[libvirt] [PATCH 3/4] conf: introduce sev element in domain
Peter Krempa
pkrempa at redhat.com
Wed Feb 28 09:48:55 UTC 2018
On Wed, Feb 28, 2018 at 09:40:11 +0000, Daniel Berrange wrote:
> On Wed, Feb 28, 2018 at 10:34:51AM +0100, Erik Skultety wrote:
> > On Tue, Feb 27, 2018 at 05:15:30PM +0000, Daniel P. Berrangé wrote:
[...]
> > By having the separate <sev> element you can make the sub-elements depend on
> > this parent element, since you can't expect other vendors to favour <cbitpos>
> > which add burden to the documentation to make it clear. Of course, the price
> > you pay for this is a more complex XML structure.
The parser can parse different things depending on the model name. Also
the schema has provisions for this. The only slightly more complicated
part is providing examples in the documentation, since you'll need to
repeat the block with different model.
> > <launch>
> > <security>
> > <sev>
> > <sev_specific_elements/>
> > </sev>
> > </security>
>
> This is not the way we usually do things - we wuld have a type="sev|..."
> which determines what child elements are permitted, as illustrated in
> the example above.
>
> > <other_security_unrelated_validation_options/>
> > </launch>
>
> I think the extra level of nesting is uneccessary
Also new elements are ignored by older libvirt (since schema validation
is not turned on in all cases) while new values for an enum can be
properly validated and rejected.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20180228/aaa0390a/attachment-0001.sig>
More information about the libvir-list
mailing list