Processors
Intel® Processors, Tools, and Utilities
15406 Discussions

tdx hardware support?

littleQ
Beginner
4,155 Views
hello, I am a student who want to make a research about trust domain extensions. I wonder whether 4th xeon scalable processor support tdx? If not, which cpu and platform support tdx? Looking forward to your reply.
0 Kudos
17 Replies
Alberto_R_Intel
Employee
4,134 Views

littleQ, Thank you for posting in the Intel® Communities Support.


We will be more than glad to assist you with this matter. For us to be able to provide the most accurate response to your inquiries, if you have it, please provide the specific model of the processor.

Also, by TDX do you mean Intel® Trust Domain Extensions?


Any questions, please let me know.


Regards,

Albert R.


Intel Customer Support Technician


0 Kudos
littleQ
Beginner
4,113 Views

Yes. TDX is Intel® Trust Domain Extensions. The model of processors are Intel Xeon 4410Y and 5418Y.

0 Kudos
Alberto_R_Intel
Employee
4,096 Views

littleQ, Thank you very much for confirming those details.


I just transferred this thread to the proper department. They will further assist you on this subject as soon as possible.


Regards,

Albert R.


Intel Customer Support Technician


0 Kudos
Allan_A_Intel
Moderator
4,073 Views

Hello, littleQ,

 

Thank you for your enquiry regarding the support for Intel® Trust Domain Extensions (Intel® TDX) on the Intel® Xeon® Gold 5418Y Processor.

 

To support Intel TDX, a server processor must have a feature called Intel® Trusted Execution Technology. This technology enhances the digital office platform with security capabilities such as measured launch and protected execution, creating a secure environment where applications can run independently.

 

Upon reviewing the specifications webpage of the Intel Xeon Gold 5418Y Processor, I can confirm that it does have the Intel® Trusted Execution Technology feature, indicating that it does support Intel TDX. You can find more details on the specifications webpage: https://www.intel.com/content/www/us/en/products/sku/232379/intel-xeon-gold-5418y-processor-45m-cache-2-00-ghz/specifications.html

 

Regarding the Intel® Pentium® Gold Processor 4410Y, I kindly request your patience as I gather the necessary information to confirm if it supports Intel TDX. I will get back to you shortly with the relevant details.

 

Thank you for your understanding and cooperation.

 

Best regards,

Allan

 

0 Kudos
Allan_A_Intel
Moderator
4,069 Views

Dear littleQ,


Please accept my sincere apologies for the misunderstanding in my previous response. Upon reviewing your enquiry again, I now realise that you were actually referring to the Intel® Xeon® Silver 4410Y Processor, which shares the same processor number as the previous one, causing confusion on my part.


I'm pleased to inform you that the Intel Xeon Silver 4410Y Processor does indeed feature the Intel® Trusted Execution Technology, indicating its support for Intel TDX: https://www.intel.com/content/www/us/en/products/sku/232376/intel-xeon-silver-4410y-processor-30m-cache-2-00-ghz/specifications.html


Once again, I apologise for any confusion caused by my earlier response. If you have any further questions or require additional clarification, please don't hesitate to let me know.


Best regards,

Allan


0 Kudos
littleQ
Beginner
4,053 Views

Dear Allan,

I just read the content of the web page. May I ask what functions should be used when tdx is enabled? Is there any detailed installation documentation? Looking forward to your reply.

Best regards,

LittlQ

0 Kudos
Allan_A_Intel
Moderator
4,008 Views

Dear esteemed littleQ,


We would like to draw your attention to a technical paper titled "Intel® Trust Domain Extensions (Intel® TDX) Platform Enablement and Validation Requirements." This paper offers invaluable insights into the subject matter and can be accessed through the following link: https://www.intel.com/content/www/us/en/secure/design/internal/content-details.html?DocID=646564


The document in question caters specifically to Original Equipment Manufacturers (OEMs) and Original Design Manufacturers (ODMs), focusing on the enablement and validation of Intel® Trust Domain Extensions (Intel® TDX) for Sapphire Rapids. Its contents revolve around various aspects such as hardware configuration requirements, BIOS configuration, Intel® TDX basic function test cases, Intel® TDX stress test cases, and Intel® TDX interoperability tests.


