Developer(s) | SUSE |
---|---|
Initial release | March 27, 2014[1] |
Stable release | 5.12[2]
/ 25 April 2021 |
Repository | |
Operating system | Linux |
Type | Kernel extension |
License | GNU GPL versions 2 and 3 |
Website | www |
kGraft is a feature of the Linux kernel that implements live patching of a running kernel, which allows kernel patches to be applied while the kernel is still running. By avoiding the need for rebooting the system with a new kernel that contains the desired patches, kGraft aims to maximize the system uptime and availability. At the same time, kGraft allows kernel-related security updates to be applied without deferring them to scheduled downtimes.[1][3] Internally, kGraft allows entire functions in a running kernel to be replaced with their patched versions, doing that safely by selectively using original versions of functions to ensure per-process consistency while the live patching is performed.[4]
kGraft is developed by SUSE, with its source code licensed under the terms of versions two and three of the GNU General Public License (GPL).[3][5] In April 2014, kGraft was submitted for inclusion into the Linux kernel mainline,[4] and the minimalistic foundations for live patching were merged into the Linux kernel mainline in kernel version 4.0, which was released on April 12, 2015.[6]