Add preliminary Intel TDX support [v2] #355
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
There are two outstanding issues, but the limitations are documented in the README:
|
jakecorrenti
force-pushed
the
tdx-v2
branch
2 times, most recently
from
a8c3e57 to
f60a0f3
Compare
|
@tylerfanelli @MatiasVara @slp feel free to review whenever you're ready. I'm just trying to figure out how to debug the issues I listed above at the moment. |
jakecorrenti
requested review from
MatiasVara,
mtjhrc,
slp and
tylerfanelli
as code owners
jakecorrenti
force-pushed
the
tdx-v2
branch
5 times, most recently
from
7376e1e to
6ec624b
Compare
jakecorrenti
added a commit
to jakecorrenti/libkrunfw
that referenced
this pull request
Jul 2, 2025
Update the binary so a TDX guest does not attempt attestation. Generated from work done in containers/libkrun#355 Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Closed
|
@jakecorrenti LGTM, could you please rebase it? |
In the IOAPIC constructor, only enable the SPLIT IRQCHIP capability on non-tdx flavors. The TDX flavor will enable the necessary capabilities for the system on Vm creation. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
TDX requires the IRQCHIP to be split between the guest and the host. Enable the functionality in the launch-tee test. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
|
Fixed! |
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Some of the pre-existing feature checks in the `vmm` crate, whether `tee` or `amd-sev`, are not compatible with the `tdx` feature. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Ensure the -tdx flavor links with the correct libkrunfw flavor, which in this case is libkrunfw-tdx. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
The registers and APIC state on TDX systems are considered "protected", therefore we cannot configure them at all through the KVM API. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Adds a new `inteltdx` module and implements a TDX implementation for `Vm::new()` Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
TDX requires the number of 4k pages and the number of vCPUs to be specified in the boot parameters differently than the other `tee` architectures. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
TDX starts execution in 32-bit protected mode, not 16-bit real mode. Change the reset vector to reflect that. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Retrieve the TDX capabilities KVM supports with the current TDX module the system has loaded and perform TDX specific VM initialization. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
After the vCPUs have been created with KVM, add them to the TDX launcher and then do the necessary initialization. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Initialize the guest private memory for each of the measured regions created. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Set up the worker thread so the TDX guest is able to convert memory from shared -> private or private -> shared when a hypercall is made or a memory fault occurs. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
When the vCPU exits with VcpuExit::MemoryFault, ensure that we are checking the exit flag has the private bit set to 1 before attempting to convert any memory. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Document how to compile and install the TDX flavor of libkrun. Also document the limitations of multiprocessing and memory. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Do not attest with the libkrun-tdx flavor. Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Closed
slp
pushed a commit
to containers/libkrunfw
that referenced
this pull request
Jul 31, 2025
Update the binary so a TDX guest does not attempt attestation. Generated from work done in containers/libkrun#355 Signed-off-by: Jake Correnti <jakecorrenti+github@proton.me>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This pull request adds support for Intel Trust Domain eXtensions (TDX), another hardware Trusted Execution Environment architecture.
Note: this pull request does not support attestation.