Reply to post:

NetBSD, OpenBSD improve kernel security, randomly

patrickstar

Generally speaking live patching is done by putting the new code somewhere else entirely and inserting a jump to it at the start of the code to be replaced. So basically you insert a trampoline where one didn't exist before.

If you have some degree of cooperation from the code to be patched (eg hotpatching in Windows), this can be done even though others may be executing the code at the moment. However, if you're going to remove the old code, you need to prevent execution of it regardless (like stopping all CPUs and resuming their execution at a known location).

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

SUBSCRIBE TO OUR WEEKLY TECH NEWSLETTER

Biting the hand that feeds IT © 1998–2020