diff --git a/src/runtime/pkg/govmm/qemu/qemu.go b/src/runtime/pkg/govmm/qemu/qemu.go
index 92345397ba..5ff258aed9 100644
--- a/src/runtime/pkg/govmm/qemu/qemu.go
+++ b/src/runtime/pkg/govmm/qemu/qemu.go
@@ -363,12 +363,16 @@ func (object Object) QemuParams(config *Config) []string {
 
 	case TDXGuest:
 		objectParams = append(objectParams, string(object.Type))
-		objectParams = append(objectParams, "sept-ve-disable=on")
 		objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))
 		if object.Debug {
 			objectParams = append(objectParams, "debug=on")
 		}
-		config.Bios = object.File
+		deviceParams = append(deviceParams, string(object.Driver))
+		deviceParams = append(deviceParams, fmt.Sprintf("id=%s", object.DeviceID))
+		deviceParams = append(deviceParams, fmt.Sprintf("file=%s", object.File))
+		if object.FirmwareVolume != "" {
+			deviceParams = append(deviceParams, fmt.Sprintf("config-firmware-volume=%s", object.FirmwareVolume))
+		}
 	case SEVGuest:
 		objectParams = append(objectParams, string(object.Type))
 		objectParams = append(objectParams, fmt.Sprintf("id=%s", object.ID))
diff --git a/src/runtime/virtcontainers/hypervisor_linux_amd64.go b/src/runtime/virtcontainers/hypervisor_linux_amd64.go
index 043b36c9f5..304d0446a4 100644
--- a/src/runtime/virtcontainers/hypervisor_linux_amd64.go
+++ b/src/runtime/virtcontainers/hypervisor_linux_amd64.go
@@ -12,6 +12,8 @@ const (
 
 	tdxSysFirmwareDir = "/sys/firmware/tdx/"
 
+	tdxCPUFlag = "tdx"
+
 	sevKvmParameterPath = "/sys/module/kvm_amd/parameters/sev"
 
 	snpKvmParameterPath = "/sys/module/kvm_amd/parameters/sev_snp"
@@ -19,6 +21,10 @@ const (
 
 // TDX is supported and properly loaded when the firmware directory (either tdx or tdx_seam) exists or `tdx` is part of the CPU flag
 func checkTdxGuestProtection(flags map[string]bool) bool {
+	if flags[tdxCPUFlag] {
+		return true
+	}
+
 	if d, err := os.Stat(tdxSysFirmwareDir); err == nil && d.IsDir() {
 		return true
 	}
diff --git a/src/runtime/virtcontainers/qemu_amd64.go b/src/runtime/virtcontainers/qemu_amd64.go
index e9cda5b9e9..d24953e61e 100644
--- a/src/runtime/virtcontainers/qemu_amd64.go
+++ b/src/runtime/virtcontainers/qemu_amd64.go
@@ -260,7 +260,7 @@ func (q *qemuAmd64) enableProtection() error {
 		if q.qemuMachine.Options != "" {
 			q.qemuMachine.Options += ","
 		}
-		q.qemuMachine.Options += "confidential-guest-support=tdx"
+		q.qemuMachine.Options += "kvm-type=tdx,confidential-guest-support=tdx"
 		logger.Info("Enabling TDX guest protection")
 		return nil
 	case sevProtection:
diff --git a/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf b/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf
index 2f877a5c99..1b1f8751ef 100644
--- a/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf
+++ b/tools/packaging/kernel/configs/fragments/x86_64/tdx/tdx.conf
@@ -5,9 +5,13 @@ CONFIG_DMA_RESTRICTED_POOL=y
 CONFIG_EFI=y
 CONFIG_EFI_STUB=y
 CONFIG_INTEL_IOMMU_SVM=y
+CONFIG_INTEL_TDX_ATTESTATION=y
+CONFIG_INTEL_TDX_FIXES=y
 CONFIG_INTEL_TDX_GUEST=y
 CONFIG_OF=y
 CONFIG_OF_RESERVED_MEM=y
 CONFIG_X86_5LEVEL=y
 CONFIG_X86_INTEL_MEMORY_PROTECTION_KEYS=y
+CONFIG_X86_MEM_ENCRYPT_COMMON=y
 CONFIG_X86_PLATFORM_DEVICES=y
+CONFIG_X86_PLATFORM_DRIVERS_INTEL=y
diff --git a/tools/packaging/kernel/kata_config_version b/tools/packaging/kernel/kata_config_version
index f35a418cd9..b6e2c490e7 100644
--- a/tools/packaging/kernel/kata_config_version
+++ b/tools/packaging/kernel/kata_config_version
@@ -1 +1 @@
-105cc
\ No newline at end of file
+106cc
diff --git a/tools/packaging/kernel/patches/5.19-TDX-v2.x/no_patches.txt b/tools/packaging/kernel/patches/5.19-TDX-v2.x/no_patches.txt
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/tools/packaging/qemu/patches/tag_patches/ad4c7f529a279685da84297773b4ec8080153c2d-plus-TDX-v1.3/no_patches.txt b/tools/packaging/qemu/patches/tag_patches/ad4c7f529a279685da84297773b4ec8080153c2d-plus-TDX-v1.3/no_patches.txt
deleted file mode 100644
index e69de29bb2..0000000000
diff --git a/tools/packaging/scripts/configure-hypervisor.sh b/tools/packaging/scripts/configure-hypervisor.sh
index 751b2866f9..495251e4c1 100755
--- a/tools/packaging/scripts/configure-hypervisor.sh
+++ b/tools/packaging/scripts/configure-hypervisor.sh
@@ -247,7 +247,6 @@ generate_qemu_options() {
 	else
 		qemu_options+=(size:--disable-png)
 	fi
-
 	qemu_options+=(size:--disable-vnc-sasl)
 
