Intel Details TDX To Better Protect Virtual Machines

Written by Michael Larabel in Intel on 14 August 2020 at 02:06 PM EDT. 28 Comments
INTEL
Intel has published a whitepaper on their new TDX "Trust Domain Extensions" technology for better securing virtual machines.

Intel TDX is designed to isolate virtual machines from the VMM/hypervisor and other non-VMM system software on the platform. TDX is also able to protect the VMs from some forms of hardware attacks. Intel TDX will be coming with a future CPU generation but so far Intel has not detailed what generation or the timing of such support.

Intel TDX adds a secure-arbitration mode, makes use of memory encryption and the existing MKTME, and other functionality.


Details are a bit light as Intel hasn't yet published the Trust Domain Extensions specification or any Linux bring-up code but at the moment is just this Intel whitepaper on TDX.
28 Comments
Related News
Intel Lands "Round Robin Strict" Driver Optimization For Helping Battlemage/Xe2
Intel Looking To Raise SPIR-V Backend To Becoming An Official LLVM Target
Intel Panther Lake & Clearwater Forest Power Management Patches For Linux 6.14
Intel Begins Readying Graphics Driver Changes For The Linux 6.14 Kernel
UMD Direct Submission "Proof Of Concept" For The Intel Xe Linux Driver
Intel Linux Display Driver Being Adapted For DRM Panic "Blue Screen of Death" Support
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features