Trust Domain Extensions

Trust Domain Extensions is an extension to the x86 virtualization first proposed by Intel in May 2021. It consists of an extension of the x86 instruction set architecture (ISA) called Virtual Machine Extensions (VMX), a technology for RAM encryption, and a new mode for CPU operation called SEAM ("Secure Arbitration Mode").^[1] The technology provides hardware isolation of virtual machines (called "trust domains" in Intel terminology), in which the hypervisor loses the ability to control virtual machines directly, instead relying on new CPU instructions (SEAMCALL and SEAMRET).

Architecture overview[edit]

Guest-hypervisor communication[edit]

Operating system support[edit]

First patches to support TDX technology in Linux kernel were posted in the Linux kernel mailing list around June 2021.^[2] As for Linux kernel version 5.15 such support is not yet in the mainline kernel.

References[edit]

↑ "Intel® Trust Domain Extensions (Intel® TDX)". Retrieved 7 November 2021.
↑ "Add INTEL_TDX_GUEST config option to selectively compile TDX guest support". 18 June 2021.

Category:Computer-related introductions in 2021 Category:X86 instructions

This article "Trust Domain Extensions" is from Wikipedia. The list of its authors can be seen in its historical and/or the page Edithistory:Trust Domain Extensions. Articles copied from Draft Namespace on Wikipedia could be seen on the Draft Namespace of Wikipedia and not main one.

This page exists already on Wikipedia.

📰 Article(s) of the same category(ies)[edit]

[IntelWeb-1] "Intel® Trust Domain Extensions (Intel® TDX)". Retrieved 7 November 2021.

[lkml-2] "Add INTEL_TDX_GUEST config option to selectively compile TDX guest support". 18 June 2021.

[1]

[2]