Linux Gets Live Kernel Patching


Patching without rebooting reaches the official Linux kernel.

Linux developer Jiri Kosina announced on the Linux Kernel mailing list that the code for a unified Live kernel patching feature is available for final review and possible inclusion in the Linux kernel. Live patching allows the kernel to receive patches without rebooting. This technology is especially useful for commercial web servers and other highly available systems in environments where downtime is particularly disruptive. The new feature results from a collaboration between Red Hat and SUSE.
An open source tool known as Ksplice was previously the tool of choice for providing live patching for Linux systems. Ksplice was acquired by Oracle in 2011, and since then, Oracle has implemented Ksplice as a service and used it for supporting its own Oracle Linux distribution – with little or no effort to offer access to other Linux versions.
According to the blog post, Red Hat and SUSE started working on their own alternatives independently, and both SUSE's kGraft and Red Hat's Kpatch appeared in 2013. The two companies decided in 2014 to join forces and submit their code directly to the Linux kernel team, rather than applying it after the fact as “out-of-tree” code.
The new live-patch kernel code is available for review from top kernel maintainer Linus Torvalds, who must rule on the quality and suitability of the code before including it in future versions of the Linux kernel. The new feature is thought to be on track for integration in Linux kernel version 3.20, which, according to some reports, might actually be renamed Linux 4.0.


Related content

  • Oracle Monopolizes Linux Ksplice
  • Live Kernel Update Tools
    Two projects by Red Hat and SUSE – Kpatch and kGraft – attempt to patch the kernel with security updates on the fly. We look at features in these two tools and their suitability for production use.
  • Oracle Linux 7.1/pfSense
    Oracle Linux version 7.1 is based on the Unbreakable Enterprise Kernel Release 3 for x86-64. pfSense is an open source distribution of FreeBSD specifically for use as a firewall and router.
  • SUSE Linux Enterprise 11 SP3 tested
    SUSE has released the third update of its enterprise distribution. Along with updated software and bug fixes, Novell has added new drivers, storage and networking improvements, and support for UEFI secure boot to the current release.
  • News for Admins
    In the news: Canonical now offers an Ubuntu Pro image for AWS; Vulnerable Docker instance sought out by Monero malware; Cumulus Networks enhances their network-specific Linux; and SUSE adds SUSE Linux Enterprise to the Oracle Cloud Infrastructure.
comments powered by Disqus