Umqondo we «I-Livepatch ayiyona into entsha futhi ayikaze isetshenziswe ku-Linux iminyaka embalwa, njengoba i-Red Hat, i-Oracle, i-Canonical kanye ne-SUSE ingezinye zalezo ezisebenzise lobu buchwepheshe ukuze zisatshalaliswe.
Futhi nakuba baye bazibonakalisa njengesixazululo esihle kakhulu, lokhu Ngokuvamile kuncike ezinqubweni ezivaliwe ekudaleni ama-patches, ukunciphisa ukubonakala nokuvumelana nezimo. Amaphrojekthi omthombo ovulekile wangaphambilini, njenge-elivepatch ka-Gentoo kanye ne-linux-livepatching ka-Debian, amakwe isikhathi eside sokungasebenzi noma ukuqina ezigabeni zawo ze-prototype.
Ngibhekene nalolu chungechunge lwezinkinga abasabhekene nenqubo yokukhiqiza, ukuhlanganisa, ukuthumela nokufaka ama-Linux kernel patches asebenzayo, I-TuxTape izethula njengesixazululo ezizimele, eziklanyelwe ukuzivumelanisa nezimo kunoma iyiphi inguqulo ye-Linux kernel, ngaphandle kokukhawulelwa kumaphakheji aqondene nokusatshalaliswa ngakunye.
I-TuxTape, isixazululo sokuchibiyela bukhoma ku-Linux
I-TuxTape, iyisixazululo esisha lokho ivumela abaphathi wezinhlelo sebenzisa ingqalasizinda yakho ukuze udale, uhlanganise, futhi ukhiphe iziqephu ezibukhoma ku-Linux kernel.
Inhloso enkulu I-TuxTape izonikezwa isistimu ebanzi eyenza ngokuzenzakalelayo ukudalwa nokulethwa kwamapeshi abukhoma. Isakhiwo sayo sivumela ukukhiqiza amapheshana ahambisana namathuluzi akhona afana ne-kpatch ye-Red Hat, i-kGraft ye-SUSE, i-Oracle's Ksplice nezinye izixazululo zomhlaba wonke.
Amachashazi Asetshenziswa njengamamojula e-kernel athatha indawo yemisebenzi ekhona ngokusebenzisa i-ftrace subsystem, eqondisa kabusha ukwenza imisebenzi emisha efakwe kumojula. Ukwengeza, i-TuxTape inekhono lokulandelela izibuyekezo zokuba sengozini ezithunyelwe kuhlu lwe-imeyili lwe-linux-cve-memezela kanye namakhosombe e-Git.
Isebenzisa lolu lwazi, isistimu ihlukanisa ubungozi ngobunzima, ihlola ukusebenza kwepeshi ngayinye ngokuhlaziywa okuningiliziwe kwephrofayela ye-kernel build, futhi ilahle lezo zilungiso ezingaphazamisi indawo eqondisiwe. Le ndlela ekhethiwe iqinisekisa ukuthi izinguquko ezifanele kuphela ezisetshenziswayo, ukunciphisa ubungozi kanye nokwenza ngcono ukusebenza.
Izingxenye zephrojekthi kanye nezakhiwo
Ikhithi ye-TuxTape Iqukethe amathuluzi amaningi ahlanganisiwe kusukela ekubonweni kuya ekupheshweni okubukhoma:
- Uhlelo Lokulandelela Ukuba Sengozini: Lokhu kunesibopho sokuthola nokuqopha izinsongo ezintsha ngesikhathi sangempela.
- I-database Generator: Inesibopho sokuhlinzeka ngolwazi ngamapeshi kanye nokuba sengozini kusizindalwazi esihlelekile.
- Iseva yemethadatha ene-gRPC: Ilawula ukuxhumana nokuxhumana kwezinsizakalo ezihlobene nokukhiqizwa kweziqephu.
- Uhlelo lokuthumela kanye nokwakhiwa kwe-kernel: Isiza ukuhlanganiswa kwe-kernel ekucushweni okuthile ngokukhiqiza iphrofayela yokuhlanganiswa enemininingwane.
- I-generator nefayela lokuchibiyela: Iguqula amapeshi ajwayelekile abe amamojula e-kernel alayishayo.
- Iklayenti labasingathi bokugcina: Ivumela ukwamukela nokusebenzisa amapeshi ezinhlelweni zokukhiqiza.
- Isixhumi esibonakalayo esisebenzisanayo (Ideshibhodi): Ihlinzeka ngekhonsoli yokuphatha yomsebenzisi lapho angabuyekeza, aphathe futhi adale iziqephu ezibukhoma ngokusekelwe emithonjeni etholiwe.
Kuhle ukusho ukuthi iphrojekthi ye-TuxTape kanye nentuthuko okwamanje isesigabeni sesibonelo sokuhlola, ngakho-ke okwamanje inconyelwa kuphela ukuhlolwa kokuqala ngezingxenye zayo ezihlukene.
Kulabo abathanda ukuhlola iphrojekthi, ukuhlola okwamanje kunconywa kuphela kumathuluzi athile afana nalawa:
- i-tuxtape-cve-parser: Ihlaziya ulwazi lokuba sengozini futhi yakhe isizindalwazi se-patch.
- i-tuxtape-server: Isebenzisa isixhumi esibonakalayo se-gRPC sokukhiqiza nokusabalaliswa kweziqephu.
- i-tuxtape-kernel-builder: Inesibopho sokwakha i-kernel ngokucushwa okunikeziwe futhi ikhiqize iphrofayili yokuhlanganisa ehambisanayo.
- ideshibhodi ye-tuxtape: Inikeza isixhumi esibonakalayo sekhonsoli ukuze kubuyekezwe nokudala amapeshi abukhoma ngokusekelwe kumapeshi omthombo atholiwe.
Okokugcina, kubalulekile ukusho ukuthi iphrojekthi iyathuthukiswa eRust futhi isatshalaliswa ngaphansi kwelayisensi ye-Apache 2.0. Ungabheka ulwazi olwengeziwe noma ikhodi yomthombo yalokhu, kusuka isixhumanisi esilandelayo.