Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: vTPM spec #6802

Closed
wants to merge 4 commits into from
Closed

docs: vTPM spec #6802

wants to merge 4 commits into from

Conversation

MathieuRA
Copy link
Member

Description

Short explanation of this PR (feel free to re-use commit message)

Checklist

  • Commit
    • Title follows commit conventions
    • Reference the relevant issue (Fixes #007, See xoa-support#42, See https://...)
    • If bug fix, add Introduced by
  • Changelog
    • If visible by XOA users, add changelog entry
    • Update "Packages to release" in CHANGELOG.unreleased.md
  • PR
    • If UI changes, add screenshots
    • If not finished or not tested, open as Draft

@MathieuRA MathieuRA self-assigned this Apr 28, 2023
stormi
stormi reviewed Apr 28, 2023
View reviewed changes
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
docs/vtpm.md Outdated Show resolved Hide resolved
julien-f
julien-f reviewed May 10, 2023
View reviewed changes
docs/vtpm.md Outdated
- `is_protected`: The TPM is encrypted whenever it's transferred or at stored to disk (and exported)
- `is_unique`: The TPM contents are exclusive to that VM, that means it has never been cloned (and maybe never exported nor imported)

vTPM features are only enabled if XAPI is recent enough (check for version >= 8.3).
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternative checks:

  • pool.restrictions.restrict_vtpm === 'false'

julien-f
julien-f reviewed May 10, 2023
View reviewed changes
docs/vtpm.md Outdated
- The default value is `false`, except if `template.platform.vtpm` is `"true"`.
- A message will be displayed below the toggle if:
- The value is `true`: _Please note that once the vTPM is used, its deletion is strongly discouraged as it will lead to data loss._
- The value is `false` and the `template.platform.vtpm` is `"true"`: _The VM cannot be created without vTPM_
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
- The value is `false` and the `template.platform.vtpm` is `"true"`: _The VM cannot be created without vTPM_
- The value is `false` and the `template.platform.vtpm` is `"true"`: _This template requires a vTPM, if you proceed, the VM will likely not be able to boot_

julien-f
julien-f reviewed May 10, 2023
View reviewed changes
docs/vtpm.md Outdated
- A toggle will be displayed in advanced settings under `boot firmware`.
- The default value is `false`, except if `template.platform.vtpm` is `"true"`.
- A message will be displayed below the toggle if:
- The value is `true`: _Please note that once the vTPM is used, its deletion is strongly discouraged as it will lead to data loss._
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not necessary, a warning confirmation modal at vTPM creation will be enough.

julien-f
julien-f reviewed May 10, 2023
View reviewed changes
docs/vtpm.md Outdated
```ts
vTPM Object
{
id: string,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

uuid.

julien-f
julien-f reviewed May 10, 2023
View reviewed changes
docs/vtpm.md Outdated
Comment on lines 5 to 6
is_protected: boolean, // Currently unused by the XAPI, may be used in future.
is_unique: boolean // Currently unused by the XAPI, may be used in future.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Remove for now if unused.

@pdonias pdonias removed their request for review May 22, 2023 08:53
This was referenced Oct 6, 2023
Merged
Merged
pdonias pushed a commit that referenced this pull request Oct 19, 2023
@MathieuRA
feat(xo-web/VM/advanced): VTPM management (#7085)
1a1dd05 
See #7066
See #6802
See #7074
pdonias pushed a commit that referenced this pull request Oct 19, 2023
@MathieuRA
feat(xo-server/xo-web/VM/new): VTPM creation (#7077)
8834af6 
See #7066
See #6802
See #7085
@MathieuRA
Copy link
Member Author

Initial PRs have been merged.
#7085
#7077

@MathieuRA MathieuRA closed this Oct 31, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stormi stormi stormi left review comments

@julien-f julien-f julien-f left review comments

@Darkbeldin Darkbeldin Darkbeldin approved these changes

Assignees

@MathieuRA MathieuRA

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@MathieuRA @julien-f @stormi @Darkbeldin