 	# Disable PAM authentication: it's a feature used together with VNC access
diff --git a/tools/packaging/static-build/ovmf/build-ovmf.sh b/tools/packaging/static-build/ovmf/build-ovmf.sh
index 19c3230d16..ed8a6e1d12 100755
--- a/tools/packaging/static-build/ovmf/build-ovmf.sh
+++ b/tools/packaging/static-build/ovmf/build-ovmf.sh
@@ -57,7 +57,7 @@ fi
 info "Building ovmf"
 build_cmd="build -b ${build_target} -t ${toolchain} -a ${architecture} -p ${ovmf_package}"
 if [ "${ovmf_build}" == "tdx" ]; then
-	build_cmd+=" -D DEBUG_ON_SERIAL_PORT=FALSE -D TDX_MEM_PARTIAL_ACCEPT=512 -D TDX_EMULATION_ENABLE=FALSE -D SECURE_BOOT_ENABLE=TRUE -D TDX_ACCEPT_PAGE_SIZE=2M"
+	build_cmd+=" -D DEBUG_ON_SERIAL_PORT=TRUE -D TDX_MEM_PARTIAL_ACCEPT=512 -D TDX_EMULATION_ENABLE=FALSE -D TDX_ACCEPT_PAGE_SIZE=2M"
 fi
 
 eval "${build_cmd}"
@@ -71,6 +71,7 @@ if [ "${ovmf_build}" == "tdx" ]; then
 	build_path_arch="${build_path_target_toolchain}/X64"
 	stat "${build_path_fv}/OVMF_CODE.fd"
 	stat "${build_path_fv}/OVMF_VARS.fd"
+	stat "${build_path_arch}/DumpTdxEventLog.efi"
 fi
 
