SPOTOS: A Safe Point Detector for Online Patching Commodity OS

For high availability systems, it is desirable to fix discovered operating system security holes and other bugs, and do performance improvements without rebooting. However, the way that commodity operating systems are implemented sometimes makes online patching rather difficult, especially when the code to be updated is frequently used by the kernel. For commodity OS, hot update may have to be aborted due to not finding a safe point, even if there do exist occasions that those codes are not in use. After analyzing the difficulties faced when detecting a commodity OS´ quiescent state, this article proposes using reference counting copy to dynamically monitor the code execution status, which can trigger the online patching whenever safe point is reached. In principle, the proposed approach is applicable to all the legacy operating systems that support dynamically loading kernel modules, while minor changes will improve the performance and decrease implementation complexity. Based on Ksplice, a working prototype, SPOTOS, is implemented on Linux 2.6. SPOTOS has the advantage of dynamically monitoring the execution status of all the functions that are to be updated. Experiments on network communication are conducted, and the results prove the effectiveness and efficiency of our approach.