| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250625232653.GJ369@kvack.org>
Date: Wed, 25 Jun 2025 19:26:53 -0400
From: Benjamin LaHaise <bcrl@...ck.org>
To: Pasha Tatashin <pasha.tatashin@...een.com>
Cc: pratyush@...nel.org, jasonmiu@...gle.com, graf@...zon.com,
changyuanl@...gle.com, rppt@...nel.org, dmatlack@...gle.com,
rientjes@...gle.com, corbet@....net, rdunlap@...radead.org,
ilpo.jarvinen@...ux.intel.com, kanie@...ux.alibaba.com,
ojeda@...nel.org, aliceryhl@...gle.com, masahiroy@...nel.org,
akpm@...ux-foundation.org, tj@...nel.org, yoann.congal@...le.fr,
mmaurer@...gle.com, roman.gushchin@...ux.dev, chenridong@...wei.com,
axboe@...nel.dk, mark.rutland@....com, jannh@...gle.com,
vincent.guittot@...aro.org, hannes@...xchg.org,
dan.j.williams@...el.com, david@...hat.com,
joel.granados@...nel.org, rostedt@...dmis.org,
anna.schumaker@...cle.com, song@...nel.org, zhangguopeng@...inos.cn,
linux@...ssschuh.net, linux-kernel@...r.kernel.org,
linux-doc@...r.kernel.org, linux-mm@...ck.org,
gregkh@...uxfoundation.org, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de, dave.hansen@...ux.intel.com, x86@...nel.org,
hpa@...or.com, rafael@...nel.org, dakr@...nel.org,
bartosz.golaszewski@...aro.org, cw00.choi@...sung.com,
myungjoo.ham@...sung.com, yesanishhere@...il.com,
Jonathan.Cameron@...wei.com, quic_zijuhu@...cinc.com,
aleksander.lobakin@...el.com, ira.weiny@...el.com,
andriy.shevchenko@...ux.intel.com, leon@...nel.org, lukas@...ner.de,
bhelgaas@...gle.com, wagi@...nel.org, djeffery@...hat.com,
stuart.w.hayes@...il.com, ptyadav@...zon.de, lennart@...ttering.net,
brauner@...nel.org, linux-api@...r.kernel.org,
linux-fsdevel@...r.kernel.org
Subject: Re: [PATCH v1 00/32] Live Update Orchestrator
FYI: Every one of your emails to the list for this series was bounced by
all the recipients using @gmail.com email addresses.
-ben (owner-linux-mm)
On Wed, Jun 25, 2025 at 11:17:47PM +0000, Pasha Tatashin wrote:
> This series introduces the LUO, a kernel subsystem designed to
> facilitate live kernel updates with minimal downtime,
> particularly in cloud delplyoments aiming to update without fully
> disrupting running virtual machines.
>
> This series builds upon KHO framework by adding programmatic
> control over KHO's lifecycle and leveraging KHO for persisting LUO's
> own metadata across the kexec boundary. The git branch for this series
> can be found at:
>
> https://github.com/googleprodkernel/linux-liveupdate/tree/luo/v1
>
> Changelog from rfc-v2:
> - Addressed review comments from Mike Rapoport, Pratyush Yadav,
> David Matlack
> - Moved everything under kernel/liveupdate including KHO.
> - Added a number fixes to KHO that were discovered.
> - luo_files is not a registred as a subsystem.
> - Added sessions support to preserved files.
> - Added support for memfd (Pratyush Yadav)
> - Added libluo (proposed as RFC) (Pratyush Yadav)
> - Removed notifiers from KHO (Mike Rapoport)
>
> What is Live Update?
> Live Update is a kexec based reboot process where selected kernel
> resources (memory, file descriptors, and eventually devices) are kept
> operational or their state preserved across a kernel transition. For
> certain resources, DMA and interrupt activity might continue with
> minimal interruption during the kernel reboot.
>
> LUO provides a framework for coordinating live updates. It features:
> State Machine: Manages the live update process through states:
> NORMAL, PREPARED, FROZEN, UPDATED.
>
> KHO Integration:
>
> LUO programmatically drives KHO's finalization and abort sequences.
> KHO's debugfs interface is now optional configured via
> CONFIG_KEXEC_HANDOVER_DEBUG.
>
> LUO preserves its own metadata via KHO's kho_add_subtree and
> kho_preserve_phys() mechanisms.
>
> Subsystem Participation: A callback API liveupdate_register_subsystem()
> allows kernel subsystems (e.g., KVM, IOMMU, VFIO, PCI) to register
> handlers for LUO events (PREPARE, FREEZE, FINISH, CANCEL) and persist a
> u64 payload via the LUO FDT.
>
> File Descriptor Preservation: Infrastructure
> liveupdate_register_filesystem, luo_register_file, luo_retrieve_file to
> allow specific types of file descriptors (e.g., memfd, vfio) to be
> preserved and restored.
