my motherboard is indicating, whether the vm supported adding the hardware tpm as a device or not, because the vm has access to the cpu, the tpm would then be automatically available to the vm. None of your hardware is automatically available. The virtual CPU may not even be the same as the real one. That's for sure. My VM's think they have Intel i7 CPU's while my host system is actually i5. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Wed, 2021-07-14 at 21:34 +1000, Stephen Morris wrote: > > The OS in the VM can't see any of the hardware on the host system > > unless the VM specifically passes it through. Normally, all > > "hardware" in the VM is virtual. qemu has an option to add a TPM > > by > > either creating a virtual one or passing the hardware one through. > > I > > have no idea about vmware or virtualbox. > I thought that if the tpm is in the cpu as the bios in my motherboard > is > indicating, whether the vm supported adding the hardware tpm as a > device > or not, because the vm has access to the cpu, the tpm would then be > automatically available to the vm. None of your hardware is automatically available. The virtual CPU may not even be the same as the real one. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 14/7/21 10:49, Samuel Sieb wrote: On 7/13/21 4:33 PM, Stephen Morris wrote: I have a question about TPM hardware. Fedora 34 running as an image in a Vmware Player VM on a Windows 10 host reports that I don't have a TPM chip, and with Windows 10 running in a Virtualbox (both these VM' are the free versions of the VM's) VM on the same Windows 10 host when I try to update the image to Windows 11 it says the environment does not meet the install requirements. Vmware Player doesn't support UEFI but Virtualbox does and is active in the VM images. If I try upgrade the native Windows 10 host Windows 11 says it can install on my hardware. The Bios indicates that I have activated fTPM in my AMD Rizen cpu which Windows 11 seems to be finding, are the VM's suppressing the TPM functionality because I need to buy the commercial versions that allow a TPM to be added to the VM's as a device, or is Windows 11 and Fedora 34 not looking for the hardware the right way when running in a VM? The OS in the VM can't see any of the hardware on the host system unless the VM specifically passes it through. Normally, all "hardware" in the VM is virtual. qemu has an option to add a TPM by either creating a virtual one or passing the hardware one through. I have no idea about vmware or virtualbox. I thought that if the tpm is in the cpu as the bios in my motherboard is indicating, whether the vm supported adding the hardware tpm as a device or not, because the vm has access to the cpu, the tpm would then be automatically available to the vm. regards, Steve ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 13, 2021 at 6:59 PM Ed Greshko wrote: > > > On 14/07/2021 06:49, mcgarrett wrote: > >> On July 6, 2021 at 5:29 PM Patrick O'Callaghan > >> wrote: > >> > >> > >> On Tue, 2021-07-06 at 15:01 -0400, mcgarrett wrote: > >>> From the mail, it appears that a software TPM should solve the > >>> problem on older computers, > >>> but it occurs to me that you might not be permitted to install the > >>> software unless > >>> a TPM is found. So, for those who have already tried version 11, has > >>> any one of you > >>> tried installing on an older laptop, and then adding a software TPM, > >>> or is this impossible? --doug > >> As stated earlier, my system doesn´t have a hardware TPM, but adding a > >> software TPM in virt-manager was enough. > >> > >> poc > > Three questions: > > Background: I have Windows 10 on the computer, even tho there are no apps > > on it--I only use Linux. There may someday be a need for Windows? > > Q1: Could you install the win 11 and then add the TPM s/w, or must the TPM > > be on the machine already. > > Q2: If it must be on the machine already, do you install it from a previous > > version of Windows, i.e., Win 10? If not then how? > > Q3: Would you please direct me to the source of the TPM you installed? > > Thank you--doug > > The "software" TPM being talked about is more like TPM emulation. It can be > added to > any VM via virt-manager on the "Hardware" screen and using the button in the > lower left > to add hardware. > > The TPM can be added to any VM. The one caveat is that the VM must have been > created to > boot via UEFI and not BIOS. That option needs to be specified when the VM > was created. > > None of my motherboards have a TPM. So I use the emulation. However, if > you're motherboard does > have a TPM, I believe there is an option when adding TPM to a VM to use "Pass > Thru". > > It isn't possible, AFAIK, to simply change a VM from BIOS to UEFI. > I should apologize! I was thinking of this machine, which is almost new, and probably has the TPM in hardware. It's the laptop that's old, and has Windows 7! Probably just leave it that way. --doug ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 7/13/21 4:33 PM, Stephen Morris wrote: I have a question about TPM hardware. Fedora 34 running as an image in a Vmware Player VM on a Windows 10 host reports that I don't have a TPM chip, and with Windows 10 running in a Virtualbox (both these VM' are the free versions of the VM's) VM on the same Windows 10 host when I try to update the image to Windows 11 it says the environment does not meet the install requirements. Vmware Player doesn't support UEFI but Virtualbox does and is active in the VM images. If I try upgrade the native Windows 10 host Windows 11 says it can install on my hardware. The Bios indicates that I have activated fTPM in my AMD Rizen cpu which Windows 11 seems to be finding, are the VM's suppressing the TPM functionality because I need to buy the commercial versions that allow a TPM to be added to the VM's as a device, or is Windows 11 and Fedora 34 not looking for the hardware the right way when running in a VM? The OS in the VM can't see any of the hardware on the host system unless the VM specifically passes it through. Normally, all "hardware" in the VM is virtual. qemu has an option to add a TPM by either creating a virtual one or passing the hardware one through. I have no idea about vmware or virtualbox. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 14/07/2021 07:33, Stephen Morris wrote: On 14/7/21 08:59, Ed Greshko wrote: On 14/07/2021 06:49, mcgarrett wrote: On July 6, 2021 at 5:29 PM Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 15:01 -0400, mcgarrett wrote: From the mail, it appears that a software TPM should solve the problem on older computers, but it occurs to me that you might not be permitted to install the software unless a TPM is found. So, for those who have already tried version 11, has any one of you tried installing on an older laptop, and then adding a software TPM, or is this impossible? --doug As stated earlier, my system doesn´t have a hardware TPM, but adding a software TPM in virt-manager was enough. poc Three questions: Background: I have Windows 10 on the computer, even tho there are no apps on it--I only use Linux. There may someday be a need for Windows? Q1: Could you install the win 11 and then add the TPM s/w, or must the TPM be on the machine already. Q2: If it must be on the machine already, do you install it from a previous version of Windows, i.e., Win 10? If not then how? Q3: Would you please direct me to the source of the TPM you installed? Thank you--doug The "software" TPM being talked about is more like TPM emulation. It can be added to any VM via virt-manager on the "Hardware" screen and using the button in the lower left to add hardware. The TPM can be added to any VM. The one caveat is that the VM must have been created to boot via UEFI and not BIOS. That option needs to be specified when the VM was created. None of my motherboards have a TPM. So I use the emulation. However, if you're motherboard does have a TPM, I believe there is an option when adding TPM to a VM to use "Pass Thru". It isn't possible, AFAIK, to simply change a VM from BIOS to UEFI. I have a question about TPM hardware. Fedora 34 running as an image in a Vmware Player VM on a Windows 10 host reports that I don't have a TPM chip, and with Windows 10 running in a Virtualbox (both these VM' are the free versions of the VM's) VM on the same Windows 10 host when I try to update the image to Windows 11 it says the environment does not meet the install requirements. Vmware Player doesn't support UEFI but Virtualbox does and is active in the VM images. If I try upgrade the native Windows 10 host Windows 11 says it can install on my hardware. The Bios indicates that I have activated fTPM in my AMD Rizen cpu which Windows 11 seems to be finding, are the VM's suppressing the TPM functionality because I need to buy the commercial versions that allow a TPM to be added to the VM's as a device, or is Windows 11 and Fedora 34 not looking for the hardware the right way when running in a VM? I don't use Vmware or VirtualBox. So, I can't answer this. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 14/07/2021 07:29, Samuel Sieb wrote: On 7/13/21 3:59 PM, Ed Greshko wrote: It isn't possible, AFAIK, to simply change a VM from BIOS to UEFI. I expect you could by editing the XML, but the installed system would need to be adjusted as well, including the hard drive partitioning, so not likely to be worth the effort. Right. It wouldn't be "simple". Much better to just start over. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 14/7/21 08:59, Ed Greshko wrote: On 14/07/2021 06:49, mcgarrett wrote: On July 6, 2021 at 5:29 PM Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 15:01 -0400, mcgarrett wrote: From the mail, it appears that a software TPM should solve the problem on older computers, but it occurs to me that you might not be permitted to install the software unless a TPM is found. So, for those who have already tried version 11, has any one of you tried installing on an older laptop, and then adding a software TPM, or is this impossible? --doug As stated earlier, my system doesn´t have a hardware TPM, but adding a software TPM in virt-manager was enough. poc Three questions: Background: I have Windows 10 on the computer, even tho there are no apps on it--I only use Linux. There may someday be a need for Windows? Q1: Could you install the win 11 and then add the TPM s/w, or must the TPM be on the machine already. Q2: If it must be on the machine already, do you install it from a previous version of Windows, i.e., Win 10? If not then how? Q3: Would you please direct me to the source of the TPM you installed? Thank you--doug The "software" TPM being talked about is more like TPM emulation. It can be added to any VM via virt-manager on the "Hardware" screen and using the button in the lower left to add hardware. The TPM can be added to any VM. The one caveat is that the VM must have been created to boot via UEFI and not BIOS. That option needs to be specified when the VM was created. None of my motherboards have a TPM. So I use the emulation. However, if you're motherboard does have a TPM, I believe there is an option when adding TPM to a VM to use "Pass Thru". It isn't possible, AFAIK, to simply change a VM from BIOS to UEFI. I have a question about TPM hardware. Fedora 34 running as an image in a Vmware Player VM on a Windows 10 host reports that I don't have a TPM chip, and with Windows 10 running in a Virtualbox (both these VM' are the free versions of the VM's) VM on the same Windows 10 host when I try to update the image to Windows 11 it says the environment does not meet the install requirements. Vmware Player doesn't support UEFI but Virtualbox does and is active in the VM images. If I try upgrade the native Windows 10 host Windows 11 says it can install on my hardware. The Bios indicates that I have activated fTPM in my AMD Rizen cpu which Windows 11 seems to be finding, are the VM's suppressing the TPM functionality because I need to buy the commercial versions that allow a TPM to be added to the VM's as a device, or is Windows 11 and Fedora 34 not looking for the hardware the right way when running in a VM? regards, Steve ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 7/13/21 3:59 PM, Ed Greshko wrote: It isn't possible, AFAIK, to simply change a VM from BIOS to UEFI. I expect you could by editing the XML, but the installed system would need to be adjusted as well, including the hard drive partitioning, so not likely to be worth the effort. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 14/07/2021 06:49, mcgarrett wrote: On July 6, 2021 at 5:29 PM Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 15:01 -0400, mcgarrett wrote: From the mail, it appears that a software TPM should solve the problem on older computers, but it occurs to me that you might not be permitted to install the software unless a TPM is found. So, for those who have already tried version 11, has any one of you tried installing on an older laptop, and then adding a software TPM, or is this impossible? --doug As stated earlier, my system doesn´t have a hardware TPM, but adding a software TPM in virt-manager was enough. poc Three questions: Background: I have Windows 10 on the computer, even tho there are no apps on it--I only use Linux. There may someday be a need for Windows? Q1: Could you install the win 11 and then add the TPM s/w, or must the TPM be on the machine already. Q2: If it must be on the machine already, do you install it from a previous version of Windows, i.e., Win 10? If not then how? Q3: Would you please direct me to the source of the TPM you installed? Thank you--doug The "software" TPM being talked about is more like TPM emulation. It can be added to any VM via virt-manager on the "Hardware" screen and using the button in the lower left to add hardware. The TPM can be added to any VM. The one caveat is that the VM must have been created to boot via UEFI and not BIOS. That option needs to be specified when the VM was created. None of my motherboards have a TPM. So I use the emulation. However, if you're motherboard does have a TPM, I believe there is an option when adding TPM to a VM to use "Pass Thru". It isn't possible, AFAIK, to simply change a VM from BIOS to UEFI. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 6, 2021 at 5:29 PM Patrick O'Callaghan wrote: > > > On Tue, 2021-07-06 at 15:01 -0400, mcgarrett wrote: > > From the mail, it appears that a software TPM should solve the > > problem on older computers, > > but it occurs to me that you might not be permitted to install the > > software unless > > a TPM is found. So, for those who have already tried version 11, has > > any one of you > > tried installing on an older laptop, and then adding a software TPM, > > or is this impossible? --doug > > As stated earlier, my system doesn´t have a hardware TPM, but adding a > software TPM in virt-manager was enough. > > poc Three questions: Background: I have Windows 10 on the computer, even tho there are no apps on it--I only use Linux. There may someday be a need for Windows? Q1: Could you install the win 11 and then add the TPM s/w, or must the TPM be on the machine already. Q2: If it must be on the machine already, do you install it from a previous version of Windows, i.e., Win 10? If not then how? Q3: Would you please direct me to the source of the TPM you installed? Thank you--doug ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
RE: Windows 11 VMs
See below -Original Message- From: Ed Greshko Sent: Tuesday, July 6, 2021 2:23 PM To: users@lists.fedoraproject.org Subject: Re: Windows 11 VMs On 06/07/2021 20:08, Patrick O'Callaghan wrote: > It's annoying when banks decide to "improve" security by requiring > their customers to use a specific platform rather than a general > standard. All banks here use smartcards but the personal terminal is > just an offline card reader with a display. It is only the Post Office Bank here that requires the Smart Card Reader. The Post Office also sells the a reader to make things "easier". I suspect they take a piece of the action. :-) :-) -- Remind me to ignore comments which aren't germane to the thread. ___ Smartcard readers are tricky beasts. The type-2 and type-3 (pinpad-readers) are the worst. I know Vasco distributes them through the banking-channels. Dit bericht kan informatie bevatten die niet voor u is bestemd. Indien u niet de geadresseerde bent of dit bericht abusievelijk aan u is toegezonden, wordt u verzocht dat aan de afzender te melden en het bericht te verwijderen. De Staat aanvaardt geen aansprakelijkheid voor schade, van welke aard ook, die verband houdt met risico's verbonden aan het elektronisch verzenden van berichten. This message may contain information that is not intended for you. If you are not the addressee or if this message was sent to you by mistake, you are requested to inform the sender and delete the message. The State accepts no liability for damage of any kind resulting from the risks inherent in the electronic transmission of messages. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-06 2:42 a.m., Stephen Morris wrote: From the screenshot in the attachment I assume it is telling me that under Windows 10 it is finding a tpm, is that correct? That is correct. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 07/07/2021 05:27, Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 22:19 +0800, Ed Greshko wrote: On 06/07/2021 20:40, Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 20:22 +0800, Ed Greshko wrote: On 06/07/2021 20:08, Patrick O'Callaghan wrote: It's annoying when banks decide to "improve" security by requiring their customers to use a specific platform rather than a general standard. All banks here use smartcards but the personal terminal is just an offline card reader with a display. It is only the Post Office Bank here that requires the Smart Card Reader. The Post Office also sells the a reader to make things "easier". I suspect they take a piece of the action. :-) :-) And require a Windows machine to use it? Personally. I'd look for a different bank. Here the bank just gives you the card reader when you open an account. We have accounts at other banks. But the P O account is tied into paying house taxes, electric bill, gas bill and others. Too much of a pain to change. Getting way off-topic here, but in the UK you can switch bank accounts for all such payments (direct debits) in a single operation. The two banks coordinate the handover between themselves. Takes a few days but is no more complicated than changing your phone service provider. I did it a couple of years ago and as I recall didn´t need to contact any of the payees myself. You are 100% right about being OT. And I violate my own rules again. I'll just leave you with "Don't Get Me Started on Banks in Taiwan"!!! And especially "Don't get me stated on Banks in Taiwan and their treatment of non-citizens". -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Tue, 2021-07-06 at 22:19 +0800, Ed Greshko wrote: > On 06/07/2021 20:40, Patrick O'Callaghan wrote: > > On Tue, 2021-07-06 at 20:22 +0800, Ed Greshko wrote: > > > On 06/07/2021 20:08, Patrick O'Callaghan wrote: > > > > It's annoying when banks decide to "improve" security by > > > > requiring > > > > their customers to use a specific platform rather than a > > > > general > > > > standard. All banks here use smartcards but the personal > > > > terminal > > > > is > > > > just an offline card reader with a display. > > > It is only the Post Office Bank here that requires the Smart Card > > > Reader. The Post Office > > > also sells the a reader to make things "easier". I suspect they > > > take > > > a piece of the action. > > > :-) :-) > > And require a Windows machine to use it? Personally. I'd look for a > > different bank. Here the bank just gives you the card reader when > > you > > open an account. > > We have accounts at other banks. But the P O account is tied into > paying house taxes, > electric bill, gas bill and others. Too much of a pain to change. Getting way off-topic here, but in the UK you can switch bank accounts for all such payments (direct debits) in a single operation. The two banks coordinate the handover between themselves. Takes a few days but is no more complicated than changing your phone service provider. I did it a couple of years ago and as I recall didn´t need to contact any of the payees myself. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Tue, 2021-07-06 at 15:01 -0400, mcgarrett wrote: > From the mail, it appears that a software TPM should solve the > problem on older computers, > but it occurs to me that you might not be permitted to install the > software unless > a TPM is found. So, for those who have already tried version 11, has > any one of you > tried installing on an older laptop, and then adding a software TPM, > or is this impossible? --doug As stated earlier, my system doesn´t have a hardware TPM, but adding a software TPM in virt-manager was enough. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 6, 2021 at 1:34 AM "Stephen J. Turnbull" wrote: > > > Tim writes: > > > I reckon the default thought of most people who're suddenly faced with > > a computer failing a security test is not going to be that something > > has changed on them without authority, but that something has gone > > wrong. They're going to try and reset something, rather than work out > > if they've been compromised. > > Indeed. Pragmatically speaking, I don't think they're wrong, do you? > > Patrick writes: > > > I think much depends on what the TPM is used for. Certainly if the > > user takes care not to subvert the intention, it can reasonably be > > used to ensure that only trusted software is run. > > "Pragmatically speaking ..." ;-) Seriously, I think TPM mostly makes > sense with VMs. People who write programs are generally going to be > very unhappy with the amount of kissing up to the TPM they have to do. > Like, on Mac every time LLVM releases a new version of the debugger I > have to go through the self-signing dance. So far I have been > satisfied with the results every time (there really are new features > or performance improvements), but it's infrequent enough that I have > no memory of the procedure, let alone muscle memory. > > > OTOH, I think one application of TPM (at least when originally > > proposed) was to prevent the user from bypassing DRM, in which case > > the trust goes in the other direction and the situation is > > different. > > Yeah, there was a *lot* of angst about potential DRM applications at > the time. I'm willing to bet it's possible to distinguish a hardware > TPM from a software TPM for that application, though. I didn't look > hard enough to see if the Xen folk had proposed a protocol to get a > token from the hardware TPM to vouch for a VM in that case. > > Steve From the mail, it appears that a software TPM should solve the problem on older computers, but it occurs to me that you might not be permitted to install the software unless a TPM is found. So, for those who have already tried version 11, has any one of you tried installing on an older laptop, and then adding a software TPM, or is this impossible? --doug ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
Tim, with mangled quoting by crapmail programs, come on you've had decades to get this shit right: > > I reckon the default thought of most people who're suddenly faced > with > > a computer failing a security test is not going to be that > something > > has changed on them without authority, but that something has gone > > wrong. They're going to try and reset something, rather than work > out > > if they've been compromised. Stephen J. Turnbull > Indeed. Pragmatically speaking, I don't think they're wrong, do you? Quite probably it *is* a fault, nine times out of ten (which makes you ignore the time it's really a problem). With badly engineered hardware, software, and stupidly worded error messages, the blame is really not on the user. -- uname -rsvp Linux 3.10.0-1160.31.1.el7.x86_64 #1 SMP Thu Jun 10 13:32:12 UTC 2021 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 06/07/2021 20:40, Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 20:22 +0800, Ed Greshko wrote: On 06/07/2021 20:08, Patrick O'Callaghan wrote: It's annoying when banks decide to "improve" security by requiring their customers to use a specific platform rather than a general standard. All banks here use smartcards but the personal terminal is just an offline card reader with a display. It is only the Post Office Bank here that requires the Smart Card Reader. The Post Office also sells the a reader to make things "easier". I suspect they take a piece of the action. :-) :-) And require a Windows machine to use it? Personally. I'd look for a different bank. Here the bank just gives you the card reader when you open an account. We have accounts at other banks. But the P O account is tied into paying house taxes, electric bill, gas bill and others. Too much of a pain to change. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Tue, 2021-07-06 at 20:22 +0800, Ed Greshko wrote: > On 06/07/2021 20:08, Patrick O'Callaghan wrote: > > It's annoying when banks decide to "improve" security by requiring > > their customers to use a specific platform rather than a general > > standard. All banks here use smartcards but the personal terminal > > is > > just an offline card reader with a display. > > It is only the Post Office Bank here that requires the Smart Card > Reader. The Post Office > also sells the a reader to make things "easier". I suspect they take > a piece of the action. > :-) :-) And require a Windows machine to use it? Personally. I'd look for a different bank. Here the bank just gives you the card reader when you open an account. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 06/07/2021 20:08, Patrick O'Callaghan wrote: It's annoying when banks decide to "improve" security by requiring their customers to use a specific platform rather than a general standard. All banks here use smartcards but the personal terminal is just an offline card reader with a display. It is only the Post Office Bank here that requires the Smart Card Reader. The Post Office also sells the a reader to make things "easier". I suspect they take a piece of the action. :-) :-) -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Tue, 2021-07-06 at 19:21 +0800, Ed Greshko wrote: > On 06/07/2021 18:56, Patrick O'Callaghan wrote: > > On Tue, 2021-07-06 at 14:34 +0900, Stephen J. Turnbull wrote: > > > Patrick writes: > > > > > > > I think much depends on what the TPM is used for. Certainly > > > if the > > > > user takes care not to subvert the intention, it can > > > reasonably be > > > > used to ensure that only trusted software is run. > > > > > > "Pragmatically speaking ..." ;-) Seriously, I think TPM mostly > > > makes > > > sense with VMs. People who write programs are generally going to > > > be > > > very unhappy with the amount of kissing up to the TPM they have > > > to > > > do. > > > Like, on Mac every time LLVM releases a new version of the > > > debugger I > > > have to go through the self-signing dance. So far I have been > > > satisfied with the results every time (there really are new > > > features > > > or performance improvements), but it's infrequent enough that I > > > have > > > no memory of the procedure, let alone muscle memory. > > Indeed. I have no particular interest in TPM as