Intel® Trust Domain Extensions (Intel® TDX)
Isolation, confidentiality, and integrity at the virtual machine (VM) level.
Browse Intel TDX Documentation
Find documentation and explore resources designed for easy access and hands-on learning.
Jump to: Architecture | Performance | Source Code | Security Guidance | Start-Up and Enabling Guidance
| Document | Description | Last Updated |
|---|---|---|
| Intel® Trust Domain Extensions (Intel® TDX) | An overview of the Intel TDX technology. | February 2023 |
| Intel CPU Architectural Extensions Specification | A specification of Intel CPU architectural support for Intel TDX. | May 2021 |
| Intel TDX Loader Interface Specification | A specification of how a virtual machine manager (VMM) loads the Intel TDX Module on a platform. | March 2022 |
| Intel TDX Virtual Firmware Design Guide | A guide on how to design and implement a virtual firmware for a trust domain. | December 2023 |
| Intel® Trust Domain Extensions Data Center Attestation Primitives (Intel® TDX DCAP): Quote Generation Library and Quote Verification Library | This specification describes the API surface for libraries from Intel that can be used to generate and verify attestation evidence for trust domains. | December 2023 |
Intel TDX 1.0
| Document | Description | Last Updated |
|---|---|---|
| Intel TDX Module 1.0 Specification | Architecture and Application Binary Interface (ABI) specification of the Intel TDX module | February 2023 |
| Intel TDX Guest-Hypervisor Communication Interface | Specification of the software interface between the guest operating system (tenant) and the VMM required to enable Intel TDX 1.0 | March 2023 |
Intel TDX 1.5
This version extends Intel TDX to introduce live migration and trusted domain (TD) partitioning for TD VMs and related support for service TDs.
| Document | Description | Last Updated |
|---|---|---|
| Intel® TDX Module v1.5 Base Architecture Specification | Overview and base architecture specification of the Intel TDX module | March 2024 |
| Intel TDX Module v1.5 TD Migration Architecture Specification | Overview and architecture specification of the TD migration feature of the Intel TDX module | March 2024 |
| Intel TDX Module v1.5 TD Partitioning Architecture Specification | Overview and architecture specification for TD partitioning of the Intel TDX Module | March 2024 |
| Intel TDX Module v1.5 ABI Specification | Application Binary Interface (ABI) specification of the Intel TDX module | March 2024 |
| Intel TDX Module v1.5 ABI Definitions | ABI definitions in JSON format | March 2024 |
| Intel TDX Module Incompatibilities between v1.0 and v1.5 | Description of the incompatibilities between Intel TDX 1.0 and Intel TDX 1.5 that may impact the host VMM or guest TDs | December 2023 |
| Intel TDX Guest-Hypervisor Communication Interface v1.5 |
Specification of the software interface between the guest operating system (tenant and service TD VMs) and the VMM required for enabling Intel TDX | March 2023 |
| Intel TDX Migration TD Design Guide | A design guide on how to design and implement a migration TD for Intel TDX live migration. | December 2023 |
Intel® TDX Connect
Intel TDX version 2.0 extends Intel TDX to support Trusted Execution Environment for device I/O (TEE-IO).
| Document | Description | Last Updated |
|---|---|---|
| Intel® TDX Connect Architecture Specification | Overview and base architecture specification for Intel TDX Connect | March 2023 |
| Intel TDX Connect TEE-IO Device Guide | Guidance on how to build a TEE-IO device for confidential computing compliant with the PCIe* specification |
March 2023 |
| Device Attestation Model in Confidential Computing Environment | Overview on how to support TEE-IO device attestation for confidential computing |
March 2023 |
| Software Enabling for Intel TDX in Support of TEE-IO | Overview of software enabling flow for Intel TDX Connect |
March 2023 |
| Document | Description | Last Updated |
|---|---|---|
| Performance Considerations of Intel TDX on 4th Generation Intel® Xeon® Scalable Processors | This article describes security-related performance considerations of Intel TDX and addresses performance based on specific types of workloads (CPU or memory, and I/O intensive). | September 2023 |
| Performance Considerations of Hardware-Isolated Partitioned VMs with Intel TDX on 4th Generation Intel Xeon Scalable Processors | This article describes the design goals of Intel TDX, provides an overview of the technology, and then reviews the performance of partitioned trust domains based on an implementation with Microsoft Azure*. | November 2023 |
| Intel TDX Performance Analysis Reference Documentation | This article describes basic methodologies to follow when conducting performance analysis for Intel TDX on a Linux* kernel-based virtual machine (KVM) and reporting results for workloads. It also includes basic sanity checks and data that Intel is interested in to verify performance results. |
July 2024 |
| Document | Version | Description | Last Updated |
|---|---|---|---|
| Intel TDX Loader | TDX 1.0 |
|
August 2022 |
| Intel TDX Loader | TDX 1.5 |
|
February 2023 |
Intel TDX Module Source Code
Security issues should be responsibly disclosed to the Intel product security incident response team (Intel PSIRT). Learn More About Reporting a Vulnerability
Intel TDX Security Guidance
| Resource | Last Updated |
|---|---|
| Intel TDX Guidance for Developers | March 2023 |
| Intel TDX Guest Kernel Hardening Documentation | March 2023 |
| Resource | Description |
|---|---|
| Intel TDX Enabling Guide | This guide provides a distilled set of instructions to integrate, deploy, and use Intel TDX. It includes prerequisites, start-up and integration steps, testing procedures, performance measurement, and maintenance steps. |