Article

Live updating operating systems using virtualization

Authors:

Pen-Chung YewAuthors Info & Claims

VEE '06: Proceedings of the 2nd international conference on Virtual execution environments

Pages 35 - 44

https://doi.org/10.1145/1134760.1134767

Published: 14 June 2006 Publication History

Abstract

Many critical IT infrastructures require non-disruptive operations. However, the operating systems thereon are far from perfect that patches and upgrades are frequently applied, in order to close vulnerabilities, add new features and enhance performance. To mitigate the loss of availability, such operating systems need to provide features such as live update through which patches and upgrades can be applied without having to stop and reboot the operating system. Unfortunately, most current live updating approaches cannot be easily applied to existing operating systems: some are tightly bound to specific design approaches (e.g. object-oriented); others can only be used under particular circumstances (e.g. quiescence states).In this paper, we propose using virtualization to provide the live update capability. The proposed approach allows a broad range of patches and upgrades to be applied at any time without the requirement of a quiescence state. Moreover, such approach shares good portability for its OS-transparency and is suitable for inclusion in general virtualization systems. We present a working prototype, LUCOS, which supports live update capability on Linux running on Xen virtual machine monitor. To demonstrate the applicability of our approach, we use real-life kernel patches from Linux kernel 2.6.10 to Linux kernel 2.6.11, and apply some of those kernel patches on the fly. Performance measurements show that our implementation incurs negligible performance overhead: a less than 1% performance degradation compared to a Xen-Linux. The time to apply a patch is also very minimal.

References

[1]

David A. Patterson, Aaron Brown, Pete Broadwell, George Candea, Mike Chen, James Cutler, Patricia Enriquez, Armando Fox, Emre Kiciman, Matthew Merzbacher, David Oppenheimer, Naveen Sastry, William Tetzlaff, Jonathan Traupman, and Noah Treuhaft. Recovery-Oriented Computing (ROC): Motivation, Definition, Techniques, and Case Studies. Technical Report UCB//CSD-02-1175, University of California, Berkeley, March 2002.]]

Digital Library

[2]

Mark E. Segal and Ophir Frieder. On-the-fly program modification: Systems for dynamic updating. IEEE Software., 10(2):53--65, 1993.]]

Digital Library

[3]

Craig A. N. Soules, Jonathan Appavoo, Kevin Hui, Robert W. Wisniewski, Dilma Da Silva, Gregory R. Ganger, Orran Krieger, Michael Stumm, Marc Auslander, Michal Ostrowski, Bryan Rosenburg, and Jimi Xenidis. System support for online reconfiguration. In Proc. of the Usenix Technical Conference, pages 141--154. USENIX Association, June 2003.]]

[4]

Craig A. N. Soules Robert W. Wisniewski Dilma Da Silva Orran Krieger Marc Auslander David Edelsohn Ben Gamsa Gregory R. Ganger Paul McKenney Michal Ostrowski Bryan Rosenburg Michael Stumm Jimi Xenidis Jonathan Appavoo, Kevin Hui. Enabling autonomic system software with hot-swapping. IBM Systems Journal, 42(1):60--76, January 2003.]]

Digital Library

[5]

Andrew Baumann, Jonathan Appavoo, Dilma Da Silva, Jeremy Kerr, Orran Krieger, and Robert W. Wisniewski. Providing dynamic update in an operating system. In Proceedings of the USENIX Annual Technical Conference, pages 279--291, Anaheim, CA, USA, June 2005. USENIX Association.]]

Digital Library

[6]

Robert Wisniewski Marc Auslander David Edelsohn Ben Gamsa Orran Krieger Bryan Rosenburg Kevin Hui, Jonathan Appavoo and Michael Stumm. Supporting hot-swappable components for system software. In Proceedings of the 8th Workshop on Hot Topics in Operating Systems (HotOS-VIII 01), pages 170--170, Elmau/Oberbayern, Germany, May 2001.]]

Digital Library

[7]

R.P. Goldberg. Survey of virtual machine research. IEEE Computer Magazine, 7(6):34--45, 1974.]]

Digital Library

[8]

B. Dragovic, K. Fraser, S. Hand, T. Harris, A. Ho, I. Pratt, A. Warfield, P. Barham, and R. Neugebauer. Xen and the art of virtualization. In Proceedings of the ACM Symposium on Operating Systems Principles, pages 164--177, Bolton Landing, NY, October 2003.]]

Digital Library

[9]

Robert Rose. Survey of system virtualization techniques. http://citeseer.ist.psu.edu/720518.html, March 2004.]]

[10]

Carl A. Waldspurger. Memory resource management in VMware ESX server. In Proceedings of the 5th symposium on Operating systems design and implementation, OSDI'02, pages 181--194. USENIX Association, December 2002.]]

Digital Library

[11]

Microsoft Corporation. Microsoft virtual server 2005. http://www.microsoft.com/windowsserversystem/virtualserver/default.mspx.]]