We must emphasize that this document is of a confidential nature. Therefore, to access further Intel confidential materials, tools, and services, it is necessary to submit an application. As part of this process, we kindly request you to complete a Corporate Non-Disclosure Agreement (CNDA). We would like to inform you that the review process for your application may take several days. To commence the application process, please utilize the same link provided above.


We sincerely appreciate your understanding and cooperation throughout this procedure.


Yours faithfully,

Allan


0 Kudos
littleQ
Beginner
3,997 Views

How can I complete a Corporate Non-Disclosure Agreement (CNDA)? When I access the above link, I found the Request access button. But When I press the button, I go to the https://www.intel.com/content/www/us/en/resources-documentation/developer.html#exampleModal. I can't find the application. Can you help me?

figure1.png

 

figure2.png

0 Kudos
Allan_A_Intel
Moderator
3,974 Views

Dear littleQ,


I have personally tested the access issue you are facing and have encountered the same situation. It appears that there may have been recent updates to the RDC login system. I will thoroughly investigate this matter to identify a possible workaround that can provide you with the necessary access to the confidential documentation.


Please be assured that I am committed to resolving this issue promptly and ensuring that you gain the required access as soon as possible.


Thank you for your patience and understanding.


Best regards,

Allan


0 Kudos
Allan_A_Intel
Moderator
3,942 Views

Dear littleQ,


I hope this message finds you well. I wanted to address the topic of Premier Access, as I understand there may have been some confusion regarding the application process. I sincerely apologize for any unintentional hope or misunderstanding that may have arisen.


I regret to inform you that Premier Access cannot be applied for using a personal email account. It is exclusively available to businesses that have already signed a Confidential Non-Disclosure Agreement (CNDA) with Intel. Please note that this requirement is in place to ensure the security and confidentiality of the Premier Access program.


Considering your current status as a student, it is understandable that you do not have access to a business account that meets the necessary criteria. Unfortunately, we are unable to grant Premier Access to individuals who do not meet the specified eligibility requirements.


I sincerely apologize for any inconvenience or disappointment this may cause you. However, I want to assure you that we value your interest and engagement with our products. Should you have any further questions or require assistance with any other matter, please do not hesitate to reach out. Our team is here to support you in any way we can.


Thank you for your understanding and cooperation in this matter.


Warm regards,


Allan


0 Kudos
littleQ
Beginner
3,924 Views

I feel so bad to hear that. However, I found https://github.com/intel/tdx-tools and Linux* Stacks for Intel® Trust Domain Extension 1.0 recently. In this white paper, I fond some bios configurations in Page 13. I use the dell poweredge r760. I can't find BIOS configurations such as intel tdx, intel tdx key split and volatile memory. And another question is that if I follow the steps in this white paper, can I install tdx in a correct way? Is there any difference between this white paper and that one which I can't access?

0 Kudos
Allan_A_Intel
Moderator
3,906 Views

Hello, littleQ,


I apologise for the inconvenience and understand that you're feeling upset about the situation. It's great that you came across the Intel® TDX tools on GitHub and the Linux* Stacks for Intel® Trust Domain Extension 1.0 white paper. However, I understand that you're facing difficulties finding the BIOS configurations mentioned on page 13 for your Dell PowerEdge R760 model.


Different hardware configurations and manufacturers can have variations in BIOS settings, which might explain why you can't find the specific options mentioned in the white paper. To ensure a correct installation of Intel® TDX, I recommend referring to the documentation provided by Dell for your specific model, as they may have tailored instructions and configurations available. It would be best to reach out to Dell's customer support for further assistance in this matter.


