Open Source Summit Europe 2022

Linux machines running with important or critical workloads, do not want to get rebooted every three weeks or six months for each new kernel release. So keeping these machines safe and up-to-date with security fixes is a must, which is the motivation behind livepatch. Livepatch is the ability of a kernel to change the flow of code execution from a broken or vulnerable function to a fixed function during runtime. It is implemented by compiling the new fixed function into a kernel module and loading it into the system. Ftrace is then used to redirect calls from the old function to the new function in the kernel module. This talk will cover the structure and detailed explanation of kernel livepatch, kpatch and prerequisites needed for writing a livepatch and how it uses ftrace for redirection. Also will showcase a demo on how livepatch works using kpatch-build, need of ELF sections and the limitations of livepatch. At the end of the session, the audience will have a better understanding of kernel livepatching, the usage of kpatch-build, and how to write a livepatch that can fix a real bug.