such. My original > > question was aimed at anticipating possible issues with VMs and > > Windows > > 11 if I ever get round to installing it, but that seems to be > > resolved. > > > > Yes, I installed Windows 11 in a VM just fine with an emulated TPM. I > don't actually use > Windows all that much. But, for what I use it Windows 11 does seem > to do it better. > I only use it mainly for the WebATM of the Taiwan Post Office Bank. > In Windows 10 I had to get the > sequence just right for plugging in the USB smart card reader and > inserting my bank > card. > > Still sucks that the Post Office doesn't support Linux. :-( It's annoying when banks decide to "improve" security by requiring their customers to use a specific platform rather than a general standard. All banks here use smartcards but the personal terminal is just an offline card reader with a display. oic ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 06/07/2021 18:56, Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 14:34 +0900, Stephen J. Turnbull wrote: Patrick writes: > I think much depends on what the TPM is used for. Certainly if the > user takes care not to subvert the intention, it can reasonably be > used to ensure that only trusted software is run. "Pragmatically speaking ..." ;-) Seriously, I think TPM mostly makes sense with VMs. People who write programs are generally going to be very unhappy with the amount of kissing up to the TPM they have to do. Like, on Mac every time LLVM releases a new version of the debugger I have to go through the self-signing dance. So far I have been satisfied with the results every time (there really are new features or performance improvements), but it's infrequent enough that I have no memory of the procedure, let alone muscle memory. Indeed. I have no particular interest in TPM as such. My original question was aimed at anticipating possible issues with VMs and Windows 11 if I ever get round to installing it, but that seems to be resolved. Yes, I installed Windows 11 in a VM just fine with an emulated TPM. I don't actually use Windows all that much. But, for what I use it Windows 11 does seem to do it better. I only use it mainly for the WebATM of the Taiwan Post Office Bank. In Windows 10 I had to get the sequence just right for plugging in the USB smart card reader and inserting my bank card. Still sucks that the Post Office doesn't support Linux. :-( -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Tue, 2021-07-06 at 14:34 +0900, Stephen J. Turnbull wrote: > Patrick writes: > > > I think much depends on what the TPM is used for. Certainly if the > > user takes care not to subvert the intention, it can reasonably be > > used to ensure that only trusted software is run. > > "Pragmatically speaking ..." ;-) Seriously, I think TPM mostly makes > sense with VMs. People who write programs are generally going to be > very unhappy with the amount of kissing up to the TPM they have to > do. > Like, on Mac every time LLVM releases a new version of the debugger I > have to go through the self-signing dance. So far I have been > satisfied with the results every time (there really are new features > or performance improvements), but it's infrequent enough that I have > no memory of the procedure, let alone muscle memory. Indeed. I have no particular interest in TPM as such. My original question was aimed at anticipating possible issues with VMs and Windows 11 if I ever get round to installing it, but that seems to be resolved. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 6/7/21 20:33, Patrick O'Callaghan wrote: On Tue, 2021-07-06 at 19:42 +1000, Stephen Morris wrote: Is this directly on the hardware or in a VM? If the former, it would appear to be a bug. If the latter, presumably the VM is emulating the TPM. Windows is Windows 10 and it is native, I boot the machine into Windows 10. Fedora is running inside a Vmware Player Vm hosted on the Windows 10 machine the screenshot is from. That would indicate that the hardware does have TPM but that the VM isn't detecting it, possibly because it hasn't been configured in VMware. In my case the host is Linux and the guest is Windows. The host doesn't have hardware TPM but the guest (using QEMU/KVM) is emulating it. I don't know what the screenshot shows. I don't see anything related to TPM. Sorry, I thought the "TPM Manufacturer Section" of the TPM output was indicating there was a TPM when it indicated the version. Maybe I don't actually have the hardware. regards, Steve poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Tue, 2021-07-06 at 19:42 +1000, Stephen Morris wrote: > > Is this directly on the hardware or in a VM? If the former, it > > would > > appear to be a bug. If the latter, presumably the VM is emulating > > the > > TPM. > Windows is Windows 10 and it is native, I boot the machine into > Windows > 10. Fedora is running inside a Vmware Player Vm hosted on the Windows > 10 > machine the screenshot is from. That would indicate that the hardware does have TPM but that the VM isn't detecting it, possibly because it hasn't been configured in VMware. In my case the host is Linux and the guest is Windows. The host doesn't have hardware TPM but the guest (using QEMU/KVM) is emulating it. I don't know what the screenshot shows. I don't see anything related to TPM. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 6/7/21 00:02, Patrick O'Callaghan wrote: On Mon, 2021-07-05 at 21:42 +1000, Stephen Morris wrote: On 4/7/21 07:16, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 22:05 +0100, Patrick O'Callaghan wrote: Just have to add the tpm device to your vm using virsh. I'll have to give that a try. My Win10 VM doesn't have that device. Oh, I'd never noticed. It is in virt-manager "add hardware" section. You're right. Even better. Just tried it using the default settings and it worked. After booting Windows 10, type 'tpm' into a Windows Shell (admin) instance and it confirms the module exists. Interesting, the windows command you have listed indicates that I have an AMD V2.0 tpm, which I assume is in the ryzen cpu, but Fedora via journalctl | grep -i tpm tells me a tpm doesn't exist. Is this directly on the hardware or in a VM? If the former, it would appear to be a bug. If the latter, presumably the VM is emulating the TPM. Windows is Windows 10 and it is native, I boot the machine into Windows 10. Fedora is running inside a Vmware Player Vm hosted on the Windows 10 machine the screenshot is from. From the screenshot in the attachment I assume it is telling me that under Windows 10 it is finding a tpm, is that correct? regards, Steve poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
Tim writes: > I reckon the default thought of most people who're suddenly faced with > a computer failing a security test is not going to be that something > has changed on them without authority, but that something has gone > wrong. They're going to try and reset something, rather than work out > if they've been compromised. Indeed. Pragmatically speaking, I don't think they're wrong, do you? Patrick writes: > I think much depends on what the TPM is used for. Certainly if the > user takes care not to subvert the intention, it can reasonably be > used to ensure that only trusted software is run. "Pragmatically speaking ..." ;-) Seriously, I think TPM mostly makes sense with VMs. People who write programs are generally going to be very unhappy with the amount of kissing up to the TPM they have to do. Like, on Mac every time LLVM releases a new version of the debugger I have to go through the self-signing dance. So far I have been satisfied with the results every time (there really are new features or performance improvements), but it's infrequent enough that I have no memory of the procedure, let alone muscle memory. > OTOH, I think one application of TPM (at least when originally > proposed) was to prevent the user from bypassing DRM, in which case > the trust goes in the other direction and the situation is > different. Yeah, there was a *lot* of angst about potential DRM applications at the time. I'm willing to bet it's possible to distinguish a hardware TPM from a software TPM for that application, though. I didn't look hard enough to see if the Xen folk had proposed a protocol to get a token from the hardware TPM to vouch for a VM in that case. Steve ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Mon, 2021-07-05 at 21:42 +1000, Stephen Morris wrote: > On 4/7/21 07:16, Patrick O'Callaghan wrote: > > On Sat, 2021-07-03 at 22:05 +0100, Patrick O'Callaghan wrote: > > > > > Just have to add the tpm device to your vm using virsh. > > > > > > > > > > I'll have to give that a try. My Win10 VM doesn't have that > > > > > device. > > > > > > > > > > > > > > Oh, I'd never noticed. It is in virt-manager "add hardware" > > > > section. > > > You're right. Even better. > > Just tried it using the default settings and it worked. After > > booting > > Windows 10, type 'tpm' into a Windows Shell (admin) instance and it > > confirms the module exists. > Interesting, the windows command you have listed indicates that I > have > an AMD V2.0 tpm, which I assume is in the ryzen cpu, but Fedora via > journalctl | grep -i tpm tells me a tpm doesn't exist. Is this directly on the hardware or in a VM? If the former, it would appear to be a bug. If the latter, presumably the VM is emulating the TPM. