The design of the vTPM within a TDX CVM #69
Description
This document provides details about the vTPM's design within AMD SNP CVM. According to this document, the vTPM runs at VMPL0 as a firmware component, which ensures that the vTPM's integrity is protected from attacks originating from the guest kernel (which runs at VMPL2) or from the hypervisor.
However, Intel TDX does not offer a VMPL mechanism. What is the design of the vTPM within a TDX CVM, and how is the vTPM's integrity protected?