Signed-off-by: Peter Krempa <pkrempa@xxxxxxxxxx> --- docs/formatdomain.rst | 1 - docs/formatdomaincaps.rst | 4 ++-- docs/kbase/launch_security_sev.rst | 2 +- docs/kbase/s390_protected_virt.rst | 2 +- 4 files changed, 4 insertions(+), 5 deletions(-) diff --git a/docs/formatdomain.rst b/docs/formatdomain.rst index 97c23f6aa6..4868d3c397 100644 --- a/docs/formatdomain.rst +++ b/docs/formatdomain.rst @@ -8177,7 +8177,6 @@ At least one ``cipher`` element must be nested within the ``keywrap`` element. Note: DEA/TDEA is synonymous with DES/TDES. -:anchor:`<a id="launchSecurity"/>` Launch Security --------------- diff --git a/docs/formatdomaincaps.rst b/docs/formatdomaincaps.rst index 7aead08d69..1ff45da6f0 100644 --- a/docs/formatdomaincaps.rst +++ b/docs/formatdomaincaps.rst @@ -568,7 +568,7 @@ s390-pv capability Reports whether the hypervisor supports the Protected Virtualization. In order to use Protected Virtualization with libvirt have a look at the `launchSecurity -element in the domain XML <formatdomain.html#launchSecurity>`__. For more +element in the domain XML <formatdomain.html#launch-security>`__. For more details on the Protected Virtualization feature please see `Protected Virtualization on s390 <kbase/s390_protected_virt.html>`__. @@ -583,7 +583,7 @@ transparently encrypted with a key unique to that VM. For more details on the SEV feature, please follow resources in the AMD developer's document store. In order to use SEV with libvirt have a look at `SEV -in domain XML <formatdomain.html#launchSecurity>`__ +in domain XML <formatdomain.html#launch-security>`__ ``cbitpos`` When memory encryption is enabled, one of the physical address bits (aka the diff --git a/docs/kbase/launch_security_sev.rst b/docs/kbase/launch_security_sev.rst index 06d1f2dad0..3ebb01ad80 100644 --- a/docs/kbase/launch_security_sev.rst +++ b/docs/kbase/launch_security_sev.rst @@ -154,7 +154,7 @@ VM Configuration ================ SEV is enabled in the XML by specifying the -`<launchSecurity> <https://libvirt.org/formatdomain.html#launchSecurity>`__ +`<launchSecurity> <https://libvirt.org/formatdomain.html#launch-security>`__ element. However, specifying ``launchSecurity`` isn't enough to boot an SEV VM. Further configuration requirements are discussed below. diff --git a/docs/kbase/s390_protected_virt.rst b/docs/kbase/s390_protected_virt.rst index 4cbdeea7ed..a8c627931b 100644 --- a/docs/kbase/s390_protected_virt.rst +++ b/docs/kbase/s390_protected_virt.rst @@ -128,7 +128,7 @@ As the virtio data structures of secure guests are not accessible by the host, it is necessary to use shared memory ('bounce buffers'). Since libvirt 7.6.0 the -`<launchSecurity> <https://libvirt.org/formatdomain.html#launchSecurity>`__ +`<launchSecurity> <https://libvirt.org/formatdomain.html#launch-security>`__ element with type ``s390-pv`` should be used on protected virtualization guests. Without ``launchSecurity`` you must enable all virtio devices to use shared buffers by configuring them with platform_iommu enabled. -- 2.35.3