Linux system admins will soon be able to patch their systems without reboots
Share on Twitter.
Get the most reliable SMTP service for your business. You wished you got it sooner!
February 11, 2015
A new initiative between SUSE and Red Hat is going to bring some relief to Linux system admins
the world over-- soon they will be able to patch their systems without any reboots.
Overall, the live patching infrastructure looks set to become available in version 3.20 of the new Linux kernel. As some of
you probably know by now, version 3.19 has been available since just a few days now.
Red Hat and SUSE introduced their distribution-specific live patching solutions a month apart in
2013-– SUSE's kGraft hit in February, and Red Hat's Kpatch arrived in March of 2013.
As SUSE developer Jiri Kosina explains on the Linux Kernel Mailing List, an early shot at live patching
called kSplice was acquired and turned into a proprietary service at that time.
He says the SUSE and Red Hat approaches were different-- “kPatch is issuing stop_machine()”, inspecting
processes and deciding whether the system is safe to patch. For its part, “kGraft provides a per-thread
consistency during one single pass of a process through the kernel and performs a lazy contiguous migration
of threads from 'unpatched' universe to the 'patched' one at safe checkpoints.”
After a discussion at the Linux Plumbers' Conference in Dusseldorf in 2014, the different parties
worked out the basis of the new approach.
A key aspect of the live-patching infrastructure, Kosina says, is that it's “self-contained, in a
sense that it doesn't hook itself in any other kernel subsystem. In fact, it doesn't even touch any
“It's now implemented for x86 only as a reference architecture, but support for PowerPc, S-390 and ARM
is already in the works, adding arch-specific support basically boils down to teaching ftrace about regs-saving”,
Red Hat and SUSE will port their current solutions to the common infrastructure, abandoning their
Kosina's post to the list is addressed to "Linus Torvalds" and says "Live patching core is available
for you to pull at git://git.kernel.org/pub/scm/linux/kernel/git/jikos/livepatching.git.
Source: SUSE and Red Hat.
Get the most dependable SMTP server for your company. You will congratulate yourself!
Share on Twitter.