A Python application demonstrating Intel TDX (Trust Domain Extensions) confidential computing capabilities on H200 bare metal nodes.
- TDX Guest VM Provisioning - Automated Trust Domain creation with encrypted memory
- Remote Attestation - Generate and verify TD quotes
- Confidential Workload Execution - Secure data processing in isolated memory
- GPU Confidential Computing - H200 GPU workloads with TDX protection
- Secure Cleanup - Proper memory wiping and resource teardown
# Clone and setup
git clone <repository-url>
cd tdx-demo
chmod +x setup.sh quickstart.sh
# One-command start
./quickstart.sh- Ubuntu 24.04 (Noble) with Intel TDX kernel
- H200 bare metal node with TDX support
- Minimum 8GB RAM, 50GB disk space
- Root/sudo access
sudo ./setup.shThis installs all dependencies and configures the environment.
# Check TDX support
cat /sys/module/kvm_intel/parameters/tdx # Should show 'Y'
# Test the demo
source venv/bin/activate
sudo -E venv/bin/python src/main.py# Run complete demo
sudo -E venv/bin/python src/main.py
# Or use make
make runsudo -E venv/bin/python src/main.py --attestation-onlysudo -E venv/bin/python src/main.py --verbosesudo -E venv/bin/python src/main.py --workload my_script.py# Enable GPU in config.yaml first
nano config.yaml # Set gpu.enabled: true
# Run GPU workload
sudo -E venv/bin/python src/main.py
# Or specify GPU workload type explicitly
# Edit config.yaml: workload.type: "gpu_compute"GPU Workload Types:
vector_add- GPU vector additionmatrix_multiply- GPU matrix operationsml_inference- ML model inference on GPUbenchmark- GPU performance tests
Edit config.yaml to customize:
vm:
name: "tdx-demo-vm"
memory: 4096 # Memory in MB
vcpus: 2 # Number of vCPUs
disk_size: 20 # Disk size in GBworkload:
type: "data_processing" # Options: data_processing, ml_inference, gpu_compute
encryption: true
params:
data_size: 1048576 # Bytes to process
iterations: 10 # Number of iterationsgpu:
enabled: true # Enable GPU workloads
passthrough: false # GPU passthrough to VM (advanced)
device_id: "0" # GPU device ID
workload_types:
- "vector_add" # CUDA vector operations
- "matrix_multiply" # Matrix computations
- "ml_inference" # ML model inferenceNote: GPU workloads require NVIDIA drivers and optionally PyCUDA for real GPU operations. Without PyCUDA, workloads are simulated but demonstrate the framework.
logging:
level: "INFO" # DEBUG, INFO, WARNING, ERROR
file: "logs/tdx-demo.log"
console: truetdx-demo/
├── src/
│ ├── main.py # Main orchestrator
│ ├── vm_manager.py # TDX VM lifecycle
│ ├── attestation.py # Attestation service
│ ├── workload.py # Workload executor
│ └── utils/ # Configuration and logging
├── guest/
│ └── guest_agent.py # Agent for TD guest
├── tests/ # Unit tests
├── config.yaml # Configuration
├── requirements.txt # Python dependencies
└── README.md # This file
- TDX VM creation with encrypted memory backing (memfd)
- KVM TDX detection and enablement
- Attestation workflow (quote generation and verification)
- Confidential workload execution patterns
- Secure resource cleanup
Guest OS Boot: Currently disabled due to TDVF firmware metadata compatibility between QEMU 8.2.2 and OVMF 2024.02-3+tdx1.0. The demo successfully demonstrates all confidential computing patterns and attestation without the OS boot.
Tested Environment:
- Ubuntu 24.04 with Intel TDX kernel
- QEMU 8.2.2, Libvirt 10.0.0
- OVMF 2024.02-3+tdx1.0 (kobuk-team PPA)
- H200 bare metal with TDX support
# Check kernel support
dmesg | grep -i tdx
# Verify KVM module
cat /sys/module/kvm_intel/parameters/tdxSolution: Ensure BIOS has Intel TDX enabled and you're running a TDX-enabled kernel.
# Check libvirt status
sudo systemctl status libvirtd
# Restart if needed
sudo systemctl restart libvirtd
# Verify group membership
groups $USER # Should include 'libvirt'Solution: Log out and back in after adding user to libvirt group.
# Install build dependencies
sudo apt install -y libvirt-dev pkg-config python3-dev build-essential
# Retry installation
pip install -r requirements.txt# Check disk space
df -h /var/lib/libvirt/images/
# Check libvirt logs
sudo journalctl -u libvirtd -n 50
# Clean up old VMs
sudo virsh list --all
sudo virsh destroy <vm-name>
sudo virsh undefine <vm-name># Check GPU
nvidia-smi
# Check NVIDIA drivers
nvidia-smi --query-gpu=driver_version --format=csv,noheader
# Install drivers if needed
sudo apt install nvidia-driver-535 # Or latest versionSolution: Ensure NVIDIA drivers are installed and GPU is visible to the system.
# View logs
tail -f logs/tdx-demo.log
# Check attestation quotes
ls -lh quotes/# List VMs
sudo virsh list --all
# View VM console
sudo virsh console tdx-demo-vm
# Check VM info
sudo virsh dominfo tdx-demo-vm╭─────────────────────────────────────────────╮
│ TDX Confidential Computing Demo │
│ Demonstrating Intel Trust Domain Extensions │
╰─────────────────────────────────────────────╯
Step 1: Provisioning TDX Guest VM
✅ Trust Domain created
✅ VM Status: running
Memory: 4096 MB (encrypted)
vCPUs: 2
Step 2: Remote Attestation
✅ TD quote generated
✅ Attestation verified
✅ Trust established: Running on genuine Intel TDX hardware
Quote hash: 83a846c91221c5d5...
Step 3: Executing Confidential Workload
✅ Workload completed
✅ Processed: 10485760 bytes
Duration: 1.00s
Memory encryption: Active (MKTME)
✅ Demo completed successfully!
⚠️ This is a demonstration application- 🔒 TD memory is encrypted and isolated from host
- ✅ Attestation verifies authentic TDX hardware
- 🗑️ Secrets are zeroized on cleanup
- 📝 Sensitive data is redacted from logs