How to set up a Fedora Linux 38 arm64 Guest to use TPM in an apple M1 host?

Discussion in 'Linux Virtual Machine' started by AlejandroV1, Sep 12, 2023.

  1. AlejandroV1

    AlejandroV1 Bit poster

    Messages:
    4
    Hi all,

    I am using Parallels Desktop Pro Versión 19.0.0 (54570) in an apple M1 architecture.

    - I want to get a Linux Guest VM configured with TPM emulation to Boot a Fedora 38 Linux guest arm64 using secure boot.

    Currently I am able by changing by hand the config.pvs file by adding the below to the <Hardware> tag:

    <TpmChip dyn_lists="" Type_patch="1">
    <Type>201</Type>
    <Policy>3</Policy>
    </TpmChip>

    And by adding the below to the <Startup> tag:

    <Bios EfiEnabled_patch="" dyn_lists="">
    <EfiEnabled>5</EfiEnabled>
    <EfiSecureBoot>2</EfiSecureBoot>
    </Bios>

    I got a message that the system cannot boot because Secure Boot rejected to start the OS.

    That make me think that is working, but I don't understand why the system is not booting:
    - The shim module should allow to boot, because it is pesigned by Microsoft, and is the part which allow to load Fedora signed modules.
    - I am going to try to re-install to verify it could be because the current guest OS was installed with out the TPM emulation and secure boot.

    My final goal is to get a VM that I could use as a laboratory to investigate and develop UEFI modules (I got that with qemu + edk2 tianocore but using x86_64 arch; I am wondering if something similar could be achieved by using a Parallels Desktop VM; if that wouldn't be possible, please let me know and I will put my effort by using qemu on an apple M1 chip and preparing something using edk2 tianocore to boot up a hello world UEFI application.
     
  2. Dmitry@Parallels

    Dmitry@Parallels Parallels Team

    Messages:
    715
    Hi @AlejandroV1, the virtual TPM chip is supported for Windows OS only, but regrettably, not Linux. Why do you need a TPM chip in Fedora Linux?
     

Share This Page