Add support for vTPM for XenServer and XCP-ng 8.3/8.4

[Pearl1594]

Description

This PR adds support for vTPM for XenServer 8.4/ XCP-ng 8.3

Where,
VM: i-2-9-VM : Windows 11 - which automatically comes up with vTPM
VM: i-2-19-VM: Ubuntu 24.04 - template was set with virtual.tpm.enabled = true setting. And vTPM was successfully created for the guest VM.

Note:

Tried using VTPM.create api in the java code like:

final VTPM.Record vTPMRecord = new VTPM.Record();
vTPMRecord.VM = vm;
vTPMRecord.backend = vm;
VTPM.create(conn, vTPMRecord);

but failed with:

2025-12-15 18:57:37,254 WARN  [c.c.h.x.r.w.x.CitrixStartCommandWrapper] (DirectAgent-26:[ctx-8c875387]) (logid:aed6cd60) Failed to configure vTPM for VM i-2-19-VM, continuing without vTPM com.cloud.utils.exception.CloudRuntimeException: Failed to configure vTPM for VM: i-2-19-VM
        at com.cloud.hypervisor.xenserver.resource.CitrixResourceBase.configureVTPM(CitrixResourceBase.java:5881)
        at com.cloud.hypervisor.xenserver.resource.wrapper.xenbase.CitrixStartCommandWrapper.execute(CitrixStartCommandWrapper.java:102)
        at com.cloud.hypervisor.xenserver.resource.wrapper.xenbase.CitrixStartCommandWrapper.execute(CitrixStartCommandWrapper.java:57)
        at com.cloud.hypervisor.xenserver.resource.wrapper.xenbase.CitrixRequestWrapper.execute(CitrixRequestWrapper.java:122)
        at com.cloud.hypervisor.xenserver.resource.CitrixResourceBase.executeRequest(CitrixResourceBase.java:1780)
        at com.cloud.agent.manager.DirectAgentAttache$Task.runInContext(DirectAgentAttache.java:306)
        at org.apache.cloudstack.managed.context.ManagedContextRunnable$1.run(ManagedContextRunnable.java:49)
        at org.apache.cloudstack.managed.context.impl.DefaultManagedContext$1.call(DefaultManagedContext.java:56)
        at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.callWithContext(DefaultManagedContext.java:103)
        at org.apache.cloudstack.managed.context.impl.DefaultManagedContext.runWithContext(DefaultManagedContext.java:53)
        at org.apache.cloudstack.managed.context.ManagedContextRunnable.run(ManagedContextRunnable.java:46)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:539)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:304)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1136)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:635)
        at java.base/java.lang.Thread.run(Thread.java:840)
Caused by: You tried to call a method with the incorrect number of parameters. The fully-qualified method name that you used, and the number of received and expected parameters are returned.

Types of changes

• Breaking change (fix or feature that would cause existing functionality to change)
• New feature (non-breaking change which adds functionality)
• Bug fix (non-breaking change which fixes an issue)
• Enhancement (improves an existing feature and functionality)
• Cleanup (Code refactoring and cleanup, that may add test cases)
• Build/CI
• Test (unit or integration test code)

Feature/Enhancement Scale or Bug Severity

Feature/Enhancement Scale

• Major
• Minor

Screenshots (if appropriate):

How Has This Been Tested?

In Progress

How did you try to break this feature and the system with this change?

[codecov]

Codecov Report

❌ Patch coverage is 8.47458% with 54 lines in your changes missing coverage. Please review.
✅ Project coverage is 17.50%. Comparing base (5bf869c) to head (c5c4ed7).
⚠️ Report is 18 commits behind head on main.

