Elivepatch: Flexible Distributed Linux Kernel Live Patching
Elivepatch addresses the limitations and shortcomings of the current distributed live patching services as follows: 3rd-party trust: Trust on a third-party service can be eliminated by deploying E …
| Talk Title | Elivepatch: Flexible Distributed Linux Kernel Live Patching |
| Speakers | Alice Ferrazzi (OSS開発者, サイバートラスト株式会社) |
| Conference | Automotive Linux Summit & Open Source Summit Japan |
| Conf Tag | |
| Location | Tokyo, Japan |
| Date | Jun 19-22, 2018 |
| URL | Talk Page |
| Slides | Talk Slides |
| Video | |
“Elivepatch” addresses the limitations and shortcomings of the current distributed live patching services as follows: • 3rd-party trust: Trust on a third-party service can be eliminated by deploying Elivepatch in-house. • Custom kernel configurations: Live patches can be created for different kernel versions and configurations by varying the parameters to Elivepatch. • Modified kernels: Support is extended to locally modified kernels (e.g. out-of-tree patch sets) by sending the server a list of patches that should be applied before the live patch creation process starts. • Client-generated patches: In Elivepatch, clients specify the live patches to be created whereas current systems only support vendor-generated patches. • Security auditing: Elivepatch is completely open source and thus fully auditable.
