por João Moreira, SUSE Labs
This talk brings a background on the existing upstream Kernel Live Patching mechanisms, describing which were the first challenges in its implementation and how they were effectively addressed. From there, the talk goes through currently unsolved issues, focusing mainly on the difficulties behind the creation of actual live patches. Finally, the talk closes with a quick overview of user space live patching, explaining why the kernel model does not directly apply and which are the dreadful challenges that must be defeated in order to make it possible.
João Moreira currently works for SUSE as a toolchain engineer at the SUSE Labs. João holds a PhD degree from Unicamp, having worked with Control-Flow Integrity models for the Linux Kernel. Previously, he gave talks in conferences like Black Hat Asia, H2HC, EkoParty and FISL.