elivepatch-client
Flexible Distributed Linux Kernel Live Patching
Features
- 3rd-party trust.
- Trust on a third-party service can be eliminated by deploying Elivepatch in-house.
- Custom kernel configurations.
- Live patches can be created for different kernel versions and configurations by varying the parameters to Elivepatch.
- Modified kernels.
- Support is extended to locally modified kernels (e.g. out-of-tree patch sets) by sending the server a list of patches that should be applied before the live patch creation process starts.
- Client-generated patches.
- In Elivepatch, clients specify the live patches to be created whereas current systems only support vendor-generated patches.
- Security auditing.
- Elivepatch is completely open source and thus fully auditable.
User's guide
Installing from source
$ git clone https://github.com/gentoo/elivepatch-client
$ cd elivepatch-client/
$ virtualenv .venv
$ python setup.py install
Example usage
elivepatch-client -p example/2.patch -k example/config_5.1.6 -a 5.1.6 --url http://localhost:5000
Creating Live patch
Not all patch can be converted to live patch using kpatch.
Repository
Developer's guide
Contributing
Fork this repo and make a pull request. We are happy to merge it.
Commit message should look like
[category/packagename] short decription
Long description
This makes reading history easier. GPG signing your changes is a good idea.
If you have push access to this repo it is a good idea to still create a pull request,
so at least one more person have reviewed your code.
Exceptions are trivial changes and urgent changes (that fix something completely broken).
Communication
- Join #gentoo-kernel channel on Freenode
- Open issues here