Wiki

• FrontPage
• RecentChanges
• FindPage
• HelpContents
• LinuxLivePatching

Linux Livepatching

Description of the project: Evaluate if it's possible to rely on klp-build and clang-extract to bootstrap linux livepatching in Debian. There has been a first attemp to support linux livepatching in Debian, relying on kpatch. However, starting with trixie, kpatch does no longer support the kernel, which prevents us to continue using this approach. SUSE's klp-build overcomes the difficulties found with kpatch, but we need to confirm it's actually possible to package and use it. Also, Debian currently lacks a standardized workflow to build, distribute and publish livepatches for its kernels. The goal of this project is not only package and evaluate klp-build, but also explore and propose a solution about how linux livepatches could built, packaged and made available to Debian users in a controlled, safety and reproducible way.

• Confirmed Mentor: Emmanuel Arias

• How to contact the mentor: eamanu@debian.org

• Confirmed co-mentors: Santiago Ruano Rincón <santiago@debian.org>

• Difficulty level: Medium to Hard

• Project size: 350 hour (large)

• Deliverables of the project:

  • Packaging of clang-extract and klp-build
  • Study of support of the debian kernel by klp-build.
  • Proposal of a mechanism to release Kernel patches.

• Desirable skills: C Language knowledge. Linux Kernel knowledge desirable. Basic knowledge about Debian packaging. Competent Python. Collaborative work relying on 'git' and asynchronous tools.

• What the intern will learn:

  • How Linux livepatching works.
  • Debian Packaging.
  • Development on a collaborative small team, inside a large community (Debian).

• Application tasks:

  • Finish the linux-livepatching Intent to Package (ITP) bug ( https://bugs.debian.org/1070494), and for that, the student will need to:

    • Package clang-extract (https://bugs.debian.org/1117623) and klp-build.

    • Confirm that klp-build is useful for the current Debian Linux Kernels.
    • Propose a distributable Linux Kernel livepatch format to Debian users.
    • Propose a mechanism to release Kernel patches.

• More resources:

  • https://toulouse2024.mini.debconf.org/talks/18-linux-live-patching-in-debian/

  • https://debconf24.debconf.org/talks/91-linux-live-patching-in-debian/

  • https://docs.kernel.org/livepatch/livepatch.html

• AI usage policy: We will not accept applications written using LLMs, and we expect accepted students to write code themselves, not via an LLM.