Regarding the white papers, the confidential technical paper you mentioned is different from the one available on GitHub. The white paper on GitHub is a public resource that provides a different type of documentation. You can find it at this link: https://www.intel.com/content/www/us/en/content-details/780133/whitepaper-linux-stacks-for-intel-trust-domain-extension-1-0.html?DocID=780133. The confidential paper focuses on Intel® TDX enablement and validation for Sapphire Rapids, targeting OEMs and ODMs. On the other hand, the public white paper offers a more general overview of deploying and testing Linux* Stacks with Intel® TDX, catering to a wider audience interested in confidential workloads and stack integration for IaaS/PaaS frameworks.


In theory, following the installation steps provided in the public white paper should allow you to install Intel® TDX. However, it's important to get confirmation from the motherboard manufacturer to ensure that your system meets the necessary hardware and BIOS requirements. I encourage you to contact the motherboard manufacturer's customer support to obtain their assistance and verify the compatibility of your system.


Best regards,

Allan


0 Kudos
littleQ
Beginner
3,888 Views

I asked DELL support last week, but I found they were not familar with tdx. Their manual just told me how to enable sgx and TME-MT. They also encouraged me to ask intel for help. Does it mean dell PowerEdge r760 don't support tdx?

0 Kudos
Allan_A_Intel
Moderator
3,880 Views

Dear littleQ,


Thank you for providing additional information. I apologise for any confusion caused by the previous responses. As an Intel representative, I understand your frustration with the situation.


To clarify, while Intel is the manufacturer of Intel TDX, Dell, as the manufacturer of the Dell PowerEdge R760 system, is responsible for determining the compatibility and support for Intel TDX on their specific hardware.


Based on your statement that you have already contacted Dell, it seems that they suggested reaching out to Intel for assistance. However, it is important to note that Intel cannot confirm the support for Intel TDX on a Dell system, as Dell is the only authority to provide accurate information regarding their own products.


In the "Linux* Stacks for Intel® Trust Domain Extension 1.0" whitepaper, it is explained that to set the correct settings for Intel TDX in the BIOS, contacting the OEM (Original Equipment Manufacturer), which in this case is Dell, is necessary.


Therefore, I recommend the following steps:


  1. Contact Dell again: Reach out to Dell support or their technical team once more to enquire specifically about Intel TDX support on the Dell PowerEdge R760. It's possible that there may have been a miscommunication in your previous interaction, and they may be able to provide further clarification.
  2. Provide details: When contacting Dell, be sure to provide them with specific information about Intel TDX and its requirements, so they can better assist you.
  3. Emphasise previous interaction: Mention that you have already contacted Dell and were redirected to Intel, but an Intel representative informed you that Dell is the appropriate authority to confirm Intel TDX support for their systems.


We apologise for any inconvenience caused and appreciate your patience and understanding. Should you have any further questions or require additional assistance, please do not hesitate to reach out to us.


Sincerely,

Allan


0 Kudos
Allan_A_Intel
Moderator
3,757 Views

Dear littleQ,


I hope this message finds you well. I wanted to inform you that I haven't received any response from you regarding your enquiry. Therefore, I will be closing this particular enquiry now. 


I also wanted to mention that I noticed you have reached out to Dell for assistance. It's great that you are exploring multiple avenues to resolve your issue. I encourage you to continue seeking help from Dell, as they will have specific knowledge and resources related to their products that can be of further assistance to you.


If you still require further assistance or have any other questions, please don't hesitate to post a new question. Our team is always here to help you and provide the support you need.


Thank you for reaching out to us, and we look forward to assisting you in the future.


Best regards,

Allan


0 Kudos
littleQ
Beginner
3,728 Views

Does dell have the permission to get "Intel® Trust Domain Extensions (Intel® TDX) Platform Enablement and Validation Requirements"? I asked Dell. They still gave a answer from "Linux* Stacks for Intel® Trust Domain Extension 1.0", and just told me some BIOS options mentioned can not find. Therefore, I wonder whether dell has the permission to get "Intel® Trust Domain Extensions (Intel® TDX) Platform Enablement and Validation Requirements" and then gives me an accurate answer?

0 Kudos
mattipaksula
Beginner
3,370 Views

Basically no Sapphire Rapids supports TDX - Emerald Rapids will, see https://github.com/intel/tdx-tools/issues/399

0 Kudos
Reply