Xen project Mailing List

Re: [Xen-users] Apply venom patch without rebooting guests

To: Linux Hack <linuxhack2012@xxxxxxxxx>

From: Ian Campbell <ian.campbell@xxxxxxxxxx>

Date: Wed, 3 Jun 2015 10:15:56 +0100

Cc: "xen-users@xxxxxxxxxxxxx" <xen-users@xxxxxxxxxxxxx>

Delivery-date: Wed, 03 Jun 2015 09:17:27 +0000

List-id: Xen user discussion <xen-users.lists.xen.org>

On Wed, 2015-06-03 at 07:01 +0530, Linux Hack wrote: > Hi, > > > I plan to apply venom patch using below method on dom0's which will > avoid downtime for guests. > > > * Migrate all the VM's to another dom0 where I have space > * Apply venom patch on source dom0 and reboot the Dom0 > * once its up will migrate back the vm's to old dom0 itself. > > > But my concern is if i am doing by the above plan will newly applied > xen related patch will be applied for the drivers whatever loaded on > guests? XSA-133 / CVE-2015-3456 (I don't think using the marketing name is useful, see also [0]) was a qemu issue, so even just a local host migration (after having updated the qemu binary) should be sufficient since the DM is restarted on the other end of a migration. Of course migrating away and rebooting the dom0 would make 100% sure you hadn't accidentally missed a VM. (I suppose looking at /prod/*/exe could help too, since you'd see the old binary) > Also is there way to get hypervisior details from guest vm? Depends on the guest, Linux puts some stuff in /sys/.../hypervisor IIRC, and there is some stuff in dmesg on boot. Note that the qemu version isn't one of the things you'll see there. Ian. [0] http://backronym.fail/ _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxx http://lists.xen.org/xen-users

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.