Files with missing lines	Patch %	Lines
...ervisor/xenserver/resource/CitrixResourceBase.java	0.00%	44 Missing ⚠️
...rce/wrapper/xenbase/CitrixStartCommandWrapper.java	0.00%	6 Missing ⚠️
...rce/wrapper/xenbase/CitrixReadyCommandWrapper.java	71.42%	2 Missing ⚠️
...ain/java/com/cloud/api/query/QueryManagerImpl.java	0.00%	2 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##               main   #12263      +/-   ##
============================================
- Coverage     17.51%   17.50%   -0.01%     
  Complexity    15585    15585              
============================================
  Files          5914     5914              
  Lines        529867   529925      +58     
  Branches      64722    64733      +11     
============================================
+ Hits          92782    92789       +7     
- Misses       426635   426685      +50     
- Partials      10450    10451       +1     

Flag	Coverage Δ
uitests	3.58% <ø> (ø)
unittests	18.57% <8.47%> (-0.01%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[Pearl1594]

@blueorangutan package

[blueorangutan]

@Pearl1594 a [SL] Jenkins job has been kicked to build packages. It will be bundled with KVM, XenServer and VMware SystemVM templates. I'll keep you posted as I make progress.

[sonarqubecloud]

Quality Gate failed

Failed conditions
2.7% Coverage on New Code (required ≥ 40%)

See analysis details on SonarQube Cloud

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 16133

[Pearl1594]

@blueorangutan test ol8 xcpng83

[blueorangutan]

@Pearl1594 a [SL] Trillian-Jenkins test job (ol8 mgmt + xcpng83) has been kicked to run smoke tests

[Pearl1594]

@blueorangutan test ol8 xenserver-84

[blueorangutan]

@Pearl1594 a [SL] Trillian-Jenkins test job (ol8 mgmt + xenserver-84) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-15049)
Environment: xcpng83 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 59948 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12263-t15049-xcpng83.zip
Smoke tests completed. 141 look OK, 9 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_03_deploy_and_scale_kubernetes_cluster	Failure	54.38	test_kubernetes_clusters.py
test_01_non_strict_host_anti_affinity	Error	191.75	test_nonstrict_affinity_group.py
test_02_non_strict_host_affinity	Error	46.16	test_nonstrict_affinity_group.py
test_01_add_primary_storage_disabled_host	Error	15.50	test_primary_storage.py
test_01_primary_storage_iscsi	Error	0.21	test_primary_storage.py
test_01_primary_storage_nfs	Error	0.19	test_primary_storage.py
ContextSuite context=TestStorageTags>:setup	Error	0.30	test_primary_storage.py
test_01_vpc_privategw_acl	Failure	10.46	test_privategw_acl.py
test_02_list_snapshots_with_removed_data_store	Error	12.63	test_snapshots.py
test_02_list_snapshots_with_removed_data_store	Error	12.63	test_snapshots.py
test_01_vpn_usage	Error	1.10	test_usage.py
test_01_deploy_vm_on_specific_host	Error	0.09	test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster	Error	0.14	test_vm_deployment_planner.py
test_08_migrate_vm	Error	0.07	test_vm_life_cycle.py
test_11_destroy_vm_and_volumes	Error	16.79	test_vm_life_cycle.py
test_01_migrate_vm_strict_tags_success	Error	0.24	test_vm_strict_host_tags.py
test_02_migrate_vm_strict_tags_failure	Error	0.21	test_vm_strict_host_tags.py
test_01_restore_vm_strict_tags_success	Error	0.23	test_vm_strict_host_tags.py
test_02_restore_vm_strict_tags_failure	Error	0.28	test_vm_strict_host_tags.py
test_01_scale_vm_strict_tags_success	Error	0.20	test_vm_strict_host_tags.py
test_02_scale_vm_strict_tags_failure	Error	0.23	test_vm_strict_host_tags.py
test_01_deploy_vm_on_specific_host_without_strict_tags	Error	0.21	test_vm_strict_host_tags.py
test_02_deploy_vm_on_any_host_without_strict_tags	Error	5.67	test_vm_strict_host_tags.py
test_03_deploy_vm_on_specific_host_with_strict_tags_success	Error	0.26	test_vm_strict_host_tags.py
test_04_deploy_vm_on_any_host_with_strict_tags_success	Error	5.73	test_vm_strict_host_tags.py
test_05_deploy_vm_on_specific_host_with_strict_tags_failure	Failure	0.23	test_vm_strict_host_tags.py

