Linux Gets Live Kernel Patching
Linux developer Jiri Kosina announced on the Linux Kernel mailing list that the code for a unified Live kernel patching feature is available for final review and possible inclusion in the Linux kernel. Live patching allows the kernel to receive patches without rebooting. This technology is especially useful for commercial web servers and other highly available systems in environments where downtime is particularly disruptive. The new feature results from a collaboration between Red Hat and SUSE.
An open source tool known as Ksplice was previously the tool of choice for providing live patching for Linux systems. Ksplice was acquired by Oracle in 2011, and since then, Oracle has implemented Ksplice as a service and used it for supporting its own Oracle Linux distribution – with little or no effort to offer access to other Linux versions.
According to the blog post, Red Hat and SUSE started working on their own alternatives independently, and both SUSE's kGraft and Red Hat's Kpatch appeared in 2013. The two companies decided in 2014 to join forces and submit their code directly to the Linux kernel team, rather than applying it after the fact as “out-of-tree” code.
The new live-patch kernel code is available for review from top kernel maintainer Linus Torvalds, who must rule on the quality and suitability of the code before including it in future versions of the Linux kernel. The new feature is thought to be on track for integration in Linux kernel version 3.20, which, according to some reports, might actually be renamed Linux 4.0.