From nobody Thu Nov 27 14:41:51 2025 X-Original-To: freebsd-virtualization@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dHJzT1PrNz6JZ2J for ; Thu, 27 Nov 2025 14:41:57 +0000 (UTC) (envelope-from jon@xyinn.org) Received: from mail-4323.protonmail.ch (mail-4323.protonmail.ch [185.70.43.23]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "protonmail.com", Issuer "R13" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4dHJzS5Q7sz3kb3 for ; Thu, 27 Nov 2025 14:41:56 +0000 (UTC) (envelope-from jon@xyinn.org) Authentication-Results: mx1.freebsd.org; none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=xyinn.org; s=protonmail3; t=1764254514; x=1764513714; bh=rUVJRmP7paK2tzSn45mwtStrH1WuCEYTu4/F2amQXn8=; h=Date:To:From:Cc:Subject:Message-ID:In-Reply-To:References: Feedback-ID:From:To:Cc:Date:Subject:Reply-To:Feedback-ID: Message-ID:BIMI-Selector; b=iPpiZUinfEGTP2z1LMggm4IiyPCv69wCfP3hZAgrfaW/d/AQdOyOQP2p2MHHYJ8Ow MgVuNa1gaeMJPsg2ByVkwhOH3IZkmdcWWHB3sLdr4/MAV+EcbxzB6BafN4TgLJqjpr GMIEvC5bm4FzGOxiipCY/i0nEyfUcPhtBXC95FarwJHl09eFgX/eJR8Oa88N074fBI JSP4G8KvRX/XFMTZUSLIcGF0DDjxktmGsFHqGDVRZTlkiv04Li4QUpDdoGiSZg0zKI UcPRA8FYtqtaLKPw/OYzimppI56mC8/PlOxrYWAj/T2h2/9fG8z6ryFSBbO95h50kO 0ssGTFDvFPusQ== Date: Thu, 27 Nov 2025 14:41:51 +0000 To: Andrea Venturoli From: Jonathan Vasquez Cc: freebsd-virtualization@FreeBSD.org Subject: Re: bhyve + swtpm + W11 Message-ID: In-Reply-To: <031fe2e6-eae6-4d4a-8bce-cd7eadd0b5a6@netfence.it> References: <031fe2e6-eae6-4d4a-8bce-cd7eadd0b5a6@netfence.it> Feedback-ID: 12351801:user:proton X-Pm-Message-ID: 7427471d2376337d944766c7799782112dcdde7f List-Id: Discussion List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-virtualization@freebsd.org Sender: owner-freebsd-virtualization@FreeBSD.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Spamd-Bar: ---- X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; ASN(0.00)[asn:62371, ipnet:185.70.43.0/24, country:CH] X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Rspamd-Queue-Id: 4dHJzS5Q7sz3kb3 Not sure about that issue since I don=E2=80=99t use Windows 11 (I stayed on= 10) but I did do some experiments a few months ago and documented how to b= ypass all of those requirements (including TPM) when installing 11 on bhyve= . Maybe skipping it altogether can help get your setup running. You can tak= e a look at my post here: https://xyinn.org/blog/freebsd/install_windows_11_bhyve Jonathan Vasquez PGP: 34DA 858C 1447 509E C77A D49F FB85 90B7 C4CA 5279 Sent with ProtonMail Secure Email Sent from Proton Mail for iOS. -------- Original Message -------- On Thursday, 11/27/25 at 09:31 Andrea Venturoli wrote: Hello. I'm hitting my head on this, but cannot make it work. Is it expected to work or am I just wasting my time? FreeBSD 14.3/amd64 edk2-bhyve-g202308_5 vm-bhyve-1.6.2_1 bye & Thanks =09av. P.S. In case someone is interested in the details: vmbhyve starts bhyve with: > bhyve options: -c 3,sockets=3D1,cores=3D3,threads=3D1 -m 4G -AHPw -l boot= rom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd -l tpm,swtpm,/var/run/swtp= m/tpm -k > /zroot/vm/eserver/bhyve.conf -U f753439f-bffa-11e8-b279-a4bf0142162f] > bhyve devices: -s 0,hostbridge -s 31,lpc -s 4:0,virtio-blk,/dev/zvol/zroo= t/vm/eserver/disk0,sectorsize=3D512 -s 5:0,virtio-net,tap0,mac=3D58:9c:fc:0= 0:11:65 > -s 6:0,fbuf,tcp=3D192.168.XXX.1:25900 -s 7:0,xhci,tablet] Windows sees the TPM device but says it cannot be started (code 10) due to a protocol error. In bhyve.log I see: > /tmp/bhyve.z4HOkg5 873: OperationRegion(TPP1, SystemMemory, Ad= d(0xfed45000, Arg0), One) > Remark 2173 - ^ Creation of named = objects within a method is highly inefficient, use globals or method local = variables instead (\_S > B.TPM.TPFN) > > /tmp/bhyve.z4HOkg5 895: Method(_DSM, 4, Serialized) > Warning 3115 - ^ Not all control paths return = a value (\_SB.TPM._DSM) > > /tmp/bhyve.z4HOkg5 895: Method(_DSM, 4, Serialized) > Warning 3107 - ^ Reserved method must return a= value (Integer/String/Buffer/Package/Reference required for _DSM) > > /tmp/bhyve.z4HOkg5 985: If(LEqual(Arg0, ToUUID("376054ED-CC13-= 4675-901C-4756D7F2D45D"))) /* UUID */ > Remark 2184 - = Unknown UUID string ^ > > bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 / 3968): No = error: 0 > bhyve: tpm_crb_mem_handler: cancelling a TPM command is not implemented y= et > bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 / 3968): No = error: 0 > bhyve: tpm_crb_mem_handler: cancelling a TPM command is not implemented y= et > bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 / 3968): No = error: 0 In swtpm logs: > Ctrl Cmd: length 12 > 80 01 00 00 00 0C 00 00 01 44 00 00 > Error: Unknown command: 0x80010000 > Ctrl Rsp: length 4 > 00 00 00 0A > Ctrl Cmd: length 22 > 80 01 00 00 00 16 00 00 01 7A 00 00 00 06 00 00 > 01 00 00 00 00 2A > Error: Unknown command: 0x80010000 > Ctrl Rsp: length 4 > 00 00 00 0A > Ctrl Cmd: length 22 > 80 01 00 00 00 16 00 00 01 7A 00 00 00 06 00 00 > 01 00 00 00 00 2A > Error: Unknown command: 0x80010000 > Ctrl Rsp: length 4 > 00 00 00 0A This looks possibly like: > https://github.com/stefanberger/swtpm/issues/1069 That's for a different platform however and I have no idea how to "port" those info to bhyve. I have no previous experiences with swtpm (and I find it hard to get a good howto/tutorial); TPM passthrough works for me (but obviously not on machines without TPM).