An SRE Guide to Linux Kernel Upgrades

Thursday, 27 October, 2022 - 14:0014:40 CEST

Ignat Korchagin, Cloudflare


The Linux kernel lies at the heart of many high profile services and applications. And since the kernel code executes at the highest privilege level, it is very important to keep up with kernel updates to ensure the production systems are patched in a timely manner for numerous security vulnerabilities. Yet, because the kernel code executes at the highest privilege level and a kernel bug usually crashes the whole system, many engineers try to avoid upgrading the kernel too often just for the sake of stability. But not every kernel update is dangerous: there are bugfix/security releases (which should be applied ASAP) and feature releases (which should be tested better). This talk tries to demystify Linux kernel releases and provides guidance on how to safely and timely update your Linux kernel.

Ignat Korchagin, Cloudflare

Ignat Korchagin is a systems engineer at Cloudflare working mostly on platform and hardware security. Ignat's interests are cryptography, hacking, and low-level programming. Before Cloudflare, Ignat worked as a senior security engineer for Samsung Electronics' mobile communications division. His solutions may be found in many older Samsung smart phones and tablets. Ignat started his career as a security researcher in the Ukrainian government's communications services.

@conference {284657,
author = {Ignat Korchagin},
title = {An {SRE} Guide to Linux Kernel Upgrades},
year = {2022},
address = {Amsterdam},
publisher = {USENIX Association},
month = oct

Presentation Video