Kpatch
From Gentoo Wiki
kpatch is a GPLv2 licensed dynamic kernel patching tool developed by RedHat.
Installation
Kernel
The Linux kernel must be version 4.0 or higher in order to have LIVEPATCH support.[1]
General setup --->
[*] Configure standard kernel features (expert users) --->
-*- Load all symbols for debugging/ksymoops
[*] Include all symbols in kallsyms
[*] Enable loadable module support --->
Processor type and features --->
[*] Kernel Live Patching
Kernel hacking --->
[*] Tracers --->
[*] Kernel Function Tracer
File systems --->
Pseudo filesystems --->
-*- sysfs file system support
USE flags
USE flags for sys-kernel/kpatch Dynamic kernel patching for Linux
+kpatch
|
Enable a command-line tool which allows a user to manage a collection of patch modules. |
+kpatch-build
|
Enable tools which convert a source diff patch to a patch module. |
+strip
|
Allow symbol stripping to be performed by the ebuild for special files |
contrib
|
Enable contrib kpatch services files. |
dist-kernel
|
Enable subslot rebuilds on Distribution Kernel upgrades |
kmod
|
Enable a kernel module (.ko file) which provides an interface for the patch modules to register new functions for replacement. |
modules-compress
|
Install compressed kernel modules (if kernel config enables module compression) |
modules-sign
|
Cryptographically sign installed kernel modules (requires CONFIG_MODULE_SIG=y in the kernel) |
test
|
Enable dependencies and/or preparations necessary to run tests (usually controlled by FEATURES=test but can be toggled independently) |
Emerge
root #
emerge --ask sys-kernel/kpatch
Usage
user $
kpatch --help
Workflow
root #
Kpatch-build foo.patch
root #
insmod kpatch-foo.ko