Note: DEA/TDEA is synonymous with DES/TDES.
-:anchor:`<a id="launchSecurity"/>`
Launch Security
---------------
Reports whether the hypervisor supports the Protected Virtualization. In order
to use Protected Virtualization with libvirt have a look at the `launchSecurity
-element in the domain XML <formatdomain.html#launchSecurity>`__. For more
+element in the domain XML <formatdomain.html#launch-security>`__. For more
details on the Protected Virtualization feature please see `Protected
Virtualization on s390 <kbase/s390_protected_virt.html>`__.
For more details on the SEV feature, please follow resources in the AMD
developer's document store. In order to use SEV with libvirt have a look at `SEV
-in domain XML <formatdomain.html#launchSecurity>`__
+in domain XML <formatdomain.html#launch-security>`__
``cbitpos``
When memory encryption is enabled, one of the physical address bits (aka the
================
SEV is enabled in the XML by specifying the
-`<launchSecurity> <https://libvirt.org/formatdomain.html#launchSecurity>`__
+`<launchSecurity> <https://libvirt.org/formatdomain.html#launch-security>`__
element. However, specifying ``launchSecurity`` isn't enough to boot an
SEV VM. Further configuration requirements are discussed below.
by the host, it is necessary to use shared memory ('bounce buffers').
Since libvirt 7.6.0 the
-`<launchSecurity> <https://libvirt.org/formatdomain.html#launchSecurity>`__
+`<launchSecurity> <https://libvirt.org/formatdomain.html#launch-security>`__
element with type ``s390-pv`` should be used on protected virtualization guests.
Without ``launchSecurity`` you must enable all virtio devices to use shared
buffers by configuring them with platform_iommu enabled.