20-24 September 2021
US/Pacific timezone

TDX Linux guest

21 Sep 2021, 08:00
Microconference2/Virtual-Room (LPC Virtual)


LPC Virtual

Confidential Computing MC Confidential Computing MC


Andi Kleen Sathyanarayanan Kuppuswamy Elena Reshetova


Intel TDX is an upcoming confidential computing platform for running encrypted guests on untrusted hosts on Intel servers. It requires para virtualization to do any required emulation inside the guest. There are some unique challenges, in particular in hardening the Linux guest code against untrusted host input through MMIO, port and other IO, which is a new security challenge for Linux. The guest has to "accept" all memory and to get acceptable boot performance this acceptance has to be done lazily. We'll give an overview of the current TDX status, talk about the challenges and hope for a good discussion.

I agree to abide by the anti-harassment policy I agree

Primary authors

Andi Kleen Sathyanarayanan Kuppuswamy Elena Reshetova

Presentation Materials