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 4/7/21 07:16, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 22:05 +0100, Patrick O'Callaghan wrote: Just have to add the tpm device to your vm using virsh. I'll have to give that a try. My Win10 VM doesn't have that device. Oh, I'd never noticed. It is in virt-manager "add hardware" section. You're right. Even better. Just tried it using the default settings and it worked. After booting Windows 10, type 'tpm' into a Windows Shell (admin) instance and it confirms the module exists. Interesting, the windows command you have listed indicates that I have an AMD V2.0 tpm, which I assume is in the ryzen cpu, but Fedora via journalctl | grep -i tpm tells me a tpm doesn't exist. regards, Steve poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Mon, 2021-07-05 at 10:29 +0900, Stephen J. Turnbull wrote: > Patrick O'Callaghan writes: > > > In the case of Windows 11 under a VM, as you say the software TPM > can do > > what it likes. In effect, there is no more guarantee than with a > system > > without a TPM and the message that Windows 11 can only be used > where a TPM > > provides a trust base might give a false sense of security. > > That depends on the implementation of the virtual TPM. Although from > what I'm reading it shouldn't transparently virtualize the hardware > TPM (if present), the hardware TPM can be used to provide a trust > root > for the virtual TPM, which can then attest to the VM. I would assume > that to really trust any system, you'd need to have out-of-band > knowledge of the TPM's identity, whether hardware or software. It's > true that there's more room for malware to wedge itself in in this > setup, but in theory it should work. > I think much depends on what the TPM is used for. Certainly if the user takes care not to subvert the intention, it can reasonably be used to ensure that only trusted software is run. OTOH, I think one application of TPM (at least when originally proposed) was to prevent the user from bypassing DRM, in which case the trust goes in the other direction and the situation is different. > As for "false sense of security", that has been a Microsoft business > model at least since they trumpeted "Orange Book Level C" security > (the highest you can get without physically securing the device) for > Windows NT in the 1990s -- which certification was invalid if you > changed the physical configuration of the device (insert floppy!), > connect to a network, or install software. > > Security is hard, the weakest link is often your personnel, you > shouldn't say you care about security unless you have a specialist > auditing your systems, and any other generic statements about > security are marketing drivel. ;-) Absolutely. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 05/07/2021 07:55, Ed Greshko wrote: On 04/07/2021 05:22, Ed Greshko wrote: On 04/07/2021 05:16, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 22:05 +0100, Patrick O'Callaghan wrote: Just have to add the tpm device to your vm using virsh. I'll have to give that a try. My Win10 VM doesn't have that device. Oh, I'd never noticed. It is in virt-manager "add hardware" section. You're right. Even better. Just tried it using the default settings and it worked. After booting Windows 10, type 'tpm' into a Windows Shell (admin) instance and it confirms the module exists. Same here. I've not installed a Windows machine in several years. I wonder if things have changed since my last install as I would have thought TPM hardware would have been added by default to the hardware. I don't know if my experience mirrors that of others. But I learned the following over the past 2 days. While the TPM module did exist, it was not usable as Bitlocker could not be turned on. I found that in order to have the TPM module available and usable one had to boot in UEFI. My only Win10 VM was BIOS. So, I had to create a new VM using UEFI. I then learned that I could not display to resize. I was stuck at the lowest resolution. I subsequently found out that I needed to download the Latest virtio-win ISO from https://github.com/virtio-win/virtio-win-pkg-scripts/blob/master/README.md and run the script contained within. Other than that, it is all working as it should. And I just installed a Windows 11 system in the same way. All's good. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Mon, 2021-07-05 at 10:29 +0900, Stephen J. Turnbull wrote: > Security is hard, the weakest link is often your personnel, you > shouldn't say you care about security unless you have a specialist > auditing your systems, and any other generic statements about > security are marketing drivel. ;-) I reckon the default thought of most people who're suddenly faced with a computer failing a security test is not going to be that something has changed on them without authority, but that something has gone wrong. They're going to try and reset something, rather than work out if they've been compromised. -- uname -rsvp Linux 3.10.0-1160.31.1.el7.x86_64 #1 SMP Thu Jun 10 13:32:12 UTC 2021 x86_64 Boilerplate: All unexpected mail to my mailbox is automatically deleted. I will only get to see the messages that are posted to the mailing list. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
Patrick O'Callaghan writes: > In the case of Windows 11 under a VM, as you say the software TPM can do > what it likes. In effect, there is no more guarantee than with a system > without a TPM and the message that Windows 11 can only be used where a TPM > provides a trust base might give a false sense of security. That depends on the implementation of the virtual TPM. Although from what I'm reading it shouldn't transparently virtualize the hardware TPM (if present), the hardware TPM can be used to provide a trust root for the virtual TPM, which can then attest to the VM. I would assume that to really trust any system, you'd need to have out-of-band knowledge of the TPM's identity, whether hardware or software. It's true that there's more room for malware to wedge itself in in this setup, but in theory it should work. As for "false sense of security", that has been a Microsoft business model at least since they trumpeted "Orange Book Level C" security (the highest you can get without physically securing the device) for Windows NT in the 1990s -- which certification was invalid if you changed the physical configuration of the device (insert floppy!), connect to a network, or install software. Security is hard, the weakest link is often your personnel, you shouldn't say you care about security unless you have a specialist auditing your systems, and any other generic statements about security are marketing drivel. ;-) Regards, Steve ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 04/07/2021 05:22, Ed Greshko wrote: On 04/07/2021 05:16, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 22:05 +0100, Patrick O'Callaghan wrote: Just have to add the tpm device to your vm using virsh. I'll have to give that a try. My Win10 VM doesn't have that device. Oh, I'd never noticed. It is in virt-manager "add hardware" section. You're right. Even better. Just tried it using the default settings and it worked. After booting Windows 10, type 'tpm' into a Windows Shell (admin) instance and it confirms the module exists. Same here. I've not installed a Windows machine in several years. I wonder if things have changed since my last install as I would have thought TPM hardware would have been added by default to the hardware. I don't know if my experience mirrors that of others. But I learned the following over the past 2 days. While the TPM module did exist, it was not usable as Bitlocker could not be turned on. I found that in order to have the TPM module available and usable one had to boot in UEFI. My only Win10 VM was BIOS. So, I had to create a new VM using UEFI. I then learned that I could not display to resize. I was stuck at the lowest resolution. I subsequently found out that I needed to download the Latest virtio-win ISO from https://github.com/virtio-win/virtio-win-pkg-scripts/blob/master/README.md and run the script contained within. Other than that, it is all working as it should. