An Arch Linux kernel package that installs in parallel with stock linux and adds three out-of-tree changes: the agentns agent namespace, the memlog character device, and the provfs LSM.
The kernel features themselves live in sibling repos under ~/wintermute/. This repo is the packaging glue — a PKGBUILD derived from Arch's stock linux, plus the scripts that patch those three changesets into a kernel source tree and wire up their Kconfig and Makefile entries. It exists so the wintermute kernel can be built and installed the Arch-native way (makepkg + pacman -U) and can sit next to the stock kernel rather than replacing it. You opt into it per boot until you trust it.
- agentns — an agent namespace. After boot,
/proc/self/agent_sessionis present; the namespace is inherited across fork and carries a budget that the kernel enforces. Built in (CONFIG_AGENT_NS=y). - memlog — a character device at
/dev/memlog, gated behind amemloggroup. Built as a module (CONFIG_MEMLOG=m); load withmodprobe memlog. The package creates the group and adds the installing user to it. - provfs — a Linux Security Module that registers under the name
provfs. Built in (CONFIG_SECURITY_PROVFS=y); after boot it appears in/sys/kernel/security/lsm.
The feature code is vendored from ~/wintermute/{agentns,memlog,provfs/lsm} at build time, not stored here. Override the checkout location with WINTERMUTE=/path/to/wintermute.
cd ~/wintermute/wintermute-kernel
# downloads ~140 MB of upstream sources, builds under ./src/, 30–90 min depending on the box
makepkg -s --skippgpcheck-s installs missing makedeps. --skippgpcheck skips the upstream tarball's PGP signature; the b2sum is still verified, so this is a first-build convenience for boxes without the kernel.org keys in their keyring.
If your wintermute checkout isn't at ~/wintermute/:
WINTERMUTE=/path/to/wintermute makepkg -s --skippgpchecksudo pacman -U linux-wintermute-7.0.10.arch1-1-x86_64.pkg.tar.zst \
linux-wintermute-headers-7.0.10.arch1-1-x86_64.pkg.tar.zstThis drops:
/boot/vmlinuz-linux-wintermute/boot/initramfs-linux-wintermute.img/usr/lib/modules/7.0.10-wintermute-arch1-1/
The install scriptlet also creates the memlog group and adds the invoking user to it (it recovers the real user from $SUDO_USER, then logname, then the single highest-UID human account). Log out and back in, or run newgrp memlog, for that to take effect.
If your boot loader is systemd-boot, mkinitcpio's hook writes the loader entry automatically. For GRUB, run sudo grub-mkconfig -o /boot/grub/grub.cfg.
Pick Linux wintermute from the boot menu. Stock linux stays your default; the wintermute kernel is opt-in per boot until you set it as default yourself.
uname -r # 7.0.10-wintermute-arch1-1 (or similar)
ls /proc/self/agent_session # agentns present
sudo modprobe memlog && ls /dev/memlog # memlog present
cat /sys/kernel/security/lsm # includes "provfs"The per-feature smoke tests live with the feature code:
bash ~/wintermute/memlog/tests/test_basic.sh
bash ~/wintermute/provfs/lsm/tests/test_basic.sh
sudo bash ~/wintermute/agentns/tests/test_inheritance.sh
sudo bash ~/wintermute/agentns/tests/test_budget_enforce.shReboot and pick the stock linux entry. To remove the package entirely:
sudo pacman -R linux-wintermute linux-wintermute-headersThe stock kernel and its modules are untouched. The memlog group is left behind on removal (no other package owns it); drop it with groupdel memlog if you want.
pkgbase=linux-wintermute, so it installs in parallel.prepare()applies the upstream Arch patch, then runs three apply steps: install the agentns files and runapply-agentns.py(idempotent in-place edits that replace the old0001-0009patch series), install the memlog driver, install the provfs LSM — each wiring the relevantKconfigandMakefile. Then it enablesAGENT_NS,MEMLOG, andSECURITY_PROVFS.build()dropsmake htmldocs(no texlive dependency) and the docs subpackage.
apply-agentns.py edits the kernel tree by anchoring on unique strings rather than applying unified diffs, which survives context drift in the surrounding sources better. It fails loudly if an anchor goes missing.
Part of the wintermute fleet. The three features are developed in their own repos (agentns, memlog, provfs); this package is how they ship as one bootable kernel. See also wintermute-platform for the userspace side.