Academic
Publications
Ksplice: automatic rebootless kernel updates

Ksplice: automatic rebootless kernel updates,10.1145/1519065.1519085,Jeff Arnold,M. Frans Kaashoek

Ksplice: automatic rebootless kernel updates   (Citations: 20)
BibTex | RIS | RefWorks Download
Ksplice allows system administrators to apply patches to their operating system kernels without rebooting. Unlike previous hot update systems, Ksplice operates at the object code layer, which allows Ksplice to transform many tradi- tional source code patches into hot updates with little or no programmer involvement. In the common case that a patch does not change the semantics of persistent data structures, Ksplice can create a hot update without a programmer writ- ing any new code. Security patches are one compelling application of hot updates. An evaluation involving all significant x86-32 Linux security patches from May 2005 to May 2008 finds that most security patches—56 of 64—require no new code to be performed as a Ksplice update. In other words, Ksplice can correct 88% of the Linux kernel vulnerabilities from this interval without the need for rebooting and without writing any new code. If a programmer writes a small amount of new code to assist with the remaining patches (about 17 lines per patch, on average), then Ksplice can apply all 64 of the security patches from this interval without rebooting.
Conference: EuroSys Conference - EUROSYS , pp. 187-198, 2009
Cumulative Annual
View Publication
The following links allow you to view full publications. These links are maintained by other sources not affiliated with Microsoft Academic Search.
    • ...Ksplice [2] is a system for live patching the Linux kernel...

    James Mickens. Rivet: Browser-agnostic Remote Debugging for Web Applications

    • ...- at run-time, by modifying applications byte-code to be interpreted by virtual machines [6, 16] or via diff-based approaches, in which binary images are compared at the byte-level [4, 21]...
    • ...In [4, 21] native binary code of old and new versions of software are compared at byte-level using diff-based algorithms, the delta is then transmitted to running system in which the differences are integrated...

    Juan F. Navaset al. A component-based run-time evolution infrastructure for resource-const...

    • ...Ksplice [6] and Unsanity’s Application Enhancer [23], each commercial offerings of binary-level DSU, provide runtime updating support to the Linux Kernel and to Mac OS X applications, respectively...
    • ...Such redirection is either enabled by special compilation of the original program, as in Ginseng [15], Erlang, and UpStare [13], or forced on the running system via runtime program rewriting, as in Ksplice [6], POLUS [8], or Jvolve [22]...
    • ...Ksplice [6], rewrite the old version of a function within the running program’s code to call the new version instead...

    Christopher M. Haydenet al. State transfer for clear and efficient runtime updates

    • ...Related work in many diverse research communities (e.g.: programming languages [1]; operating systems [2]; databases [3]; large-scale web servers [4]; realtime control systems [5]; or sensor networks [6], [7]) and in industry (e.g., the OMG OSGi [8] and IEC 61499 [9] standards) typically tends to take a partial and domain-specific view of the problem...
    • ...Concurrency allows to reason on piecewise changes to a program, and initialization and quiescence define when and how it is appropriate to do so. Instantiation of these traits can be found in related work on runtime modifications to a system, e.g., detecting inactive kernel functions in operating systems [2], reaching annotated program points in multi-threaded programs [1], or dynamic update models for distributed systems [19]...
    • ...Several specialized techniques may apply in this context, see [1], [2], [6], [30]‐[34]...
    • ...The problem of verifying and integrating runtime software changes has led to a wide range of specialized compilation techniques, e.g., automatic derivation of patches from source code repositories [2], verified code generation [30]‐[32], type safety inference for patches [1], [6], [34], or inference of “contextual side-effects” in concurrent programs [1], [33]...

    Christoph M. Kirschet al. Runtime Programming through Model-Preserving, Scalable Runtime Patches

    • ...Generally, existing systems can be categorized into two types: 1) restrictive ones that only support limited types of updates that do not modify global state [9], [11], and 2) permissive ones that support flexible changes...
    • ...Ksplice [11] is a restrictive updating system similar to...

    Haibo Chenet al. Dynamic Software Updating Using a Relaxed Consistency Model

Sort by: