What data are transmitted to Canonical for livepatch?

Solution 1:

Given that the livepatch client is proprietary, I don't have a complete answer.

That said, the client (/snap/canonical-livepatch/*/canonical-livepatchd) is written in Go. Debugging with Delve, here's some information to start with:

(dlv) bt
0  0x00000000006ad140 in main.(*client).check
   at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/client.go:212
1  0x00000000006acfeb in main.(*client).Check
   at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/client.go:200
2  0x00000000006b8415 in main.refresh
   at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/refresh.go:60
3  0x00000000006bf957 in main.newDaemon.func1
   at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/daemon.go:76
4  0x00000000006b86a3 in main.(*refreshLoop).loop
   at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/refresh.go:120
5  0x00000000006c0bfd in main.(*service).Start.func1
   at /home/c/Canonical/go/livepatch/src/github.com/CanonicalLtd/livepatch-client/parts/canonical-livepatch/build/daemon/service.go:151
6  0x0000000000457b31 in runtime.goexit
   at /home/c/.gobrew/versions/1.10/src/runtime/asm_amd64.s:2361
(dlv) locals
rendered.cap = 0
rendered.len = 0
rendered.ptr = *uint8 nil
status = main.ClientStatus {ClientVersion: "8.0.1", MachineId: "bfcf169468f641528ac653c41ff1797d", MachineToken: "",...+7 more}
(dlv) print status
main.ClientStatus {
    ClientVersion: "8.0.1",
    MachineId: "bfcf169468f641528ac653c41ff1797d",
    MachineToken: "",
    Architecture: "x86_64",
    CpuModel: "Intel(R) Core(TM) i7-6920HQ CPU @ 2.90GHz",
    LastCheck: time.Time {
        wall: 0,
        ext: 0,
        loc: *time.Location nil,},
    BootTime: time.Time {
        wall: 0,
        ext: 63662149770,
        loc: *(*time.Location)(0x963f60),},
    ApplyTime: time.Time {
        wall: 0,
        ext: 0,
        loc: *time.Location nil,},
    Uptime: 3472,
    Kernels: []main.KernelStatus len: 1, cap: 1, [
        (*main.KernelStatus)(0xc4201883c0),
    ],}

The fields in the status variable are:

  • Client Version
  • Machine ID (the value from /etc/machine-id)
  • Machine Token (Ubuntu One token?)
  • CPU Model and (OS?) Architecture
  • Last check time
  • Boot time (time taken to boot?)
  • Apply Time (?? - possibly, when the last update was applied?)
  • Uptime
  • List of Kernels

Boot time and Uptime could be considered to be included in statistics and performance metrics.

Again, this is a starting point. Make of it what you will, and hopefully somebody else can provide more definite information.

How can I be sure it will not change suddenly to transmit more than I want?

You can't. The source code isn't available, and snaps are automatically refreshed, IIRC.

Solution 2:

I asked Canonical sales team what data the live patch service transmits. They got back to me with this:

This is the information we send about the client:

  • Machine ID from /etc/machine-id
  • Machine Token from livepatch server
  • Architecture of machine
  • CPU model of machine
  • When was the client last updated
  • When was the system booted
  • When was livepatch last applied?
  • Current system uptime
  • Kernel version

Also they mentioned that they also transmit some snap statistics, which might change with the GDPR requirements.