[12]

Andrew Whitaker, Marianne Shaw, and Steven D. Gribble. Scale and performance in the denali isolation kernel. In Proceedings of the 5th symposium on Operating systems design and implementation (OSDI), pages 195--209, Boston, MA, USA, October 2002. USENIX Association.]]

Digital Library

[13]

Andrew Whitaker, Marianne Shaw, and Steven D. Gribble. Denali: Lightweight virtual machines for distributed and networked applications. Monterey, CA, USA, June 2002.]]

[14]

Jeff Dike. User-mode linux. In Proceedings of the 5th Annual Linux Showcase & Conference, Oakland, CA, November 2001. Usenix Association.]]

Digital Library

[15]

Paul Burstein Gautam Altekar, Ilya Bagrak and Andrew Schultz. OPUS: Online Patches and Updates for Security. In Proceedings of 14th USENIX Security Symposium, Baltimore, MD USA, 2005.]]

Digital Library

[16]

Emmett Witchel, Josh Cates, and Krste Asanovic. Mondrian memory protection. In 10th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS-X), volume 37, 10 of ACM SIGPLAN notices, pages 304--316. ACM Press, 2002.]]

Digital Library

[17]

Intel Cooperation. Intel vanderpool technology for IA-32 processors (VT-x) preliminary specification. http://www.intel.com/technology/computing/vptech/.]]

[18]

Brian N. Bershad Michael M. Swift and Henry M. Levy. Improving the reliability of commodity operating systems. In Proceedings of the nineteenth ACM symposium on Operating systems principles, pages 207--222, Bolton Landing, NY, USA, October 2003. ACM Press.]]

Digital Library

[19]

Brian N. Bershad Michael M. Swift, Muthukaruppan Annamalai and Henry M. Levy. Recovering Device Drivers. In Preceedings of 6th Symposium on Operating Systems Design and Implementation, pages 1--16, San Francisco, CA, USA, 2005.]]

Digital Library

[20]

John L. Henning. SPEC CPU2000: Measuring CPU performance in the new millennium. IEEE Computer, 33(7):28--35, July 2000.]]

Digital Library

[21]

Maciej Suchomski Peter Eisentraut Justin Clift Andy Riebs, Mark Kirkwood and Paul Wagner. Osdb x0.15-1. http://osdb.sourceforge.net.]]

[22]

Ronald G. Minnich. A dynamic kernel modifier for linux. In Proceedings of the LACSI Symposium, September 2002.]]

[23]

Michael W. Hicks, Jonathan T. Moore, and Scott Nettles. Dynamic software updating. In SIGPLAN Conference on Programming Language Design and Implementation, pages 13--23, 2001.]]

Digital Library

[24]

Robert Bialek and Eric Jul. A framework for evolutionary, dynamically updatable, component-based systems. In 24th International Conference on Distributed Computing Systems Workshops - W2: DARES(ICDCSW'04), pages 326--331, 2004.]]

Digital Library

[25]

Gareth Stoyle, Michael Hicks, Gavin Bierman, Peter Sewell, and Iulian Neamtiu. Mutatis Mutandis: Safe and predictable dynamic software updating. In Proceedings of POPL 2005: The 32nd ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (Long Beach), pages 183--194, January 2005.]]

Digital Library

[26]

Matt Welsh. Implementing loadable kernel modules for Linux. j-DDJ, 20(5):18--20, 22, 24, 96, April 1995.]]

[27]

Paul E. McKenney and John D. Slingwine. Read-copy update: Using execution history to solve concurrency problems. In Parallel and Distributed Computing and Systems, pages 509--518, Las Vegas, NV, October 1998.]]

[28]

David E. Lowell, Yasushi Saito, and Eileen J. Samberg. Devirtualizable virtual machines enabling general, single-node, online maintenance. ACM Special Interest Group on Operating Systems (SIGOPS) Operating Systems Review, 38(5):211--223, December 2004.]]

Cited By

Miller SKumar AVakharia TChen AZhuo DAnderson T(2024)Enoki: High Velocity Linux Kernel Scheduler DevelopmentProceedings of the Nineteenth European Conference on Computer Systems10.1145/3627703.3629569(962-980)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3627703.3629569
Su CXing XCheng XGuo RLuo C(2024)LPAH: Illustrating Efficient Live Patching With Alignment Holes in Kernel DataIEEE Transactions on Computers10.1109/TC.2024.342426373:10(2434-2448)Online publication date: Oct-2024
https://doi.org/10.1109/TC.2024.3424263
Ma TChen SWu YDeng ESong ZChen QGuo MAamodt TJerger NSwift M(2023)Efficient Scheduler Live Update for Linux Kernel with ModularizationProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3582016.3582054(194-207)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3582016.3582054
Show More Cited By

Index Terms

Live updating operating systems using virtualization

Recommendations

Operating system virtualization: practice and experience
SYSTOR '10: Proceedings of the 3rd Annual Haifa Experimental Systems Conference

