| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250515182322.117840-12-pasha.tatashin@soleen.com>
Date: Thu, 15 May 2025 18:23:15 +0000
From: Pasha Tatashin <pasha.tatashin@...een.com>
To: pratyush@...nel.org,
jasonmiu@...gle.com,
graf@...zon.com,
changyuanl@...gle.com,
pasha.tatashin@...een.com,
rppt@...nel.org,
dmatlack@...gle.com,
rientjes@...gle.com,
corbet@....net,
rdunlap@...radead.org,
ilpo.jarvinen@...ux.intel.com,
kanie@...ux.alibaba.com,
ojeda@...nel.org,
aliceryhl@...gle.com,
masahiroy@...nel.org,
akpm@...ux-foundation.org,
tj@...nel.org,
yoann.congal@...le.fr,
mmaurer@...gle.com,
roman.gushchin@...ux.dev,
chenridong@...wei.com,
axboe@...nel.dk,
mark.rutland@....com,
jannh@...gle.com,
vincent.guittot@...aro.org,
hannes@...xchg.org,
dan.j.williams@...el.com,
david@...hat.com,
joel.granados@...nel.org,
rostedt@...dmis.org,
anna.schumaker@...cle.com,
song@...nel.org,
zhangguopeng@...inos.cn,
linux@...ssschuh.net,
linux-kernel@...r.kernel.org,
linux-doc@...r.kernel.org,
linux-mm@...ck.org,
gregkh@...uxfoundation.org,
tglx@...utronix.de,
mingo@...hat.com,
bp@...en8.de,
dave.hansen@...ux.intel.com,
x86@...nel.org,
hpa@...or.com,
rafael@...nel.org,
dakr@...nel.org,
bartosz.golaszewski@...aro.org,
cw00.choi@...sung.com,
myungjoo.ham@...sung.com,
yesanishhere@...il.com,
Jonathan.Cameron@...wei.com,
quic_zijuhu@...cinc.com,
aleksander.lobakin@...el.com,
ira.weiny@...el.com,
andriy.shevchenko@...ux.intel.com,
leon@...nel.org,
lukas@...ner.de,
bhelgaas@...gle.com,
wagi@...nel.org,
djeffery@...hat.com,
stuart.w.hayes@...il.com,
ptyadav@...zon.de
Subject: [RFC v2 11/16] luo: luo_sysfs: add sysfs state monitoring
Introduce a sysfs interface for the Live Update Orchestrator
under /sys/kernel/liveupdate/. This interface provides a way for
userspace tools and scripts to monitor the current state of the LUO
state machine.
The main feature is a read-only file, state, which displays the
current LUO state as a string ("normal", "prepared", "frozen",
"updated"). The interface uses sysfs_notify to allow userspace
listeners (e.g., via poll) to be efficiently notified of state changes.
ABI documentation for this new sysfs interface is added in
Documentation/ABI/testing/sysfs-kernel-liveupdate.
This read-only sysfs interface complements the main ioctl interface
provided by /dev/liveupdate, which handles LUO control operations and
resource management.
Signed-off-by: Pasha Tatashin <pasha.tatashin@...een.com>
---
.../ABI/testing/sysfs-kernel-liveupdate | 51 ++++++++++
drivers/misc/liveupdate/Kconfig | 18 ++++
drivers/misc/liveupdate/Makefile | 1 +
drivers/misc/liveupdate/luo_core.c | 1 +
drivers/misc/liveupdate/luo_internal.h | 6 ++
drivers/misc/liveupdate/luo_sysfs.c | 92 +++++++++++++++++++
6 files changed, 169 insertions(+)
create mode 100644 Documentation/ABI/testing/sysfs-kernel-liveupdate
create mode 100644 drivers/misc/liveupdate/luo_sysfs.c
diff --git a/Documentation/ABI/testing/sysfs-kernel-liveupdate b/Documentation/ABI/testing/sysfs-kernel-liveupdate
new file mode 100644
index 000000000000..7631410a10c3
--- /dev/null
+++ b/Documentation/ABI/testing/sysfs-kernel-liveupdate
@@ -0,0 +1,51 @@
+What: /sys/kernel/liveupdate/
+Date: May 2025
+KernelVersion: 6.16.0
+Contact: pasha.tatashin@...een.com
+Description: Directory containing interfaces to query the live
+ update orchestrator. Live update is the ability to reboot the
+ host kernel (e.g., via kexec, without a full power cycle) while
+ keeping specifically designated devices operational ("alive")
+ across the transition. After the new kernel boots, these devices
+ can be re-attached to their original workloads (e.g., virtual
+ machines) with their state preserved. This is particularly
+ useful, for example, for quick hypervisor updates without
+ terminating running virtual machines.
