Ubuntu Expands Livepatch Support to arm64: Enjoy Rebootless Kernel Updates!
Canonical has extended its Livepatch service to arm64 devices, marking a significant enhancement for Ubuntu systems operating on ARM hardware. This advancement allows users to apply critical kernel security updates without needing a full system reboot, which can be particularly beneficial during ongoing tasks or workloads.
Livepatch is a valuable security feature within Ubuntu that is not enabled by default and requires an Ubuntu Pro account. It facilitates the application of kernel security patches directly into memory while the system is running. Historically, this feature has been available exclusively to AMD64 systems, and the implementation for arm64 involved considerable challenges.
The support for live patching on arm64 devices necessitated collaboration over several years between Canonical, kernel maintainers, hardware vendors, and cloud service providers. The toolchain required for applying patches on arm64 was deficient, particularly with regards to stack traces essential for managing patch applications safely.
While Livepatch is available for Ubuntu 26.04 LTS and Ubuntu Core 26 running on compatible arm64 devices, it’s important to note that not all ARM distributions are supported. For instance, the Ubuntu 26.04 LTS Raspberry Pi version does not support Livepatch due to running on the linux-raspi kernel, which is excluded from the Livepatch compatibility list.
The importance of Livepatch becomes more evident in environments like arm-powered servers and cloud solutions, where minimizing downtime is critical for operational resilience. Canonical’s Rajan Patel emphasized that this feature strengthens security for systems that may not receive regular updates.
To enable Livepatch on Ubuntu 26.04 LTS, users must register for an Ubuntu Pro account, which offers a free tier for personal use on up to five devices. The feature can be activated via the Security Center on desktop systems or through command-line instructions for headless setups.
For more information, you can visit the following links: