Loading nixos/modules/virtualisation/qemu-vm.nix +43 −1 Original line number Diff line number Diff line Loading @@ -198,6 +198,16 @@ let fi ''} ${lib.optionalString cfg.tpm.enable '' NIX_SWTPM_DIR=$(readlink -f "''${NIX_SWTPM_DIR:-${config.system.name}-swtpm}") mkdir -p "$NIX_SWTPM_DIR" ${lib.getExe cfg.tpm.package} \ socket \ --tpmstate dir="$NIX_SWTPM_DIR" \ --ctrl type=unixio,path="$NIX_SWTPM_DIR"/socket \ "--tpm2" 1>"$NIX_SWTPM_DIR"/stdout 2>"$NIX_SWTPM_DIR"/stderr & ''} cd "$TMPDIR" ${lib.optionalString (cfg.emptyDiskImages != []) "idx=0"} Loading Loading @@ -862,6 +872,32 @@ in }; }; virtualisation.tpm = { enable = mkEnableOption "a TPM device in the virtual machine with a driver, using swtpm."; package = mkPackageOptionMD cfg.host.pkgs "swtpm" { }; deviceModel = mkOption { type = types.str; default = ({ "i686-linux" = "tpm-tis"; "x86_64-linux" = "tpm-tis"; "ppc64-linux" = "tpm-spapr"; "armv7-linux" = "tpm-tis-device"; "aarch64-linux" = "tpm-tis-device"; }.${pkgs.hostPlatform.system} or (throw "Unsupported system for TPM2 emulation in QEMU")); defaultText = '' Based on the guest platform Linux system: - `tpm-tis` for (i686, x86_64) - `tpm-spapr` for ppc64 - `tpm-tis-device` for (armv7, aarch64) ''; example = "tpm-tis-device"; description = lib.mdDoc "QEMU device model for the TPM, uses the appropriate default based on th guest platform system and the package passed."; }; }; virtualisation.useDefaultFilesystems = mkOption { type = types.bool; Loading Loading @@ -1027,7 +1063,8 @@ in boot.initrd.availableKernelModules = optional cfg.writableStore "overlay" ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx"; ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx" ++ optional (cfg.tpm.enable) "tpm_tis"; virtualisation.additionalPaths = [ config.system.build.toplevel ]; Loading Loading @@ -1098,6 +1135,11 @@ in (mkIf (!cfg.graphics) [ "-nographic" ]) (mkIf (cfg.tpm.enable) [ "-chardev socket,id=chrtpm,path=\"$NIX_SWTPM_DIR\"/socket" "-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm" "-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0" ]) ]; virtualisation.qemu.drives = mkMerge [ Loading Loading
nixos/modules/virtualisation/qemu-vm.nix +43 −1 Original line number Diff line number Diff line Loading @@ -198,6 +198,16 @@ let fi ''} ${lib.optionalString cfg.tpm.enable '' NIX_SWTPM_DIR=$(readlink -f "''${NIX_SWTPM_DIR:-${config.system.name}-swtpm}") mkdir -p "$NIX_SWTPM_DIR" ${lib.getExe cfg.tpm.package} \ socket \ --tpmstate dir="$NIX_SWTPM_DIR" \ --ctrl type=unixio,path="$NIX_SWTPM_DIR"/socket \ "--tpm2" 1>"$NIX_SWTPM_DIR"/stdout 2>"$NIX_SWTPM_DIR"/stderr & ''} cd "$TMPDIR" ${lib.optionalString (cfg.emptyDiskImages != []) "idx=0"} Loading Loading @@ -862,6 +872,32 @@ in }; }; virtualisation.tpm = { enable = mkEnableOption "a TPM device in the virtual machine with a driver, using swtpm."; package = mkPackageOptionMD cfg.host.pkgs "swtpm" { }; deviceModel = mkOption { type = types.str; default = ({ "i686-linux" = "tpm-tis"; "x86_64-linux" = "tpm-tis"; "ppc64-linux" = "tpm-spapr"; "armv7-linux" = "tpm-tis-device"; "aarch64-linux" = "tpm-tis-device"; }.${pkgs.hostPlatform.system} or (throw "Unsupported system for TPM2 emulation in QEMU")); defaultText = '' Based on the guest platform Linux system: - `tpm-tis` for (i686, x86_64) - `tpm-spapr` for ppc64 - `tpm-tis-device` for (armv7, aarch64) ''; example = "tpm-tis-device"; description = lib.mdDoc "QEMU device model for the TPM, uses the appropriate default based on th guest platform system and the package passed."; }; }; virtualisation.useDefaultFilesystems = mkOption { type = types.bool; Loading Loading @@ -1027,7 +1063,8 @@ in boot.initrd.availableKernelModules = optional cfg.writableStore "overlay" ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx"; ++ optional (cfg.qemu.diskInterface == "scsi") "sym53c8xx" ++ optional (cfg.tpm.enable) "tpm_tis"; virtualisation.additionalPaths = [ config.system.build.toplevel ]; Loading Loading @@ -1098,6 +1135,11 @@ in (mkIf (!cfg.graphics) [ "-nographic" ]) (mkIf (cfg.tpm.enable) [ "-chardev socket,id=chrtpm,path=\"$NIX_SWTPM_DIR\"/socket" "-tpmdev emulator,id=tpm_dev_0,chardev=chrtpm" "-device ${cfg.tpm.deviceModel},tpmdev=tpm_dev_0" ]) ]; virtualisation.qemu.drives = mkMerge [ Loading
