Live kernel patching for ARM64 Ubuntu is now available!

Canonical has announced that Livepatch, which facilitates patching the kernel in real time without requiring system reboot to improve your computer’s security, is now available for the ARM64 version of Ubuntu. This means that ARM64 machines that are running Ubuntu will now be able to update their kernel automatically without any downtime. This makes those machines more secure while the system is still running.

Starting from Ubuntu 26.04 LTS Resolute Raccoon and Ubuntu Core 26, live patching is now available for ARM64 machines! This means that they can now automatically update themselves when there is an important security patch that needs to be applied, making them more secure without requiring a reboot!

Previously available on AMD64 machines with Ubuntu Core 20 and Ubuntu 20.04 LTS Focal Fossa, live patching has now been extended to ARM64 machines.

Here are some of the details about how the Ubuntu team implemented this support:

According to the official announcement, they had been working on the Livepatch support for ARM64 machines for three years, but it was implemented after lots of effort were put to it. The challenge that faced this implementation was the lack of reliable kernel stack traces that live patching needed and the lck of mature toolchain required, such as GCC, objdump, and kpatch.

Starting 2024, the efforts were being made upstream, with the Linux kernel in ARM64 systems finally earning a net safety required to swap code in a running kernel. Toolchains were updated to accommodate to the requirements of live patching, and reliable stack trace checks were finally implemented in the upstream kernel code.

The toolchains have also been improved to build loadable kernel modules for ARM64 processors, and the build network has been equipped with an infrastructure that is suitable to compile live kernel patches for such processors, with its regression test suites to ensure that everything was going smoothly.

#arm64 #Canonical #CanonicalLivepatch #Livepatch #news #Tech #Technology #Ubuntu #update

Canonical Livepatch Service für Ubuntu LTS Systeme (Ubuntu 16.04 & Ubuntu 20.04)
#ubuntu #canonicallivepatch #linux #ubuntulivepatch #würzburg #Linux
YouTube: https://youtu.be/Mp8BNUqRXwg
Blog: https://www.michlfranken.de/canonical-livepatch-service