On Wed, Jul 09, 2025 at 03:46:14AM +0000, Duan, Zhenzhong wrote: > > > >-----Original Message----- > >From: Li, Xiaoyao <xiaoyao...@intel.com> > >Subject: Re: [PATCH v3 21/21] docs: domain: Add documentation for Intel > >TDX guest > > > >On 6/30/2025 2:17 PM, Zhenzhong Duan wrote: > >> Signed-off-by: Zhenzhong Duan <zhenzhong.d...@intel.com> > >> --- > >> docs/formatdomain.rst | 63 > >+++++++++++++++++++++++++++++++++++++++++++ > >> 1 file changed, 63 insertions(+) > >> > >> diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst > >> index 9a2f065590..5acebefec0 100644 > >> --- a/docs/formatdomain.rst > >> +++ b/docs/formatdomain.rst > >> @@ -9528,6 +9528,69 @@ The ``<launchSecurity/>`` element then accepts > >the following child elements: > >> the SNP_LAUNCH_FINISH command in the SEV-SNP firmware ABI. > >> > >> > >> +The contents of the ``<launchSecurity type='tdx'>`` element is used to > >provide > >> +the guest owners input used for creating an encrypted VM using the Intel > >TDX > >> +(Trusted Domain eXtensions). Intel TDX refers to an Intel technology that > >> +extends Virtual Machine Extensions (VMX) and Multi-Key Total Memory > >Encryption > >> +(MKTME) with a new kind of virtual machine guest called a Trust Domain > >(TD). > >> +A TD runs in a CPU mode that is designed to protect the confidentiality of > >its > >> +memory contents and its CPU state from any other software, including the > >hosting > >> +Virtual Machine Monitor (VMM), unless explicitly shared by the TD itself. > >> +Example configuration: > >> + > >> +:: > >> + > >> + <domain> > >> + ... > >> + <launchSecurity type='tdx'> > >> + <policy>0x10000001</policy> > >> + <mrConfigId>xxx</mrConfigId> > >> + <mrOwner>xxx</mrOwner> > >> + <mrOwnerConfig>xxx</mrOwnerConfig> > >> + <quoteGenerationSocket path="/var/run/tdx-qgs/qgs.socket"/> > >> + </launchSecurity> > >> + ... > >> + </domain> > >> + > >> +``policy`` > >> + The optional ``policy`` element provides the guest TD attributes which > >is > >> + passed by the host VMM as a guest TD initialization parameter as part > >of > >> + TD_PARAMS, it exactly matches the definition of > >TD_PARAMS.ATTRIBUTES in > >> + (Intel TDX Module Spec Table 22.2: ATTRIBUTES Definition). It is > >reported > >> + to the guest TD by TDG.VP.INFO and as part of TDREPORT_STRUCT > >returned by > >> + TDG.MR.REPORT. The guest policy is 64bit unsigned with the fields > >shown > >> + in Table: > > > >(It should be commenting on the patch that enables the policy. I'm just > >too lazy to find that patch) > > Will do. > > > > >Could we rename "policy" to "attributes", or more precisely > >"tdAttributes"? It's not intuitive for users to connect "policy" with > >"TD attributes". > > Will use "attributes" as QAPI exposes "attributes".
IMHO 'policy' is preferrable as it is consistent with terminology we already use in SEV guests. I did actually request the same at the QEMU level too, and missed that it got named 'attributes' in the final merged code With regards, Daniel -- |: https://berrange.com -o- https://www.flickr.com/photos/dberrange :| |: https://libvirt.org -o- https://fstop138.berrange.com :| |: https://entangle-photo.org -o- https://www.instagram.com/dberrange :|
