Linux Kernel Live-Patching Continues Work On Atomic Replace & Cumulative Patches

Not making it for the Linux 5.0 kernel but continuing to be revised is atomic replace functionality for the livepatching code. The Linux livepatch atomic replace feature allows for cumulative patches and the ability to remove a patch lower in the stack / patch series.

Petr Mladek on Wednesday sent out the fifteenth version of these patches implementing atomic replace within the kernel's common livepatch code. This livepatch functionality was worked on in part by Akamai and motivated to offer the ability to revert a previously applied livepatch.

The technical details on the current implementation and intended workflow can be found from this particular patch and the documentation.

The two thousand plus lines of code getting this live-patching atomic replace support working can be reviewed on the kernel mailing list. With kernel live-patching being increasingly common across Linux distributions for being able to patch kernels primarily for security issues while avoiding the downtime of kernel reboots, hopefully the atomic replace / cumulative patches feature will be ready in time for the Linux 5.1 kernel next quarter.