-
Welcome
-
Subscribe to
Livepatching completeness - a review of considerations for success
Session information has not yet been published for this event.
One Line Summary
This talk covers areas of improvements to help livepatching be widely adopted and used
Abstract
Live patching is gaining momentum in the kernel, with ports to several architectures.
We soon expect distributions to be shipping live patches to the kernel. This proposal
discusses some of the issues we have from both a development and administrative viewpoint
From an administrative user view point we should look at
1. We need to look at some of the security issues around live-patching. Can live-patching be used to hide rootkits?
2. Availability of similar infrastructure in user mode
From a development viewpoint we should look at
1. We need to work on a comprehensive suite of tests to ensure reliability of live patching implementations
2. Alternatives to using ftrace infrastructure for live-patching
3. Porting live-patching to other architectures – lessons learnt from ppc64le
The proposed talk covers some recommendations in each of the above areas
Tags
testing, security, alternative-implementations
Presentation Materials
slidesSpeaker
-
Biography
Balbir Singh is a developer who has been working on Linux for over a decade. After developing memory cgroups and some parts of the scheduler cpuacct, he moved his interests to security. Balbir had a stint with security developing and working on whitelisting and is now back to working on the core kernel.