Giters

jscarle / HyperV.NET

Simple Hyper-V Virtual Machine Management

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

TPM Enabled

danijeljw-RPC opened this issue · comments

commented

Enabling Trusted Platform Module (TPM) flag by setting value to True did not enable TPM on Hyper-V machine.

Code used:

vmDefinition.NetworkAdapters[0].VirtualSwitch = "Default Switch";
vmDefinition.AutomaticStop.Action = AutomaticStopAction.TurnOff;
vmDefinition.Checkpoints.Type = CheckpointType.None;  // do not use checkpoints in dev
vmDefinition.AutomaticStart.Action = AutomaticStartAction.Nothing;
vmDefinition.Security.TrustedPlatformModule = true;  // enable TPM

Reading through the source files, it indicated to me that this would be the correct way to enable. The code above would enable SecureBoot by default.

Pursuant to this, I did adjust the code to include this SecureBoot first then re-run as follows:

vmDefinition.NetworkAdapters[0].VirtualSwitch = "Default Switch";
vmDefinition.AutomaticStop.Action = AutomaticStopAction.TurnOff;
vmDefinition.Checkpoints.Type = CheckpointType.None;  // do not use checkpoints in dev
vmDefinition.AutomaticStart.Action = AutomaticStartAction.Nothing;
vmDefinition.Security.SecureBoot = true;  // enable SecureBoot
vmDefinition.Security.TrustedPlatformModule = true;  // enable TPM

Now when I check the Hyper-V machine manually, I can see the TPM is enabled.

This was strange as although the SecureBoot value was True. However by manually setting this flag, I was finally able to force enable TPM too.

commented

I cannot see any code path that would change the behavior of the creation of the virtual machine based on setting the SecureBoot flag to true, especially considering that the flag is already set to true by default. I think there's a higher chance that adding the line simply caused a recompile of your code and possibly that the recompilation did the trick.

The other possibility is that it could be a race condition depending on the actual physical configuration of your system. A TPM chip is required to enable TPM in the virtual machine. However, most modern CPUs offer a software based TPM solution which acts as a simulated TPM chip, that feature can be enabled in the BIOS of most modern motherboards.