as part of the project td-shim Intel развивает виртуальную прошивку, предназначенную для использования в изолированных виртуальных окружениях по аналогии с прошивками When starting on top of real equipment. The firmware contains low -level components providing ACPI tables and information about CPU and memory layout necessary for loading the kernel of the operating system. The project code is written in Rust with assembler inserts and spreads under the BSD.
license.
The project is considered as a more protected and lightweight analogue of virtual firmware seabios and ovmf/tdvf , used in Xen and KVM, aimed at organizing virtual environment loading and appropriate applications for which it is necessary to ensure a minimum launch time and confidential information processing. To convey the confidence chain and confirm the reliability of all loaded components in TD-scim, the technology is maintained intel tdx (Trusted Domain Extensions). To reduce the TD-ShIM boot time, it contains only the components that are minimally necessary for launch.