>
> Handlers for specific file types can be registered to manage their
> preservation and restoration, storing a u64 payload in the LUO FDT.
>
> User-space Interface:
>
> ioctl (/dev/liveupdate): The primary control interface for
> triggering LUO state transitions (prepare, freeze, finish, cancel)
> and managing the preservation/restoration of file descriptors.
> Access requires CAP_SYS_ADMIN.
>
> sysfs (/sys/kernel/liveupdate/state): A read-only interface for
> monitoring the current LUO state. This allows userspace services to
> track progress and coordinate actions.
>
> Selftests: Includes kernel-side hooks and userspace selftests to
> verify core LUO functionality, particularly subsystem registration and
> basic state transitions.
>
> LUO State Machine and Events:
>
> NORMAL: Default operational state.
> PREPARED: Initial preparation complete after LIVEUPDATE_PREPARE
> event. Subsystems have saved initial state.
> FROZEN: Final "blackout window" state after LIVEUPDATE_FREEZE
> event, just before kexec. Workloads must be suspended.
> UPDATED: Next kernel has booted via live update. Awaiting restoration
> and LIVEUPDATE_FINISH.
>
> Events:
> LIVEUPDATE_PREPARE: Prepare for reboot, serialize state.
> LIVEUPDATE_FREEZE: Final opportunity to save state before kexec.
> LIVEUPDATE_FINISH: Post-reboot cleanup in the next kernel.
> LIVEUPDATE_CANCEL: Abort prepare or freeze, revert changes.
>
> RFC v1: https://lore.kernel.org/all/20250320024011.2995837-1-pasha.tatashin@soleen.com
> RFC v2: https://lore.kernel.org/all/20250515182322.117840-1-pasha.tatashin@soleen.com/
>
> Changyuan Lyu (1):
> kho: add interfaces to unpreserve folios and physical memory ranges
>
> Mike Rapoport (Microsoft) (1):
> kho: drop notifiers
>
> Pasha Tatashin (22):
> kho: init new_physxa->phys_bits to fix lockdep
> kho: mm: Don't allow deferred struct page with KHO
> kho: warn if KHO is disabled due to an error
> kho: allow to drive kho from within kernel
> kho: make debugfs interface optional
> kho: don't unpreserve memory during abort
> liveupdate: kho: move to kernel/liveupdate
> liveupdate: luo_core: Live Update Orchestrator
> liveupdate: luo_core: integrate with KHO
> liveupdate: luo_subsystems: add subsystem registration
> liveupdate: luo_subsystems: implement subsystem callbacks
> liveupdate: luo_files: add infrastructure for FDs
> liveupdate: luo_files: implement file systems callbacks
> liveupdate: luo_ioctl: add ioctl interface
> liveupdate: luo_sysfs: add sysfs state monitoring
> reboot: call liveupdate_reboot() before kexec
> liveupdate: luo_files: luo_ioctl: session-based file descriptor
> tracking
> kho: move kho debugfs directory to liveupdate
> liveupdate: add selftests for subsystems un/registration
> selftests/liveupdate: add subsystem/state tests
> docs: add luo documentation
> MAINTAINERS: add liveupdate entry
>
> Pratyush Yadav (8):
> mm: shmem: use SHMEM_F_* flags instead of VM_* flags
> mm: shmem: allow freezing inode mapping
> mm: shmem: export some functions to internal.h
> luo: allow preserving memfd
> docs: add documentation for memfd preservation via LUO
> tools: introduce libluo
> libluo: introduce luoctl
> libluo: add tests
>
> .../ABI/testing/sysfs-kernel-liveupdate | 51 +
> Documentation/admin-guide/index.rst | 1 +
> Documentation/admin-guide/liveupdate.rst | 16 +
> Documentation/core-api/index.rst | 1 +
> Documentation/core-api/kho/concepts.rst | 2 +-
> Documentation/core-api/liveupdate.rst | 57 ++
> Documentation/mm/index.rst | 1 +
> Documentation/mm/memfd_preservation.rst | 138 +++
> Documentation/userspace-api/index.rst | 1 +
> .../userspace-api/ioctl/ioctl-number.rst | 2 +
> Documentation/userspace-api/liveupdate.rst | 25 +
> MAINTAINERS | 20 +-
> include/linux/kexec_handover.h | 53 +-
> include/linux/liveupdate.h | 235 +++++
