From nobody Fri Nov 28 10:17:24 2025
X-Original-To: virtualization@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4dHq4811tpz6Jc9S
	for <virtualization@mlmmj.nyi.freebsd.org>; Fri, 28 Nov 2025 10:17:44 +0000 (UTC)
	(envelope-from marco.dmc12@gmail.com)
Received: from mail-ej1-x62d.google.com (mail-ej1-x62d.google.com [IPv6:2a00:1450:4864:20::62d])
	(using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256
	 client-signature RSA-PSS (2048 bits) client-digest SHA256)
	(Client CN "smtp.gmail.com", Issuer "WR4" (verified OK))
	by mx1.freebsd.org (Postfix) with ESMTPS id 4dHq464wrCz3GV7
	for <virtualization@freebsd.org>; Fri, 28 Nov 2025 10:17:42 +0000 (UTC)
	(envelope-from marco.dmc12@gmail.com)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=gmail.com header.s=20230601 header.b="TcDt8/Kz";
	dmarc=pass (policy=none) header.from=gmail.com;
	spf=pass (mx1.freebsd.org: domain of marco.dmc12@gmail.com designates 2a00:1450:4864:20::62d as permitted sender) smtp.mailfrom=marco.dmc12@gmail.com
Received: by mail-ej1-x62d.google.com with SMTP id a640c23a62f3a-b76b5afdf04so303923766b.1
        for <virtualization@freebsd.org>; Fri, 28 Nov 2025 02:17:42 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1764325056; x=1764929856; darn=freebsd.org;
        h=to:date:message-id:subject:mime-version:from:from:to:cc:subject
         :date:message-id:reply-to;
        bh=+HW+lITbfF/iP6wmgdWQwFgq7elW1wzHPPtXZ7Cg+k4=;
        b=TcDt8/KzMio392zOoEg6wDiAUzPlhpvAKynzdNUtGC/xfBQqz6mTYH1QBzFVibB0sV
         QxZCiSV2z0SAqi4i1GAW1XSV6F7Oeuici+4izEpOYmYdlFGe5EYcySeL+4z5nM/xLDnQ
         8mN+8yeH/62txJ9OIhbn1DjUsELLU1+q01K1UWZvhPA7O2qQ6NZ2wfwgcbwidm3mZmxp
         GYcVahI5OdMWwWbW745FQJ39IU52n2p6QbDeGbPTH7z/Qm71wFDxiBtRu7RCAjp938DY
         UhThwT9AQzRXaVNBL5xUCwaOPqJ7qxnUYp1XlWWxCN+y2wRDu24JTtmtHezP9mk4iGbu
         mNEQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1764325056; x=1764929856;
        h=to:date:message-id:subject:mime-version:from:x-gm-gg
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=+HW+lITbfF/iP6wmgdWQwFgq7elW1wzHPPtXZ7Cg+k4=;
        b=QOYUJkVMoO2ECF8TVrVHC7EvXDDUxcuPHvKh1JuY5X0kUb3C9yH6rVHcAXBo0MQnl1
         Bu51Ww3RhzxJlm7P0F2Va7cDWuymutQ71jBJv9blAT99ub8eA83rG6CtXy2p2Uk32n2t
         EMQGnsEpeGZSjKQDUD5oXMmoL6lGGi1IvcBfLEWK1iZc8IDlPW2iYpJ3O70I2cGk9lqD
         lj5VzGhDEJuVezQcHtWqrqZ9k4t/4WCq5IHcLCiojP/bjWaCZ6rk6EjZKjYRgKW2D/u3
         5y5MXku8bWGtaKqtWd6VqMJASwaU0Ja91S3h8/CdZ60f8avkjd8LLpDlZradFN7tywVp
         pxCA==
X-Gm-Message-State: AOJu0YwxwxemvoKSjeTGx1fZcSkNc6KnMCdbg8sB5GtuOX6eSvBEb8Ns
	+NsDPNaJhbXvK0MrjfYY3FpxGHye1eB7H72rwz15fhIFNmq/Wb/fNDjE5Iz5MWmW
X-Gm-Gg: ASbGncsMkqqa81oP2qgmB92AutC+Ddng3WKjKrt0kdALF86Bg+NaS6wivoODQBjG79M
	d7JQOrnGrQ7lJzYIswV87oSiL4stcphD6fPGwrRRda4HOozyCBk0+S/DQiJov12WLN6Z+rQ0ERo
	lfz7n9b+DRfTeOVWz4jgVuQHfb+MhsfjjMQgaWWXefZXqoWe5C0EfoK6JMHCvGciGTPnIKh4qkR
	kZcIjP8BDVG+JIe6f0FTW3HoEBrNSuqaWq5iQNf2nv4NCrtiVI4+w6ldzwsk8S3j359lgwXsAM3
	gC3L7Qs6xLFJVDdgxqvnogNHmWc55D5x0L+zysXz9VudpKAjm+G8wLinfQ16dtKHL5SYzCXK4YH
	r+LV9D4axRtSlgCHjzZl6B82hTY+PXDKpSJeahS8YSfkhu2TkxUgEFf9ovP8nyDA2/oK+ToxWep
	Dge67yP+2Ad7LcZHt92vjkrzeVavz3A/3zEPAcMcQX3dj2PmusosZPm4qD516H91cT
X-Google-Smtp-Source: AGHT+IGLS2WORW6faRQmzMO9h1lb9/2YbqFOUd9maGu9AUQsN3uAP2cAOmM//xCj+dGfmKHxkp3sLQ==
X-Received: by 2002:a17:907:9493:b0:b1d:285c:e0ef with SMTP id a640c23a62f3a-b76715e6316mr2990432466b.26.1764325055704;
        Fri, 28 Nov 2025 02:17:35 -0800 (PST)
Received: from smtpclient.apple (u-3y-178-175-197.4bone.mynet.it. [178.175.197.122])
        by smtp.gmail.com with ESMTPSA id a640c23a62f3a-b76f59aeb45sm407723166b.40.2025.11.28.02.17.35
        for <virtualization@freebsd.org>
        (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
        Fri, 28 Nov 2025 02:17:35 -0800 (PST)
From: Marco Orsatti <marco.dmc12@gmail.com>
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_F6C6275E-8A8E-4031-9828-ED8425A7D0B7"
List-Id: Discussion <freebsd-virtualization.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-virtualization
List-Help: <mailto:virtualization+help@freebsd.org>
List-Post: <mailto:virtualization@freebsd.org>
List-Subscribe: <mailto:virtualization+subscribe@freebsd.org>
List-Unsubscribe: <mailto:virtualization+unsubscribe@freebsd.org>
X-BeenThere: freebsd-virtualization@freebsd.org
Sender: owner-freebsd-virtualization@FreeBSD.org
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3826.700.81\))
Subject: Re: bhyve + swtpm + W11
Message-Id: <5AFE2880-207D-4338-9791-CB0790ACB649@gmail.com>
Date: Fri, 28 Nov 2025 11:17:24 +0100
To: virtualization@freebsd.org
X-Mailer: Apple Mail (2.3826.700.81)
X-Spamd-Bar: /
X-Spamd-Result: default: False [0.01 / 15.00];
	HAS_FILE_URL(2.00)[];
	URI_COUNT_ODD(1.00)[1];
	FAKE_REPLY(1.00)[];
	NEURAL_HAM_SHORT(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-0.999];
	NEURAL_HAM_LONG(-0.99)[-0.995];
	DMARC_POLICY_ALLOW(-0.50)[gmail.com,none];
	R_SPF_ALLOW(-0.20)[+ip6:2a00:1450:4000::/36:c];
	R_DKIM_ALLOW(-0.20)[gmail.com:s=20230601];
	MIME_GOOD(-0.10)[multipart/alternative,text/plain];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	RCVD_TLS_LAST(0.00)[];
	FREEMAIL_ENVFROM(0.00)[gmail.com];
	TAGGED_FROM(0.00)[];
	FREEMAIL_FROM(0.00)[gmail.com];
	ARC_NA(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	MIME_TRACE(0.00)[0:+,1:+,2:~];
	FROM_HAS_DN(0.00)[];
	DWL_DNSWL_NONE(0.00)[gmail.com:dkim];
	TO_DN_NONE(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[virtualization@freebsd.org];
	RCVD_COUNT_TWO(0.00)[2];
	FROM_EQ_ENVFROM(0.00)[];
	DKIM_TRACE(0.00)[gmail.com:+];
	MLMMJ_DEST(0.00)[virtualization@freebsd.org];
	APPLE_MAILER_COMMON(0.00)[];
	MID_RHS_MATCH_FROM(0.00)[];
	ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	RCVD_IN_DNSWL_NONE(0.00)[2a00:1450:4864:20::62d:from]
X-Rspamd-Queue-Id: 4dHq464wrCz3GV7


