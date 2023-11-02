More Intel TDX Improvements Come With Linux 6.7
More Linux kernel code around Intel's Trust Domain Extensions (TDX) has landed with the in-development Linux 6.7 kernel.
Intel Trust Domain Extensions is for providing hardware-based isolation, confidentiality, and integrity at the virtual machine level. This hardware-based trusted execution environment premiered with select Sapphire Rapids CPU models for public cloud providers and hyperscalers. With upcoming Emerald Rapids processors we are expecting to see broader TDX availability, which is good now that much of the Linux operating system support has since worked its way upstream over the past year.
With Linux 6.7 there is a rework of the Assembly and C wrappers that are used for interfacing with the TDX module and VMM. This clean-up is part of their work for handling where Linux is the TDX VMM. Plus this pull request has some TDX improvements around working better with Microsoft Hyper-V and enabling use of hardware timestamp calibration (TSC).
As part of the Linux 6.7 pull request is also adding the "CONFIG_INTEL_TDX_HOST" Kconfig option for toggling build-time support for TDX host support. The Intel TDX host code has been undergoing 14+ rounds of review.
More details for those interested via the TDX pull.
