Feature Request - Enable TPM module


Recommended Posts

I would like to request that you enable TPM features within UnRAID. This will allow me to run secure and fully encrypted VMs without fear that a stolen system will leak important data.


Use case: Use TPM enabled Bitlocker for a Windows 10 UnRAID virtual machine.

Use case 2: At some future point, maybe unRaid would like to run encrypted. This would allow a secure method of encrypting the filesystem.


In my specific case, I would like to enable BitLocker for a Windows 10 UnRAID vm.
 

1) Virtual machines in UnRAID use KVM.

Source: http://lime-technology.com/unraid-6-virtualization-update/

 

2) TPM passthrough is possible in KVM.

Source: http://wiki.qemu.org/Features/TPM

 

3) It's fairly simple to add TPM to the XML
Source: https://docs.fedoraproject.org/en-US/Fedora_Draft_Documentation/0.1/html/Virtualization_Deployment_and_Administration_Guide/section-libvirt-dom-xml-tpm-device.html

 

I have run this within my proxmox server (KVM based) and it works quite well. Can you enable TPM support to UnRAID?

CONFIG_TCG_TPM=y

Thank you.

Link to comment

@bashNinja  If you want to create a test version of Unraid with this activated in the kernel then you can use my scripts.

 

For v6.4 (Hash out line 44 or it will pull a .config for the DVB builds)

Then you'll need to rename bzmodules-new and bzfirmware-new and replace your existing ones.  This should work as long as the TPM features only install into either modules or firmware.

 

For v6.3 (Has out line 44 or it will pull a .config for the DVB builds) then run this script (hashing out lines 22-26).

Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.