Patent Application
20050257093
The present invention relates to loadable kernel modules and, more particularly, to a method for dynamically replacing a loadable software module using a reference count manager.
Certain operating systems allow loadable software modules to be part of the kernel. For example, loadable kernel modules are supported by the Linux kernel. In some instances, the software modules can be loaded or linked into the kernel dynamically. Likewise, such software modules can be unloaded or unlinked from the kernel when needed. To replace a loaded software module, the loaded software module is typically unloaded before a replacement module is loaded into the execution environment. This approach may cause instability in the operating system if some process is currently using the loaded software module. For certain critical system operations, such as kernel security modules, this conventional approach is unacceptable.
Therefore, it is desirable to provide a mechanism for dynamically replacing a loadable software module without first removing the module from the execution environment.
In accordance with the present invention, a method is provided for replacing a loadable software module in an operating system. The method include: maintaining a reference count for a loadable software module associated with a kernel of the operating system; linking a replacement software module for the loadable software module into the kernel of the operating system; receiving a resource request for the loadable software module after the replacement software module is linked into the kernel; and directing the resource request for the loadable software module to the replacement software module. The method may further include unlinking the loadable software module from the kernel of the operating system when there are no longer any active references to the loadable module.
Further areas of applicability of the present invention will become apparent from the detailed description provided hereinafter. It should be understood that the detailed description and specific examples, while indicating the preferred embodiment of the invention, are intended for purposes of illustration only and are not intended to limit the scope of the invention.
2A-2E are block diagrams illustrating the interaction amongst software components residing in an exemplary execution environment in accordance with the present invention.
Referring to
To ensure operating system stability, a reference count manager is employed to keep track of how many active references there are to the loadable software module. The reference count manager maintains a counter at step 12 that is incremented whenever a new reference occurs and is decremented whenever the reference is complete. A reference generally refers to a resource request of the loadable software module. In the context of the Linux kernel, a reference refers to a sequence of instructions executed by the kernel to handle a system call, an exception, or an interrupt.
The dynamic replacement of software modules proceeds as follows. First, a replacement software module for the loadable software module is loaded at step 14 into the operating system. Upon receipt of a new reference for the loadable software module, the reference count manager then evaluates the reference count for the loadable software module as shown at step 16.
If the reference count for the loadable software module is zero, then the loadable software module may be unloaded or otherwise discarded at step 19 by the operating system. Thus, the new reference is handled by the remaining replacement software module.
On the other hand, if the reference count for the loadable software module is not zero, then the loadable software module is maintained until all existing references to it have been resolved. In this case, any new references are directed at step 18 to the replacement software module. As soon as the count for the loadable software module reaches zero, the loadable software module is unloaded from the operating system.
A more detailed description of the replacement technique of the present invention is set forth in relation to
The kernel in turn sends a request to the reference count manager 26 at 34 to set up a counter for the new software module 22. It is readily understood that the request identifies the module name, version number and other identifying information for the software module 22. As noted above, the reference count manager 26 maintains a count for each loadable module as well as for each version of a loadable module. If the new software module 22 does not have a corresponding older version, the reference count manager 26 establishes the only counter for the module; otherwise, the reference count manager 26 creates an additional counter for this newer version of the module.
An application 28 may then initiate a resource request for the software module 22 as shown at 42 of
After the requested function is completed, the software module 22 sends the kernel notification as shown at 52 of
In
The reference count manager 26 first communicates the counter status for each version back to the kernel 24. The reference count manager 26 also increments the reference count for the replacement module 29 to one in response to the resource request from application 28. Lastly, the kernel 24 directs the request at 68 to the most recent version; i.e., replacement module 29. Thus, the kernel 24 invokes the requested function from the replacement module 29 in a conventional manner. Subsequent resource requests for the software module are handled in a similar manner up until all of the references for the replaced software module 22 are complete.
Upon completion of the last reference to the replaced software module 22, processing proceeds as shown in
The kernel 24 can be safely unloaded or otherwise discard the software module from the operating system as shown at 78. In the context of the Linux kernel, the replaced software module 22 may be unlinked from the running kernel by executing the rmmod utility program. Any subsequent references to the module are handled seamlessly by the replacement module 29. In this way, the technique of the present invention dynamically replaces a loadable software module within the kernel without first removing the module from the execution environment, thereby maintaining the stability of the operating system.
It is readily understood that only the relevant steps of the methodology are discussed above, but that other software-implemented instructions may be needed to maintain the overall operation of the kernel. It is also understood that portions of the kernel and/or operating system may need to be modified to support the present invention, but that such modifications are readily understood from the descriptions provided above.
Lastly, this methodology may be suitable used to replace loadable software modules in other known kernels or operating systems. However, one particular application is for replacing access control modules or other security related modules supported within the Linux Security Module framework. In addition, it is envisioned that this methodology may also be extended to the replacement of other resources within the context of the operating system. For instance, there may be look-up tables, security policies or other replaceable resources which are being accessed within the operating system. In these instances, it is envisioned that such resources may be dynamically replaced using the technique of the present invention without first removing the resource from the execution environment. Thus, the description of the invention is merely exemplary in nature and, thus, variations that do not depart from the gist of the invention are intended to be within the scope of the invention. Such variations are not to be regarded as a departure from the spirit and scope of the invention.