[blueorangutan]

[SF] Trillian test result (tid-15050)
Environment: xenserver-84 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 75379 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12263-t15050-xenserver-84.zip
Smoke tests completed. 136 look OK, 14 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_events_resource	Error	196.95	test_events_resource.py
test_03_deploy_and_scale_kubernetes_cluster	Failure	44.28	test_kubernetes_clusters.py
test_04_autoscale_kubernetes_cluster	Failure	517.87	test_kubernetes_clusters.py
test_01_non_strict_host_anti_affinity	Error	167.67	test_nonstrict_affinity_group.py
test_02_non_strict_host_affinity	Error	81.24	test_nonstrict_affinity_group.py
test_01_add_primary_storage_disabled_host	Error	15.59	test_primary_storage.py
test_01_primary_storage_iscsi	Error	0.24	test_primary_storage.py
test_01_primary_storage_nfs	Error	0.20	test_primary_storage.py
ContextSuite context=TestStorageTags>:setup	Error	0.33	test_primary_storage.py
test_02_list_snapshots_with_removed_data_store	Error	12.69	test_snapshots.py
test_02_list_snapshots_with_removed_data_store	Error	12.69	test_snapshots.py
test_01_vpn_usage	Error	1.10	test_usage.py
test_01_scale_up_verify	Failure	546.73	test_vm_autoscaling.py
test_02_update_vmprofile_and_vmgroup	Failure	258.07	test_vm_autoscaling.py
test_06_autoscaling_vmgroup_on_project_network	Failure	444.74	test_vm_autoscaling.py
test_06_autoscaling_vmgroup_on_project_network	Error	444.75	test_vm_autoscaling.py
test_07_autoscaling_vmgroup_on_vpc_network	Failure	441.83	test_vm_autoscaling.py
test_07_autoscaling_vmgroup_on_vpc_network	Error	441.85	test_vm_autoscaling.py
ContextSuite context=TestVmAutoScaling>:teardown	Error	461.17	test_vm_autoscaling.py
test_01_deploy_vm_on_specific_host	Error	0.11	test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster	Error	0.19	test_vm_deployment_planner.py
test_08_migrate_vm	Error	0.07	test_vm_life_cycle.py
test_11_destroy_vm_and_volumes	Error	23.16	test_vm_life_cycle.py
test_12_start_vm_multiple_volumes_allocated	Error	73.73	test_vm_life_cycle.py
test_13_destroy_and_expunge_vm	Error	5.28	test_vm_life_cycle.py
test_01_migrate_vm_strict_tags_success	Error	0.23	test_vm_strict_host_tags.py
test_02_migrate_vm_strict_tags_failure	Error	0.23	test_vm_strict_host_tags.py
test_01_restore_vm_strict_tags_success	Error	0.22	test_vm_strict_host_tags.py
test_02_restore_vm_strict_tags_failure	Error	0.23	test_vm_strict_host_tags.py
test_01_scale_vm_strict_tags_success	Error	0.25	test_vm_strict_host_tags.py
test_02_scale_vm_strict_tags_failure	Error	0.31	test_vm_strict_host_tags.py
test_01_deploy_vm_on_specific_host_without_strict_tags	Error	0.27	test_vm_strict_host_tags.py
test_02_deploy_vm_on_any_host_without_strict_tags	Error	2.75	test_vm_strict_host_tags.py
test_03_deploy_vm_on_specific_host_with_strict_tags_success	Error	0.28	test_vm_strict_host_tags.py
test_04_deploy_vm_on_any_host_with_strict_tags_success	Error	5.83	test_vm_strict_host_tags.py
test_05_deploy_vm_on_specific_host_with_strict_tags_failure	Failure	0.26	test_vm_strict_host_tags.py
test_01_create_volume	Error	5.41	test_volumes.py
test_02_attach_volume	Error	3.16	test_volumes.py
test_03_download_attached_volume	Error	3.15	test_volumes.py
test_01_verify_ipv6_vpc	Error	249.75	test_vpc_ipv6.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL	Failure	506.19	test_vpc_redundant.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL	Error	506.23	test_vpc_redundant.py
test_02_redundant_VPC_default_routes	Failure	371.16	test_vpc_redundant.py
test_02_redundant_VPC_default_routes	Error	371.19	test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers	Failure	425.19	test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers	Error	425.23	test_vpc_redundant.py
test_05_rvpc_multi_tiers	Failure	366.54	test_vpc_redundant.py
test_05_rvpc_multi_tiers	Error	366.56	test_vpc_redundant.py
test_01_redundant_vpc_site2site_vpn	Failure	278.46	test_vpc_vpn.py

