108 Patches Sent Out In Latest Revision Of Intel TDX KVM Support For Linux

Written by Michael Larabel in Intel on 30 October 2022 at 05:20 AM EDT. Add A Comment
INTEL --
Back in Linux 5.19 the initial code for Intel Trust Domain Extensions (TDX) was merged while still an ongoing matter is getting the Kernel-based Virtual Machine (KVM) integration merged that is now up to its tenth revision and spans 108 patches.

Trust Domain Extensions is Intel's alternative to Secure Encrypted Virtualization SEV-SNP with AMD EPYC processors. Intel TDX allows for hardware-isolated virtual machines, a total memory encryption engine, remote attestation, and other security features for trusted domains with Xeon Scalable "Sapphire Rapids" processors.


Intel TDX


While the initial x86 TDX code landed in Linux 5.19, integrating the support for KVM virtualization support remains ongoing. There still are some open discussion items around TDX's KVM hardware initialization approach that needs to be settled. This weekend's v10 patch series also updates the KVM TDX patches against the latest Linux 6.1 upstream state, integrated the TDX host kernel support patches into this series, integrated the FD-based private page patches into this series. and other changes.

For those interested in this forthcoming Intel confidential computing feature focused on VM security, see the big v10 patch series for this latest pending code. We'll see if the TDX KVM support manages to get buttoned up in time for the Linux 6.2 cycle for getting this feature fully mainlined prior to Xeon Scalable "Sapphire Rapids" ramping up production.
Related News
About The Author
Author picture

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week