Hello NVIDIA Community,
I am working with a Jetson AGX Thor development board featuring the NVIDIA Blackwell GPU. I understand that Blackwell architecture supports NVIDIA Confidential Computing (CC) and the Trusted Display (TDISP) security feature.
My Goal: I want to utilize these hardware security features to protect sensitive workloads and display data on my AGX Thor board. Specifically, I’m looking for concrete steps to:
-
Enable NVIDIA Confidential Computing: Launch GPU workloads (e.g., CUDA kernels, AI inference) within a Confidential VM or container where the GPU workload and its data are encrypted and isolated from the host OS/hypervisor.
-
Enable and Utilize TDISP: Ensure display outputs are cryptographically protected from potential tampering or snooping between the GPU and the display.
What I’ve Found/Challenges Faced:
-
I know the underlying Blackwell hardware supports these features.
-
However, I haven’t found specific documentation or tools within the standard Jetson Linux software stack (JetPack SDK, L4T) that clearly outline the process for enabling and managing CC and TDISP on the AGX Thor development platform.
-
The mechanisms for provisioning attestation keys, configuring the GPU firmware for CC, managing TDISP encryption keys, and integrating these features into the boot process or hypervisor (like QEMU/KVM) aren’t evident.
Any guidance, pointers to documentation, tools, or sample configurations would be extremely valuable. Thank you for your support!