Configure a host

Follow the instructions on this page to configure a system as a KVM virtualization host (hypervisor) that is capable of running TD protected guests (VMs).

Hardware Requirements

• 4th Generation Intel® Xeon® Scalable Processors or newer with Intel® TDX.

Operating System

Download and install the latest CentOS Stream 9 x86_64 image from the CentOS website.

Packages

1. Add the Virt SIG TDX package repository to the system by running the command below which will create /etc/yum.repos.d/tdx.repo:

   echo "[tdx]
   name=CentOS TDX
   metalink=https://mirrors.centos.org/metalink?repo=centos-virt-sig-tdx-devel-\$releasever-stream&arch=\$basearch&protocol=https
   gpgcheck=0
   enabled=1" | sudo tee /etc/yum.repos.d/tdx.repo
   

   Alternatively, you can manually create the repo file yourself in /etc/yum.repos.d/ with the content below:

   [tdx]
   name=CentOS TDX
   metalink=https://mirrors.centos.org/metalink?repo=centos-virt-sig-tdx-devel-$releasever-stream&arch=$basearch&protocol=https
   gpgcheck=0
   enabled=1
   

2. Install the TDX host packages:

   dnf install \
   kernel-tdx \
   qemu-kvm-tdx \
   libvirt-tdx
   

UEFI (BIOS) settings

The system needs to have certain UEFI (BIOS) settings configured for TDX. Below are paths from Intel's reference UEFI. Note: UEFI settings and locations may vary by vendor.

1. Enable Software Guard Extension (SGX)

2. Go to EDKII MENU -> Socket Configuration -> Processor Configuration -> Software Guard Extension (SGX)

   • Set SW Guard Extensions (SGX) to Enable

3. Enable TDX and TME/MKTME

   • Go to EDKII MENU -> Socket Configuration -> Processor Configuration -> TME, TME-MT, TDX
   • Set Total Memory Encryption (TME) to Enable
   • Set Total Memory Encryption Bypass to Enable (optional; for best host and non-TDVM performance)
   • Set Total Memory Encryption Multi-Tenant (TME-MT) to Enable
   • Set TME-MT memory integrity to Disable
   • Set Trust Domain Extension (TDX) to Enable
   • Set the TME-MT/TDX key split to a non zero value
   • Set TDX Secure Arbitration Mode Loader (SEAM Loader) to Enable. This allows loading SEAMLDR and TDX modules from the ESP or BIOS.

Verification

1. Reboot the system and verify that TDX is enabled using the dmesg command:

   sudo dmesg | grep -i tdx
   

   Example output:

   [ 0.276580] tdx: BIOS enabled: private KeyID range [64, 128)
   

2. Reload kvm_intel module with tdx=1 to enable TDX in KVM:

   sudo rmmod kvm_intel
   sudo modprobe kvm_intel tdx=1
   

   To enable TDX by default after reboot:
   Option 1. Add “kvm_intel.tdx=1” into host kernel cmdline.
   Option 2. Create /etc/modprobe.d/ modprobe.conf, add “options kvm_intel tdx=1” into it.

3. Verify TDX is initialized on the host by checking for new output from the dmesg command:

   sudo dmesg | grep -i tdx
   

   Example output:

   [ 0.276580] tdx: BIOS enabled: private KeyID range [64, 128)
   [ 1171.427593] tdx: TDX module: attributes 0x0, vendor_id 0x8086, major_version 1, minor_version 5,  build_date 20230420, build_num 507
   [ 1171.427600] tdx: CMR: [0x100000, 0x77800000)
   [ 1171.427602] tdx: CMR: [0x100000000, 0x107a000000)
   [ 1171.427603] tdx: CMR: [0x1080000000, 0x207c000000)
   [ 1171.427604] tdx: CMR: [0x2080000000, 0x307c000000)
   [ 1171.427606] tdx: CMR: [0x3080000000, 0x407c000000)
   [ 1172.577580] tdx: 1050644 KBs allocated for PAMT.
   [ 1172.577589] tdx: module initialized.
   

The system is now configured as a KVM host capable of hosting and securing TD guests. See Run a TDX guest next.