Instant Kernel-ification

 

Server downtime is the scourge of all administrators, sometimes to the extent of bypassing necessary security upgrades, all in the name of keeping machines online.  Thanks to an MIT graduate student, Jeffery Brian Arnold, keeping a machine online, and up to date with security patches, may be easier than ever.

Ksplice, as the project is called, is a small executable that allows an administrator the ability to patch security holes in the Linux kernel, without rebooting the system.  According to the Ksplice website :

“Ksplice allows system administrators to apply security patches to the Linux kernel without having to reboot. Ksplice takes as input a source code change in unified diff format and the kernel source code to be patched, and it applies the patch to the corresponding running kernel. The running kernel does not need to have been prepared in advance in any way.”

Of course, Ksplice is not a perfect silver bullet, some patches cannot be applied using Ksplice.  Specifically, any patch that require “semantic changes to data structures” cannot be applied to the running kernel.  A semantic change is a change “that would require existing instances of kernel data structures to be transformed.”

But that doesn’t mean that Ksplice isn’t useful.  Jeffery looked at 32 months of kernel security patches and found that 84% of them could be applied using Ksplice.  That’s sure to increase the uptime.

I have to wonder, though, what is so important that you need that much uptime.  Sure, it’s nice to have the system run all the time, but if you have something that is absolutely mission critical, that must run 24×7, regardless, won’t you have a backup or two?  Besides which, you generally want to test patches before applying them to such sensitive systems.

There are, of course, other uses for this technology.  As noted on the Ksplice website, you can also use Ksplice to “add debugging code to the kernel or to make any other code changes that do not modify data structure semantics.”  Jeffery has posted a paper detailing how the technology works.

Pretty neat technology.  I wonder if this will lead to zero downtime kernel updates direct from Linux vendors.  As it is now, you’ll need to locate and manually apply kernel patches using this tool.

 

Vista… Take Two.

With Windows Vista shipping, Microsoft has turned it’s attention to the next version of Windows.  Currently known as Windows 7, there isn’t a lot of information about this latest iteration.  From the available information, however, it seems that Microsoft *might* be taking a slightly different direction with this version.

Most of the current talk about the next version of Windows has centered around a smaller, more compact kernel known as MinWin.  The kernel of any operating system is the lifeblood of the entire system.  The kernel is responsible for all of the communication between the software and the hardware.

The kernel is arguably the most important part of any operating system and, as such, has resulted in much research, as well as many arguments.  Today, there are two primary kernel types, the monolithic kernel, and the micro kernel.

With a monolithic kernel, all of the code to interface with the various hardware in the computer is built into the kernel.  It all runs in “kernel space,” a protected memory area designated solely to the kernel.  Properly built monolithic kernels can be extremely efficient.  However, bugs in any of the device drivers can cause the entire kernel to crash.  Linux is a good example of a very well built monolithic kernel.

A micro kernel, on the other hand, is a minimalist construct.  It includes only the necessary hooks to implement communication between the software and the hardware in kernel mode.  All other software is run in “user space,”  a separate memory area that can be swapped out to disk when necessary.  Drivers and other essential system software must “ask permission” to interact with the kernel.  In theory, buggy device drivers cannot cause the entire system to fail.  There is a price, however, that of the system call required to access the kernel.  As a result, micro kernels are considered slower than monolithic kernels.  MINIX is a good example of an OS with a micro kernel architecture.

The Windows NT line of operating systems, which includes XP and Vista, uses what Microsoft likes to call a “hybrid kernel.”  In theory, a hybrid kernel combines the best of both monolithic and micro kernels.  It’s supposed to have the speed of a monolithic kernel with the stability of a micro kernel.  I think the jury is still out on this, but it does seem that XP, at least, is much more stable than the Window 9x series of releases which used a monolithic kernel.

So what does all of this mean?  Well, Microsoft is attempting to optimize the core of the operating system, making it smaller, faster, and more efficient.  Current reports from Microsoft indicate that MinWin is functional and has a very small footprint.  The current iteration of MinWin occupies approximately 25 MB of disk space and memory usage of about 40 MB.  This is a considerable reduction in both drive and memory usage.  Keep in mind, however, that MinWin is still being developed and is missing many of the features necessary for it to be comparable with the current shipping kernel.

It seems that Microsoft is hyping this new kernel quite a bit at the moment, but watch for other features to be added as well.  It’s a pretty sure bet that the general theme will change, new flashy gadgets and graphical capabilities, and other such “fluff” will be added.  I’m not sure the market would respond very nicely to a new version of Windows without more flash and shiny…  Windows 7 is supposedly going to ship in 2010, but other reports have it shipping sometime in 2009.  If Vista is any indication, however, I wouldn’t expect Windows 7 until 2011 or 2012.

Meanwhile, it seems that Windows XP is still more popular than Vista.  In fact, it has been reported that InfoWorld has collected over 75,000 signatures on it’s “Save Windows XP” petition.  This is probably nothing more than a marketing stunt, but it does highlight the fact that Vista isn’t being adopted as quickly as Microsoft would like.  So, perhaps Microsoft will fast track Windows 7.  Only time will tell.