[Pearl1594]

@blueorangutan test ol8 xenserver-84

[blueorangutan]

@Pearl1594 a [SL] Trillian-Jenkins test job (ol8 mgmt + xenserver-84) has been kicked to run smoke tests

[Pearl1594]

@blueorangutan test ol8 xcpng83

[blueorangutan]

@Pearl1594 a [SL] Trillian-Jenkins test job (ol8 mgmt + xcpng83) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian test result (tid-15060)
Environment: xcpng83 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 67591 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12263-t15060-xcpng83.zip
Smoke tests completed. 140 look OK, 10 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_events_resource	Error	173.77	test_events_resource.py
test_03_deploy_and_scale_kubernetes_cluster	Failure	65.81	test_kubernetes_clusters.py
test_01_non_strict_host_anti_affinity	Error	176.89	test_nonstrict_affinity_group.py
test_02_non_strict_host_affinity	Error	51.31	test_nonstrict_affinity_group.py
test_01_add_primary_storage_disabled_host	Error	15.52	test_primary_storage.py
test_01_primary_storage_iscsi	Error	0.19	test_primary_storage.py
test_01_primary_storage_nfs	Error	0.20	test_primary_storage.py
ContextSuite context=TestStorageTags>:setup	Error	0.32	test_primary_storage.py
test_06_disk_offering_strictness_false	Failure	630.33	test_service_offerings.py
test_02_list_snapshots_with_removed_data_store	Error	10.67	test_snapshots.py
test_02_list_snapshots_with_removed_data_store	Error	10.67	test_snapshots.py
test_01_vpn_usage	Error	1.10	test_usage.py
test_01_deploy_vm_on_specific_host	Error	0.10	test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster	Error	0.15	test_vm_deployment_planner.py
test_08_migrate_vm	Error	0.07	test_vm_life_cycle.py
test_11_destroy_vm_and_volumes	Error	17.92	test_vm_life_cycle.py
test_01_migrate_vm_strict_tags_success	Error	0.27	test_vm_strict_host_tags.py
test_02_migrate_vm_strict_tags_failure	Error	0.26	test_vm_strict_host_tags.py
test_01_restore_vm_strict_tags_success	Error	0.24	test_vm_strict_host_tags.py
test_02_restore_vm_strict_tags_failure	Error	0.26	test_vm_strict_host_tags.py
test_01_scale_vm_strict_tags_success	Error	0.26	test_vm_strict_host_tags.py
test_02_scale_vm_strict_tags_failure	Error	0.27	test_vm_strict_host_tags.py
test_01_deploy_vm_on_specific_host_without_strict_tags	Error	0.28	test_vm_strict_host_tags.py
test_02_deploy_vm_on_any_host_without_strict_tags	Error	2.62	test_vm_strict_host_tags.py
test_03_deploy_vm_on_specific_host_with_strict_tags_success	Error	0.24	test_vm_strict_host_tags.py
test_04_deploy_vm_on_any_host_with_strict_tags_success	Error	5.68	test_vm_strict_host_tags.py
test_05_deploy_vm_on_specific_host_with_strict_tags_failure	Failure	0.34	test_vm_strict_host_tags.py

[blueorangutan]

