| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250625231838.1897085-1-pasha.tatashin@soleen.com>
Date: Wed, 25 Jun 2025 23:17:47 +0000
From: Pasha Tatashin <pasha.tatashin@...een.com>
To: pratyush@...nel.org,
jasonmiu@...gle.com,
graf@...zon.com,
changyuanl@...gle.com,
pasha.tatashin@...een.com,
rppt@...nel.org,
dmatlack@...gle.com,
rientjes@...gle.com,
corbet@....net,
rdunlap@...radead.org,
ilpo.jarvinen@...ux.intel.com,
kanie@...ux.alibaba.com,
ojeda@...nel.org,
aliceryhl@...gle.com,
masahiroy@...nel.org,
akpm@...ux-foundation.org,
tj@...nel.org,
yoann.congal@...le.fr,
mmaurer@...gle.com,
roman.gushchin@...ux.dev,
chenridong@...wei.com,
axboe@...nel.dk,
mark.rutland@....com,
jannh@...gle.com,
vincent.guittot@...aro.org,
hannes@...xchg.org,
dan.j.williams@...el.com,
david@...hat.com,
joel.granados@...nel.org,
rostedt@...dmis.org,
anna.schumaker@...cle.com,
song@...nel.org,
zhangguopeng@...inos.cn,
linux@...ssschuh.net,
linux-kernel@...r.kernel.org,
linux-doc@...r.kernel.org,
linux-mm@...ck.org,
gregkh@...uxfoundation.org,
tglx@...utronix.de,
mingo@...hat.com,
bp@...en8.de,
dave.hansen@...ux.intel.com,
x86@...nel.org,
hpa@...or.com,
rafael@...nel.org,
dakr@...nel.org,
bartosz.golaszewski@...aro.org,
cw00.choi@...sung.com,
myungjoo.ham@...sung.com,
yesanishhere@...il.com,
Jonathan.Cameron@...wei.com,
quic_zijuhu@...cinc.com,
aleksander.lobakin@...el.com,
ira.weiny@...el.com,
andriy.shevchenko@...ux.intel.com,
leon@...nel.org,
lukas@...ner.de,
bhelgaas@...gle.com,
wagi@...nel.org,
djeffery@...hat.com,
stuart.w.hayes@...il.com,
ptyadav@...zon.de,
lennart@...ttering.net,
brauner@...nel.org,
linux-api@...r.kernel.org,
linux-fsdevel@...r.kernel.org
Subject: [PATCH v1 00/32] Live Update Orchestrator
This series introduces the LUO, a kernel subsystem designed to
facilitate live kernel updates with minimal downtime,
particularly in cloud delplyoments aiming to update without fully
disrupting running virtual machines.
This series builds upon KHO framework by adding programmatic
control over KHO's lifecycle and leveraging KHO for persisting LUO's
own metadata across the kexec boundary. The git branch for this series
can be found at:
https://github.com/googleprodkernel/linux-liveupdate/tree/luo/v1
Changelog from rfc-v2:
- Addressed review comments from Mike Rapoport, Pratyush Yadav,
David Matlack
- Moved everything under kernel/liveupdate including KHO.
- Added a number fixes to KHO that were discovered.
- luo_files is not a registred as a subsystem.
- Added sessions support to preserved files.
- Added support for memfd (Pratyush Yadav)
- Added libluo (proposed as RFC) (Pratyush Yadav)
- Removed notifiers from KHO (Mike Rapoport)
What is Live Update?
Live Update is a kexec based reboot process where selected kernel
resources (memory, file descriptors, and eventually devices) are kept
operational or their state preserved across a kernel transition. For
certain resources, DMA and interrupt activity might continue with
minimal interruption during the kernel reboot.
LUO provides a framework for coordinating live updates. It features:
State Machine: Manages the live update process through states:
NORMAL, PREPARED, FROZEN, UPDATED.
KHO Integration:
LUO programmatically drives KHO's finalization and abort sequences.
KHO's debugfs interface is now optional configured via
CONFIG_KEXEC_HANDOVER_DEBUG.
LUO preserves its own metadata via KHO's kho_add_subtree and
kho_preserve_phys() mechanisms.
Subsystem Participation: A callback API liveupdate_register_subsystem()
allows kernel subsystems (e.g., KVM, IOMMU, VFIO, PCI) to register
handlers for LUO events (PREPARE, FREEZE, FINISH, CANCEL) and persist a
u64 payload via the LUO FDT.
File Descriptor Preservation: Infrastructure
liveupdate_register_filesystem, luo_register_file, luo_retrieve_file to
allow specific types of file descriptors (e.g., memfd, vfio) to be
preserved and restored.
Handlers for specific file types can be registered to manage their
preservation and restoration, storing a u64 payload in the LUO FDT.
User-space Interface:
ioctl (/dev/liveupdate): The primary control interface for
triggering LUO state transitions (prepare, freeze, finish, cancel)
and managing the preservation/restoration of file descriptors.
Access requires CAP_SYS_ADMIN.
sysfs (/sys/kernel/liveupdate/state): A read-only interface for
monitoring the current LUO state. This allows userspace services to
track progress and coordinate actions.
Selftests: Includes kernel-side hooks and userspace selftests to
verify core LUO functionality, particularly subsystem registration and
basic state transitions.
LUO State Machine and Events:
NORMAL: Default operational state.
PREPARED: Initial preparation complete after LIVEUPDATE_PREPARE
event. Subsystems have saved initial state.
FROZEN: Final "blackout window" state after LIVEUPDATE_FREEZE
event, just before kexec. Workloads must be suspended.
UPDATED: Next kernel has booted via live update. Awaiting restoration
and LIVEUPDATE_FINISH.
Events:
LIVEUPDATE_PREPARE: Prepare for reboot, serialize state.
LIVEUPDATE_FREEZE: Final opportunity to save state before kexec.
LIVEUPDATE_FINISH: Post-reboot cleanup in the next kernel.
LIVEUPDATE_CANCEL: Abort prepare or freeze, revert changes.
RFC v1: https://lore.kernel.org/all/20250320024011.2995837-1-pasha.tatashin@soleen.com
RFC v2: https://lore.kernel.org/all/20250515182322.117840-1-pasha.tatashin@soleen.com/
Changyuan Lyu (1):
kho: add interfaces to unpreserve folios and physical memory ranges
Mike Rapoport (Microsoft) (1):
kho: drop notifiers
Pasha Tatashin (22):
kho: init new_physxa->phys_bits to fix lockdep
kho: mm: Don't allow deferred struct page with KHO
kho: warn if KHO is disabled due to an error
kho: allow to drive kho from within kernel
kho: make debugfs interface optional
kho: don't unpreserve memory during abort
liveupdate: kho: move to kernel/liveupdate
liveupdate: luo_core: Live Update Orchestrator
liveupdate: luo_core: integrate with KHO
liveupdate: luo_subsystems: add subsystem registration
liveupdate: luo_subsystems: implement subsystem callbacks
liveupdate: luo_files: add infrastructure for FDs
liveupdate: luo_files: implement file systems callbacks
liveupdate: luo_ioctl: add ioctl interface
liveupdate: luo_sysfs: add sysfs state monitoring
reboot: call liveupdate_reboot() before kexec
liveupdate: luo_files: luo_ioctl: session-based file descriptor
tracking
kho: move kho debugfs directory to liveupdate
liveupdate: add selftests for subsystems un/registration
selftests/liveupdate: add subsystem/state tests
docs: add luo documentation
MAINTAINERS: add liveupdate entry
Pratyush Yadav (8):
mm: shmem: use SHMEM_F_* flags instead of VM_* flags
mm: shmem: allow freezing inode mapping
mm: shmem: export some functions to internal.h
luo: allow preserving memfd
docs: add documentation for memfd preservation via LUO
tools: introduce libluo
libluo: introduce luoctl
libluo: add tests
.../ABI/testing/sysfs-kernel-liveupdate | 51 +
Documentation/admin-guide/index.rst | 1 +
Documentation/admin-guide/liveupdate.rst | 16 +
Documentation/core-api/index.rst | 1 +
Documentation/core-api/kho/concepts.rst | 2 +-
Documentation/core-api/liveupdate.rst | 57 ++
Documentation/mm/index.rst | 1 +
Documentation/mm/memfd_preservation.rst | 138 +++
Documentation/userspace-api/index.rst | 1 +
.../userspace-api/ioctl/ioctl-number.rst | 2 +
Documentation/userspace-api/liveupdate.rst | 25 +