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 05/07/2021 06:27, Patrick O'Callaghan wrote: On Sun, 2021-07-04 at 10:33 -0700, Samuel Sieb wrote: On 2021-07-04 9:08 a.m., Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 23:09 -0700, Samuel Sieb wrote: My mobo is about 8 years old, so I don't have the hardware, however QEMU/KVM apparently emulates it well enough to fool Windows. Which as I said earlier, makes the whole thing ridiculous. the hardware, if you use a VM, you can fool the OS. Indeed, however as I understand it one supposed purpose of a TPM (among others) is to be able to guarantee that the operating system running on the machine has a solid trust base. Quoting from https://en.wikipedia.org/wiki/Trusted_Platform_Module#TPM_implementations: Software TPMs are software emulators of TPMs that run with no more protection than a regular program gets within an operating system. They depend entirely on the environment that they run in, so they provide no more security than what can be provided by the normal execution environment, and they are vulnerable to their own software bugs and attacks that are penetrating the normal execution environment. In the case of Windows 11 under a VM, as you say the software TPM can do what it likes. In effect, there is no more guarantee than with a system without a TPM and the message that Windows 11 can only be used where a TPM provides a trust base might give a false sense of security. Aren't the terms "Windows" and "Security" oxymoronic? :-) :-) -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sun, 2021-07-04 at 10:33 -0700, Samuel Sieb wrote: > On 2021-07-04 9:08 a.m., Patrick O'Callaghan wrote: > > On Sat, 2021-07-03 at 23:09 -0700, Samuel Sieb wrote: > > My mobo is about 8 years old, so I don't have the hardware, however > > QEMU/KVM apparently emulates it well enough to fool Windows. > > > > Which as I said earlier, makes the whole thing ridiculous. > > the hardware, if you use a VM, you can fool the OS. Indeed, however as I understand it one supposed purpose of a TPM (among others) is to be able to guarantee that the operating system running on the machine has a solid trust base. Quoting from https://en.wikipedia.org/wiki/Trusted_Platform_Module#TPM_implementations: Software TPMs are software emulators of TPMs that run with no more protection than a regular program gets within an operating system. They depend entirely on the environment that they run in, so they provide no more security than what can be provided by the normal execution environment, and they are vulnerable to their own software bugs and attacks that are penetrating the normal execution environment. In the case of Windows 11 under a VM, as you say the software TPM can do what it likes. In effect, there is no more guarantee than with a system without a TPM and the message that Windows 11 can only be used where a TPM provides a trust base might give a false sense of security. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-04 9:08 a.m., Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 23:09 -0700, Samuel Sieb wrote: My mobo is about 8 years old, so I don't have the hardware, however QEMU/KVM apparently emulates it well enough to fool Windows. Which as I said earlier, makes the whole thing ridiculous. Why? If you're running it in a VM, you've made a conscious choice to use the emulated TPM. What is ridiculous about that? No matter what the hardware, if you use a VM, you can fool the OS. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-04 2:58 a.m., Bob Marcan wrote: On Sat, 3 Jul 2021 23:09:20 -0700 Samuel Sieb wrote: Anything made in the last few years should have one. If you're running Linux, you can check with "ls /dev/tpm*" or "journalctl | grep -i tpm". Mine is too old? [~]$ journalctl | grep -i tpm Jun 17 19:54:01 smicro.local.lan kernel: ima: No TPM chip found, activating TPM-bypass! [~]$ sudo lshw Interesting, I thought it was a default thing for computers now. Check your BIOS settings, maybe it's disabled. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 2021-07-03 at 23:09 -0700, Samuel Sieb wrote: > On 2021-07-03 5:14 p.m., mcgarrett wrote: > > > > > On July 3, 2021 at 7:55 PM Tom Horsley > > > wrote: > > > > > > > > > On Sat, 3 Jul 2021 19:46:01 -0400 (EDT) > > > mcgarrett wrote: > > > > > > > What is a TPM, and does it come with the win 11 package, or > > > > must it be obrained elsewhere? > > > > > > It is a piece of hardware that either comes with your motherboard > > > if it is new enough, or you have to add (if it has a header to > > > allow adding) or you can't get at all without buying a new > > > computer. > > > > > > Apparently all the add-in modules for motherboards which were > > > around $15 before Microsoft announced the requirement are all > > > around $150 now on ebay and out of stock everywhere else :-). > > > > I'm glad I don't need Windows for anything! If the upgrade turns > > out to be free, I'll put it on my almost new machine, IF it has the > > TPM. (How would I know?_ ==doug > > Anything made in the last few years should have one. If you're > running > Linux, you can check with "ls /dev/tpm*" or "journalctl | grep -i > tpm". My mobo is about 8 years old, so I don't have the hardware, however QEMU/KVM apparently emulates it well enough to fool Windows. Which as I said earlier, makes the whole thing ridiculous. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 3 Jul 2021 23:09:20 -0700 Samuel Sieb wrote: > On 2021-07-03 5:14 p.m., mcgarrett wrote: > > > >> On July 3, 2021 at 7:55 PM Tom Horsley wrote: > >> > >> > >> On Sat, 3 Jul 2021 19:46:01 -0400 (EDT) > >> mcgarrett wrote: > >> > >>> What is a TPM, and does it come with the win 11 package, or must it be > >>> obrained elsewhere? > >> > >> It is a piece of hardware that either comes with your motherboard > >> if it is new enough, or you have to add (if it has a header to > >> allow adding) or you can't get at all without buying a new computer. > >> > >> Apparently all the add-in modules for motherboards which were > >> around $15 before Microsoft announced the requirement are all > >> around $150 now on ebay and out of stock everywhere else :-). > > > > I'm glad I don't need Windows for anything! If the upgrade turns out to be > > free, I'll put it on my almost new machine, IF it has the TPM. (How would I > > know?_ ==doug > > Anything made in the last few years should have one. If you're running > Linux, you can check with "ls /dev/tpm*" or "journalctl | grep -i tpm". > Mine is too old? [~]$ journalctl | grep -i tpm Jun 17 19:54:01 smicro.local.lan kernel: ima: No TPM chip found, activating TPM-bypass! ... Jun 25 13:42:31 smicro.local.lan kernel: ima: No TPM chip found, activating TPM-bypass! Jun 30 15:14:54 smicro.local.lan dracut[141707]: dracut module 'tpm2-tss' will not be installed, because command 'tpm2' could not be found! Jun 30 15:14:55 smicro.local.lan dracut[141707]: dracut module 'tpm2-tss' will not be installed, because command 'tpm2' could not be found! Jun 30 15:15:16 smicro.local.lan dracut[141707]: -rw-r--r-- 1 root root 6708 Jun 10 17:56 usr/lib/modules/5.12.13-200.fc33.x86_64/kernel/crypto/asymmetric_keys/asym_tpm.ko.xz Jun 30 15:15:16 smicro.local.lan dracut[141707]: -rw-r--r-- 1 root root 2072 Jun 10 17:56 usr/lib/modules/5.12.13-200.fc33.x86_64/kernel/crypto/asymmetric_keys/tpm_key_parser.ko.xz Jun 30 16:57:00 smicro.local.lan kernel: ima: No TPM chip found, activating TPM-bypass! ... Jul 04 10:58:45 smicro.local.lan kernel: ima: No TPM chip found, activating TPM-bypass! [~]$ sudo lshw smicro.local.lan description: Desktop Computer product: MS-7C37 (To be filled by O.E.M.) vendor: Micro-Star International Co., Ltd. version: 3.0 serial: To be filled by O.E.M. width: 64 bits capabilities: smbios-2.8 dmi-2.8 smp vsyscall32 configuration: boot=normal chassis=desktop family=To be filled by O.E.M. sku=To be filled by O.E.M. uuid=24B01ED7-4A68-1996-A90D-2CF05DD19CEE *-core description: Motherboard product: X570-A PRO (MS-7C37) vendor: Micro-Star International Co., Ltd. physical id: 0 version: 3.0 serial: 07C3731_KA1C043394 slot: To be filled by O.E.M. *-firmware description: BIOS vendor: American Megatrends International, LLC. physical id: 0 version: H.C0 date: 01/25/2021 size: 64KiB capacity: 32MiB ... capabilities: pci upgrade shadowing cdboot bootselect socketedrom edd int13floppynec int13floppytoshiba int13floppy360 int13floppy1200 int13floppy720 int13floppy2880 int5printscreen int9keyboard int14serial int17printer int10video acpi usb biosbootspecification uefi *-cpu description: CPU product: AMD Ryzen 5 3400G with Radeon Vega Graphics vendor: Advanced Micro Devices [AMD] physical id: 15 bus info: cpu@0 version: AMD Ryzen 5 3400G with Radeon Vega Graphics serial: Unknown slot: AM4 size: 4014MHz capacity: 4200MHz width: 64 bits clock: 100MHz capabilities: lm fpu fpu_exception wp vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush mmx fxsr sse sse2 ht syscall nx mmxext fxsr_opt pdpe1gb rdtscp x86-64 constant_tsc rep_good nopl nonstop_tsc cpuid extd_apicid aperfmperf pni pclmulqdq monitor ssse3 fma cx16 sse4_1 sse4_2 movbe popcnt aes xsave avx f16c rdrand lahf_lm cmp_legacy svm extapic cr8_legacy abm sse4a misalignsse 3dnowprefetch osvw skinit wdt tce topoext perfctr_core perfctr_nb bpext perfctr_llc mwaitx cpb hw_pstate ssbd ibpb vmmcall fsgsbase bmi1 avx2 smep bmi2 rdseed adx smap clflushopt sha_ni xsaveopt xsavec xgetbv1 xsaves clzero irperf xsaveerptr arat npt lbrv svm_lock nrip_save tsc_scale vmcb_clean flushbyasid decodeassists pausefilter pfthreshold avic v_vmsave_vmload vgif overflow_recov succor smca sme sev sev_es cpufreq configuration: cores=4 enabledcores=4 threads=8 ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines:
Re: Windows 11 VMs
