Intel Publishes Latest TDX Support Patches For Linux

Written by Michael Larabel in Intel on 14 June 2021 at 05:54 AM EDT. Add A Comment
INTEL
Last year Intel detailed Trust Domain Extensions (TDX) as a new means of better protecting virtual machines with hardware-assisted isolation between VMs as well as from the VMM/hypervisor. Shortly after that Intel began posting TDX enablement patches and that work has continued while is still ongoing.

Intel landed the new TDX instructions within the open-source code compilers and then still ongoing is the Linux kernel enablement. Intel already had sent out their initial Trust Domain Extensions enablement and various other related patch series. Now though they have posted their latest patches around shared memory management support. With all of these published patch series, at this point it is then enough to get a fully-functional TDX guest when running on unrelated Intel Xeon processors.

The shared memory management patches sent out last week is supporting a means to securely share guest memory with the VMM (hypervisor) when needed by the guest. The VMM is considered an untrusted entity by TDX and thus does not allow it by default to access VMM memory so special changes are needed for the Trust Domain Extensions handling.

Given the timing and not much apparent rush around the Linux TDX enablement, it's not clear that all of these patches will be ready in time for the upcoming 5.14 cycle and thus may get dragged into a later kernel release. I also haven't seen Intel confirm whether TDX will be found in Sapphire Rapids this year or a generation later with Granite Rapids, so the kernel timing may still end up working out fine.
Add A Comment
Related News
Intel Begins Readying Graphics Driver Changes For The Linux 6.14 Kernel
UMD Direct Submission "Proof Of Concept" For The Intel Xe Linux Driver
Intel Linux Display Driver Being Adapted For DRM Panic "Blue Screen of Death" Support
Intel Compute Runtime 24.45.31740.9 Released Ahead Of The Arc B580 "Battlemage" Launch
Intel ANV Driver Improves Vulkan Image Compression Going Back To Tigerlake
Intel CEO Pat Gelsinger Retires
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
OpenWrt Affected By Security Issue That Could Have Led To Compromised Build Artifacts
Linus Torvalds Comes Out Against "Completely Broken" x86_64 Feature Levels
Linux EFI Zboot Abandoning "Compression Library Museum", Focusing On Gzip & Zstd
COSMIC Alpha 4 Released For System76's Rust-Based Desktop
How AMD Is Taking Standard C/C++ Code To Run Directly On GPUs
Ptyxis Becomes Ubuntu's Recommended Replacement To GNOME Terminal
GNU Shepherd 1.0 Service Manager Released As "Solid Tool" Alternative To systemd
KDE Starts December By Landing A Number Of New Features