Operating system (OS) virtualization can provide a number of important benefits, including transparent migration of applications, server consolidation, online OS maintenance, and enhanced system security. However, the construction of such a system ...
Virtual machines with sharable operating system
OOPSLA '11: Proceedings of the ACM international conference companion on Object oriented programming systems languages and applications companion

Virtualization technologies commonly known as Cloud model enable the execution of multiple virtual machine instances (VMs) with different operating systems (OSs) on the same physical host. Each VM instance functions independently as an isolated system ...
Container-based operating system virtualization: a scalable, high-performance alternative to hypervisors
EuroSys '07: Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems 2007

Hypervisors, popularized by Xen and VMware, are quickly becoming commodity. They are appropriate for many usage scenarios, but there are scenarios that require system virtualization with high degrees of both isolation and efficiency. Examples include ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

VEE '06: Proceedings of the 2nd international conference on Virtual execution environments

June 2006

194 pages

ISBN:1595933328

DOI:10.1145/1134760

General Chair:
Hans-J. Boehm
HP Labs, USA
,
Program Chair:
David Grove
IBM Research, USA

Copyright © 2006 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 June 2006

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Article

Conference

VEE06

Sponsor:

VEE06: Second International Conference on Virtual Execution Environments

June 14 - 16, 2006

Ontario, Ottawa, Canada

Acceptance Rates

Overall Acceptance Rate 80 of 235 submissions, 34%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

93
Total Citations
View Citations
1,836
Total Downloads

Downloads (Last 12 months)30
Downloads (Last 6 weeks)1

Reflects downloads up to 25 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Miller SKumar AVakharia TChen AZhuo DAnderson T(2024)Enoki: High Velocity Linux Kernel Scheduler DevelopmentProceedings of the Nineteenth European Conference on Computer Systems10.1145/3627703.3629569(962-980)Online publication date: 22-Apr-2024
https://dl.acm.org/doi/10.1145/3627703.3629569
Su CXing XCheng XGuo RLuo C(2024)LPAH: Illustrating Efficient Live Patching With Alignment Holes in Kernel DataIEEE Transactions on Computers10.1109/TC.2024.342426373:10(2434-2448)Online publication date: Oct-2024
https://doi.org/10.1109/TC.2024.3424263
Ma TChen SWu YDeng ESong ZChen QGuo MAamodt TJerger NSwift M(2023)Efficient Scheduler Live Update for Linux Kernel with ModularizationProceedings of the 28th ACM International Conference on Architectural Support for Programming Languages and Operating Systems, Volume 310.1145/3582016.3582054(194-207)Online publication date: 25-Mar-2023
https://dl.acm.org/doi/10.1145/3582016.3582054
Bresolin DLanese I(2021)Static and dynamic property-preserving updatesInformation and Computation10.1016/j.ic.2020.104611279(104611)Online publication date: Aug-2021
https://doi.org/10.1016/j.ic.2020.104611
Xue SZhao SChen QDeng GLiu ZZhang JSong ZMa TYang YZhou YNiu KSun SGuo MGavrilovska AZadok E(2020)SpoolProceedings of the 2020 USENIX Conference on Usenix Annual Technical Conference10.5555/3489146.3489153(97-110)Online publication date: 15-Jul-2020
https://dl.acm.org/doi/10.5555/3489146.3489153
Rommel FDietrich CFriesel DKöppen MBorchert CMüller MSpinczyk OLohmann DLu SHowell J(2020)From global to local quiescenceProceedings of the 14th USENIX Conference on Operating Systems Design and Implementation10.5555/3488766.3488803(651-666)Online publication date: 4-Nov-2020
https://dl.acm.org/doi/10.5555/3488766.3488803
Boos KLiyanage NIjaz RZhong LLu SHowell J(2020)TheseusProceedings of the 14th USENIX Conference on Operating Systems Design and Implementation10.5555/3488766.3488767(1-19)Online publication date: 4-Nov-2020
https://dl.acm.org/doi/10.5555/3488766.3488767
Jafarzadeh HJahanian A(2020)Real Vulnerabilities in Partial Reconfigurable Design Cycles; Case Study for Implementation of Hardware Security Modules2020 20th International Symposium on Computer Architecture and Digital Systems (CADS)10.1109/CADS50570.2020.9211860(1-4)Online publication date: Aug-2020
https://doi.org/10.1109/CADS50570.2020.9211860
Mugarza IParra JJacob E(2020)Cetratus: A framework for zero downtime secure software updates in safety‐critical systemsSoftware: Practice and Experience10.1002/spe.282050:8(1399-1424)Online publication date: 20-Mar-2020
https://doi.org/10.1002/spe.2820
Rommel FGlauer LDietrich CLohmann D(2019)Wait-Free Code Patching of Multi-Threaded ProcessesProceedings of the 10th Workshop on Programming Languages and Operating Systems10.1145/3365137.3365404(23-29)Online publication date: 27-Oct-2019
https://dl.acm.org/doi/10.1145/3365137.3365404
Show More Cited By

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten