From: Bill Davidsen <davidsen@tmr.com>
To: Tomasz Chmielewski <mangoo@wpkg.org>
Cc: LKML <linux-kernel@vger.kernel.org>,
jbarnold@MIT.EDU, francois.cami@free.fr,
Andi Kleen <andi@firstfloor.org>,
mail@earthworm.de
Subject: Re: A system for rebootless kernel security updates
Date: Mon, 28 Apr 2008 15:07:09 -0400 [thread overview]
Message-ID: <4816205D.7000109@tmr.com> (raw)
In-Reply-To: <481098A4.50107@wpkg.org>
Tomasz Chmielewski wrote:
> Jeff Arnold wrote:
>
>> I've put together an automatic system for applying kernel security
>> patches to the Linux kernel without rebooting it, and I wanted to
>> share this system with the community in case others find it useful or
>> interesting.
>
> Hmm, the idea seem to be patented by Microsoft, i.e. this patent from
> December 2002:
>
> http://www.google.com/patents?id=cVyWAAAAEBAJ&dq=hotpatching
>
> (and other patents by Microsoft if you search for "hotpatching").
>
>
> And those patent descriptions, by the way, remind the way kexec works
> ("A software module is hotpatched by loading a patch into memory and
> modifying an instruction in the original module to jump to the patch"),
> which was released much earlier... In essence, they patented kexec ;)
>
I think you will find prior art all the way back to the PDP-8 (or 11)
and if memory serves DTSS, which was in the 1960's. I think MULTICS
allowed that as well, by patching the library dispatch table (sort of
like TLB) to map a virtual address of the entry point to a new location.
All of which doesn't matter, of course, because no one has the money to
challenge MSFT, and it would be in court until the heat death of the
universe anyway.
--
Bill Davidsen <davidsen@tmr.com>
"We have more to fear from the bungling of the incompetent than from
the machinations of the wicked." - from Slashdot
next prev parent reply other threads:[~2008-04-28 19:00 UTC|newest]
Thread overview: 23+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-04-24 14:26 A system for rebootless kernel security updates Tomasz Chmielewski
2008-04-24 14:42 ` Andi Kleen
2008-04-27 10:17 ` Pavel Machek
2008-04-27 17:00 ` Gilles Espinasse
2008-04-27 17:49 ` Willy Tarreau
2008-04-27 19:51 ` Oliver Pinter
2008-04-27 19:58 ` Jesper Juhl
2008-04-28 19:07 ` Bill Davidsen [this message]
2008-04-29 23:39 ` Jeff Arnold
-- strict thread matches above, loose matches on Subject: below --
2008-04-23 18:59 Jeff Arnold
2008-04-23 21:37 ` FD Cami
2008-04-24 13:42 ` Andi Kleen
2008-04-28 6:18 ` Jeff Arnold
2008-04-28 10:29 ` Andi Kleen
2008-04-29 6:55 ` Jeff Arnold
2008-04-29 12:57 ` Dan Noe
2008-04-29 22:43 ` Jeff Arnold
2008-05-01 11:38 ` Enrico Weigelt
2008-05-01 13:35 ` David Collier-Brown
2008-04-24 13:43 ` Christian Hesse
2008-04-24 18:13 ` Jeff Arnold
2008-04-24 19:16 ` Christian Hesse
2008-04-28 6:11 ` Jeff Arnold
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4816205D.7000109@tmr.com \
--to=davidsen@tmr.com \
--cc=andi@firstfloor.org \
--cc=francois.cami@free.fr \
--cc=jbarnold@MIT.EDU \
--cc=linux-kernel@vger.kernel.org \
--cc=mail@earthworm.de \
--cc=mangoo@wpkg.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).