SUSE Blog

Tag: kGraft


By: Nicolai Stange

May 7, 2018 1:54 pm

3,491 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 4 – The Conclusion)

Now that everything has been set to go as described in Part 1 (Key technical obstacles for Live Patching Meltdown), Part 2 (Virtual address mappings and the Meltdown vulnerability)  and Part 3 (Changes needed for Translation Lookaside Buffer (TLB) flushing primitives), the last missing piece is to actually replace the entry code and make it […]

Read More

Tags:

Categories: Uncategorized


By: Nicolai Stange

May 4, 2018 12:20 pm

3,636 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 3)

Building upon the Part 1 (Key technical obstacles for Live Patching Meltdown) and the Part 2 (Virtual address mappings and the Meltdown vulnerability), let's now address the needed changes to the TLB flushing primitives. In order to resolve virtual to physical addresses, a CPU must traverse the page table tree. This is a costly […]

Read More

Categories: SUSE Linux Enterprise Live Patching


By: Nicolai Stange

May 3, 2018 11:59 am

3,807 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 2)

Following up on the Part 1 about key technical obstacles for Live Patching Meltdown, in this blog I will give you some background on virtual address mappings in context of the Meltdown vulnerability and look at patching kGraft itself! Virtually mapped memory is a protection feature provided by the CPU, orthogonal to the privilege separation […]

Read More

Categories: SUSE Linux Enterprise Live Patching, SUSE Linux Enterprise Live Patching, SUSE Linux Enterprise Live Patching, SUSE Linux Enterprise Live Patching


By: Nicolai Stange

May 2, 2018 2:37 pm

6,546 views

Live Patching Meltdown – SUSE Engineer’s research project (Part 1)

Meltdown is one of the biggest and complex security vulnerabilities that happened recently and impacted almost everyone. I am a SUSE live patching engineer and wanted to share with you how unique fixing this vulnerability was in terms of scope and complexity. My goal was to see if I could also create a live patch […]

Read More

Tags: , ,

Categories: Uncategorized


By: Vojtěch Pavlík

August 12, 2015 11:22 am

10,073 views

Reboot Reloaded: Patching the Linux Kernel Online

"This article is from The SUSE Insider, a technical quarterly publication for SUSE customers to help them get the most value from their SUSE solutions." Author: Vojtech Pavlik is director of SUSE Labs, a department within SUSE R&D focusing on core technologies and research. He is one of the creators of […]

Read More

Tags: , , , , , , , , , , , ,

Categories: Technical Solutions


By: George Shi

November 18, 2014 3:26 pm

5,361 views

SUSE Linux Enterprise Live Patching is launched!

It’s always be fun at SUSECon.  And this year at SUSECon, we’re happy to announce a long-anticipated new offering: SUSE Linux Enterprise Live Patching. This offering is based on the kGraft project -- and can perform critical kernel patches without rebooting your server, maximizing your up-time and service availability.  Now you […]

Read More

Tags: , , , , , ,

Categories: Announcements, Announcements


By: Bryan Lunduke

February 16, 2014 12:28 pm

4,344 views

Video demo: Live Linux Kernel Patching with kGraft

In the 2 weeks since we announced the existence of kGraft, there have been many questions about how this solution for live-patching the Linux kernel works. And because (moving) pictures often speak louder than words, here is a video of kGraft in action on the official SUSE YouTube channel.[…]

Read More

Tags: ,

Categories: Uncategorized


By: Matthias G. Eckermann

February 7, 2014 7:59 am

7,803 views

Do We Need "kGraft" at All?

Editor's Note:  kGraft is now available for download. Vojtěch's announcement about kGraft started a number of interesting discussions, e.g. at LWN, Reddit, and German Heise. All of those discussions have some common topics. One of these is the question whether a live kernel patching solution such as kGraft is necessary at all. Some typical […]

Read More

Tags: ,

Categories: Expert Views, News, Server, SUSE Linux Enterprise Server, Technical Solutions


By: Vojtěch Pavlík

January 31, 2014 7:49 am

65,618 views

kGraft: Live Kernel Patching

Editor's Note: kGraft is now known as Live Patching. It has many names - hot fixing, live patching, runtime patching, rebootless updates, concurrent updates.  It's a holy grail of uptime. It is longed for by scientists who really do not want to stop a simulation that has been running for the past few months […]

Read More

Tags: , , , , , , , , ,

Categories: Announcements, Expert Views, Expert Views, Expert Views

    Section Title

    Search

    Social Media

    Recent Posts Title

    Recent Blog Posts

    Recent Posts

    Popular Posts Title

    Popular Blog Posts

    Popular Posts

    Categories

    Archives

    About Links

    SUSE History
    SUSE Management Team
    SUSE Logos & Imagery