Hi, I have a working PoC for boot-time initialization of vtpm inside tpm_vtpm_proxy. ATM, it uses the Linux firmware interface to load a ELF binary for the vtpm, and delivers a communication end for the helper process. It is a great feature with the current narrow scope for continuous integration. Obviously the scope could be later on extended to e.g. from unencrypted plain text to a vTPM living inside SGX enclave. I could send an RFC of this, if there is wider interest for the topic. BR, Jarkko