+
+
+What: /sys/kernel/liveupdate/state
+Date: May 2025
+KernelVersion: 6.16.0
+Contact: pasha.tatashin@...een.com
+Description: Read-only file that displays the current state of the live
+ update orchestrator as a string. Possible values are:
+
+ "normal": No live update operation is in progress. This is
+ the default operational state.
+
+ "prepared": The live update preparation phase has completed
+ successfully (e.g., triggered via the 'prepare'
+ file). Kernel subsystems have been notified via
+ the %LIVEUPDATE_PREPARE event/callback and
+ should have initiated state saving. User
+ workloads (e.g., VMs) are generally still
+ running, but some operations (like device
+ unbinding or new DMA mappings) might be
+ restricted. The system is ready for the reboot
+ trigger.
+
+ "frozen": The final reboot notification has been sent
+ (e.g., triggered via the 'reboot' file),
+ corresponding to the %LIVEUPDATE_REBOOT kernel
+ event. Subsystems have had their final chance to
+ save state. User workloads must be suspended.
+ The system is about to execute the reboot into
+ the new kernel (imminent kexec). This state
+ corresponds to the "blackout window".
+
+ "updated": The system has successfully rebooted into the
+ new kernel via live update. Restoration of
+ preserved resources can now occur (typically via
+ ioctl commands). The system is awaiting the
+ final 'finish' signal after user space completes
+ restoration tasks.
diff --git a/drivers/misc/liveupdate/Kconfig b/drivers/misc/liveupdate/Kconfig
index a7424ceeba0b..09940f9a724a 100644
--- a/drivers/misc/liveupdate/Kconfig
+++ b/drivers/misc/liveupdate/Kconfig
@@ -25,3 +25,21 @@ config LIVEUPDATE
running virtual machines.
If unsure, say N.
+
+config LIVEUPDATE_SYSFS_API
+ bool "Live Update sysfs monitoring interface"
+ depends on SYSFS
+ depends on LIVEUPDATE
+ help
+ Enable a sysfs interface for the Live Update Orchestrator
+ at /sys/kernel/liveupdate/.
+
+ This allows monitoring the LUO state ('normal', 'prepared',
+ 'frozen', 'updated') via the read-only 'state' file.
+
+ This interface complements the primary /dev/liveupdate ioctl
+ interface, which handles the full update process.
+ This sysfs API may be useful for scripting, or userspace monitoring
+ needed to coordinate application restarts and minimize downtime.
+
+ If unsure, say N.
diff --git a/drivers/misc/liveupdate/Makefile b/drivers/misc/liveupdate/Makefile
index 7a0cd08919c9..190323c10220 100644
--- a/drivers/misc/liveupdate/Makefile
+++ b/drivers/misc/liveupdate/Makefile
@@ -3,3 +3,4 @@ obj-y += luo_ioctl.o
obj-y += luo_core.o
obj-y += luo_files.o
obj-y += luo_subsystems.o
+obj-$(CONFIG_LIVEUPDATE_SYSFS_API) += luo_sysfs.o
diff --git a/drivers/misc/liveupdate/luo_core.c b/drivers/misc/liveupdate/luo_core.c
index ab1d76221fe2..1a5163c116a4 100644
--- a/drivers/misc/liveupdate/luo_core.c
+++ b/drivers/misc/liveupdate/luo_core.c
@@ -79,6 +79,7 @@ static inline bool is_current_luo_state(enum liveupdate_state expected_state)
static void __luo_set_state(enum liveupdate_state state)
{
WRITE_ONCE(luo_state, state);
+ luo_sysfs_notify();
}
static inline void luo_set_state(enum liveupdate_state state)
diff --git a/drivers/misc/liveupdate/luo_internal.h b/drivers/misc/liveupdate/luo_internal.h
index b7a0f31ddc99..bf1ba18722e2 100644
--- a/drivers/misc/liveupdate/luo_internal.h
+++ b/drivers/misc/liveupdate/luo_internal.h
@@ -34,6 +34,12 @@ int luo_retrieve_file(u64 token, struct file **file);
int luo_register_file(u64 *token, struct file *file);
int luo_unregister_file(u64 token);
+#ifdef CONFIG_LIVEUPDATE_SYSFS_API
+void luo_sysfs_notify(void);
+#else
+static inline void luo_sysfs_notify(void) {}
+#endif
+
extern const char *const luo_state_str[];
/* Get the current state as a string */
diff --git a/drivers/misc/liveupdate/luo_sysfs.c b/drivers/misc/liveupdate/luo_sysfs.c
new file mode 100644
index 000000000000..756b341dd886
--- /dev/null
+++ b/drivers/misc/liveupdate/luo_sysfs.c
@@ -0,0 +1,92 @@
+// SPDX-License-Identifier: GPL-2.0
+
+/*
+ * Copyright (c) 2025, Google LLC.
