Skip to content

Add preliminary Intel TDX support [v2] #355

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 19 commits into
base: main
Choose a base branch
from
Draft

Add preliminary Intel TDX support [v2] #355

wants to merge 19 commits into from

Conversation

jakecorrenti
Copy link
Member

This pull request adds support for Intel Trust Domain eXtensions (TDX), another hardware Trusted Execution Environment architecture.

Note: this pull request does not support attestation.

@jakecorrenti
devices: conditionally enable split irqchip
92d1ba3 
In the IOAPIC constructor, only enable the SPLIT IRQCHIP capability on
non-tdx flavors. The TDX flavor will enable the necessary capabilities
for the system on Vm creation.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
examples: add krun_split_irq to launch-tee.c
57295e1 
TDX requires the IRQCHIP to be split between the guest and the host.
Enable the functionality in the launch-tee test.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
makefile: examples: add TDX targets
5579789 
Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
examples: add tdx-config-noattest.json
cdbe7ee 
Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
cargo: add virtee/tdx crate and tdx feature
38db46a 
Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: update pre-existing CC feature checks
7b523f8 
Some of the pre-existing feature checks in the `vmm` crate, whether
`tee` or `amd-sev`, are not compatible with the `tdx` feature.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
libkrun: link with libkrunfw-tdx flavor
bb52000 
Ensure the -tdx flavor links with the correct libkrunfw flavor, which in
this case is libkrunfw-tdx.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: do not configure registers
397794a 
The registers and APIC state on TDX systems are considered "protected",
therefore we cannot configure them at all through the KVM API.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: add inteltdx tee module and Vm constructor
290e733 
Adds a new `inteltdx` module and implements a TDX implementation for `Vm::new()`

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
arch: adjust boot params
dbee7ba 
TDX requires the number of 4k pages and the number of vCPUs to be
specified in the boot parameters differently than the other `tee`
architectures.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
arch: change reset vector for TDX
ff44dad 
TDX starts execution in 32-bit protected mode, not 16-bit real mode.
Change the reset vector to reflect that.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: initialize TDX VM
9bbe7a6 
Retrieve the TDX capabilities KVM supports with the current TDX module
the system has loaded and perform TDX specific VM initialization.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: adjust measured regions for TDX
6123399 
Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
cpuid: update CPUID for TDX
8c5222d 
Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: initialize TDX vCPUs
46152a6 
After the vCPUs have been created with KVM, add them to the TDX
launcher and then do the necessary initialization.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: initialize memory regions for TDX VM
182d772 
Initialize the guest private memory for each of the measured regions
created.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: finalize measurements for TDX VM
44e0459 
Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
libkrun: vmm: setup worker thread
0f66cd3 
Set up the worker thread so the TDX guest is able to convert memory from
shared -> private or private -> shared when a hypercall is made or a
memory fault occurs.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
vmm: check memory fault flag on vCPU exit
94aaed3 
When the vCPU exits with VcpuExit::MemoryFault, ensure that we are
checking the exit flag has the private bit set to 1 before attempting to
convert any memory.

Signed-off-by: Jake Correnti <[email protected]>
@jakecorrenti
Copy link
Member Author

jakecorrenti commented Jun 13, 2025
edited
Loading

Currently working through two outstanding issues that just came up:

  • giving the VM more than 3072 mib of memory causes an error because the guest exits with VcpuExit::MemoryFault, then tries to conver the region at MMIO_START to private. It's unclear if this is a TDX-specific issue or this is also affecting SNP
  • giving the VM more than 1 processor leads to only the BSP being active. The APs fail to wake up

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@MatiasVara MatiasVara Awaiting requested review from MatiasVara MatiasVara will be requested when the pull request is marked ready for review MatiasVara is a code owner

@mtjhrc mtjhrc Awaiting requested review from mtjhrc mtjhrc will be requested when the pull request is marked ready for review mtjhrc is a code owner

@slp slp Awaiting requested review from slp slp will be requested when the pull request is marked ready for review slp is a code owner

@tylerfanelli tylerfanelli Awaiting requested review from tylerfanelli tylerfanelli will be requested when the pull request is marked ready for review tylerfanelli is a code owner

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@jakecorrenti