On 4/29/20 3:29 PM, Daniel P. Berrangé wrote:
On Tue, Apr 28, 2020 at 05:58:02PM +0200, Boris Fiuczynski wrote:
From: Viktor Mihajlovski <mihajlov@linux.ibm.com>
Protected virtualization/IBM Secure Execution for Linux protects guest memory and state from the host.
Add some basic information about technology and a brief guide on setting up secure guests with libvirt.
Signed-off-by: Viktor Mihajlovski <mihajlov@linux.ibm.com> Reviewed-by: Boris Fiuczynski <fiuczy@linux.ibm.com> Reviewed-by: Paulo de Rezende Pinatti <ppinatti@linux.ibm.com> --- docs/kbase.html.in | 3 + docs/kbase/protected_virtualization.rst | 188 ++++++++++++++++++++++++
I'd suggest calling this s390_protected_virt.rst We can do that.
diff --git a/docs/kbase.html.in b/docs/kbase.html.in index c586e0f676..05a3239224 100644 --- a/docs/kbase.html.in +++ b/docs/kbase.html.in @@ -14,6 +14,9 @@ <dt><a href="kbase/secureusage.html">Secure usage</a></dt> <dd>Secure usage of the libvirt APIs</dd>
+ <dt><a href="kbase/protected_virtualization.html">Protected virtualization</a></dt>
"s390 Protected virtualization" as the title
The terminology that was used in the KVM upstream code is simply protected virtualization without a prefix, so I'd avoid creating a new denomination in libvirt. Alternatively we could use the (unmodified) marketing name "IBM Secure Execution for Linux" here and below in the RST and reverse the "also known as" sentence in the overview.
+ <dd>Running secure guests with IBM Secure Execution</dd>
s/secure guests/secure s390 guests/OK
+ <dt><a href="kbase/launch_security_sev.html">Launch security</a></dt> <dd>Securely launching VMs with AMD SEV</dd>
diff --git a/docs/kbase/protected_virtualization.rst b/docs/kbase/protected_virtualization.rst new file mode 100644 index 0000000000..48f2add14e --- /dev/null +++ b/docs/kbase/protected_virtualization.rst @@ -0,0 +1,188 @@ +======================== +Protected Virtualization
s/^/s390/
see above [...] -- Kind Regards, Viktor