Intel® Trust Domain Extensions (Intel® TDX) is introducing new, architectural elements to help deploy hardware-isolated, virtual machines (VMs) called trust domains (TDs). Intel TDX is designed to isolate VMs from the virtual-machine manager (VMM)/hypervisor and any other non-TD software on the platform to protect TDs from a broad range of software. These hardware-isolated TDs include:
- Secure-Arbitration Mode (SEAM) – a new mode of the CPU designed to host an Intel-provided, digitally-signed, security-services module called the Intel-TDX module.
- Shared bit in GPA to help allow TD to access shared memory.
- Secure EPT to help translate private GPA to provide address-translation integrity and to prevent TD-code fetches from shared memory. Encryption and integrity protection of private-memory access using a TD-private key is the goal.
- Physical-address-metadata table (PAMT) to help track page allocation, page initialization, and TLB consistency.
- Multi-key, total-memory-encryption (MKTME) engine designed to provide memory encryption using AES-128- XTS and integrity using 28-bit MAC and a TD-ownership bit.
- Remote attestation designed to provide evidence of TD executing on a genuine, Intel-TDX system and its TCB version.
White Papers and Specifications
|Intel® Trust Domain Extensions (Intel® TDX)||An introductory overview of the Intel® TDX technology.||August 2020|
|Intel® CPU Architectural Extensions Specification||A specification of Intel CPU architectural support for Intel TDX.||May 2021|
|Intel TDX® Module 1.0 Specification||Architecture and Application Binary Interface (ABI) Specification of the Intel TDX Module.||August 2021|
|Intel® TDX Loader Interface Specification||A specification of how a VMM loads the Intel TDX Module on a platform.||May 2021|
|Intel® TDX Guest-Hypervisor Communication Interface||A specification of the new software interfaces between a VMM and a guest OS that are required for enabling Intel TDX.||September 2020|
|Intel® TDX Virtual Firmware Design Guide||A design guide on how to design and implement a virtual firmware for a trust domain.||October 2020|