MAINTAINERS | 20 +-
include/linux/kexec_handover.h | 53 +-
include/linux/liveupdate.h | 235 +++++
include/linux/shmem_fs.h | 23 +
include/uapi/linux/liveupdate.h | 265 +++++
init/Kconfig | 2 +
kernel/Kconfig.kexec | 14 -
kernel/Makefile | 2 +-
kernel/liveupdate/Kconfig | 90 ++
kernel/liveupdate/Makefile | 13 +
kernel/{ => liveupdate}/kexec_handover.c | 556 +++++-----
kernel/liveupdate/kexec_handover_debug.c | 222 ++++
kernel/liveupdate/kexec_handover_internal.h | 45 +
kernel/liveupdate/luo_core.c | 525 ++++++++++
kernel/liveupdate/luo_files.c | 946 ++++++++++++++++++
kernel/liveupdate/luo_internal.h | 47 +
kernel/liveupdate/luo_ioctl.c | 192 ++++
kernel/liveupdate/luo_selftests.c | 344 +++++++
kernel/liveupdate/luo_selftests.h | 84 ++
kernel/liveupdate/luo_subsystems.c | 420 ++++++++
kernel/liveupdate/luo_sysfs.c | 92 ++
kernel/reboot.c | 4 +
mm/Makefile | 1 +
mm/internal.h | 6 +
mm/memblock.c | 56 +-
mm/memfd_luo.c | 501 ++++++++++
mm/shmem.c | 46 +-
tools/lib/luo/LICENSE | 165 +++
tools/lib/luo/Makefile | 45 +
tools/lib/luo/README.md | 166 +++
tools/lib/luo/cli/.gitignore | 1 +
tools/lib/luo/cli/Makefile | 18 +
tools/lib/luo/cli/luoctl.c | 178 ++++
tools/lib/luo/include/libluo.h | 128 +++
tools/lib/luo/include/liveupdate.h | 265 +++++
tools/lib/luo/libluo.c | 203 ++++
tools/lib/luo/tests/.gitignore | 1 +
tools/lib/luo/tests/Makefile | 18 +
tools/lib/luo/tests/test.c | 848 ++++++++++++++++
tools/testing/selftests/Makefile | 1 +
tools/testing/selftests/liveupdate/.gitignore | 1 +
tools/testing/selftests/liveupdate/Makefile | 7 +
tools/testing/selftests/liveupdate/config | 6 +
.../testing/selftests/liveupdate/liveupdate.c | 356 +++++++
55 files changed, 7091 insertions(+), 415 deletions(-)
create mode 100644 Documentation/ABI/testing/sysfs-kernel-liveupdate
create mode 100644 Documentation/admin-guide/liveupdate.rst
create mode 100644 Documentation/core-api/liveupdate.rst
create mode 100644 Documentation/mm/memfd_preservation.rst
create mode 100644 Documentation/userspace-api/liveupdate.rst
create mode 100644 include/linux/liveupdate.h
create mode 100644 include/uapi/linux/liveupdate.h
create mode 100644 kernel/liveupdate/Kconfig
create mode 100644 kernel/liveupdate/Makefile
rename kernel/{ => liveupdate}/kexec_handover.c (74%)
create mode 100644 kernel/liveupdate/kexec_handover_debug.c
create mode 100644 kernel/liveupdate/kexec_handover_internal.h
create mode 100644 kernel/liveupdate/luo_core.c
create mode 100644 kernel/liveupdate/luo_files.c
create mode 100644 kernel/liveupdate/luo_internal.h
create mode 100644 kernel/liveupdate/luo_ioctl.c
create mode 100644 kernel/liveupdate/luo_selftests.c
create mode 100644 kernel/liveupdate/luo_selftests.h
create mode 100644 kernel/liveupdate/luo_subsystems.c
create mode 100644 kernel/liveupdate/luo_sysfs.c
create mode 100644 mm/memfd_luo.c
create mode 100644 tools/lib/luo/LICENSE
create mode 100644 tools/lib/luo/Makefile
create mode 100644 tools/lib/luo/README.md
create mode 100644 tools/lib/luo/cli/.gitignore
create mode 100644 tools/lib/luo/cli/Makefile
create mode 100644 tools/lib/luo/cli/luoctl.c
create mode 100644 tools/lib/luo/include/libluo.h
create mode 100644 tools/lib/luo/include/liveupdate.h
create mode 100644 tools/lib/luo/libluo.c
create mode 100644 tools/lib/luo/tests/.gitignore
create mode 100644 tools/lib/luo/tests/Makefile
create mode 100644 tools/lib/luo/tests/test.c
create mode 100644 tools/testing/selftests/liveupdate/.gitignore
create mode 100644 tools/testing/selftests/liveupdate/Makefile
create mode 100644 tools/testing/selftests/liveupdate/config
create mode 100644 tools/testing/selftests/liveupdate/liveupdate.c
--
2.50.0.727.gbf7dc18ff4-goog
Powered by blists - more mailing lists