[libvirt] [PATCH 3/4] conf: introduce sev element in domain
Erik Skultety
eskultet at redhat.com
Wed Feb 28 10:18:26 UTC 2018
> Any kind of launch validation is ultimately security related in some
> manner.
>
> > By having the separate <sev> element you can make the sub-elements depend on
> > this parent element, since you can't expect other vendors to favour <cbitpos>
> > which add burden to the documentation to make it clear. Of course, the price
> > you pay for this is a more complex XML structure.
> > <launch>
> > <security>
> > <sev>
> > <sev_specific_elements/>
> > </sev>
> > </security>
>
> This is not the way we usually do things - we wuld have a type="sev|..."
> which determines what child elements are permitted, as illustrated in
> the example above.
Oh, right. Also, having <sev> element wouldn't make it clear that you can only
have one type active, either 'sev' or some other solution.
Erik
More information about the libvir-list
mailing list