 #need to leave tmp dir
@@ -93,6 +94,7 @@ fi
 if [ "${ovmf_build}" == "tdx" ]; then
 	install $build_root/$ovmf_dir/"${build_path_fv}"/OVMF_CODE.fd ${install_dir}
 	install $build_root/$ovmf_dir/"${build_path_fv}"/OVMF_VARS.fd ${install_dir}
+	install $build_root/$ovmf_dir/"${build_path_arch}"/DumpTdxEventLog.efi ${install_dir}
 fi
 
 local_dir=${PWD}
diff --git a/tools/packaging/static-build/ovmf/build.sh b/tools/packaging/static-build/ovmf/build.sh
index ff48a2aba2..626f433efd 100755
--- a/tools/packaging/static-build/ovmf/build.sh
+++ b/tools/packaging/static-build/ovmf/build.sh
@@ -28,6 +28,9 @@ if [ -z "$ovmf_repo" ]; then
 		"sev")
 			ovmf_repo=$(get_from_kata_deps "externals.ovmf.sev.url" "${kata_version}")
 			;;
+		"tdx")
+			ovmf_repo=$(get_from_kata_deps "externals.ovmf.tdx.url" "${kata_version}")
+			;;
 		*)
 			ovmf_repo=$(get_from_kata_deps "externals.ovmf.url" "${kata_version}")
 			;;
diff --git a/versions.yaml b/versions.yaml
index b894d3f822..ebac758eb5 100644
--- a/versions.yaml
+++ b/versions.yaml
@@ -98,6 +98,10 @@ assets:
       uscan-url: >-
         https://github.com/qemu/qemu/tags
         .*/v?(\d\S+)\.tar\.gz
+      tdx:
+        description: "VMM that uses KVM and supports TDX"
+        url: "https://github.com/kata-containers/qemu"
+        tag: "TDX-v3.1"
       snp:
         description: "VMM that uses KVM and supports AMD SEV-SNP"
         url: "https://github.com/AMDESE/qemu"
@@ -108,12 +112,6 @@ assets:
       url: "https://github.com/qemu/qemu"
       version: "7a800cf9496fddddf71b21a00991e0ec757a170a"
 
-    qemu-tdx-experimental:
-      # yamllint disable-line rule:line-length
-      description: "QEMU with TDX support - based on https://github.com/intel/tdx-tools/releases/tag/2023ww01"
-      url: "https://github.com/kata-containers/qemu"
-      tag: "ad4c7f529a279685da84297773b4ec8080153c2d-plus-TDX-v1.3"
-
   image:
     description: |
       Root filesystem disk image used to boot the guest virtual
@@ -158,6 +156,10 @@ assets:
     description: "Linux kernel optimised for virtual machines"
     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/"
     version: "v5.19.2"
+    tdx:
+      description: "Linux kernel that supports TDX"
+      url: "https://github.com/kata-containers/linux/archive/refs/tags"
+      tag: "5.15-plus-TDX"
     sev:
       description: "Linux kernel that supports SEV"
       url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/"
@@ -182,12 +184,6 @@ assets:
     url: "https://cdn.kernel.org/pub/linux/kernel/v5.x/"
     version: "v5.10.25"
 
-  kernel-tdx-experimental:
-    # yamllint disable-line rule:line-length
-    description: "Linux kernel with TDX support -- based on https://github.com/intel/tdx-tools/releases/tag/2023ww01"
-    url: "https://github.com/kata-containers/linux/archive/refs/tags"
-    version: "5.19-TDX-v2.2"
-
 externals:
   description: "Third-party projects used by the system"
 
@@ -305,11 +301,11 @@ externals:
       package: "OvmfPkg/AmdSev/AmdSevX64.dsc"
       package_output_dir: "AmdSev"
     tdx:
-      # yamllint disable-line rule:line-length
-      description: "QEMU with TDX support - based on https://github.com/intel/tdx-tools/releases/tag/2023ww01"
-      version: "edk2-stable202211"
-      package: "OvmfPkg/IntelTdx/IntelTdxX64.dsc"
-      package_output_dir: "IntelTdx"
+      url: "https://github.com/tianocore/edk2-staging"
+      description: "TDVF build needed for TDX measured direct boot."
+      version: "2022-tdvf-ww28.5"
+      package: "OvmfPkg/OvmfPkgX64.dsc"
+      package_output_dir: "OvmfX64"
 
   td-shim:
     description: "Confidential Containers Shim Firmware"