Re: Kernel Update on Stretch

[Christian Seiler]

Hi,

On 02/14/2017 12:58 AM, Daniel Bareiro wrote:
> Some time ago I read that Linux 4.x incorporates the feature to be
> updated without requiring a restart of the operating system.

They incorporated parts of that. There are still some unsolved issues.

See for example this article from last November about the topic:
https://lwn.net/Articles/706327/

So there's no complete upstream support for this yet, there are
several distributions that roll their own variants.

> Since stretch incorporates a kernel of the 4.x series, this would imply
> that we can update the kernel package and avoid reboots?

No. There are two components to this:

 1. The kernel must support loading live patches

This is partially true for the kernel that will come with
Stretch (CONFIG_LIVEPATCH=y), but (see the LWN article I linked)
it doesn't actually work safely yet.

 2. Someone needs to prepare the live patches. Currently nobody in
Debian is doing that.

You could do it yourself with the right tooling (look at kpatch
and kgraft), but preparing these kinds of patches is very
complicated. (And that still doesn't solve the problem that
the current patch loading support is unsafe, see 1.)

Further reading:

https://lists.debian.org/1460472961.25201.200.ca...@decadent.org.uk

Depending on whether there is movement in the upstream kernel there
is a chance this might be a thing in Buster, but it definitely
won't work out of the box in Stretch. You'll still need to reboot.

Regards,
Christian

Re: Kernel Update on Stretch

[Daniel Bareiro]

Hi, Sven.

On 14/02/17 10:19, Sven Hartge wrote:

> He thinks of mechanisms like ksplice or kpatch where you can 
> alter/patch the running kernel without rebooting the system.

Yes, I had read some about this and that, for example, Ubuntu has it
available but as a paid service that one can hire. What is not clear to
me is if these systems are complemented with the package system or it is
something independent.

I think it's some kind of hot patching, which would not require
installing a new version of the kernel package.


Thanks for your reply.

Kind regards,
Daniel



signature.asc
Description: OpenPGP digital signature

Re: Kernel Update on Stretch

[Daniel Bareiro]

Hi, Darac.

On 14/02/17 10:01, Darac Marjal wrote:

>>> Some time ago I read that Linux 4.x incorporates the feature to be
>>> updated without requiring a restart of the operating system.

>> Some Linux Distributions have such a feature. Debian is not one of them.

> Actually, yes it is, you just need to install the user space tools.[1]
> 
> The facility is called "kexec" (named after the system call to 'EXECute
> a new Kernel', I suspect). Install the "kexec-tools" package and, if I'm
> reading that page correctly, the "reboot" command will be replaced by a
> kexec call (see the linked page, though, for precautions about your
> first reboot).
> 
> [1] wiki.debian.org/BootProcessSpeedup#Using_kexec_for_warm_reboots

Reading about the documentation you mentioned and researching a little
more about kexec, I see that kexec skips the BIOS init part, but it
requires a boot anyway.

In fact, I see that kexec is present in Jessie and I've also seen some
examples of use with 2.6 series kernels. I understand that what I
mentioned was introduced with Linux 4.x.


Thanks for your reply.

Kind regards,
Daniel



signature.asc
Description: OpenPGP digital signature

Re: Kernel Update on Stretch

[Sven Hartge]

Darac Marjal  wrote:
> On Tue, Feb 14, 2017 at 01:46:08PM +0100, Sven Hartge wrote:
>> Daniel Bareiro  wrote:

>>> Some time ago I read that Linux 4.x incorporates the feature to be
>>> updated without requiring a restart of the operating system.

>> Some Linux Distributions have such a feature. Debian is not one of
>> them.

> Actually, yes it is, you just need to install the user space tools.[1]

You misunderstood Daniel. He thinks of mechanisms like ksplice or
kpatch where you can alter/patch the running kernel without rebooting
the system.

> The facility is called "kexec" (named after the system call to
> 'EXECute a new Kernel', I suspect). Install the "kexec-tools" package
> and, if I'm reading that page correctly, the "reboot" command will be
> replaced by a kexec call (see the linked page, though, for precautions
> about your first reboot).

kexec still "reboots" the system, meaning the complete userland has to
be stopped before the new kernel can be started. You only gain time
because you don't have to wait for the UEFI/BIOS, RAID cards, network
cards, etc. to initialize.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Re: Kernel Update on Stretch

[Darac Marjal]

On Tue, Feb 14, 2017 at 01:46:08PM +0100, Sven Hartge wrote:

Daniel Bareiro  wrote:


Some time ago I read that Linux 4.x incorporates the feature to be
updated without requiring a restart of the operating system.


Some Linux Distributions have such a feature. Debian is not one of them.


Actually, yes it is, you just need to install the user space tools.[1]

The facility is called "kexec" (named after the system call to 'EXECute 
a new Kernel', I suspect). Install the "kexec-tools" package and, if I'm 
reading that page correctly, the "reboot" command will be replaced by a 
kexec call (see the linked page, though, for precautions about your 
first reboot).


[1] wiki.debian.org/BootProcessSpeedup#Using_kexec_for_warm_reboots



Grüße,
Sven.

--
Sigmentation fault. Core dumped.



--
For more information, please reread.

Re: Kernel Update on Stretch

[Sven Hartge]

Daniel Bareiro  wrote:

> Some time ago I read that Linux 4.x incorporates the feature to be
> updated without requiring a restart of the operating system.

Some Linux Distributions have such a feature. Debian is not one of them.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.

Kernel Update on Stretch

[Daniel Bareiro]

Hi all!

Some time ago I read that Linux 4.x incorporates the feature to be
updated without requiring a restart of the operating system.

Since stretch incorporates a kernel of the 4.x series, this would imply
that we can update the kernel package and avoid reboots?


Thanks in advance.

Kind regards,
Daniel



signature.asc
Description: OpenPGP digital signature