| |
Subscribe / Log in / New account

A system for rebootless kernel security updates

From:  Jeff Arnold <jbarnold@MIT.EDU>
To:  linux-kernel@vger.kernel.org
Subject:  A system for rebootless kernel security updates
Date:  Wed, 23 Apr 2008 14:59:05 -0400 (EDT)
Message-ID:  <alpine.DEB.1.00.0802221606520.21343@vinegar-pot.mit.edu>
Archive‑link:  Article

Hello,

I've put together an automatic system for applying kernel security patches 
to the Linux kernel without rebooting it, and I wanted to share this 
system with the community in case others find it useful or interesting.

Here's the summary:  The system takes as input a kernel security patch 
(which can be a unified diff taken directly from Linus' GIT tree) and the 
source code corresponding to the running kernel, and it automatically 
creates a set of kernel modules to perform the update.  The running kernel 
does not need to have been customized in advance in any way.  To be fully 
automatic, the system cannot be used to apply patches that introduce 
semantic changes to data structures, but most Linux kernel security 
patches don't make these kinds of changes.  I've evaluated the system 
against various kernel versions and security vulnerabilities, and the 
system can automatically apply 84% of the significant kernel security 
patches from May 2005 through December 2007.

I've been pursuing this project because I don't like dealing with reboots 
whenever a new local kernel security vulnerability is discovered.  The 
rebootless update practices/systems that are already out there require 
manually constructing an update (through a process that can be tricky and 
error-prone), and they tend to have other disadvantages as well (such as 
requiring a custom kernel, not handling inline functions properly, etc). 
This new system works on existing kernels, and it simply takes a unified 
diff as input and does the rest on its own.

The system's website is http://web.mit.edu/ksplice.

The GIT repository, code tarball, and binary tarballs are available here:
http://web.mit.edu/ksplice/ksplice.git
http://web.mit.edu/ksplice/dist/ksplice-src.tar.gz
http://web.mit.edu/ksplice/dist/ksplice-bin-i386.tar.gz
http://web.mit.edu/ksplice/dist/ksplice-bin-x86_64.tar.gz

A document describing how the system works is available here: 
http://web.mit.edu/ksplice/doc/ksplice.pdf

Any feedback would be appreciated.

Jeff Arnold
jbarnold@mit.edu

Copyright © 2008, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds