Extending the Linux Kernel for Wait-Free Live Patching of Multi-Threaded Processes

Run-time patching of a program's executable code is employed to allow live updates of a program and to satisfy the need for efficient run-time variability. However, code modification during run-time usually comes with problems becuase standard execution models are based upon the assumption of code immutability.

In multi-threaded programs, there are a number of problems that can occur during run-time patching, mainly the risk of erroneous behaviour caused by modifying code that is currently running in other threads.

Previous solutions are based on transferring the program to a state of quiescence (see Further Reading). This means that all threads have reached a safe point where the code modification can be safely executed. The problem with these solutions is an undesirable delay caused by waiting for all threads to reach a safe point.

The new mechanism to be implemented should exploit the mechanisms of distinct virtual address spaces in order to migrate threads one by one while all threads continue to run.

The goal of this thesis is to design and implement a prototype for a wait-free run-time patching mechanism in the Linux kernel. This should be realized by introducing a system call interface which allows userspace programs to use the patching functionality of the operating system.

The prototype is to be evaluated systematically using synthetic test programs. In addition, the correct functioning is to be shown by the use in real-world software.

Further Reading

Practical Dynamic Software Updating for C

Iulian Neamtiu, Michael Hicks, Gareth Stoyle, Manuel OriolProceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and ImplementationACM2006.
10.1145/1133981.1133991 [BibTex]

×

BibTex Entry

@inproceedings{neamtiu:06:pldi,
acmid = {1133991},
location = {New York, NY, USA},
author = {Neamtiu, Iulian and Hicks, Michael and Stoyle, Gareth and Oriol, Manuel},
booktitle = {Proceedings of the 27th ACM SIGPLAN Conference on Programming Language Design and Implementation},
doi = {10.1145/1133981.1133991},
isbn = {1-59593-320-4},
keywords = {dynamic software updating, function indirection, loop extraction, type wrapping},
location = {Ottawa, Ontario, Canada},
numpages = {12},
pages = {72–83},
publisher = {ACM},
series = {PLDI '06},
title = {Practical Dynamic Software Updating for C},
year = {2006},
}

Close

OPUS: Online Patches and Updates for Security

Gautam Altekar, Ilya Bagrak, Paul Burstein, Andrew SchultzProceedings of the 14th Conference on USENIX Security Symposium - Volume 14USENIX Association2005.
[BibTex]

×

BibTex Entry

@inproceedings{altekar:05:ssym,
location = {Berkeley, CA, USA},
author = {Altekar, Gautam and Bagrak, Ilya and Burstein, Paul and Schultz, Andrew},
booktitle = {Proceedings of the 14th Conference on USENIX Security Symposium - Volume 14},
location = {Baltimore, MD},
numpages = {1},
pages = {19–19},
publisher = {USENIX Association},
series = {SSYM '05},
title = {OPUS: Online Patches and Updates for Security},
year = {2005},
}

Close