+ * Pasha Tatashin <pasha.tatashin@...een.com>
+ */
+
+/**
+ * DOC: LUO sysfs interface
+ *
+ * Provides a sysfs interface at ``/sys/kernel/liveupdate/`` for monitoring LUO
+ * state. Live update allows rebooting the kernel (via kexec) while preserving
+ * designated device state for attached workloads (e.g., VMs), useful for
+ * minimizing downtime during hypervisor updates.
+ *
+ * /sys/kernel/liveupdate/state
+ * ----------------------------
+ * - Permissions: Read-only
+ * - Description: Displays the current LUO state string.
+ * - Valid States:
+ * @normal
+ * Idle state.
+ * @prepared
+ * Preparation phase complete (triggered via 'prepare'). Resources
+ * checked, state saving initiated via %LIVEUPDATE_PREPARE event.
+ * Workloads mostly running but may be restricted. Ready forreboot
+ * trigger.
+ * @frozen
+ * Final reboot notification sent (triggered via 'reboot'). Corresponds to
+ * %LIVEUPDATE_REBOOT event. Final state saving. Workloads must be
+ * suspended. System about to kexec ("blackout window").
+ * @updated
+ * New kernel booted via live update. Awaiting 'finish' signal.
+ *
+ * Userspace Interaction & Blackout Window Reduction
+ * -------------------------------------------------
+ * Userspace monitors the ``state`` file to coordinate actions:
+ * - Suspend workloads before @frozen state is entered.
+ * - Initiate resource restoration upon entering @updated state.
+ * - Resume workloads after restoration, minimizing downtime.
+ */
+
+#include <linux/kobject.h>
+#include <linux/liveupdate.h>
+#include <linux/sysfs.h>
+#include "luo_internal.h"
+
+static bool luo_sysfs_initialized;
+
+#define LUO_DIR_NAME "liveupdate"
+
+void luo_sysfs_notify(void)
+{
+ if (luo_sysfs_initialized)
+ sysfs_notify(kernel_kobj, LUO_DIR_NAME, "state");
+}
+
+/* Show the current live update state */
+static ssize_t state_show(struct kobject *kobj, struct kobj_attribute *attr,
+ char *buf)
+{
+ return sysfs_emit(buf, "%s\n", LUO_STATE_STR);
+}
+
+static struct kobj_attribute state_attribute = __ATTR_RO(state);
+
+static struct attribute *luo_attrs[] = {
+ &state_attribute.attr,
+ NULL
+};
+
+static struct attribute_group luo_attr_group = {
+ .attrs = luo_attrs,
+ .name = LUO_DIR_NAME,
+};
+
+static int __init luo_init(void)
+{
+ int ret;
+
+ ret = sysfs_create_group(kernel_kobj, &luo_attr_group);
+ if (ret) {
+ pr_err("Failed to create group\n");
+ return ret;
+ }
+
+ luo_sysfs_initialized = true;
+ pr_info("Initialized\n");
+
+ return 0;
+}
+subsys_initcall(luo_init);
--
2.49.0.1101.gccaa498523-goog
Powered by blists - more mailing lists