Get the lowest-cost and the best server colocation service in the business. Learn more.
Information Technology News.

Linux system admins will soon be able to patch their systems without reboots

Share on Twitter.

Get the most reliable SMTP service for your business. You wished you got it sooner!

Click here to order the best deal on a HP enterprise dedicated server and at a great price.

February 11, 2015

A new initiative between SUSE and Red Hat is going to bring some relief to Linux system admins the world over-- soon they will be able to patch their systems without any reboots.

Overall, the live patching infrastructure looks set to become available in version 3.20 of the new Linux kernel. As some of you probably know by now, version 3.19 has been available since just a few days now.

Red Hat and SUSE introduced their distribution-specific live patching solutions a month apart in 2013-– SUSE's kGraft hit in February, and Red Hat's Kpatch arrived in March of 2013.

As SUSE developer Jiri Kosina explains on the Linux Kernel Mailing List, an early shot at live patching called kSplice was acquired and turned into a proprietary service at that time.

He says the SUSE and Red Hat approaches were different-- “kPatch is issuing stop_machine()”, inspecting processes and deciding whether the system is safe to patch. For its part, “kGraft provides a per-thread consistency during one single pass of a process through the kernel and performs a lazy contiguous migration of threads from 'unpatched' universe to the 'patched' one at safe checkpoints.”

After a discussion at the Linux Plumbers' Conference in Dusseldorf in 2014, the different parties worked out the basis of the new approach.

A key aspect of the live-patching infrastructure, Kosina says, is that it's “self-contained, in a sense that it doesn't hook itself in any other kernel subsystem. In fact, it doesn't even touch any other code.

“It's now implemented for x86 only as a reference architecture, but support for PowerPc, S-390 and ARM is already in the works, adding arch-specific support basically boils down to teaching ftrace about regs-saving”, he added.

Red Hat and SUSE will port their current solutions to the common infrastructure, abandoning their out-of-tree code.

Kosina's post to the list is addressed to "Linus Torvalds" and says "Live patching core is available for you to pull at git://

Source: SUSE and Red Hat.

Get the most dependable SMTP server for your company. You will congratulate yourself!

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.