首页 > 系统相关 >关于Linux-Kernel-Live-patching-的效果演示-kpatch auto-配置

关于Linux-Kernel-Live-patching-的效果演示-kpatch auto-配置

时间:2023-07-01 12:11:40浏览次数:40  
标签:Kernel x86 kpatch auto 18 el8 64 4.18

本文为了演示出效果,准备了如下的环境

操作系统:Red Hat Enterprise Linux release 8.7 (Ootpa)

内核版本:4.18.0-372.9.1.el8.x86_64

 

1、关于操作系统版本、内核、内核相关的软件包版本,情况如下:

[root@qq-5201351 ~]# cat /etc/redhat-release
Red Hat Enterprise Linux release 8.7 (Ootpa)
[root@qq-5201351 ~]# uname -r
4.18.0-372.9.1.el8.x86_64
[root@qq-5201351 ~]# rpm -qa |grep kernel
kernel-modules-4.18.0-372.9.1.el8.x86_64
kernel-core-4.18.0-372.9.1.el8.x86_64
kernel-4.18.0-372.9.1.el8.x86_64
kernel-tools-4.18.0-372.9.1.el8.x86_64
kernel-tools-libs-4.18.0-372.9.1.el8.x86_64
[root@qq-5201351 ~]#

2、安装kpatch软件包,用于实现Kernel-Live-patching

[root@qq-5201351 ~]# dnf install kpatch
Updating Subscription Management repositories.
Last metadata expiration check: 0:10:11 ago on Fri 30 Jun 2023 03:18:03 PM CST.
Dependencies resolved.
========================================================================================================================================
 Package                    Architecture           Version                          Repository                                     Size
========================================================================================================================================
Installing:
 kpatch                     noarch                 0.9.7-2.el8                      rhel-8-for-x86_64-baseos-rpms                  18 k
Installing dependencies:
 binutils                   x86_64                 2.30-119.el8                     rhel-8-for-x86_64-baseos-rpms                 5.8 M
Installing weak dependencies:
 kpatch-dnf                 noarch                 0.9.7_0.4-2.el8                  rhel-8-for-x86_64-baseos-rpms                  19 k

Transaction Summary
========================================================================================================================================
Install  3 Packages

Total download size: 5.8 M
Installed size: 24 M
Is this ok [y/N]: y
Downloading Packages:
(1/3): kpatch-0.9.7-2.el8.noarch.rpm                                                                    4.5 kB/s |  18 kB     00:03
(2/3): kpatch-dnf-0.9.7_0.4-2.el8.noarch.rpm                                                            1.7 kB/s |  19 kB     00:11
(3/3): binutils-2.30-119.el8.x86_64.rpm                                                                 410 kB/s | 5.8 MB     00:14
----------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                   412 kB/s | 5.8 MB     00:14
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                1/1
  Installing       : kpatch-dnf-0.9.7_0.4-2.el8.noarch                                                                              1/3
  Running scriptlet: kpatch-dnf-0.9.7_0.4-2.el8.noarch                                                                              1/3
To enable automatic kpatch-patch subscription, run:
        $ dnf kpatch auto

  Installing       : binutils-2.30-119.el8.x86_64                                                                                   2/3
  Running scriptlet: binutils-2.30-119.el8.x86_64                                                                                   2/3
  Installing       : kpatch-0.9.7-2.el8.noarch                                                                                      3/3
  Running scriptlet: kpatch-0.9.7-2.el8.noarch                                                                                      3/3
  Verifying        : binutils-2.30-119.el8.x86_64                                                                                   1/3
  Verifying        : kpatch-dnf-0.9.7_0.4-2.el8.noarch                                                                              2/3
  Verifying        : kpatch-0.9.7-2.el8.noarch                                                                                      3/3
Installed products updated.

Installed:
  binutils-2.30-119.el8.x86_64                kpatch-0.9.7-2.el8.noarch                kpatch-dnf-0.9.7_0.4-2.el8.noarch

Complete!

3、此时我们通过 kpatch list 进行查看, 内容为空,如下:

[root@qq-5201351 ~]# kpatch list
Loaded patch modules:

Installed patch modules:
[root@qq-5201351 ~]#

4、内容为空,是因为没有设置yum kpatch 为auto, 接下来进行设置,执行yum kpatch auto 命令即可

[root@qq-5201351 ~]# yum kpatch auto
Updating Subscription Management repositories.
Last metadata expiration check: 0:12:14 ago on Fri 30 Jun 2023 03:18:03 PM CST.
Dependencies resolved.
========================================================================================================================================
 Package                                   Architecture         Version               Repository                                   Size
========================================================================================================================================
Installing:
 kpatch-patch-4_18_0-372_9_1               x86_64               1-3.el8               rhel-8-for-x86_64-baseos-rpms                19 k

Transaction Summary
========================================================================================================================================
Install  1 Package

Total download size: 19 k
Installed size: 32 k
Is this ok [y/N]: y
Downloading Packages:
kpatch-patch-4_18_0-372_9_1-1-3.el8.x86_64.rpm                                                          8.9 kB/s |  19 kB     00:02
----------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                   8.9 kB/s |  19 kB     00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                1/1
  Installing       : kpatch-patch-4_18_0-372_9_1-1-3.el8.x86_64                                                                     1/1
  Running scriptlet: kpatch-patch-4_18_0-372_9_1-1-3.el8.x86_64                                                                     1/1
installing /usr/lib/kpatch/4.18.0-372.9.1.el8.x86_64/kpatch-4_18_0-372_9_1-1-3.ko (4.18.0-372.9.1.el8.x86_64)
Created symlink /etc/systemd/system/multi-user.target.wants/kpatch.service → /usr/lib/systemd/system/kpatch.service.
chcon: can't apply partial context to unlabeled file '/var/lib/kpatch/4.18.0-372.9.1.el8.x86_64/kpatch-4_18_0-372_9_1-1-3.ko'
loading patch module: /var/lib/kpatch/4.18.0-372.9.1.el8.x86_64/kpatch-4_18_0-372_9_1-1-3.ko
waiting (up to 15 seconds) for patch transition to complete...
transition complete (1 seconds)

  Verifying        : kpatch-patch-4_18_0-372_9_1-1-3.el8.x86_64                                                                     1/1
Installed products updated.

Installed:
  kpatch-patch-4_18_0-372_9_1-1-3.el8.x86_64

Complete!
[root@qq-5201351 ~]#

5、这时,我们再通过 kpatch list 查看时就能看到关于当前运行内核的实时补丁了,因为上面在设置yum kpatch 为auto时,已经安装上了 kpatch-patch-4_18_0-372_9_1-1-3.el8.x86_64

[root@qq-5201351 ~]# kpatch list
Loaded patch modules:
kpatch_4_18_0_372_9_1_1_3 [enabled]

Installed patch modules:
kpatch_4_18_0_372_9_1_1_3 (4.18.0-372.9.1.el8.x86_64)
[root@qq-5201351 ~]#

 

其他测试、看一下效果,此时我们升级一下当前内核到当前内核版本的后面一个新版本:

[root@qq-5201351 ~]# yum update kernel-4.18.0-372.13.1.el8_6
Updating Subscription Management repositories.
Last metadata expiration check: 0:14:48 ago on Fri 30 Jun 2023 03:18:03 PM CST.
Dependencies resolved.
========================================================================================================================================
 Package                                Architecture     Version                          Repository                               Size
========================================================================================================================================
Installing:
 kernel                                 x86_64           4.18.0-372.13.1.el8_6            rhel-8-for-x86_64-baseos-rpms           8.0 M
 kernel-core                            x86_64           4.18.0-372.13.1.el8_6            rhel-8-for-x86_64-baseos-rpms            39 M
 kernel-modules                         x86_64           4.18.0-372.13.1.el8_6            rhel-8-for-x86_64-baseos-rpms            32 M
 kpatch-patch-4_18_0-372_13_1           x86_64           1-2.el8_6                        rhel-8-for-x86_64-baseos-rpms            17 k

Transaction Summary
========================================================================================================================================
Install  4 Packages

Total download size: 79 M
Installed size: 92 M
Is this ok [y/N]: y
Downloading Packages:
(1/4): kernel-4.18.0-372.13.1.el8_6.x86_64.rpm                                                          176 kB/s | 8.0 MB     00:46
(2/4): kpatch-patch-4_18_0-372_13_1-1-2.el8_6.x86_64.rpm                                                 35 kB/s |  17 kB     00:00
(3/4): kernel-core-4.18.0-372.13.1.el8_6.x86_64.rpm                                                     658 kB/s |  39 MB     01:01
(4/4): kernel-modules-4.18.0-372.13.1.el8_6.x86_64.rpm                                                  417 kB/s |  32 MB     01:17
----------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                   1.0 MB/s |  79 MB     01:17
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                1/1
  Installing       : kernel-core-4.18.0-372.13.1.el8_6.x86_64                                                                       1/4
  Running scriptlet: kernel-core-4.18.0-372.13.1.el8_6.x86_64                                                                       1/4
  Installing       : kernel-modules-4.18.0-372.13.1.el8_6.x86_64                                                                    2/4
  Running scriptlet: kernel-modules-4.18.0-372.13.1.el8_6.x86_64                                                                    2/4
  Installing       : kernel-4.18.0-372.13.1.el8_6.x86_64                                                                            3/4
  Installing       : kpatch-patch-4_18_0-372_13_1-1-2.el8_6.x86_64                                                                  4/4
  Running scriptlet: kpatch-patch-4_18_0-372_13_1-1-2.el8_6.x86_64                                                                  4/4
installing /usr/lib/kpatch/4.18.0-372.13.1.el8_6.x86_64/kpatch-4_18_0-372_13_1-1-2.ko (4.18.0-372.13.1.el8_6.x86_64)
chcon: can't apply partial context to unlabeled file '/var/lib/kpatch/4.18.0-372.13.1.el8_6.x86_64/kpatch-4_18_0-372_13_1-1-2.ko'

  Running scriptlet: kernel-core-4.18.0-372.13.1.el8_6.x86_64                                                                       4/4
/etc/dracut.conf.d/xen.conf:add_drivers+="xen_netfront xen_blkfront "

dracut: WARNING: <key>+=" <values> ": <values> should have surrounding white spaces!
dracut: WARNING: This will lead to unwanted side effects! Please fix the configuration file.


  Running scriptlet: kpatch-patch-4_18_0-372_13_1-1-2.el8_6.x86_64                                                                  4/4
  Verifying        : kernel-modules-4.18.0-372.13.1.el8_6.x86_64                                                                    1/4
  Verifying        : kernel-4.18.0-372.13.1.el8_6.x86_64                                                                            2/4
  Verifying        : kernel-core-4.18.0-372.13.1.el8_6.x86_64                                                                       3/4
  Verifying        : kpatch-patch-4_18_0-372_13_1-1-2.el8_6.x86_64                                                                  4/4
Installed products updated.

Installed:
  kernel-4.18.0-372.13.1.el8_6.x86_64            kernel-core-4.18.0-372.13.1.el8_6.x86_64  kernel-modules-4.18.0-372.13.1.el8_6.x86_64
  kpatch-patch-4_18_0-372_13_1-1-2.el8_6.x86_64

Complete!
[root@qq-5201351 ~]#

这时我们再查看kpatch list 还是只开启了当前内核的热补丁

[root@qq-5201351 ~]# kpatch list
Loaded patch modules:
kpatch_4_18_0_372_9_1_1_3 [enabled]

Installed patch modules:
kpatch_4_18_0_372_13_1_1_2 (4.18.0-372.13.1.el8_6.x86_64)
kpatch_4_18_0_372_9_1_1_3 (4.18.0-372.9.1.el8.x86_64)
[root@qq-5201351 ~]# yum kpatch auto
Updating Subscription Management repositories.
Last metadata expiration check: 0:18:11 ago on Fri 30 Jun 2023 03:18:03 PM CST.
Dependencies resolved.
Nothing to do.
Complete!
[root@qq-5201351 ~]#

当然只要不重启OS,当前的内核版本、始终都还是之前运行的内核版本

[root@qq-5201351 ~]# uname -r
4.18.0-372.9.1.el8.x86_64
[root@qq-5201351 ~]#

 

 

 

尊重别人的劳动成果 转载请务必注明出处:https://www.cnblogs.com/5201351/p/17519097.html

 

标签:Kernel,x86,kpatch,auto,18,el8,64,4.18
From: https://www.cnblogs.com/5201351/p/17519097.html

相关文章

  • 关于内核实时补丁如何工作-How kernel live patching works
    kpatch内核补丁解决方案使用livepatch内核子系统将旧功能重定向到新功能,详细的过程及说明如下:The kpatch kernelpatchingsolutionusesthe livepatch kernelsubsystemtoredirectoldfunctionstonewones.Whenalivekernelpatchisappliedtoasystem,the......
  • CubeMX TIM 配置AutoReloadPreload
    CubeMX 配置定时器的时候,出现如下选项: 成员变量AutoReloadPreload的取值范围TIM_AUTORELOAD_PRELOAD_DISABLE预装载功能关闭TIM_AUTORELOAD_PRELOAD_ENABLE预装载功能开启用于设置自动重载寄存器TIMx_ARR的预装载功能,即自动重装寄存器的内容是更新事件产生时写入有......
  • KEDA — Kubernetes Based Event Driven Auto scaling(转载)
    原文:https://itnext.io/keda-kubernetes-based-event-driven-autoscaling-48491c79ec74  Event-drivencomputingishardlyanewidea;peopleinthedatabaseworldhaveuseddatabasetriggersforyears.Theconceptissimple:wheneveryouadd,change,orde......
  • IDEA报错:Could not autowire, No beans of XXX type Found
    1、问题描述:   在Idea的spring工程里,经常会遇到Couldnotautowire.Nobeansof'xxxx'typefound的错误提示。(但程序的编译和运行都是没有问题的,有时候也有可能会报错,无法运行程序),这个错误提示并不会产生影响。对于程序员红色的错误提示看起来很不舒服。如下图:2.......
  • 如何在AutoCAD中加载在线百度地图/高德地图?
        AutoCAD是一款广泛使用的计算机辅助设计软件,许多用户都希望在软件中能够方便地加载在线地图,以便更好地进行设计和规划工作。可以通过以下方法在AutoCAD中加载百度、高德等在线地图。方法/步骤下载并安装GIS4CAD插件http://www.geosaas.com/download/gis4cad.ex......
  • 在GPT-4时代使用Semantic Kernel构建AI Copilot问答 以及 Semantic Kernel文档更新
    SemanticKernel是一个开源SDK,可让您轻松地将OpenAI,AzureOpenAI和HuggingFace等AI服务与C#和Python等传统编程语言相结合。通过这样做,您可以创建结合两全其美的AI应用程序。SemanticKernel团队在博客上发布了2篇文章:SemanticKernelatMicrosoftBUILD2023:Highlightsf......
  • Python的手机测试工具uiautomator2库的实现原理
    使用python通过调试模式测试安卓手机APP,使用uiautomator2库是比较方便的,这个库的源码网址是:https://github.com/openatx/uiautomator2通过阅读源码,大概搞明白了其实现原理,它是通过调用adbutils库,获取UI的hierarchydump数据,然后检索对应的UI节点,计算此节点的UI区......
  • 【C#/.NET】使用Automapper映射record类型
    ​        当使用Automapper进行对象映射时,通常我们会使用POCO(PlainOldCLRObject)类作为源对象和目标对象。然而,自从C#9引入了record类型,它们提供了更简洁、不可变的对象模型。我已经将项目的所有Dto都是用record类型,但是record类型还是有些需要注意的点,本文将介绍如......
  • 什么是 Kernel Smoother ?它与 Self Attention 有什么关系?
    [1]带权滑动平均(WeightedMovingAverage,WMA)是标量场上的滑动窗口内的加权平均,数学上等价于卷积。[1][2]KernelSmoother是一种特殊的WMA方法,特殊在于权重是由核函数决定的,相互之间越接近的点具有越高的权重。[2][3]Transformer中的自注意力机制可以看作一种KernelS......
  • 在linq select中使用AutoMapper映射的写法
    1.linq查询语法写法vardata1=(fromlinlistselect_mapper.Map<T>(l)).ToList();2.linq方法语法写法vardata=(list.Skip((currentPage-1)*pageSize).Take(pageSize).Select((p)=>_mapper.Map<T>(p))).ToList();优秀的程序员一......

赞助商

阅读排行

网站主页关于我们联系我们网站地图

本网站内容转载自其他媒体,侵权联系[admin##ips99.com]。

Copyright © 2020-2023 IPS99 版权所有 IPS99