Intel TDX Guest Attestation Support Merged For Linux 6.2
Intel's open-source engineers for a while have been working on the Linux support for Trust Domain Extensions (TDX) and now the attestation infrastructure and driver support is merged. Intel Trust Domain Extensions are for hardware-isolated, virtual machines in providing protection from the VMM/hypervisor and other non-Trust Domain software on the platform. TDX provides a Secure-Arbitration Mode (SEAM), a multi-key total-memory encryption engine, remote attestation, and other security features.
The guest driver support for running within virtual machines (VMs) is what's now merged. The TDX attestation support is used for verifying a guest's trustworthiness state to other entities before provisioning secrets to the guest.
Intel TDX, intel/tdx-tools
The Intel TDX guest support was merged via this pull request on Monday.