[SF] Trillian test result (tid-15059)
Environment: xenserver-84 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 70426 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12263-t15059-xenserver-84.zip
Smoke tests completed. 136 look OK, 14 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_01_events_resource	Error	130.40	test_events_resource.py
test_08_arping_in_ssvm	Failure	5.19	test_diagnostics.py
test_03_deploy_and_scale_kubernetes_cluster	Failure	47.08	test_kubernetes_clusters.py
test_01_non_strict_host_anti_affinity	Error	164.23	test_nonstrict_affinity_group.py
test_02_non_strict_host_affinity	Error	73.25	test_nonstrict_affinity_group.py
test_01_add_primary_storage_disabled_host	Error	5.32	test_primary_storage.py
test_01_primary_storage_iscsi	Error	0.13	test_primary_storage.py
test_01_primary_storage_nfs	Error	0.16	test_primary_storage.py
ContextSuite context=TestStorageTags>:setup	Error	0.27	test_primary_storage.py
test_02_list_snapshots_with_removed_data_store	Error	12.59	test_snapshots.py
test_02_list_snapshots_with_removed_data_store	Error	12.60	test_snapshots.py
test_01_vpn_usage	Error	1.07	test_usage.py
test_01_scale_up_verify	Failure	526.27	test_vm_autoscaling.py
test_02_update_vmprofile_and_vmgroup	Failure	257.79	test_vm_autoscaling.py
test_06_autoscaling_vmgroup_on_project_network	Failure	434.00	test_vm_autoscaling.py
test_06_autoscaling_vmgroup_on_project_network	Error	434.01	test_vm_autoscaling.py
test_07_autoscaling_vmgroup_on_vpc_network	Failure	423.22	test_vm_autoscaling.py
test_07_autoscaling_vmgroup_on_vpc_network	Error	423.24	test_vm_autoscaling.py
ContextSuite context=TestVmAutoScaling>:teardown	Error	473.81	test_vm_autoscaling.py
test_01_deploy_vm_on_specific_host	Error	0.07	test_vm_deployment_planner.py
test_04_deploy_vm_on_host_override_pod_and_cluster	Error	0.10	test_vm_deployment_planner.py
test_08_migrate_vm	Error	0.05	test_vm_life_cycle.py
test_11_destroy_vm_and_volumes	Error	24.80	test_vm_life_cycle.py
test_12_start_vm_multiple_volumes_allocated	Error	58.83	test_vm_life_cycle.py
test_13_destroy_and_expunge_vm	Error	3.78	test_vm_life_cycle.py
test_01_migrate_vm_strict_tags_success	Error	0.20	test_vm_strict_host_tags.py
test_02_migrate_vm_strict_tags_failure	Error	0.20	test_vm_strict_host_tags.py
test_01_restore_vm_strict_tags_success	Error	0.21	test_vm_strict_host_tags.py
test_02_restore_vm_strict_tags_failure	Error	0.20	test_vm_strict_host_tags.py
test_01_scale_vm_strict_tags_success	Error	0.21	test_vm_strict_host_tags.py
test_02_scale_vm_strict_tags_failure	Error	0.20	test_vm_strict_host_tags.py
test_01_deploy_vm_on_specific_host_without_strict_tags	Error	0.19	test_vm_strict_host_tags.py
test_02_deploy_vm_on_any_host_without_strict_tags	Error	2.58	test_vm_strict_host_tags.py
test_03_deploy_vm_on_specific_host_with_strict_tags_success	Error	0.19	test_vm_strict_host_tags.py
test_04_deploy_vm_on_any_host_with_strict_tags_success	Error	5.59	test_vm_strict_host_tags.py
test_05_deploy_vm_on_specific_host_with_strict_tags_failure	Failure	0.21	test_vm_strict_host_tags.py
test_01_verify_ipv6_vpc	Error	232.82	test_vpc_ipv6.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL	Failure	510.74	test_vpc_redundant.py
test_01_create_redundant_VPC_2tiers_4VMs_4IPs_4PF_ACL	Error	510.78	test_vpc_redundant.py
test_02_redundant_VPC_default_routes	Failure	368.21	test_vpc_redundant.py
test_02_redundant_VPC_default_routes	Error	368.24	test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers	Failure	374.18	test_vpc_redundant.py
test_03_create_redundant_VPC_1tier_2VMs_2IPs_2PF_ACL_reboot_routers	Error	374.21	test_vpc_redundant.py
test_05_rvpc_multi_tiers	Failure	357.97	test_vpc_redundant.py
test_05_rvpc_multi_tiers	Error	358.00	test_vpc_redundant.py
test_01_redundant_vpc_site2site_vpn	Failure	273.73	test_vpc_vpn.py

