Live patching

Resources

Kernel live patching is an 'update-and-coming' kernel feature being developed by a few corporate Linux companies. Several companies have open sourced their development efforts, making it possible to bring kernel live patching to Gentoo.

A note of caution: Kernel live patching is risky. Count on hard freezing or panics to become normal...

Installation

Kernel

The Linux kernel must be version 4.0 or higher in order to have LIVEPATCH support.^[1]

KERNEL Enable CONFIG_LIVEPATCH support

Processor type and features  --->
   [*] Kernel Live Patching

Available software

Here are some live patch packages available in Gentoo:

Name	Package	Homepage	Description
kpatch	sys-kernel/kpatch	https://github.com/dynup/kpatch	Dynamic kernel patching for Linux.
ksplice	N/A	http://www.ksplice.com/	Rebootless Linux kernel security updates. Absorbed by Oracle in 2011 and available only by paid support. The 2011 version can be found on GitHub.

References

↑ https://cateee.net/lkddb/web-lkddb/LIVEPATCH.html

[1] ttps://cateee.net/lkddb/web-lkddb/LIVEPATCH.html

[1]