> include/linux/shmem_fs.h | 23 +
> include/uapi/linux/liveupdate.h | 265 +++++
> init/Kconfig | 2 +
> kernel/Kconfig.kexec | 14 -
> kernel/Makefile | 2 +-
> kernel/liveupdate/Kconfig | 90 ++
> kernel/liveupdate/Makefile | 13 +
> kernel/{ => liveupdate}/kexec_handover.c | 556 +++++-----
> kernel/liveupdate/kexec_handover_debug.c | 222 ++++
> kernel/liveupdate/kexec_handover_internal.h | 45 +
> kernel/liveupdate/luo_core.c | 525 ++++++++++
> kernel/liveupdate/luo_files.c | 946 ++++++++++++++++++
> kernel/liveupdate/luo_internal.h | 47 +
> kernel/liveupdate/luo_ioctl.c | 192 ++++
> kernel/liveupdate/luo_selftests.c | 344 +++++++
> kernel/liveupdate/luo_selftests.h | 84 ++
> kernel/liveupdate/luo_subsystems.c | 420 ++++++++
> kernel/liveupdate/luo_sysfs.c | 92 ++
> kernel/reboot.c | 4 +
> mm/Makefile | 1 +
> mm/internal.h | 6 +
> mm/memblock.c | 56 +-
> mm/memfd_luo.c | 501 ++++++++++
> mm/shmem.c | 46 +-
> tools/lib/luo/LICENSE | 165 +++
> tools/lib/luo/Makefile | 45 +
> tools/lib/luo/README.md | 166 +++
> tools/lib/luo/cli/.gitignore | 1 +
> tools/lib/luo/cli/Makefile | 18 +
> tools/lib/luo/cli/luoctl.c | 178 ++++
> tools/lib/luo/include/libluo.h | 128 +++
> tools/lib/luo/include/liveupdate.h | 265 +++++
> tools/lib/luo/libluo.c | 203 ++++
> tools/lib/luo/tests/.gitignore | 1 +
> tools/lib/luo/tests/Makefile | 18 +
> tools/lib/luo/tests/test.c | 848 ++++++++++++++++
> tools/testing/selftests/Makefile | 1 +
> tools/testing/selftests/liveupdate/.gitignore | 1 +
> tools/testing/selftests/liveupdate/Makefile | 7 +
> tools/testing/selftests/liveupdate/config | 6 +
> .../testing/selftests/liveupdate/liveupdate.c | 356 +++++++
> 55 files changed, 7091 insertions(+), 415 deletions(-)
> create mode 100644 Documentation/ABI/testing/sysfs-kernel-liveupdate
> create mode 100644 Documentation/admin-guide/liveupdate.rst
> create mode 100644 Documentation/core-api/liveupdate.rst
> create mode 100644 Documentation/mm/memfd_preservation.rst
> create mode 100644 Documentation/userspace-api/liveupdate.rst
> create mode 100644 include/linux/liveupdate.h
> create mode 100644 include/uapi/linux/liveupdate.h
> create mode 100644 kernel/liveupdate/Kconfig
> create mode 100644 kernel/liveupdate/Makefile
> rename kernel/{ => liveupdate}/kexec_handover.c (74%)
> create mode 100644 kernel/liveupdate/kexec_handover_debug.c
> create mode 100644 kernel/liveupdate/kexec_handover_internal.h
> create mode 100644 kernel/liveupdate/luo_core.c
> create mode 100644 kernel/liveupdate/luo_files.c
> create mode 100644 kernel/liveupdate/luo_internal.h
> create mode 100644 kernel/liveupdate/luo_ioctl.c
> create mode 100644 kernel/liveupdate/luo_selftests.c
> create mode 100644 kernel/liveupdate/luo_selftests.h
> create mode 100644 kernel/liveupdate/luo_subsystems.c
> create mode 100644 kernel/liveupdate/luo_sysfs.c
> create mode 100644 mm/memfd_luo.c
> create mode 100644 tools/lib/luo/LICENSE
> create mode 100644 tools/lib/luo/Makefile
> create mode 100644 tools/lib/luo/README.md
> create mode 100644 tools/lib/luo/cli/.gitignore
> create mode 100644 tools/lib/luo/cli/Makefile
> create mode 100644 tools/lib/luo/cli/luoctl.c
> create mode 100644 tools/lib/luo/include/libluo.h
> create mode 100644 tools/lib/luo/include/liveupdate.h
> create mode 100644 tools/lib/luo/libluo.c
> create mode 100644 tools/lib/luo/tests/.gitignore
> create mode 100644 tools/lib/luo/tests/Makefile
> create mode 100644 tools/lib/luo/tests/test.c
> create mode 100644 tools/testing/selftests/liveupdate/.gitignore
> create mode 100644 tools/testing/selftests/liveupdate/Makefile
> create mode 100644 tools/testing/selftests/liveupdate/config
> create mode 100644 tools/testing/selftests/liveupdate/liveupdate.c
>
> --
> 2.50.0.727.gbf7dc18ff4-goog
>
--
"Thought is the essence of where you are now."
Powered by blists - more mailing lists