Ksplice: Automatic Rebootless Kernel Updates
Ksplice allows system administrators to apply patches to their operating system kernels without rebooting. Unlike previous hot update systems, Ksplice operates at the object code layer, which allows Ksplice to transform many traditional source code patches into hot updates with little or no programm...
Main Authors: | , |
---|---|
Other Authors: | |
Format: | Article |
Language: | en_US |
Published: |
Association for Computing Machinery
2010
|
Online Access: | http://hdl.handle.net/1721.1/51698 https://orcid.org/0000-0001-7098-586X |
_version_ | 1811070617217138688 |
---|---|
author | Kaashoek, M. Frans Arnold, Jeffrey B. |
author2 | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory |
author_facet | Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory Kaashoek, M. Frans Arnold, Jeffrey B. |
author_sort | Kaashoek, M. Frans |
collection | MIT |
description | Ksplice allows system administrators to apply patches to their operating system kernels without rebooting. Unlike previous hot update systems, Ksplice operates at the object code layer, which allows Ksplice to transform many traditional source code patches into hot updates with little or no programmer involvement. In the common case that a patch does not change the semantics of persistent data structures, Ksplice can create a hot update without a programmer writing any new code.
Security patches are one compelling application of hot updates. An evaluation involving all significant x86-32 Linux security patches from May 2005 to May 2008 finds that most security patches-56 of 64-require no new code to be performed as a Ksplice update. In other words, Ksplice can correct 88% of the Linux kernel vulnerabilities from this interval without the need for rebooting and without writing any new code.
If a programmer writes a small amount of new code to assist with the remaining patches (about 17 lines per patch, on average), then Ksplice can apply all 64 of the security patches from this interval without rebooting. |
first_indexed | 2024-09-23T08:38:56Z |
format | Article |
id | mit-1721.1/51698 |
institution | Massachusetts Institute of Technology |
language | en_US |
last_indexed | 2024-09-23T08:38:56Z |
publishDate | 2010 |
publisher | Association for Computing Machinery |
record_format | dspace |
spelling | mit-1721.1/516982022-09-30T10:14:24Z Ksplice: Automatic Rebootless Kernel Updates Kaashoek, M. Frans Arnold, Jeffrey B. Massachusetts Institute of Technology. Computer Science and Artificial Intelligence Laboratory Massachusetts Institute of Technology. Department of Electrical Engineering and Computer Science Kaashoek, M. Frans Kaashoek, M. Frans Arnold, Jeffrey B. Ksplice allows system administrators to apply patches to their operating system kernels without rebooting. Unlike previous hot update systems, Ksplice operates at the object code layer, which allows Ksplice to transform many traditional source code patches into hot updates with little or no programmer involvement. In the common case that a patch does not change the semantics of persistent data structures, Ksplice can create a hot update without a programmer writing any new code. Security patches are one compelling application of hot updates. An evaluation involving all significant x86-32 Linux security patches from May 2005 to May 2008 finds that most security patches-56 of 64-require no new code to be performed as a Ksplice update. In other words, Ksplice can correct 88% of the Linux kernel vulnerabilities from this interval without the need for rebooting and without writing any new code. If a programmer writes a small amount of new code to assist with the remaining patches (about 17 lines per patch, on average), then Ksplice can apply all 64 of the security patches from this interval without rebooting. 2010-02-11T15:27:18Z 2010-02-11T15:27:18Z 2009 2009-04 Article http://purl.org/eprint/type/ConferencePaper 978-1-60558-482-9 http://hdl.handle.net/1721.1/51698 Arnold, Jeff, and M. Frans Kaashoek. “Ksplice: automatic rebootless kernel updates.” Proceedings of the 4th ACM European conference on Computer systems. Nuremberg, Germany: ACM, 2009. 187-198. https://orcid.org/0000-0001-7098-586X en_US http://dx.doi.org/10.1145/1519065.1519085 Proceedings of the 4th ACM European conference on Computer systems Article is made available in accordance with the publisher's policy and may be subject to US copyright law. Please refer to the publisher's site for terms of use. application/pdf Association for Computing Machinery Frans Kaashoek |
spellingShingle | Kaashoek, M. Frans Arnold, Jeffrey B. Ksplice: Automatic Rebootless Kernel Updates |
title | Ksplice: Automatic Rebootless Kernel Updates |
title_full | Ksplice: Automatic Rebootless Kernel Updates |
title_fullStr | Ksplice: Automatic Rebootless Kernel Updates |
title_full_unstemmed | Ksplice: Automatic Rebootless Kernel Updates |
title_short | Ksplice: Automatic Rebootless Kernel Updates |
title_sort | ksplice automatic rebootless kernel updates |
url | http://hdl.handle.net/1721.1/51698 https://orcid.org/0000-0001-7098-586X |
work_keys_str_mv | AT kaashoekmfrans kspliceautomaticrebootlesskernelupdates AT arnoldjeffreyb kspliceautomaticrebootlesskernelupdates |