Ksplice

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Ksplice: automatic rebootless kernel updates

Full text

Pdf (656 KB)

Source

European Conference on Computer Systems archive
Proceedings of the 4th ACM European conference on Computer systems table of contents

Nuremberg, Germany

SESSION: Real, running systems table of contents

Pages 187-198

Year of Publication: 2009

ISBN:978-1-60558-482-9

Authors

Jeff Arnold	Massachusetts Institute of Technology, Cambridge, MA, USA
M. Frans Kaashoek	Massachusetts Institute of Technology, Cambridge, MA, USA

Sponsor

ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 29, Downloads (12 Months): 156, Citation Count: 2

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1519065.1519085 What is a DOI?

ABSTRACT

Ksplice allows system administrators to apply patches to their operating system kernels without rebooting. Unlike previous hot update systems, Ksplice operates at the object code layer, which allows Ksplice to transform many traditional source code patches into hot updates with little or no programmer involvement. In the common case that a patch does not change the semantics of persistent data structures, Ksplice can create a hot update without a programmer writing any new code.

Security patches are one compelling application of hot updates. An evaluation involving all significant x86-32 Linux security patches from May 2005 to May 2008 finds that most security patches-56 of 64-require no new code to be performed as a Ksplice update. In other words, Ksplice can correct 88% of the Linux kernel vulnerabilities from this interval without the need for rebooting and without writing any new code.

