Jayen and I put this article together this morning for ‘Beta’. CSESoc’s weekly student newsletter.
Jeff Arnold, creator of Ksplice, presented a talk this year at linux.conf.au, the annual Australasian Linux conference, about his product, the first practical technology for updating the Linux kernel without rebooting.
Jeff Arnold wrote most of Ksplice as part of his Master’s thesis, and upon its completion, started Ksplice, Inc. with a few classmates.
The Wikipedia article on uptime makes the statement about system administration: “Long uptime can indicate negligence, because critical updates can sometimes require reboots.” Ksplice endeavours to change this perception by making it possible for server administrators to apply important security patches immediately and without causing any downtime.
At the time of writing, we could not find a comparable technology. We found some references to Solaris having hotpatch support, and we assume IBM’s System z has this functionality due to the nature of their zero-downtime availability.
One can use Ksplice at any time, without interfering with any running services, connections, or applications. The catch is that Ksplice is really intended only for small security patches to the kernel, and not for even minor upgrades.
Ksplice applies patches to a running Kernel by loading new versions of entire functions into memory, and replacing the existing function code with a jump to the new one. This way, from a caller’s point of view, nothing has changed.
Most Linux Kernel security patches can be applied by Ksplice without doing any extra work. In the case where the semantics of a persistent data structure has changed, a programmer will need to write a few additional lines of code to tell Ksplice how the previous data structure can be transformed into the new one at runtime.
The performance impact of applying a Ksplice update is minimal. A small amount of memory will be expended to store the replacement code, and calls to the replaced functions will take a few cycles longer because of the inserted jump instructions.
Of course, with great power comes great responsibility. Ksplice makes it easier to change a running kernel, but that opens up all kinds of avenues to hackers, allowing them to easily mess with the core part of your system (only if they gain root access, of course).
Ksplice is currently available for download from their website, or as a package in debian, and Ksplice, Inc. sell support for business. There is currently work in progress for an up2date-type utility, which will make rebootless kernel updates as easy as distribution updates.
David Claridge & Jayen Ashar
No Comments Yet