From nobody Wed Apr 15 07:04:07 2026
Delivered-To: importer@patchew.org
Received-SPF: pass (zohomail.com: domain of lists.libvirt.org designates
 38.145.34.151 as permitted sender) client-ip=38.145.34.151;
 envelope-from=devel-bounces@lists.libvirt.org; helo=lists.libvirt.org;
Authentication-Results: mx.zohomail.com;
	dkim=pass  header.i=@intel.com;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151
 as permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass(p=none dis=none)  header.from=intel.com
ARC-Seal: i=1; a=rsa-sha256; t=1776220926; cv=none;
	d=zohomail.com; s=zohoarc;
	b=RJCcoDGIbKd4mMay8xch7rK4O5ak2yE79K97dbahixIx3+MI0h8tyAA+SMwJ2XygZe0CTTROQnqjhscOH/TyA6/seCXsNlah/zYPncFngS+h3SPHTH8PuL6wsdIVuu4htlD7z1raSDkF/evFesLaNgO0lDJ1MB2xIOae/0VsSUo=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
 s=zohoarc;
	t=1776220926;
 h=Content-Transfer-Encoding:Cc:Cc:Date:Date:From:From:List-Subscribe:List-Post:List-Owner:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:Subject:Subject:To:To:Message-Id:Reply-To;
	bh=KYvboFd11Iu2v7QPO5BhP94CWYfGMAtBJJqKC3HUYyc=;
	b=mgcx5LnjiXG3W8X/69u4cGb69RTYnXngNhTufdqDPHldUtRQdqOZph5xp/+NEZuruhxyuQl1JeUhS3eQRVmAY2HPyu4ZPIqCM64hTRlFUOWEuTEIpmXTHYwfubirYidiBZAZb86XXlTw2Gl8kWn+lsXIZj1YLETQDAkSdDSlr/o=
ARC-Authentication-Results: i=1; mx.zohomail.com;
	dkim=pass  header.i=@intel.com;
	spf=pass (zohomail.com: domain of lists.libvirt.org designates 38.145.34.151
 as permitted sender)  smtp.mailfrom=devel-bounces@lists.libvirt.org;
	dmarc=pass header.from=<zhenzhong.duan@intel.com> (p=none dis=none)
Return-Path: <devel-bounces@lists.libvirt.org>
Received: from lists.libvirt.org (lists.libvirt.org [38.145.34.151]) by
 mx.zohomail.com
	with SMTPS id 1776220926035131.8102435109729;
 Tue, 14 Apr 2026 19:42:06 -0700 (PDT)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id E978E41806; Tue, 14 Apr 2026 22:42:04 -0400 (EDT)
Received: from [172.19.199.3] (unknown [10.16.107.18])
	by lists.libvirt.org (Postfix) with ESMTP id 6524F418C1;
	Tue, 14 Apr 2026 22:41:12 -0400 (EDT)
Received: by lists.libvirt.org (Postfix, from userid 993)
	id 97B2B3F304; Tue, 14 Apr 2026 22:41:02 -0400 (EDT)
Received: from mgamail.intel.com (mgamail.intel.com [198.175.65.14])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by lists.libvirt.org (Postfix) with ESMTPS id 62D903F2EF
	for <devel@lists.libvirt.org>; Tue, 14 Apr 2026 22:41:00 -0400 (EDT)
Received: from fmviesa009.fm.intel.com ([10.60.135.149])
  by orvoesa106.jf.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Apr 2026 19:39:55 -0700
Received: from unknown (HELO gnr-sp-2s-612.sh.intel.com) ([10.112.230.229])
  by fmviesa009-auth.fm.intel.com with ESMTP/TLS/ECDHE-RSA-AES256-GCM-SHA384;
 14 Apr 2026 19:39:53 -0700
X-Spam-Checker-Version: SpamAssassin 4.0.1 (2024-03-26) on lists.libvirt.org
X-Spam-Level: 
X-Spam-Status: No, score=-5.6 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,
	DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS,
	MAILING_LIST_MULTI,RCVD_IN_DNSWL_MED,
	RCVD_IN_VALIDITY_CERTIFIED_BLOCKED,RCVD_IN_VALIDITY_RPBL_BLOCKED,
	RCVD_IN_VALIDITY_SAFE_BLOCKED,SPF_HELO_NONE autolearn=unavailable
	autolearn_force=no version=4.0.1
X-Greylist: delayed 63 seconds by postgrey-1.37 at lists.libvirt.org;
 Tue, 14 Apr 2026 22:41:00 EDT
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple;
  d=intel.com; i=@intel.com; q=dns/txt; s=Intel;
  t=1776220861; x=1807756861;
  h=from:to:cc:subject:date:message-id:mime-version:
   content-transfer-encoding;
  bh=e2xX/N7QLz/+68oshD1zu7wjOVRrYHF4Yc1Cauj0pTI=;
  b=fmFaaGj0fftK7W/iCFaHJuE6bkAtO8PNYlLIPaNP1NlMtNyb4OC8nfXc
   2732Mv33v+oykK9U2Izm14Rl8bQTDpVw9QkVtfWF9xPAfhdZQMm1IjtBW
   R55xwq9NICS03ayAfQLD2lQxE0zR+sdeCgMQyVnemupiOFyUmKU3ZMc2M
   iyrcdeysnNfKoVRCT8sQ+ca7J3L4um/iIVoKIFsPRPKRCwtwhe6cTruss
   UUHoj8bX6ZB8Ex1QuP222vLk0s99wHS64T9qXy72bmJ2mya+kbVbHbOHf
   RqvaGJkeWMSW9ChFkKpPgap2qZfUBEn3E6eYqRkoCL7dyc9dYig2Q0gi2
   w==;
X-CSE-ConnectionGUID: 6tSG8qOAQASAvhB7II3+iA==
X-CSE-MsgGUID: xusg4Ki0TiOVKnVYs5EQGA==
X-IronPort-AV: E=McAfee;i="6800,10657,11759"; a="81056116"
X-IronPort-AV: E=Sophos;i="6.23,179,1770624000";
   d="scan'208";a="81056116"
X-CSE-ConnectionGUID: LIFZoQ1zQMSRom3oeD3TOw==
X-CSE-MsgGUID: k3hW+pjASVuN8oCZWi/cgg==
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos;i="6.23,179,1770624000";
   d="scan'208";a="223773233"
From: Zhenzhong Duan <zhenzhong.duan@intel.com>
To: devel@lists.libvirt.org
Subject: [PATCH] docs: Change TD example policy to 0x10000000
Date: Tue, 14 Apr 2026 22:39:48 -0400
Message-ID: <20260415023948.172730-1-zhenzhong.duan@intel.com>
X-Mailer: git-send-email 2.47.3
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
Message-ID-Hash: QWVFZUCBAFZ472LIGBHOP35L37EUQYTG
X-Message-ID-Hash: QWVFZUCBAFZ472LIGBHOP35L37EUQYTG
X-MailFrom: zhenzhong.duan@intel.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; loop;
 banned-address; header-match-devel.lists.libvirt.org-0; emergency;
 member-moderation; nonmember-moderation; administrivia; implicit-dest;
 max-recipients; max-size; news-moderation; no-subject; digests;
 suspicious-header
CC: benny.fuhry@intel.com, elena.reshetova@intel.com
X-Mailman-Version: 3.3.10
Precedence: list
List-Id: Development discussions about the libvirt library & tools
 <devel.lists.libvirt.org>
Archived-At: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/message/QWVFZUCBAFZ472LIGBHOP35L37EUQYTG/>
List-Archive: 
 <https://lists.libvirt.org/archives/list/devel@lists.libvirt.org/>
List-Help: <mailto:devel-request@lists.libvirt.org?subject=help>
List-Owner: <mailto:devel-owner@lists.libvirt.org>
List-Post: <mailto:devel@lists.libvirt.org>
List-Subscribe: <mailto:devel-join@lists.libvirt.org>
List-Unsubscribe: <mailto:devel-leave@lists.libvirt.org>
X-ZohoMail-DKIM: pass (identity @intel.com)
X-ZM-MESSAGEID: 1776220928566158500
Content-Type: text/plain; charset="utf-8"

