TD-shim-interface - Confidential Containers Shim Firmware Interface

Documents

• TD-Shim specification

• Introduction PDF and conference talk

Introduction

This td-shim-interface is to support user for creating data structures and functions required for td-shim, such as TdxMetadataDescriptor and TdxMetadataSection. Td-uefi-pi is used for UEFI Platform Initializaiton data structures and accessors.

To import the data structure of metadata, TD HOB and related function, such as:

use td_shim_interface::{TD_ACPI_TABLE_HOB_GUID, TD_E820_TABLE_HOB_GUID, TD_PAYLOAD_INFO_HOB_GUID}; 
use td_shim_interface::PayloadInfo; 
use td_shim_interface::acpi; 
use td_shim_interface::td_uefi_pi::{hob, pi, pi::guid}

This is a Shim Firmware to support Intel TDX.

The API specification is at td-shim specification.

The secure boot specification for td-shim is at secure boot specification

The design is at td-shim design.

The threat model analysis is at td-shim threat model.

License