I want to run an Alpine Linux VM and want to connect the host's TPM to the VM. The host is x86_64 based. The command for qemu is
qemu-system-aarch64 \ -m 1024 -cpu cortex-a57 -M virt \ -bios /usr/share/qemu-efi-aarch64/QEMU_EFI.fd \ -drive file=disk.qcow2,if=virtio,format=qcow2 \ -cdrom alpine-3.21.3-aarch64.iso \ -nographic \ -device virtio-net-device,netdev=n0 \ -netdev user,id=n0 \ -tpmdev type=passthrough,id=tpm0,path=/dev/tpmrm0,cancel-path=/dev/tpmrm0 \ -device tpm-tis-device,tpmdev=tpm0As for the installation disk alpine-3.21.3-aarch64.iso, I have tried both the "standard" and the "virt" version from here. They both boot fine and also the installation works, but from neither I can access the host's tpm. On the host, the TPM works fine, as I can test for example using tpm2_getrandom 8 --hex and from the fact that /dev/tpm0 and /dev/tpmrm0 exist.
On the VM, those two devices do not exist and I cannot get it to work. Here some debugging output from the VM:
$ dmesg | grep -i tpm[ 0.000000] efi: SMBIOS 3.0=0x7fed0000 TPMFinalLog=0x7c3e0000 MEMATTR=0x7e227018 ACPI 2.0=0x7c3d0018 TPMEventLog=0x7c3d9098 INITRD=0x7c3c9b18 MEMRESERVE=0x7c3c9b98 [ 0.000000] ACPI: TPM2 0x000000007C3DE898 00004C (v04 BOCHS BXPC 00000001 BXPC 00000001)I had already added the kernel module tpm_tis_spi to /etc/modules. This is why I see:
$ lsmod | grep -i tpmtpm_tis_spi 20480 0tpm_tis_core 28672 1 tpm_tis_spitpm 102400 2 tpm_tis_core,tpm_tis_spirng_core 20480 1 tpmThere seem to be some drivers available:
$ find /lib/modules/$(uname -r) -name '*tpm*'/lib/modules/6.12.16-0-lts/kernel/drivers/char/tpm/lib/modules/6.12.16-0-lts/kernel/drivers/char/tpm/tpm.ko.gz/lib/modules/6.12.16-0-lts/kernel/drivers/char/tpm/tpm_tis_spi.ko.gz/lib/modules/6.12.16-0-lts/kernel/drivers/char/tpm/tpm_tis_core.ko.gz/lib/modules/6.12.16-0-lts/kernel/drivers/char/tpm/tpm_atmel.ko.gz/lib/modules/6.12.16-0-lts/kernel/drivers/char/tpm/xen-tpmfront.ko.gz/lib/modules/6.12.16-0-lts/kernel/drivers/char/tpm/tpm_infineon.ko.gz/sys/class/tpm/ and /sys/class/tpmrm/ exist, but are empty.
On the host, from tpm2_getcap properties-fixed I figured out that the TPM is an Infineon SLB9670. On the VM, this only gives an error message (as currently expected):
$ tpm2_getcap properties-fixedERROR:tcti:src/tss2-tcti/tcti-device.c:455:Tss2_Tcti_Device_Init() Failed to open specified TCTI device file /dev/tpmrm0: No such file or directory ERROR:tcti:src/tss2-tcti/tctildr-dl.c:149:tcti_from_file() Could not initialize TCTI file: device ERROR:tcti:src/tss2-tcti/tctildr.c:477:tctildr_init_context_data() Failed to instantiate TCTI ERROR: Could not load tcti, got: "(null)"What am I missing?