Elivepatch

Introduction
elivepatch is a distributed application for building live patch, is also supporting automatic installing of security CVE live patch for any gentoo-sources recent than 4.1



Features

 * Distributed live patch building
 * Works as client server live patch build model
 * Incremental live patch
 * You can build live patch over the previous one
 * Automatic live patch for security CVE
 * Getting kernel CVE from https://github.com/nluedtke/linux_kernel_cves

Implementation

 * elivepatch-client
 * Client to be run on the machine where we want to install the live patch.
 * elivepatch-server
 * RESTful API for building the live patch. Using kpatch for building the live patch object.

Elivepatch-server
This is for the machine that will build the live patch.

Installation:

This will install the init.d file under /etc/init.d/elivepatch and the conf.d under /etc/conf.d/elivepatch. From the conf.d file you can change the elivepatch daemon user and permission (by default is root). You can start elivepatch-server on machine startup with:

Elivepatch-client
This is for the machine that will request to build the live patch.

Installation:

CVE livepatch
CVE live patch is the command for live patching the current kernel with last security cve.

Can also be used as a cronjob command.

GSoC 2017
This project is part of GSoC 2017 and the code is written by User:Aliceinwire mentored by User:Gokturk

Wroted code: Reports:
 * kpatch ebuild merged in the Gentoo official repository
 * elivepatch client
 * elivepatch server
 * Official Gentoo repository elivepatch merge pull-request
 * half term report
 * half term presentation
 * Some public reports (Not all report as been yet published because of the too much traffic on the Gentoo planet)