When a domain is started with option vtpm = [ 'instance=1, backend=0' ] vtpm
for the domain always starts with parameter "clear", resulting in all keystore
inaccessable because the previous SRK is lost. I could not find a way to save
the vtpm state in any way. The vtpm_manager output includes these:
when I checked the code and mailing lists, this NVM is actually resides in
dom0 filesystem, namely /var/vtpm/vtpm_dm_%d.data but the vtpm_manager does
not create this when it started, nor it complains.
I am having this issue with xen versions 3.1.3-RELEASE and 3.1-testing, but
did not test with 3.2 branch.