The definition of BIT0 in policy element comes from TDX spec, but it makes
confusion for some customers whether 0 or 1 activates debug:

  1. We know that "off-TD debug mode" basically means debug from outside the
     TD --> 1 activates debug.
  2. But when a customer is not aware of the term "off-TD debug" it is very
     easy to misinterpret this as "TD debug mode off" --> 1 deactivates deb=
ug.

Given that the policy example uses "0x10000001", the second interpretation
even becomes more likely, because a customer may assume that security by
default is applied in the example.

Thus, change the policy in example configuration to "0x10000000" and update
BIT0 definition to be more explicit.

Suggested-by: Fuhry Benny <benny.fuhry@intel.com>
Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com>
---
 docs/formatdomain.rst | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst
index 1a4bd4c6e9..b589fc9429 100644
--- a/docs/formatdomain.rst
+++ b/docs/formatdomain.rst
@@ -9834,7 +9834,7 @@ Example configuration:
    <domain>
      ...
      <launchSecurity type=3D'tdx'>
-       <policy>0x10000001</policy>
+       <policy>0x10000000</policy>
        <mrConfigId>xxx</mrConfigId>
        <mrOwner>xxx</mrOwner>
        <mrOwnerConfig>xxx</mrOwnerConfig>
@@ -9855,7 +9855,9 @@ Example configuration:
    =3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
    Bit(s) Description
    =3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
-   0      Guest TD runs in off-TD debug mode when set
+   0      Activate off-TD debug when set, i.e., activate debug from outsid=
e the TD. Its VCPU
+          state and private memory are accessible by the host VMM.
+          Deactivate off-TD debug when clear, i.e., deactivate debug from =
outside the TD.
    1:27   reserved
    28     Disable EPT violation conversion to #VE on guest TD access of PE=
NDING pages when set
    29:63  reserved
--=20
2.47.3