Thursday, March 12, 2009

Patching the linux kernel without rebooting

Yes, is working. Just look here ... is named ksplice and you can find there all the sources and documentation.

Now you will never reboot a production server just for a kernel security patch. All can be done online.

You can not change the entire kernel without rebooting ! The changes need to don't introduce any semantic changes to the data structure, but for almost all security patches is enough.

Right now supports just x86-32, x86-64, and ARM architectures and have been tested on Linux kernel versions ranging from 2.6.8 to 2.6.28-rc6.