Live Kernel Patching track

Friday, October 17, 2014 from 1:003:45pm
Room 26
 

There are currently a few different implementations on how to do live kernel patching in the kernel. That is, the ability to apply a patch to the kernel while it is still running, requiring no reboot. The problem is that the kernel should only have one implementation. Although userspace may be different, the more the various implementations can cooperate the better.

Not only is this an issue of cooperation, but there are some serious issues with live patching itself. What is considered safe? Can anything except for trivial buffer overflows and off by one errors be corrected. How long should a patched kernel be running before it should be rebooted.

Microconference Leader

Steven Rostedt

All tracks for this event

Sessions for this track

* Exploring synergies between Linux Kernel and Xen hypervisor live patching

A quick introduction into the design space for live patching for Xen. (slides)
Live Kernel Patching
Martin Pohlack

* kpatch vs kGraft

Compare the design and features of kpatch and kGraft and figure out if we can combine the two approaches, or take any other steps to get a live patching solution merged into mainline.
Live Kernel Patching
Josh Poimboeuf

* Overview of the Live Kernel Patching methods

Overview of the three approaches for Live Kernel Patching (kpatch, kGraft and criu+kexec)
Live Kernel Patching
Steven Rostedt

* Updating the kernel using CRIU and KExec

Pros and cons of replacing the kernel seamlessly to running processes instead of live-patching it. (slides)
Live Kernel Patching
Pavel Emelyanov

* What features are needed from a live patching solution?

What features are needed from a live patching solution?
Live Kernel Patching
Jiri Kosina

Proposals for this track

* The requirements of ftrace for live kernel patching

What requirements are needed from ftrace for kpatch and kGraft.
Live Kernel Patching 08/22/2014
Steven Rostedt