This component was present in a list of critical components for Image Mode testing as of Feb 14, 2024. Therefore the Image Mode program is proactively filing this dedicated ticket for it so the SST may have an actionable tracker. Refer to the instructions in the epic on how to proceed with this ticket. Should your team identify more critical components, please create a ticket for it like this. If, however, you intend to track this on a more aggregated matter (e.g. by performing changes in your team's CI) and don't need this component-level ticket, feel free to close it as "Won't Do".

Issues with testing:

• Discussion thread: https://redhat-internal.slack.com/archives/C03BRN71JAF/p1759954139837339
• Machines from the Beaker pool do not support image mode composes
• Attempting to test TPM with image mode via a tpm emulator since the hardware is not available.
  • emulator overview: https://tpm2-software.github.io/2020/10/19/TPM2-Device-Emulation-With-QEMU.html
  • swtpm link: https://github.com/stefanberger/swtpm/wiki
  • libtpms link: https://github.com/stefanberger/libtpms/wiki
  • Need a rhel-image-mode image compatible with QEMU in order to emulate TPM2
  • Need to build libtpms and swtpm on the host system, set up QEMU vm with rhel-image-mode, and then bind the swtpm socket with the QEMU guest vm's /dev/tpm*
• Ran the tests (https://gitlab.com/redhat/centos-stream/tests/kernel/kernel-tests/-/tree/main/security/crypto/tpm) on an image mode provisioned system without proper hardware. All test automation works and all failures were hardware related, as expected. At this point there is no reason to believe that the tests would fail if it was possible to provision Beaker machines with image mode through testing-farm.