If a programmer writes a small amount of new code to assist with the remaining patches (about 17 lines per patch, on average), then Ksplice can apply all 64 of the security patches from this interval without rebooting.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	Gautam Altekar , Ilya Bagrak , Paul Burstein , Andrew Schultz, OPUS: online patches and updates for security, Proceedings of the 14th conference on USENIX Security Symposium, p.19-19, July 31-August 05, 2005, Baltimore, MD
	2	Jeff Arnold and M. Frans Kaashoek. Ksplice evaluation full data: kernel versions, commit ids, and new code, 2008. URL http://www.ksplice.com/cve-evaluation-2008
	3	Andrew Baumann , Jonathan Appavoo , Robert W. Wisniewski , Dilma Da Silva , Orran Krieger , Gernot Heiser, Reboots are for hardware: challenges and solutions to updating an operating system on the fly, 2007 USENIX Annual Technical Conference on Proceedings of the USENIX Annual Technical Conference, p.1-14, June 17-22, 2007, Santa Clara, CA
	4	Andrew Baumann , Gernot Heiser , Jonathan Appavoo , Dilma Da Silva , Orran Krieger , Robert W. Wisniewski , Jeremy Kerr, Providing dynamic update in an operating system, Proceedings of the annual conference on USENIX Annual Technical Conference, p.32-32, April 10-15, 2005, Anaheim, CA
	5	Bryan Buck , Jeffrey K. Hollingsworth, An API for Runtime Code Patching, International Journal of High Performance Computing Applications, v.14 n.4, p.317-329, November 2000 [doi>10.1177/109434200001400404]
	6	Silvio Cesare. Runtime kernel kmem patching, 1998. URL http://doc.bughunter.net/rootkit-backdoor/kmem-patching.html
	7	Steve Chamberlain. Lib bfd, the binary file descriptor library, 1991. URL http://sourceware.org/binutils/docs-2.19/bfd/index.html
	8	Haibo Chen , Rong Chen , Fengzhe Zhang , Binyu Zang , Pen-Chung Yew, Live updating operating systems using virtualization, Proceedings of the 2nd international conference on Virtual execution environments, June 14-16, 2006, Ottawa, Ontario, Canada [doi>10.1145/1134760.1134767]
	9	Rémi Douence , Thomas Fritz , Nicolas Loriant , Jean-Marc Menaud , Marc Ségura-Devillechaise , Mario Südholt, An expressive aspect language for system applications with Arachne, Proceedings of the 4th international conference on Aspect-oriented software development, p.27-38, March 14-18, 2005, Chicago, Illinois [doi>10.1145/1052898.1052901]
	10	Nelson Elhage. Root exploit for cve-2007-4573, 2007. URL http://web.mit.edu/nelhage/Public/cve-2007-4573.c
	11	H. Goullon , R. Isle , K. -P. Lohr, Dynamic Restructuring in an Experimental Operating System, IEEE Transactions on Software Engineering, v.4 n.4, p.298-307, July 1978 [doi>10.1109/TSE.1978.231515]
	12	Deepak Gupta , Pankaj Jalote, On line software version change using state transfer between processes, Software—Practice & Experience, v.23 n.9, p.949-964, Sept. 1993 [doi>10.1002/spe.4380230903]
	13	Deepak Gupta , Pankaj Jalote , Gautam Barua, A Formal Framework for On-line Software Version Change, IEEE Transactions on Software Engineering, v.22 n.2, p.120-131, February 1996 [doi>10.1109/32.485222]
	14	Roman Medina-Heigl Hernandez. Local r00t exploit for prctl core dump handling, 2006. URL http://seclists.org/fulldisclosure/2006/Jul/0235.html
	15	Greg Hoglund , Jamie Butler, Rootkits: Subverting the Windows Kernel, Addison-Wesley Professional, 2005
	16	Joseph Kong, Designing BSD Rootkits, No Starch Press, San Francisco, CA, 2007
	17	Greg Kroah-Hartman. Linux kernel unified stable trees, 2008. URL git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-2.6-stable.git
	18	David E. Lowell, Yasushi Saito, and Eileen J. Samberg. Devirtualizable virtual machines enabling general, single-node, online maintenance. SIGPLAN Notices, 39(11):211--223, 2004.
	19	Kristis Makris , Kyung Dong Ryu, Dynamic and adaptive updates of non-quiescent subsystems in commodity operating system kernels, Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007, March 21-23, 2007, Lisbon, Portugal
	20	MITRE. Common vulnerabilities and exposures list, 2008. URL http://cve.mitre.org/cve
	21	Iulian Neamtiu , Michael Hicks , Gareth Stoyle , Manuel Oriol, Practical dynamic software updating for C, Proceedings of the 2006 ACM SIGPLAN conference on Programming language design and implementation, June 11-14, 2006, Ottawa, Ontario, Canada
	22	qaaz. Root exploit for cve-2008-0600, 2008. URL http://milw0rm.com/exploits/5093
	23	Joanna R. Root exploit for cve-2006-3626, 2006. URL http://milw0rm.com/exploits/2013
	24	sd@sf.cz and devik@cdi.cz. Linux on-the-fly kernel patching without lkm, 2001. URL http://www.phrack.org/issues.html?issue=58&id=7#article
	25	Ariel Tamches , Barton P. Miller, Fine-grained dynamic instrumentation of commodity operating system kernels, Proceedings of the third symposium on Operating systems design and implementation, p.117-130, February 1999, New Orleans, Louisiana, United States
	26	Tool Interface Standard TIS. Executable and linkable format specification, 1993. URL http://www.skyfree.org/linux/references/ELF_Format.pdf
	27	Linus Torvalds. Linux kernel tree, 2008. URL git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux-2.6.git
	28	Fumitoshi Ukai. snapshot.debian.net, 2008. URL http://snapshot.debian.net
	29	Helen J. Wang , Chuanxiong Guo , Daniel R. Simon , Alf Zugenmaier, Shield: vulnerability-driven network filters for preventing known vulnerability exploits, Proceedings of the 2004 conference on Applications, technologies, architectures, and protocols for computer communications, August 30-September 03, 2004, Portland, Oregon, USA
	30	Amos Waterland. The stress workload generator for posix systems, 2007. URL http://weather.ou.edu/apw/projects/stress/

CITED BY 2

	Suriya Subramanian , Michael Hicks , Kathryn S. McKinley, Dynamic software updates: a VM-centric approach, ACM SIGPLAN Notices, v.44 n.6, June 2009
	Iulian Neamtiu , Michael Hicks, Safe and timely updates to multi-threaded programs, ACM SIGPLAN Notices, v.44 n.6, June 2009