Intel TDX With Linux 6.3 Updated To Avoid "Total Insanity" Scenario

Written by Michael Larabel in Intel on 23 February 2023 at 06:43 AM EST. 1 Comment
Intel Trust Domain Extensions (TDX) is one of the new features with 4th Gen Xeon Scalable "Sapphire Rapids" processors but is limited this generation to deployment by a few select cloud partners. For Linux 6.3 this feature for hardware-isolated virtual machines is continuing to be further refined.

The Intel TDX support for Linux on both the host and guest side has been coming together over the past number of kernel cycles. With Linux 6.3 the focus of the TDX changes is on preventing unexpected virtualization exceptions from hosts removing guest mappings and excessive #VE notifications.

Intel TDX overview

The x86/tdx pull request of Linux 6.3 changes sums up the work as:
"Other than a minor fixup, the content here is to ensure that TDX guests never see virtualization exceptions (#VE's) that might be induced by the untrusted VMM.

This is a highly desirable property. Without it, #VE exception handling would fall somewhere between NMIs, machine checks and total insanity. With it, #VE handling remains pretty mundane."

The Intel TDX patch that is part of this pull request to disable NOTIFY_ENABLES goes on to explain:
"There is a class of side-channel attacks against SGX enclaves called "SGX Step". These attacks create lots of exceptions inside of enclaves. Basically, run an in-enclave instruction, cause an exception. Over and over.

There is a concern that a VMM could attack a TDX guest in the same way by causing lots of #VE's. The TDX architecture includes new countermeasures for these attacks. It basically counts the number of exceptions and can send another *special* exception once the number of VMM-induced #VE's hits a critical threshold.

But, these special exceptions are independent of any action that the guest takes. They can occur anywhere that the guest executes. This includes sensitive areas like the entry code. The (non-paranoid) #VE handler is incapable of handling exceptions in these areas.

Fortunately, the special exceptions can be disabled by the guest via write to NOTIFY_ENABLES TDCS field. NOTIFY_ENABLES is disabled by default, but might be enabled by a bootloader, firmware or an earlier kernel before the current kernel runs.

Disable NOTIFY_ENABLES feature explicitly and unconditionally. Any NOTIFY_ENABLES-based #VE's that occur before this point will end up in the early #VE exception handler and die due to unexpected exit reason."

So that clean-up around the virtualization exceptions (#VE) is good to go now for Linux 6.3. It will likely be with next-generation Emerald Rapids processors where TDX support becomes widely available.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week