Live Kernel Patching with kGraft
--------------------------------

Written by Udo Seidel <udoseidel at gmx dot de>
Based on the Blog entry by Vojtech Pavlik
Updated by Jiri Slaby

June 2014

kGraft's developement was started by the SUSE Labs. kGraft builds on
technologies and ideas that are already present in the kernel: ftrace [1] and
its mcount-based reserved space in function headers [2], the INT3/IPI-NMI
patching also used in jump labels [3], and RCU-like update of code that does
not require stopping the kernel.

A kGraft patch is a kernel module and fully relies on the in-kernel module
loader to link the new code with the kernel. Thanks to all that, the design
can be nicely minimalistic.

While kGraft is, by choice, limited to replacing whole functions and constants
they reference, this does not limit the set of code patches that can be
applied significantly.

Use
---

1) Build a kernel with CONFIG_KGRAFT enabled
2) Create a module with a patch
   * Look at samples/kgraft/kgraft_patcher.c for an example
3) Insert the module from 2) into the booted kernel from 1)
4) All processes need to enter the kernel to acknowledge the new state
   * This can be done e.g. by sending a non-fatal signal to all processes
   * Check /proc/*/kgr_in_progress to check who still needs to be poked
5) You should see "kgr succeeded" in dmesg now

Enjoy your patched system!


References
----------

[1] Documentation/trace/ftrace.txt
[2] Documentation/trace/ftrace-design.txt
[3] Documentation/static-keys.txt
