Article explores Linux hot-patching utility
May 8, 2008 — by Eric Brown — from the LinuxDevices Archive — 7 viewsLWN.net has published an article about ksplice, a hot-patching utility for the Linux kernel that was developed by an MIT grad student. Ksplice lets users make changes to running kernel code — for example to apply a security patch — without rebooting the system or interrupting services running on it.
The article was written by LWN.net co-founder Jonathan Corbet. It inspired a lively discussion of the technology, and its chances of being merged into the mainline Linux kernel source code tree. Carrier Grade Linux and high-availability Linux distributions typically already have hot-patching implementations of their own, but the mainline kernel still does not.
Ksplice was announced on April 23rd on LWN.net in a post by the utility's lead developer, Jeffrey Brian Arnold, a graduate student at MIT. Ksplice works on any patch that “does not introduce semantic changes to data structures,” says Arnold in his MIT paper on the subject, “Ksplice: An automatic system for rebootless Linux kernel security updates”. On the Ksplice project site, Arnold reports that an evaluation of Linux kernel security patches from May 2005 to December 2007 found that Ksplice automatically applied 84 percent of “50 significant kernel vulnerabilities.”
According to Corbet, ksplice should attract considerable interest from Linux administrators who need to install security patches to correct vulnerabilities in the Linux kernel. Each patch requires several minutes of downtime, which can either be an inconvenience or in the case of critical systems, an intolerable interruption.
Ksplice process for creating a hot update
[Source: Jeffrey Brian Arnold, MIT,
” Ksplice: An automatic system for rebootless Linux kernel security updates”]
(Click to enlarge)
From Corbet's description, ksplice compiles the system's kernel from source, with and without the patch, creating a kind of binary diff. It then inserts “trampolines” inside of functions affected by the patch. The trampolines simply bounce processing over to newly instantiated, patched object code. Clever stuff.
Ksplice still needs work, says Corbet, but he likes what he sees, enough to suggest that it might be a good addition to mainline. However, Arnold feels that such a move is unnecessary, says Corbet, and there is also a potential conflict from a 2002 Microsoft patent covering similar hot-patching.
The general consensus in the Linux development crowd is that the patent is invalid, says Corbet, since similar approaches have been used for decades. But who really wants to take Microsoft in court when writing code is so much more fun?
Availability
The full LWN.net article, entitled “Ksplice: kernel patches without reboots,” should be available here.
This article was originally published on LinuxDevices.com and has been donated to the open source community by QuinStreet Inc. Please visit LinuxToday.com for up-to-date news and articles about Linux and open source.