Efficient patching
First Claim
1. A method in a computing system having a processor, non-volatile memory, and volatile memory, the method for applying a software patch to multiple instances of an executable module, the method comprising, using an automated patching agent:
- receiving the software patch;
in response to receiving the software patch, without user intervention;
detecting, by the computing system, a first loading that has transferred a first instance of an executable module to which the received software patch pertains from the non-volatile memory to the volatile memory;
in response to the detection of the first loading, applying, by the computing system, the received software patch to the first instance of the executable module in volatile memory to modify a portion of the first instance of the executable module, such that the behavior of the first instance of the executable module is modified;
detecting, by the computing system, a second loading that has transferred a second instance of the executable module from the non-volatile memory to the volatile memory; and
in response to the detection of the second loading, applying, by the computing system, the received software patch to the second instance of the executable module in volatile memory to modify a portion of the second instance of the executable module, such that the behavior of the second instance of the executable module is modified.
2 Assignments
0 Petitions
Accused Products
Abstract
A facility for applying a software patch is described. Using an automatic patching agent, the facility receives the software patch. In response to receiving the software patch, without user intervention, the facility performs the following acts: First, the facility identifies an instance of an executable module that is currently loaded, and to which the received software patch pertains. Second, the facility applies the received software patch to the identified loaded executable module instance to modify the behavior of the identified executable module instance.
-
Citations
32 Claims
-
1. A method in a computing system having a processor, non-volatile memory, and volatile memory, the method for applying a software patch to multiple instances of an executable module, the method comprising, using an automated patching agent:
-
receiving the software patch; in response to receiving the software patch, without user intervention; detecting, by the computing system, a first loading that has transferred a first instance of an executable module to which the received software patch pertains from the non-volatile memory to the volatile memory; in response to the detection of the first loading, applying, by the computing system, the received software patch to the first instance of the executable module in volatile memory to modify a portion of the first instance of the executable module, such that the behavior of the first instance of the executable module is modified; detecting, by the computing system, a second loading that has transferred a second instance of the executable module from the non-volatile memory to the volatile memory; and in response to the detection of the second loading, applying, by the computing system, the received software patch to the second instance of the executable module in volatile memory to modify a portion of the second instance of the executable module, such that the behavior of the second instance of the executable module is modified. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25)
-
-
26. A computer-readable storage memory whose contents cause a computing system having non-volatile memory and volatile memory to perform a method for applying a software patch to a currently-loaded executable module instance, comprising, using an automated patching agent:
-
receiving the software patch; in response to receiving the software patch; detecting, by the computing system, a first loading that has transferred a first instance of an executable module to which the received software patch pertains from the non-volatile memory to the volatile memory; in response to the detection of the first loading, applying, by the computing system, the received software patch to the first instance of the executable module in volatile memory to modify a portion of the first instance of the executable module, such that the behavior of the first instance of the executable module is modified; detecting, by the computing system, a second loading that has transferred a second instance of the executable module from the non-volatile memory to the volatile memory; and in response to the detection of the second loading, applying, by the computing system, the received software patch to the second instance of the executable module in volatile memory to modify a portion of the second instance of the executable module, such that the behavior of the second instance of the executable module is modified.
-
-
27. A computing system for applying a software patch to a currently-loaded executable module instance, comprising:
-
a network interface that automatically receives the software patch, the software patch comprising a signature demonstrating that the software patch was produced by a designated patch authority, and that the software patch has not been modified since the signature was generated; non-volatile memory; volatile memory; and a processor, in turn comprising; a detection subsystem that, in response to receipt of the software patch by the network interface, without user intervention, detects a loading that has transferred an instance of an executable module to which the received software patch pertains from the non-volatile memory to the volatile memory; and a patch application subsystem that, in response to detection of the loading of the instance of the executable module to which the received software patch pertains by the detection subsystem, without user intervention, applies the received software patch to the instance of the executable module in volatile memory to modify a portion of the instance of the executable module, such that the behavior of the instance of the executable module is modified.
-
-
28. A computer-readable storage memory containing a software patch data structure representing a software patch, the software patch data structure comprising;
-
first information identifying one or more executable software modules to which the patch is to be applied; and second information specifying a manner in which the identified executable software modules are to be modified, such that the contents of the software patch data structure are useable by an automatic patching agent to detect a first loading that has transferred the executable software module identified by the first information from a non-volatile memory of a computing system into a volatile memory of the computing system as a first instance, and in response to the detection of the first loading, modify a portion of the first instance of the executable software module in volatile memory in the manner specified by the second information, and such that the contents of the software patch data structure are useable by an automatic patching agent to detect a second loading that has transferred the executable software module identified by the first information from a non-volatile memory of a computing system into a volatile memory of the computing system as a second instance, and in response to the detection of the second loading, modify a portion of the second instance of the executable software module in volatile memory in the manner specified by the second information. - View Dependent Claims (29, 30, 31, 32)
-
Specification