On 7/4/21 12:36 AM, Walter H. via users wrote: On 03.07.2021 23:17, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 13:54 -0700, ToddAndMargo via users wrote: On 7/2/21 9:02 AM, Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? poc Hi Poc, Fedora 34 qemu-kvm-5.2.0-8.fc34.x86_64 I have Windows 11 Version Dev (OS Build 22000.1) running under qemu-kvm. I installed it from ISO on a blank VM. may I ask where you got this ISO from? CERTAINLY ! https://uupdump.net/ It downloads a zip file with a script inside. You run the script for your OS. The script will go out to M$'s update site and creates an ISO for you. If the script crashes (mine did three times), rerun it and it will continue where it left off ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 03.07.2021 23:17, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 13:54 -0700, ToddAndMargo via users wrote: On 7/2/21 9:02 AM, Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? poc Hi Poc, Fedora 34 qemu-kvm-5.2.0-8.fc34.x86_64 I have Windows 11 Version Dev (OS Build 22000.1) running under qemu-kvm. I installed it from ISO on a blank VM. may I ask where you got this ISO from? smime.p7s Description: S/MIME Cryptographic Signature ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-03 5:14 p.m., mcgarrett wrote: On July 3, 2021 at 7:55 PM Tom Horsley wrote: On Sat, 3 Jul 2021 19:46:01 -0400 (EDT) mcgarrett wrote: What is a TPM, and does it come with the win 11 package, or must it be obrained elsewhere? It is a piece of hardware that either comes with your motherboard if it is new enough, or you have to add (if it has a header to allow adding) or you can't get at all without buying a new computer. Apparently all the add-in modules for motherboards which were around $15 before Microsoft announced the requirement are all around $150 now on ebay and out of stock everywhere else :-). I'm glad I don't need Windows for anything! If the upgrade turns out to be free, I'll put it on my almost new machine, IF it has the TPM. (How would I know?_ ==doug Anything made in the last few years should have one. If you're running Linux, you can check with "ls /dev/tpm*" or "journalctl | grep -i tpm". ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 3, 2021 at 7:55 PM Tom Horsley wrote: > > > On Sat, 3 Jul 2021 19:46:01 -0400 (EDT) > mcgarrett wrote: > > > What is a TPM, and does it come with the win 11 package, or must it be > > obrained elsewhere? > > It is a piece of hardware that either comes with your motherboard > if it is new enough, or you have to add (if it has a header to > allow adding) or you can't get at all without buying a new computer. > > Apparently all the add-in modules for motherboards which were > around $15 before Microsoft announced the requirement are all > around $150 now on ebay and out of stock everywhere else :-). I'm glad I don't need Windows for anything! If the upgrade turns out to be free, I'll put it on my almost new machine, IF it has the TPM. (How would I know?_ ==doug ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 3 Jul 2021 19:46:01 -0400 (EDT) mcgarrett wrote: > What is a TPM, and does it come with the win 11 package, or must it be > obrained elsewhere? It is a piece of hardware that either comes with your motherboard if it is new enough, or you have to add (if it has a header to allow adding) or you can't get at all without buying a new computer. Apparently all the add-in modules for motherboards which were around $15 before Microsoft announced the requirement are all around $150 now on ebay and out of stock everywhere else :-). ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
> On July 3, 2021 at 6:38 AM Patrick O'Callaghan wrote: > > > On Fri, 2021-07-02 at 23:02 -0700, Samuel Sieb wrote: > > On 2021-07-02 4:03 p.m., Samuel Sieb wrote: > > > On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: > > > > Since Microsoft is going to require a TPM module for their new > > > > system, > > > > are there implications for KVM, VirtualBox and VMware, or has > > > > this > > > > already been dealt with? > > > > > > qemu has support for a TPM 2.0 either as a passthrough or an > > > emulation. > > > I haven't tested it yet, but I assume it works. > > > > I tested it and Windows 10 let me enable bitlocker, so it definitely > > accepts it. > > Nice. That would seem to make the whole underlying concept of a TPM > absurd, given that you can emulate it (unless that means it has > actually been signed by some authority of course). > What is a TPM, and does it come with the win 11 package, or must it be obrained elsewhere? --doug ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Windows 11 VMs and TPM - an interesting side effect
Out of curiosity, I thought I'd see if a physical TPM module is available for my motherboard. Looking in the manual I see there is a header for one, and gigabyte has a specific model number for the one that is compatible. None are in stock anywhere save a couple of entries on ebay where the normally $15 module is now listed at $170 :-). A KVM emulated one is clearly the way to go. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 04/07/2021 05:16, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 22:05 +0100, Patrick O'Callaghan wrote: Just have to add the tpm device to your vm using virsh. I'll have to give that a try. My Win10 VM doesn't have that device. Oh, I'd never noticed. It is in virt-manager "add hardware" section. You're right. Even better. Just tried it using the default settings and it worked. After booting Windows 10, type 'tpm' into a Windows Shell (admin) instance and it confirms the module exists. Same here. I've not installed a Windows machine in several years. I wonder if things have changed since my last install as I would have thought TPM hardware would have been added by default to the hardware. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 2021-07-03 at 13:54 -0700, ToddAndMargo via users wrote: > On 7/2/21 9:02 AM, Patrick O'Callaghan wrote: > > Since Microsoft is going to require a TPM module for their new > > system, > > are there implications for KVM, VirtualBox and VMware, or has this > > already been dealt with? > > > > poc > > > Hi Poc, > > Fedora 34 > qemu-kvm-5.2.0-8.fc34.x86_64 > > I have Windows 11 Version Dev (OS Build 22000.1) running > under qemu-kvm. I installed it from ISO on a blank VM. Thanks. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 2021-07-03 at 22:05 +0100, Patrick O'Callaghan wrote: > > > Just have to add the tpm device to your vm using virsh. > > > > > > I'll have to give that a try. My Win10 VM doesn't have that > > > device. > > > > > > > > > > Oh, I'd never noticed. It is in virt-manager "add hardware" > > section. > > You're right. Even better. Just tried it using the default settings and it worked. After booting Windows 10, type 'tpm' into a Windows Shell (admin) instance and it confirms the module exists. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 2021-07-03 at 21:07 +0800, Ed Greshko wrote: > On 03/07/2021 20:46, Ed Greshko wrote: > > On 03/07/2021 20:25, Patrick O'Callaghan wrote: > > > On Sat, 2021-07-03 at 19:17 +0800, Ed Greshko wrote: > > > > On 03/07/2021 14:02, Samuel Sieb wrote: > > > > > On 2021-07-02 4:03 p.m., Samuel Sieb wrote: > > > > > > On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: > > > > > > > Since Microsoft is going to require a TPM module for > > > > > > > their new > > > > > > > system, > > > > > > > are there implications for KVM, VirtualBox and VMware, or > > > > > > > has > > > > > > > this > > > > > > > already been dealt with? > > > > > > qemu has support for a TPM 2.0 either as a passthrough or > > > > > > an > > > > > > emulation. I haven't tested it yet, but I assume it > > > > > > works. > > > > > I tested it and Windows 10 let me enable bitlocker, so it > > > > > definitely > > > > > accepts it. > > > > > > > > > I have zero experience with TPM. To utilize this do you need > > > > to make > > > > use of > > > > > > > > swtpm - TPM Emulator for TPM 1.2 and 2.0 > > > > > > > > no the qemu host? > > > Apparently not: > > > https://en.opensuse.org/Software_TPM_Emulator_For_QEMU > > > (that's just the first one that popped up). > > > > OK, so just following the instructions for libvirt and it will > > start it for you. > > > > Just have to add the tpm device to your vm using virsh. > > > > I'll have to give that a try. My Win10 VM doesn't have that > > device. > > > > > > Oh, I'd never noticed. It is in virt-manager "add hardware" section. You're right. Even better. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 7/2/21 9:02 AM, Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? poc Hi Poc, Fedora 34 qemu-kvm-5.2.0-8.fc34.x86_64 I have Windows 11 Version Dev (OS Build 22000.1) running under qemu-kvm. I installed it from ISO on a blank VM. -T For those wondering what TPM is: Trusted Platform Module https://en.wikipedia.org/wiki/Trusted_Platform_Module ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-03 5:27 a.m., Walter H. via users wrote: On 03.07.2021 08:02, Samuel Sieb wrote: On 2021-07-02 4:03 p.m., Samuel Sieb wrote: On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. I tested it and Windows 10 let me enable bitlocker, so it definitely accepts it. Are you sure, because enabling bitlocker is also possible without a TPM in Win10; There's an option to use a flash drive instead, but that's not what I used. I tried without the TPM added and it said no, then I added the TPM and it did it. