| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aG9rNQ277weSR_dl@kernel.org>
Date: Thu, 10 Jul 2025 10:26:45 +0300
From: Mike Rapoport <rppt@...nel.org>
To: Pratyush Yadav <pratyush@...nel.org>
Cc: Christian Brauner <brauner@...nel.org>,
Pasha Tatashin <pasha.tatashin@...een.com>, jasonmiu@...gle.com,
graf@...zon.com, changyuanl@...gle.com, dmatlack@...gle.com,
rientjes@...gle.com, corbet@....net, rdunlap@...radead.org,
ilpo.jarvinen@...ux.intel.com, kanie@...ux.alibaba.com,
ojeda@...nel.org, aliceryhl@...gle.com, masahiroy@...nel.org,
akpm@...ux-foundation.org, tj@...nel.org, yoann.congal@...le.fr,
mmaurer@...gle.com, roman.gushchin@...ux.dev, chenridong@...wei.com,
axboe@...nel.dk, mark.rutland@....com, jannh@...gle.com,
vincent.guittot@...aro.org, hannes@...xchg.org,
dan.j.williams@...el.com, david@...hat.com,
joel.granados@...nel.org, rostedt@...dmis.org,
anna.schumaker@...cle.com, song@...nel.org, zhangguopeng@...inos.cn,
linux@...ssschuh.net, linux-kernel@...r.kernel.org,
linux-doc@...r.kernel.org, linux-mm@...ck.org,
gregkh@...uxfoundation.org, tglx@...utronix.de, mingo@...hat.com,
bp@...en8.de, dave.hansen@...ux.intel.com, x86@...nel.org,
hpa@...or.com, rafael@...nel.org, dakr@...nel.org,
bartosz.golaszewski@...aro.org, cw00.choi@...sung.com,
myungjoo.ham@...sung.com, yesanishhere@...il.com,
Jonathan.Cameron@...wei.com, quic_zijuhu@...cinc.com,
aleksander.lobakin@...el.com, ira.weiny@...el.com,
andriy.shevchenko@...ux.intel.com, leon@...nel.org, lukas@...ner.de,
bhelgaas@...gle.com, wagi@...nel.org, djeffery@...hat.com,
stuart.w.hayes@...il.com
Subject: Re: [RFC v2 10/16] luo: luo_ioctl: add ioctl interface
On Wed, Jul 09, 2025 at 11:27:08PM +0200, Pratyush Yadav wrote:
> On Sun, Jul 06 2025, Mike Rapoport wrote:
>
> > On Tue, Jun 24, 2025 at 11:50:49AM +0200, Christian Brauner wrote:
> >> On Thu, May 15, 2025 at 06:23:14PM +0000, Pasha Tatashin wrote:
> >> > Introduce the user-space interface for the Live Update Orchestrator
> >> > via ioctl commands, enabling external control over the live update
> >> > process and management of preserved resources.
> >> >
> >> > Create a misc character device at /dev/liveupdate. Access
> >> > to this device requires the CAP_SYS_ADMIN capability.
> >> >
> >> > A new UAPI header, <uapi/linux/liveupdate.h>, defines the necessary
> >> > structures. The magic number is registered in
> >> > Documentation/userspace-api/ioctl/ioctl-number.rst.
> >> >
> >> > Signed-off-by: Pasha Tatashin <pasha.tatashin@...een.com>
> >> > ---
> >> > .../userspace-api/ioctl/ioctl-number.rst | 1 +
> >> > drivers/misc/liveupdate/Makefile | 1 +
> >> > drivers/misc/liveupdate/luo_ioctl.c | 199 ++++++++++++
> >> > include/linux/liveupdate.h | 34 +-
> >> > include/uapi/linux/liveupdate.h | 300 ++++++++++++++++++
> >> > 5 files changed, 502 insertions(+), 33 deletions(-)
> >> > create mode 100644 drivers/misc/liveupdate/luo_ioctl.c
> >> > create mode 100644 include/uapi/linux/liveupdate.h
> >
> > ...
> >
> >> > +static const struct file_operations fops = {
> >> > + .owner = THIS_MODULE,
> >> > + .open = luo_open,
> >> > + .unlocked_ioctl = luo_ioctl,
> >> > +};
> >> > +
> >> > +static struct miscdevice liveupdate_miscdev = {
> >> > + .minor = MISC_DYNAMIC_MINOR,
> >> > + .name = "liveupdate",
> >> > + .fops = &fops,
> >> > +};
> >>
> >> I'm not sure why people are so in love with character device based apis.
> >> It's terrible. It glues everything to devtmpfs which isn't namespacable
> >> in any way. It's terrible to delegate and extremely restrictive in terms
> >> of extensiblity if you need additional device entries (aka the loop
> >> driver folly).
> >>
> >> One stupid question: I probably have asked this before and just swapped
> >> out that I a) asked this already and b) received an explanation. But why
> >> isn't this a singleton simple in-memory filesystem with a flat
> >> hierarchy?
> >>
> >> mount -t kexecfs kexecfs /kexecfs
> >>
> >> So userspace mounts kexecfs (or the kernel does it automagically) and
> >> then to add fds into that thing you do the following:
> >>
> >> linkat(fd_my_anon_inode_memfd, "", -EBADF, "kexecfs/my_serialized_memfd", AT_EMPTY_PATH)
> >
> > Having an ability to link a file descriptor to kexecfs would have been
> > nice. We could even create a dependency hierarchy there, e.g.
> >
> > mkdir -p kexecfs/vm1/kvm/{iommu,memfd}
> >
> > linkat(kvmfd, "", -EBADF, "kexecfs/vm1/kvm/kvmfd", AT_EMPTY_PATH)
> > linkat(iommufd, "", -EBADF, "kexecfs/vm1/kvm/iommu/iommufd", AT_EMPTY_PATH)
> > linkat(memfd, "", -EBADF, "kexecfs/vm1/kvm/memfd/memfd", AT_EMPTY_PATH)
> >
> > But unfortunately this won't work because VFS checks that new and old paths
> > are on the same mount. And even if cross-mount links were allowed, VFS does
> > not pass the file objects to link* APIs, so preserving a file backed by
> > anon_inode is another issue.
>
> Yep, I was poking around the VFS code last week and saw the same
> problem.
>
> >
> >> which will serialize the fd_my_anon_inode_memfd. You can also do this
> >> with ioctls on the kexecfs filesystem of course.
> >
> > ioctls seem to be the only option, but I agree they don't have to be bound
> > to a miscdev.
>
> I suppose you can have a special file, say "preserve_fd", where you can
> write() the FD number.
>
> This is in some ways similar to how you would write it to the ioctl()
> via the arg buffer/struct. And I suppose you can have other special
> files to do the things that other ioctls would do.
>
> That is one way to do it, although I dunno if it classifies as a
> "proper" use of the VFS APIs...
IIUC Christian's point was mostly not about using VFS APIs (i.e.
read/write) but about using a special pseudo fs rather than devtmpfs to
drive ioctls.
So instead of
fd = open("/dev/liveupdate", ...);
ioctl(fd, ...);
we'd use
fd = open("/sys/fs/kexec/control", ...);
ioctl(fd, ...);
> --
> Regards,
> Pratyush Yadav
--
Sincerely yours,
Mike.
Powered by blists - more mailing lists