--Apple-Mail=_F6C6275E-8A8E-4031-9828-ED8425A7D0B7
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

Many thanks!

It also works in already installed windows 11.

I made a small change to the script so that I can run it in a common =
location for multiple VMs:

#!/bin/sh

VMNAME=3D"$1"

SOCKET=3D"/tmp/.bhyve.tpm.$VMNAME.sock"

if [ ! -S "$SOCKET" ]; then
nohup swtpm socket --tpmstate backend-uri=3Dfile:///vm/$VMNAME/tpm.state =
--server type=3Dunixio,path=3D"$SOCKET" --tpm2 --flags not-need-init &
fi

I think it works on Server 2022 and 2025 too, I'll do some testing


There's another major problem with Windows 11 and Server 2022/25: =
excessive host CPU usage. Has anyone found a solution?

Marco



--Apple-Mail=_F6C6275E-8A8E-4031-9828-ED8425A7D0B7
Content-Transfer-Encoding: 7bit
Content-Type: text/html;
	charset=us-ascii

<html><head><meta http-equiv="content-type" content="text/html; charset=us-ascii"></head><body style="overflow-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;">Many thanks!<br><br>It also works in already installed windows 11.<br><br>I made a small change to the script so that I can run it in a common location for multiple VMs:<br><br>#!/bin/sh<br><br>VMNAME="$1"<br><br>SOCKET="/tmp/.bhyve.tpm.$VMNAME.sock"<br><br>if [ ! -S "$SOCKET" ]; then<br>nohup swtpm socket --tpmstate backend-uri=<a href="file:///vm/$VMNAME/tpm.state">file:///vm/$VMNAME/tpm.state</a>&nbsp;--server type=unixio,path="$SOCKET" --tpm2 --flags not-need-init &amp;<br>fi<br><br>I think it works on Server 2022 and 2025 too, I'll do some testing<br><br><br>There's another major problem with Windows 11 and Server 2022/25: excessive host CPU usage. Has anyone found a solution?<br><br>Marco<br>
<br>
<br></body></html>
--Apple-Mail=_F6C6275E-8A8E-4031-9828-ED8425A7D0B7--