The Windows 11 test VM automatically detected the TPM (IBM vendor):
You have to be careful because in an experiment, I killed swtpm while the VM was running, and nothing happened. Then, when I opened tpm.msc (probably reading tpm), the VM crashed. So you have to be careful that swtpm doesn't close while the VM is running. Marco > Il giorno 28 nov 2025, alle ore 11:18, infoomatic <[email protected]> ha > scritto: > > Thanks! Did Windows find and use that TPM? Did you have to configure anything? > > For the CPU problem: at the current state I do not rule out that this is a > Windows problem. We see the same excessive CPU usage on our Linux/KVM > hypervisors. > > best regards, > > Robert > > > On 28.11.25 11:15, Marco Orsatti wrote: >> Many thanks! >> It also works in already installed windows 11. >> I made a small change to the script so that I can run it in a common >> location for multiple VMs: >> #!/bin/sh >> VMNAME="$1" >> SOCKET="/tmp/.bhyve.tpm.$VMNAME.sock" >> if [ ! -S "$SOCKET" ]; then >> nohup swtpm socket --tpmstate backend-uri=file:///vm/$VMNAME/tpm.state >> <file:///vm/$VMNAME/tpm.state> --server type=unixio,path="$SOCKET" -- tpm2 >> --flags not-need-init & >> fi >> I think it works on Server 2022 and 2025 too, I'll do some testing >> There's another major problem with Windows 11 and Server 2022/25: excessive >> host CPU usage. Has anyone found a solution? >> Marco >>> Il giorno 27 nov 2025, alle ore 23:57, infoomatic <[email protected]> ha >>> scritto: >>> >>> Hi, >>> >>> I could not get it to work on an already installed windows VM - I am not >>> sure this is a FreeBSD/swtpm issue. >>> >>> On a fresh install I have had no issue. >>> >>> my config: >>> bhyve_options="-l tpm,swtpm,/tmp/.bhyve.tpm.win11.sock" >>> prestart="tpm.sh" >>> >>> and with tpm.sh: >>> #!/bin/sh >>> >>> SOCKET="/tmp/.bhyve.tpm.win11.sock" >>> >>> if [ ! -S "$SOCKET" ]; then >>> nohup swtpm socket --tpmstate backend-uri=file:///evo/vms/win11/ tpm.state >>> --server type=unixio,path="$SOCKET" --tpm2 --flags not-need- init & >>> fi >>> >>> hth, >>> >>> Robert >>> >>> >>> On 27.11.25 15:30, Andrea Venturoli wrote: >>>> Hello. >>>> I'm hitting my head on this, but cannot make it work. >>>> Is it expected to work or am I just wasting my time? >>>> FreeBSD 14.3/amd64 >>>> edk2-bhyve-g202308_5 >>>> vm-bhyve-1.6.2_1 >>>> bye & Thanks >>>> av. >>>> P.S. >>>> In case someone is interested in the details: >>>> vmbhyve starts bhyve with: >>>>> bhyve options: -c 3,sockets=1,cores=3,threads=1 -m 4G -AHPw -l >>>>> bootrom,/usr/local/share/uefi-firmware/BHYVE_UEFI.fd -l tpm,swtpm,/ >>>>> var/run/swtpm/tpm -k /zroot/vm/eserver/bhyve.conf -U f753439f- >>>>> bffa-11e8-b279-a4bf0142162f] >>>>> bhyve devices: -s 0,hostbridge -s 31,lpc -s 4:0,virtio-blk,/dev/ zvol/ >>>>> zroot/vm/eserver/disk0,sectorsize=512 -s 5:0,virtio- >>>>> net,tap0,mac=58:9c:fc:00:11:65 >>>>> -s 6:0,fbuf,tcp=192.168.XXX.1:25900 -s 7:0,xhci,tablet] >>>> Windows sees the TPM device but says it cannot be started (code 10) due to >>>> a protocol error. >>>> In bhyve.log I see: >>>>> /tmp/bhyve.z4HOkg5 873: OperationRegion(TPP1, SystemMemory, >>>>> Add(0xfed45000, Arg0), One) >>>>> Remark 2173 - ^ Creation of named >>>>> objects within a method is highly inefficient, use globals or method >>>>> local variables instead (\_S >>>>> B.TPM.TPFN) >>>>> >>>>> /tmp/bhyve.z4HOkg5 895: Method(_DSM, 4, Serialized) >>>>> Warning 3115 - ^ Not all control paths return >>>>> a value (\_SB.TPM._DSM) >>>>> >>>>> /tmp/bhyve.z4HOkg5 895: Method(_DSM, 4, Serialized) >>>>> Warning 3107 - ^ Reserved method must return a >>>>> value (Integer/String/Buffer/Package/Reference required for _DSM) >>>>> >>>>> /tmp/bhyve.z4HOkg5 985: If(LEqual(Arg0, ToUUID("376054ED- >>>>> CC13-4675-901C-4756D7F2D45D"))) /* UUID */ >>>>> Remark 2184 - >>>>> Unknown UUID string ^ >>>>> bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 / 3968): No >>>>> error: 0 >>>>> bhyve: tpm_crb_mem_handler: cancelling a TPM command is not implemented >>>>> yet >>>>> bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 / 3968): No >>>>> error: 0 >>>>> bhyve: tpm_crb_mem_handler: cancelling a TPM command is not implemented >>>>> yet >>>>> bhyve: tpm_swtpm_execute_cmd: rsp read failed (bytes read: 4 / 3968): No >>>>> error: 0 >>>> In swtpm logs: >>>>> Ctrl Cmd: length 12 >>>>> 80 01 00 00 00 0C 00 00 01 44 00 00 Error: Unknown command: 0x80010000 >>>>> Ctrl Rsp: length 4 >>>>> 00 00 00 0A Ctrl Cmd: length 22 >>>>> 80 01 00 00 00 16 00 00 01 7A 00 00 00 06 00 00 01 00 00 00 00 2A >>>>> Error: Unknown command: 0x80010000 >>>>> Ctrl Rsp: length 4 >>>>> 00 00 00 0A Ctrl Cmd: length 22 >>>>> 80 01 00 00 00 16 00 00 01 7A 00 00 00 06 00 00 01 00 00 00 00 2A >>>>> Error: Unknown command: 0x80010000 >>>>> Ctrl Rsp: length 4 >>>>> 00 00 00 0A >>>> This looks possibly like: >>>>> https://github.com/stefanberger/swtpm/issues/1069 >>>> That's for a different platform however and I have no idea how to "port" >>>> those info to bhyve. >>>> I have no previous experiences with swtpm (and I find it hard to get a >>>> good howto/tutorial); TPM passthrough works for me (but obviously not on >>>> machines without TPM). >>> >>> >
