3

I have a dual boot installation on my Lenovo T480s: Windows 10 and Fedora 33. As I prefer working on Linux but need to have quick access to some Windows exclusive programs, I've configured QEMU (in virt-manager) to boot Windows from a physical partition from within Fedora.

Now I need to encrypt Windows partition and I want to use Bitlocker for that purpose. Everything works fine when booting natively Windows - Bitlocker seamlessly decrypts the system partition. But when I want run it as a virtual machine, it always asks me to enter Bitlocker's recovery key (which is pretty annoying). So here comes my question - do I make the right assumption that Bitlocker can't decrypt Windows partition because of lack of the TPM? If yes, how can I share the TPM with Windows guest in virt-manager? I've tried simply adding TPM device as an additional hardware (both CRB and TIS device model) as passthrough device but with no success.

dist3r
  • 31
  • 4
  • 1
    Even if the TPM would be visible from within Qemu it's state will be wrong and decryption will fail. Only if you would stop using Windows by regular boot you may be able to make Bitlocker to recognize the Qemu environment as regular boot. This would be of course defeat the purpose of Bitlocker as you could perform any manipulations you want before starting Windows. – Robert Jan 21 '21 at 14:25

0 Answers0