Re: [libvirt] [PATCH 3/4] conf: introduce sev element in domain

Any kind of launch validation is ultimately security related in some manner. > By having the separate <sev> element you can make the sub-elements depend on > this parent element, since you can't expect other vendors to favour <cbitpos> > which add burden to the documentation to make it clear. Of course, the price > you pay for this is a more complex XML structure. > <launch> > <security> > <sev> > <sev_specific_elements/> > </sev> > </security> This is not the way we usually do things - we wuld have a type="sev|..." which determines what child elements are permitted, as illustrated in the example above.