linux/common-config: enable Intel TDX guest support

Intel Trust Domain Extensions (TDX) is a VM-based trusted execution
environment which attempts to isolate confidential guest VMs from the
host, similar to AMD SEV-SNP. Like AMD SEV-SNP it requires guest
modifications (also referred to as "enlightenments") to operate in the
TEE. Initial support for running Linux in a TDX guest environment was
merged [in 5.19][1]. The guest driver used for generating attestation
reports was merged [in 6.2][2].

Enable both of these options on supported kernel versions. This matches
other distros such as [Arch Linux][3], [Debian][4], [Fedora][5],
[openSUSE][6], and [Ubuntu][7].

[1]: https://lore.kernel.org/lkml/Yot1IAqHoRBlwe0w@zn.tnic/
[2]: https://lore.kernel.org/lkml/20221212191525.553266-1-dave.hansen@linux.intel.com/
[3]: https://gitlab.archlinux.org/archlinux/packaging/packages/linux/-/blob/ac5ceec882898aa46353794a7c8b645b9ec5ae19/config#L409
[4]: https://salsa.debian.org/kernel-team/linux/-/blob/3fdc0bdcafb4e49c232dcea1144dbdfab21eef20/debian/config/amd64/config#L13
[5]: https://src.fedoraproject.org/rpms/kernel/blob/28b3da71f8a3bbd4947adeeba223527776e01927/f/kernel-x86_64-fedora.config#_3170
[6]: https://github.com/SUSE/kernel-source/blob/994cc2d44d4db48977fa33715fd833105fa23555/config/x86_64/default#L403
[7]: https://git.launchpad.net/~ubuntu-kernel/ubuntu/+source/linux/+git/noble/tree/debian.master/config/annotations#n6660

pkgs/os-specific/linux/kernel/common-config.nix

@@ -769,6 +769,10 @@ let
       # Shadow stacks
       X86_USER_SHADOW_STACK = whenAtLeast "6.6" yes;
 
+      # Enable support for Intel Trust Domain Extensions (TDX)
+      INTEL_TDX_GUEST = whenAtLeast "5.19" yes;
+      TDX_GUEST_DRIVER = whenAtLeast "6.2" module;
+
       # Mitigate straight line speculation at the cost of some file size
       SLS = whenBetween "5.17" "6.9" yes;
       MITIGATION_SLS = whenAtLeast "6.9" yes;