Intel® TDX Feature Readiness by Intel® Xeon® Processor Generation

Content Type: Product Information & Documentation | Article ID: 000099708 | Last Reviewed: 02/24/2026

Environment

Intel® Xeon®

Intel® TDX Feature Readiness by Intel® Xeon® Processor Generation

Intel® Trust Domain Extensions (Intel® TDX) is a security technology introduced in the Intel® Xeon® Processors, starting from the 4th Gen Intel® Xeon® Processor, and is present on all newer Generations of Intel® Xeon® Processors.

This technology offers increased confidentiality at the virtual machine (VM) level, enhancing privacy and control over your data.

Within an Intel® TDX confidential VM, the guest operating system (OS) and VM applications are isolated from access by the cloud host, hypervisor, and other VMs on the platform.

For Intel® TDX features to run on Intel® Xeon® Processors basic requirements for drivers needs to be present on the OS Kernel (Linux* distributions).

The table below describes the basic requirements for Intel® TDX readiness.

Processor	TD Guest OS Support	Comments	AES Key Strength (bits)
1^st Gen Intel® Xeon® Scalable	Not Supported	Not Supported	N/A
2^nd Gen Intel® Xeon® Scalable	Not Supported	Not Supported	N/A
3^rd Gen Intel® Xeon® Scalable	Supported (with select SKUs) Check Intel® Product Specifications Kernel 6.6 and newer	TDX is supported on certain Ice Lake Xeon processors, including the Xeon Platinum 8358P, Xeon Platinum 8360Y, and Xeon Gold 6348H	128
4^th Gen Intel® Xeon® Scalable Intel® Xeon® W	Kernel 6.6 and newer	TDX is supported on a wider range of Sapphire Rapids Xeon processors, including Xeon Platinum, Xeon Gold, and Xeon Silver SKUs	128
5^th Gen Intel® Xeon® Scalable	Kernel 6.6 and newer	Intel® TDX extends Virtual Machines Extensions (VMX) and Intel® Total Memory Encryption – Multi-Key (Intel® TME-MK). Trust Domain (TD) runs in a CPU mode designed to protect memory contents and CPU state confidentiality. Managed by a TDX-aware host Virtual Machine Monitor (VMM). Features include Trust Domain Live Migration and Trust Domain Preservation.	128
Intel® Xeon® 6 with E-cores	Kernel 6.6 and newer	Includes features such as Trust Domain Live Migration, Trust Domain Preservation, Remote Attestation, Logical Memory Integrity Support, and Cryptographic Memory Integrity.	256
Intel® Xeon® 6 with P-cores	Kernel 6.6 and newer	Supports features like Remote Attestation, Logical Memory Integrity, and Cryptographic Memory Integrity. Enables Trust Domain Live Migration and Preservation.	256

Note

Please note that Intel TDX support may vary depending on the specific processor model, SKU, and platform configuration. Additionally, TDX requires a compatible platform, BIOS, and operating system to function. It's essential to check with Intel and system vendors for the latest information on TDX support and compatibility.

Linux distributions providing early preview access to Intel® TDX base host and guest functionality:

Red Hat* CentOS* Stream 9 based: https://www.redhat.com/en/blog/enabling-hardware-backed-confidential-computing-centos-sig
SUSE* Linux Enterprise Server 15 based: https://www.suse.com/c/intel-tdx-support-coming-to-suse-linux-enterprise-server/
Canonical* Ubuntu* 23.10 based: https://ubuntu.com/blog/intel-tdx-1-0-preview-on-ubuntu-23-10

Customers should contact Early Preview distributors for full terms, plans, and roadmap.

For more details about Kernel, please get in touch with the Operating System Provider (OSP).

For more details about Intel® TDX, visit:

Intel® TDX Feature Readiness by Intel® Xeon® Processor Generation

Environment

Intel® TDX Feature Readiness by Intel® Xeon® Processor Generation

Related Information

Related Products

Need more help?