On 4/15/26 04:39, Zhenzhong Duan wrote:
The definition of BIT0 in policy element comes from TDX spec, but it makes confusion for some customers whether 0 or 1 activates debug:
1. We know that "off-TD debug mode" basically means debug from outside the TD --> 1 activates debug. 2. But when a customer is not aware of the term "off-TD debug" it is very easy to misinterpret this as "TD debug mode off" --> 1 deactivates debug.
Given that the policy example uses "0x10000001", the second interpretation even becomes more likely, because a customer may assume that security by default is applied in the example.
Thus, change the policy in example configuration to "0x10000000" and update BIT0 definition to be more explicit.
Suggested-by: Fuhry Benny <benny.fuhry@intel.com> Signed-off-by: Zhenzhong Duan <zhenzhong.duan@intel.com> --- docs/formatdomain.rst | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-)
Reviewed-by: Michal Privoznik <mprivozn@redhat.com> and merged. Michal