Title :
Seamless kernel updates
Author :
Siniavine, Maxim ; Goel, Ankush
Author_Institution :
Univ. of Toronto, Toronto, ON, Canada
Abstract :
Kernel patches are released frequently to fix bugs and security vulnerabilities. However, users and system administrators often delay installing these updates because they require a system reboot, which results in disruption of service and the loss of application state. Unfortunately, the longer a system remains out-of-date, the higher is the likelihood of system failure or a successful attack. Approaches, such as dynamic patching and hot swapping, have been proposed for updating the kernel. All of them either limit the types of updates that are supported, or require significant programming effort to manage. We have designed a system that checkpoints application-visible state, updates the kernel, and restores the application state thus minimizing disruption of service. By checkpointing high-level state, our system no longer depends on the precise implementation of a patch and can apply all backward compatible patches. Our results show that updates to major releases of the Linux kernel can be applied with minimal effort and no observable overhead.
Keywords :
Linux; checkpointing; operating system kernels; program debugging; Linux kernel; application-visible state checkpointing; bugs; dynamic patching; high-level state checkpointing; hot swapping; kernel patches; seamless kernel updates; security vulnerabilities; system administrators; system failure; system reboot; Data structures; Instruction sets; Kernel; Linux; Protocols; Reliability; Transfer functions;
Conference_Titel :
Dependable Systems and Networks (DSN), 2013 43rd Annual IEEE/IFIP International Conference on
Conference_Location :
Budapest
Print_ISBN :
978-1-4673-6471-3
DOI :
10.1109/DSN.2013.6575312
