Advertisement

StrongUpdate: An Immediate Dynamic Software Update System for Multi-threaded Applications

  • Deqing Zou
  • Hao Wang
  • Hai JinEmail author
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8944)

Abstract

A new immediate Dynamic Software Update (DSU) system upon multi-threaded applications, called StrongUpdate is proposed in this paper. StrongUpdate uses stack reconstruction to update functions and variables in the stack at the same time, which can guarantee that functions and variables execute the same kind of version before and after software update. Deadlocks between threads can be prevented by adopting heterogeneous checkpointing algorithm during dynamic update which ensures all threads have been blocked before update operations start. In this way, all threads executing the same version of codes avoid overhead of synchronizing between old and new versions. Unlike the existing system such as UpStare which relies on specific compiler to implement source-to-source transformation, StrongUpdate uses binary rewriting and instrumentation instead. Our approach decides that information about checkpoints, functions and variables to be updated is written into the upgrade patch. We have prototyped StrongUpdate on the Linux system, which is able to update all parts of the applications at runtime including main function and loop functions without specific compiler support. To demonstrate the applicability of StrongUpdate, we experience StrongUpdate on three popular applications: vsftpd, httpd, sshd. The experimental results show that StrongUpdate incurs negligible runtime overhead: less than 1% performance degradation. The time to apply an update is less than 6%.

Keywords

Connection Latency Infinite Delay Execution Flow Programme Language Design Function Indirection 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    vsftpd, a secure and fast ftp server for unix-like systems. https://security.appspot.com/vsftpd.html
  2. 2.
    Apache mod rewrite off-by-one buffer overflow vulnerability. http://www.securityfocus.com/bid/19204
  3. 3.
    sshd, a secure shell daemon in openssh suite. http://www.openssh.org/
  4. 4.
    Chen, H., Yu, J., Chen, R., Zang, B., Yew, P.C.: Polus: a powerful live updating system. In: Proceedings of the 29th International Conference on Software Engineering (ICSE ’07), pp. 271–281. IEEE Computer Society (2007)Google Scholar
  5. 5.
    Makris, K., Bazzi, R.: Immediate multi-threaded dynamic software updates using stack reconstruction. In: Proceedings of USENIX Annual Technical Conference, pp. 31–31. USENIX Association (2009)Google Scholar
  6. 6.
    Neamtiu, I., Hicks, M.: Safe and timely updates to multi-threaded programs. In: Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’09), pp.13–24. ACM (2009)Google Scholar
  7. 7.
    Hayden, C.M., Smith, E.K., Denchev, M., Hicks, M., Foster, J.S.: Kitsune: efficient, general-purpose dynamic software updating for C. In: Proceedings of the ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages and Applications (OOPSLA’12), pp. 249–264. Tuscon, Arizona, October 2012Google Scholar
  8. 8.
    Makris, K., Ryu, K.D.: Dynamic and adaptive updates of non-quiescent subsystems in commodity operating system kernels. In: Proceedings of the 2nd ACM SIGOPS/EuroSys European Conference on Computer Systems (EuroSys’07), pp. 327–340. ACM (2007)Google Scholar
  9. 9.
    Chen, H., Chen, R., Zhang, F., Zang, B., Yew, P.-C.: Live updating operating systems using virtualization. In: Proceedings of the 2nd International Conference on Virtual Execution Environments (VEE’06), pp. 35–44. ACM (2006)Google Scholar
  10. 10.
    Arnold, J., Kaashoek, M.F.: Ksplice: automatic rebootless kernel updates. In: Proceedings of the 4th ACM European Conference on Computer Systems (EuroSys’09), pp. 187–198. ACM (2009)Google Scholar
  11. 11.
    Liang, Z., Sekar, R.: Fast and automated generation of attack signatures: a basis for building self-protecting servers. In: Proceedings of the 12th ACM Conference on Computer and Communications Security (CCS’05), pp. 213–222. ACM, (2005)Google Scholar
  12. 12.
    Costa, M., Crowcroft, J., Castro, M., Rowstron, A., Zhou, L., Zhang, L., Barham, P.: Vigilante: end-to-end containment of internet worms. In: Proceedings of the 20th ACM Symposium on Operating Systems Principles (SOSP’05), pp. 133–147. ACM (2005)Google Scholar
  13. 13.
    Gao, Q., Zhang, W., Tang, Y., Qin, F.: First-aid: surviving and preventing memory management bugs during production runs. In: Proceedings of the 4th ACM European Conference on Computer Systems (EuroSys’09), pp. 159–172. ACM (2009)Google Scholar
  14. 14.
    Chen, G., Jin, H., Zou, D., Zhou, B., Liang, Z., Zheng, W., Shi, X.: Safestack: automatically patching stack-based buffer overflow vulnerabilities. IEEE Transaction on Dependable and Secure Computing 10(6), 368–379 (2013)CrossRefGoogle Scholar
  15. 15.
    Chen, G., Jin, H., Zou, D., Dai, W.: On-demand proactive defense against memory vulnerabilities. In: Hsu, C.-H., Li, X., Shi, X., Zheng, R. (eds.) NPC 2013. LNCS, vol. 8147, pp. 368–379. Springer, Heidelberg (2013)CrossRefGoogle Scholar
  16. 16.
    Sidiroglou, S., Locasto, M.E., Boyd, S.W., Keromytis, A.D.: Building a reactive immune system for software services. In: Proceedings of the USENIX Annual Technical Conference (USENIX’05), pp. 149–161 (2005)Google Scholar
  17. 17.
    Sidiroglou, S., Laadan, O., Perez, C., Viennot, N., Nieh, J., Keromytis, A.: Assure: automatic software self-healing using rescue points. In: Proceedings of the 14th International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS’09), pp. 37–48. ACM (2009)Google Scholar
  18. 18.
    Chen, G., Jin, H., Zou, D., Zhou, B., Qiang, W., Hu, G.: Shelp: automatic self-healing for multiple application instances in a virtual machine environment. In: Proceedings of IEEE International Conference on Cluster Computing (Cluster’10), pp. 97-106. IEEE (2010)Google Scholar
  19. 19.
    Subramanian, S., Hicks, M., McKinley, K. S.: Dynamic software updates: a vm-centric approach. In: Proceedings of the 2009 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI’09), pp. 1–12. ACM (2009)Google Scholar
  20. 20.
    Horwitz, S., Reps, T.: The use of program dependence graphs in software engineering. In: Proceedings of the 14th International Conference on Software Engineering (ICSE’92), pp. 392–411. ACM (1992)Google Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  1. 1.Services Computing Technology and System Lab, Cluster and Grid Computing Lab, School of Computer Science and TechnologyHuazhong University of Science and TechnologyWuhanChina

Personalised recommendations