George Dunlap writes ("Re: [PATCH for-4.9] livepatch: Declare live patching as
a supported feature"):
> I agree that as long as the patch can be applied after "xl pause", then
> the domain cannot be said to be preventing the application of the
> livepatch. But if either 'xl pause' doesn't work, or if livepatching
> fails due to a malicious domain's actions after 'xl pause' (or 'xl
> destroy'), then it should be treated as a security issue.
+1
Ian.
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
