Live Kernel Patching Support Called For Linux 3.20 Kernel

Written by Michael Larabel in Linux Kernel on 9 February 2015 at 03:53 PM EST. 1 Comment
It looks like the infrastructure to facilitate live kernel patching will be added to the Linux 3.20 kernel, the result of collaboration for SUSE's kGraft and Red Hat's Kpatch.

Last year SUSE and Red Hat introduced their own live kernel patching mechanisms after not knowing each company was independently working on a solution for patching running versions of the Linux kernel against basic security/bug fixes. In the months since the unveiling of kGraft and Kpatch, the kernel developers have been working together to come up with a common base that addresses the needs of each implementation. That common work for supporting Kpatch and kGraft is now what's ready for merging into Linux 3.20.

The live patching pull request for the Linux 3.20 merge window explains:
It provides a basic infrastructure for function "live patching" (i.e. code redirection), including API for kernel modules containing the actual patches, and API/ABI for userspace to be able to operate on the patches (look up what patches are applied, enable/disable them, etc). It's relatively simple and minimalistic, as it's making use of existing kernel infrastructure (namely ftrace) as much as possible. It's also self-contained, in a sense that it doesn't hook itself in any other kernel subsystem (it doesn't even touch any other code). It's now implemented for x86 only as a reference architecture, but support for powerpc, s390 and arm is already in the works (adding arch-specific support basically boils down to teaching ftrace about regs-saving).

Once this common infrastructure gets merged, both Red Hat and SUSE have agreed to immediately start porting their current solutions on top of this, abandoning their out-of-tree code. The plan basically is that each patch will be marked by flag(s) that would indicate which consistency model it is willing to use.

Before this happens, the current codebase can be used to patch a large group of secruity/stability problems the patches for which are not too complex (in a sense that they don't introduce non-trivial change of function's return value semantics, they don't change layout of data structures, etc).

The live patching pull request can be viewed on the kernel mailing list.
Related News
About The Author
Michael Larabel

Michael Larabel is the principal author of and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via

Popular News This Week