[weizhouapache]

code lgtm

[weizhouapache]

@Pearl1594
can you update the title of this PR ?

[RosiKyu]

@blueorangutan test

[blueorangutan]

@RosiKyu a [SL] Trillian-Jenkins test job (ol8 mgmt + kvm-ol8) has been kicked to run smoke tests

[blueorangutan]

[SF] Trillian Build Failed (tid-15162)

[vladimirpetrov]

@blueorangutan package

[blueorangutan]

@vladimirpetrov a [SL] Jenkins job has been kicked to build packages. It will be bundled with no SystemVM templates. I'll keep you posted as I make progress.

[blueorangutan]

Packaging result [SF]: ✔️ el8 ✔️ el9 ✔️ el10 ✔️ debian ✔️ suse15. SL-JID 16446

[vladimirpetrov]

LGTM, tested on XCPNG 8.3 and XenServer 8.4 with Windows 11 and Ubuntu 24 server.

[vladimirpetrov]

Here is the vtpm support for the XenServer 8.4 with Ubuntu 24 server VM:

[07:49 ref-trl-10668-x-mol9-vladimir-petrov-xs1 ~]# xe vm-list params=dom-id,vtpms,name-label
name-label ( RW)    : s-2-VM
        dom-id ( RO): 5
         vtpms ( RO): 


name-label ( RW)    : Control domain on host: ref-trl-10668-x-mol9-vladimir-petrov-xs1
        dom-id ( RO): 0
         vtpms ( RO): 


name-label ( RW)    : Control domain on host: ref-trl-10668-x-mol9-vladimir-petrov-xs2
        dom-id ( RO): 0
         vtpms ( RO): 


name-label ( RW)    : v-1-VM
        dom-id ( RO): 1
         vtpms ( RO): 


name-label ( RW)    : i-2-14-VM
        dom-id ( RO): 20
         vtpms ( RO): c803b3b7-93d5-8c1e-d9b2-32fe3596a631

Check for TMP in the VM:

And Ubuntu 24 VM on XCPNG 8.3:

[07:36 ref-trl-10666-x-mol9-vladimir-petrov-xs1 ~]# xe vm-list params=dom-id,vtpms,name-label
name-label ( RW)    : Control domain on host: ref-trl-10666-x-mol9-vladimir-petrov-xs1
        dom-id ( RO): 0
         vtpms ( RO): 


name-label ( RW)    : v-6-VM
        dom-id ( RO): 3
         vtpms ( RO): 


name-label ( RW)    : s-7-VM
        dom-id ( RO): 4
         vtpms ( RO): 


name-label ( RW)    : i-2-9-VM
        dom-id ( RO): 11
         vtpms ( RO): 4d70599d-93ed-e4c5-5dfc-d10806afd47a


name-label ( RW)    : Control domain on host: ref-trl-10666-x-mol9-vladimir-petrov-xs2
        dom-id ( RO): 0
         vtpms ( RO): 

Check for TMP in the VM:

The Windows 11 VM was successfully installed on both environments.

[borisstoyanov]

@blueorangutan test matrix

[blueorangutan]

@borisstoyanov a [SL] Trillian-Jenkins matrix job (EL8 mgmt + EL8 KVM, Ubuntu22 mgmt + Ubuntu22 KVM, EL8 mgmt + VMware 7.0u3, EL9 mgmt + XCP-ng 8.2 ) has been kicked to run smoke tests

[Copilot]

Pull request overview

This pull request adds support for virtual TPM (Trusted Platform Module) 2.0 for virtual machines running on XenServer 8.4 and XCP-ng 8.3/8.4. The vTPM feature enables VM security capabilities like Secure Boot and disk encryption by providing a virtual TPM device to guest operating systems.

Changes:

• Adds vTPM configuration option to XenServer hypervisor settings in QueryManagerImpl
• Implements vTPM creation logic via XenServer xe CLI commands in Python plugin script
• Integrates vTPM configuration into VM startup workflow with graceful error handling
• Adds version detection to ensure vTPM is only attempted on compatible XenServer/XCP-ng versions

Reviewed changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.

Show a summary per file

File	Description
server/src/main/java/com/cloud/api/query/QueryManagerImpl.java	Adds VIRTUAL_TPM_ENABLED option to VM detail options for XenServer hypervisor type
scripts/vm/hypervisor/xenserver/xenserver84/vmops	Implements create_vtpm Python function to create vTPM devices via xe CLI commands
plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixStartCommandWrapper.java	Integrates vTPM configuration call into VM start workflow with exception handling
plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/wrapper/xenbase/CitrixReadyCommandWrapper.java	Refactors exception handling to separate UEFI support check from other operations
plugins/hypervisors/xenserver/src/main/java/com/cloud/hypervisor/xenserver/resource/CitrixResourceBase.java	Adds core vTPM configuration logic including version checking, UEFI validation, and vTPM creation via host plugin

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The minimum version check is inconsistent with the PR description and documentation. The PR title and description state support for XenServer 8.4 / XCP-ng 8.3/8.4, and the documentation comment at line 5836 states "XenServer/XCP-ng 8.3 (and above)", but this code checks for version 8.2.0 or higher. This version mismatch could enable vTPM on versions that don't properly support it. The minimum version should be updated to "8.3.0" to match the stated requirements.

[Copilot]

There is a grammatical error in this log message. "doesn't" should be "don't" because "VM details" is plural (referring to the details map/collection). The correct phrasing should be: "Guest OS requires vTPM by default, even if VM details don't have the setting"

Suggested change

	logger.warn("Guest OS requires vTPM by default, even if VM details doesn't have the setting: {}", vmSpec.getName());
	logger.warn("Guest OS requires vTPM by default, even if VM details don't have the setting: {}", vmSpec.getName());

[Copilot]

The logic for determining boot type is incorrect. If bootMode is null, bootType is set to BIOS, but if bootMode has any non-empty value, bootType is unconditionally set to UEFI. This means any non-null value in the UEFI key will be treated as UEFI mode, regardless of the actual value. The logic should check the value of bootMode to determine if it's truly UEFI or not. Consider checking if the bootMode value equals "UEFI" or similar logic to properly determine the boot type.

Suggested change

	String bootType = (bootMode == null) ? ApiConstants.BootType.BIOS.toString() : ApiConstants.BootType.UEFI.toString();
	if (!ApiConstants.BootType.UEFI.toString().equals(bootType)) {
	if (!ApiConstants.BootType.UEFI.toString().equalsIgnoreCase(bootMode)) {

[blueorangutan]

[SF] Trillian Build Failed (tid-15299)

[Copilot]

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

[blueorangutan]

[SF] Trillian test result (tid-15298)
Environment: kvm-ol8 (x2), zone: Advanced Networking with Mgmt server ol8
Total time taken: 52759 seconds
Marvin logs: https://github.com/blueorangutan/acs-prs/releases/download/trillian/pr12263-t15298-kvm-ol8.zip
Smoke tests completed. 149 look OK, 1 have errors, 0 did not run
Only failed and skipped tests results shown below:

Test	Result	Time (s)	Test File
test_03_deploy_and_scale_kubernetes_cluster	Failure	24.59	test_kubernetes_clusters.py
test_08_upgrade_kubernetes_ha_cluster	Failure	628.00	test_kubernetes_clusters.py

[shwstppr]

@Pearl1594 can you please check the comments from Copilot? Some seem to make sense