Seamless kernel updates

Author

Siniavine, Maxim ; Goel, Ankush

Author_Institution

Univ. of Toronto, Toronto, ON, Canada

fYear

2013

fDate

24-27 June 2013

Firstpage

1

Lastpage

12

Abstract

Kernel patches are released frequently to fix bugs and security vulnerabilities. However, users and system administrators often delay installing these updates because they require a system reboot, which results in disruption of service and the loss of application state. Unfortunately, the longer a system remains out-of-date, the higher is the likelihood of system failure or a successful attack. Approaches, such as dynamic patching and hot swapping, have been proposed for updating the kernel. All of them either limit the types of updates that are supported, or require significant programming effort to manage. We have designed a system that checkpoints application-visible state, updates the kernel, and restores the application state thus minimizing disruption of service. By checkpointing high-level state, our system no longer depends on the precise implementation of a patch and can apply all backward compatible patches. Our results show that updates to major releases of the Linux kernel can be applied with minimal effort and no observable overhead.

Keywords

Linux; checkpointing; operating system kernels; program debugging; Linux kernel; application-visible state checkpointing; bugs; dynamic patching; high-level state checkpointing; hot swapping; kernel patches; seamless kernel updates; security vulnerabilities; system administrators; system failure; system reboot; Data structures; Instruction sets; Kernel; Linux; Protocols; Reliability; Transfer functions;

fLanguage

English

Publisher

ieee

Conference_Titel

Dependable Systems and Networks (DSN), 2013 43rd Annual IEEE/IFIP International Conference on

Conference_Location

Budapest

ISSN

1530-0889

Print_ISBN

978-1-4673-6471-3

Type

conf

DOI

10.1109/DSN.2013.6575312

Filename

6575312