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 03/07/2021 20:46, Ed Greshko wrote: On 03/07/2021 20:25, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 19:17 +0800, Ed Greshko wrote: On 03/07/2021 14:02, Samuel Sieb wrote: On 2021-07-02 4:03 p.m., Samuel Sieb wrote: On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. I tested it and Windows 10 let me enable bitlocker, so it definitely accepts it. I have zero experience with TPM. To utilize this do you need to make use of swtpm - TPM Emulator for TPM 1.2 and 2.0 no the qemu host? Apparently not: https://en.opensuse.org/Software_TPM_Emulator_For_QEMU (that's just the first one that popped up). OK, so just following the instructions for libvirt and it will start it for you. Just have to add the tpm device to your vm using virsh. I'll have to give that a try. My Win10 VM doesn't have that device. Oh, I'd never noticed. It is in virt-manager "add hardware" section. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 03/07/2021 20:25, Patrick O'Callaghan wrote: On Sat, 2021-07-03 at 19:17 +0800, Ed Greshko wrote: On 03/07/2021 14:02, Samuel Sieb wrote: On 2021-07-02 4:03 p.m., Samuel Sieb wrote: On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. I tested it and Windows 10 let me enable bitlocker, so it definitely accepts it. I have zero experience with TPM. To utilize this do you need to make use of swtpm - TPM Emulator for TPM 1.2 and 2.0 no the qemu host? Apparently not: https://en.opensuse.org/Software_TPM_Emulator_For_QEMU (that's just the first one that popped up). OK, so just following the instructions for libvirt and it will start it for you. Just have to add the tpm device to your vm using virsh. I'll have to give that a try. My Win10 VM doesn't have that device. -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 03.07.2021 08:02, Samuel Sieb wrote: On 2021-07-02 4:03 p.m., Samuel Sieb wrote: On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. I tested it and Windows 10 let me enable bitlocker, so it definitely accepts it. Are you sure, because enabling bitlocker is also possible without a TPM in Win10; smime.p7s Description: S/MIME Cryptographic Signature ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 2021-07-03 at 19:17 +0800, Ed Greshko wrote: > On 03/07/2021 14:02, Samuel Sieb wrote: > > On 2021-07-02 4:03 p.m., Samuel Sieb wrote: > > > On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: > > > > Since Microsoft is going to require a TPM module for their new > > > > system, > > > > are there implications for KVM, VirtualBox and VMware, or has > > > > this > > > > already been dealt with? > > > > > > qemu has support for a TPM 2.0 either as a passthrough or an > > > emulation. I haven't tested it yet, but I assume it works. > > > > I tested it and Windows 10 let me enable bitlocker, so it definitely > > accepts it. > > > > I have zero experience with TPM. To utilize this do you need to make > use of > > swtpm - TPM Emulator for TPM 1.2 and 2.0 > > no the qemu host? Another reference: https://www.smoothnet.org/qemu-tpm/ poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Sat, 2021-07-03 at 19:17 +0800, Ed Greshko wrote: > On 03/07/2021 14:02, Samuel Sieb wrote: > > On 2021-07-02 4:03 p.m., Samuel Sieb wrote: > > > On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: > > > > Since Microsoft is going to require a TPM module for their new > > > > system, > > > > are there implications for KVM, VirtualBox and VMware, or has > > > > this > > > > already been dealt with? > > > > > > qemu has support for a TPM 2.0 either as a passthrough or an > > > emulation. I haven't tested it yet, but I assume it works. > > > > I tested it and Windows 10 let me enable bitlocker, so it definitely > > accepts it. > > > > I have zero experience with TPM. To utilize this do you need to make > use of > > swtpm - TPM Emulator for TPM 1.2 and 2.0 > > no the qemu host? Apparently not: https://en.opensuse.org/Software_TPM_Emulator_For_QEMU (that's just the first one that popped up). poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 03/07/2021 14:02, Samuel Sieb wrote: On 2021-07-02 4:03 p.m., Samuel Sieb wrote: On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. I tested it and Windows 10 let me enable bitlocker, so it definitely accepts it. I have zero experience with TPM. To utilize this do you need to make use of swtpm - TPM Emulator for TPM 1.2 and 2.0 no the qemu host? -- Remind me to ignore comments which aren't germane to the thread. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Fri, 2021-07-02 at 23:02 -0700, Samuel Sieb wrote: > On 2021-07-02 4:03 p.m., Samuel Sieb wrote: > > On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: > > > Since Microsoft is going to require a TPM module for their new > > > system, > > > are there implications for KVM, VirtualBox and VMware, or has > > > this > > > already been dealt with? > > > > qemu has support for a TPM 2.0 either as a passthrough or an > > emulation. > > I haven't tested it yet, but I assume it works. > > I tested it and Windows 10 let me enable bitlocker, so it definitely > accepts it. Nice. That would seem to make the whole underlying concept of a TPM absurd, given that you can emulate it (unless that means it has actually been signed by some authority of course). poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-02 4:03 p.m., Samuel Sieb wrote: On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. I tested it and Windows 10 let me enable bitlocker, so it definitely accepts it. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
Samuel Sieb writes: On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. Now, if qemu could also emulate the more recent CPUs (that Win11 is rumored as being restricted to) on the older CPUs that Win11 won't support, then I can't decide whether that's going to be awesome, or funny. Or both, since I'm pretty sure that qemu can emulate it (so the awesome part is guaranteed, and the funny part is the only one that's in question). pgpUAxRE4Pm2q.pgp Description: PGP signature ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On 2021-07-02 9:02 a.m., Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? qemu has support for a TPM 2.0 either as a passthrough or an emulation. I haven't tested it yet, but I assume it works. ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Fri, 2021-07-02 at 12:30 -0400, Tom Horsley wrote: > On Fri, 2 Jul 2021 18:24:03 +0200 > Walter H. via users wrote: > > > I have successfully installed Win 11 build 21996.1 as a VMware > > Guest; > > (used the ISO that was leaked several days ago) > > > > On 02.07.2021 18:02, Patrick O'Callaghan wrote: > > > Since Microsoft is going to require a TPM module for their new > > > system, > > > are there implications for KVM, VirtualBox and VMware, or has > > > this > > > already been dealt with? > > > > This article looks promising: > > https://www.windowslatest.com/2021/06/28/youll-be-able-to-bypass-windows-11-tpm-2-0-requirement/ I was hoping for something along the lines of a new OVMF release with included TPM support. I'll give it time. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Fri, 2021-07-02 at 18:24 +0200, Walter H. via users wrote: > I have successfully installed Win 11 build 21996.1 as a VMware Guest; > (used the ISO that was leaked several days ago) > > On 02.07.2021 18:02, Patrick O'Callaghan wrote: > > Since Microsoft is going to require a TPM module for their new > > system, > > are there implications for KVM, VirtualBox and VMware, or has this > > already been dealt with? OK. Not that interested for now, but I guess I'll try it when it appears. poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
On Fri, 2 Jul 2021 18:24:03 +0200 Walter H. via users wrote: > I have successfully installed Win 11 build 21996.1 as a VMware Guest; > (used the ISO that was leaked several days ago) > > On 02.07.2021 18:02, Patrick O'Callaghan wrote: > > Since Microsoft is going to require a TPM module for their new system, > > are there implications for KVM, VirtualBox and VMware, or has this > > already been dealt with? > This article looks promising: https://www.windowslatest.com/2021/06/28/youll-be-able-to-bypass-windows-11-tpm-2-0-requirement/ ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Re: Windows 11 VMs
I have successfully installed Win 11 build 21996.1 as a VMware Guest; (used the ISO that was leaked several days ago) On 02.07.2021 18:02, Patrick O'Callaghan wrote: Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? smime.p7s Description: S/MIME Cryptographic Signature ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Windows 11 VMs
Since Microsoft is going to require a TPM module for their new system, are there implications for KVM, VirtualBox and VMware, or has this already been dealt with? poc ___ users mailing list -- users@lists.fedoraproject.org To unsubscribe send an email to users-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/users@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
