I had been looking for years for a new Qubes desktop system but nothing that was still available ever showed up on the HCL. My old desktop died last week so I had no alternative but to take a chance on something. While the Dell XPS 8930 is no longer in production it is still available through retailers.
My new machine is an 8-core i7-9700K w 64GB ram desktop tower, and I added 3 3-TB drives, so it should be ample for the forthcoming future with R4.1 I hope. It will be nice to not have to worry about having too many VM’s running concurrently.
The Secure Boot needed to be disabled and Legacy boot mode turned on. This had the nasty side effect of disabling the option to [re]enable the Firmware TPM. I called Dell Support and went round and round and nobody could tell me which BIOS option was in direct opposition to having the TPM activated, and they just wanted me to use paid support to have somebody else walk me through changing all the same options I had already gone through. That is why I called for support, and you would think this would be documented somewhere (AMI BIOS). My suspicion is that it is tied into the M$ Secure boot logic which I had to turn off to get it to boot anything non-M$ related. I guess if I can get the proper keys for the Xen boot image then I may be able to look at this further.
Does anyone know of any PCIe TPM add-in card that works in Qubes? Or better yet, has anyone been able to get the Xen vTPM system working under Qubes? I looked at that a while back but didn’t have the memory to run so many VM’s needed to support that architecture. It should be doable now.
thanks,
Steve Coleman