| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <a27f9f8f-dc03-441b-8aa7-7daeff6c82ae@linux.dev>
Date: Wed, 8 Oct 2025 18:07:00 -0700
From: "yanjun.zhu" <yanjun.zhu@...ux.dev>
To: Pasha Tatashin <pasha.tatashin@...een.com>, pratyush@...nel.org,
jasonmiu@...gle.com, graf@...zon.com, changyuanl@...gle.com,
rppt@...nel.org, dmatlack@...gle.com, rientjes@...gle.com, corbet@....net,
rdunlap@...radead.org, ilpo.jarvinen@...ux.intel.com,
kanie@...ux.alibaba.com, ojeda@...nel.org, aliceryhl@...gle.com,
masahiroy@...nel.org, akpm@...ux-foundation.org, tj@...nel.org,
yoann.congal@...le.fr, mmaurer@...gle.com, roman.gushchin@...ux.dev,
chenridong@...wei.com, axboe@...nel.dk, mark.rutland@....com,
jannh@...gle.com, vincent.guittot@...aro.org, hannes@...xchg.org,
dan.j.williams@...el.com, david@...hat.com, joel.granados@...nel.org,
rostedt@...dmis.org, anna.schumaker@...cle.com, song@...nel.org,
zhangguopeng@...inos.cn, linux@...ssschuh.net, linux-kernel@...r.kernel.org,
linux-doc@...r.kernel.org, linux-mm@...ck.org, gregkh@...uxfoundation.org,
tglx@...utronix.de, mingo@...hat.com, bp@...en8.de,
dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com,
rafael@...nel.org, dakr@...nel.org, bartosz.golaszewski@...aro.org,
cw00.choi@...sung.com, myungjoo.ham@...sung.com, yesanishhere@...il.com,
Jonathan.Cameron@...wei.com, quic_zijuhu@...cinc.com,
aleksander.lobakin@...el.com, ira.weiny@...el.com,
andriy.shevchenko@...ux.intel.com, leon@...nel.org, lukas@...ner.de,
bhelgaas@...gle.com, wagi@...nel.org, djeffery@...hat.com,
stuart.w.hayes@...il.com, ptyadav@...zon.de, lennart@...ttering.net,
brauner@...nel.org, linux-api@...r.kernel.org,
linux-fsdevel@...r.kernel.org, saeedm@...dia.com, ajayachandra@...dia.com,
jgg@...dia.com, parav@...dia.com, leonro@...dia.com, witu@...dia.com
Subject: Re: [PATCH v3 19/30] liveupdate: luo_sysfs: add sysfs state
monitoring
On 8/6/25 6:44 PM, Pasha Tatashin wrote:
> Introduce a sysfs interface for the Live Update Orchestrator
> under /sys/kernel/liveupdate/. This interface provides a way for
> userspace tools and scripts to monitor the current state of the LUO
> state machine.
>
> The main feature is a read-only file, state, which displays the
> current LUO state as a string ("normal", "prepared", "frozen",
> "updated"). The interface uses sysfs_notify to allow userspace
> listeners (e.g., via poll) to be efficiently notified of state changes.
>
> ABI documentation for this new sysfs interface is added in
> Documentation/ABI/testing/sysfs-kernel-liveupdate.
>
> This read-only sysfs interface complements the main ioctl interface
> provided by /dev/liveupdate, which handles LUO control operations and
> resource management.
>
> Signed-off-by: Pasha Tatashin <pasha.tatashin@...een.com>
> ---
> .../ABI/testing/sysfs-kernel-liveupdate | 51 ++++++++++
> kernel/liveupdate/Kconfig | 18 ++++
> kernel/liveupdate/Makefile | 1 +
> kernel/liveupdate/luo_core.c | 1 +
> kernel/liveupdate/luo_internal.h | 6 ++
> kernel/liveupdate/luo_sysfs.c | 92 +++++++++++++++++++
> 6 files changed, 169 insertions(+)
> create mode 100644 Documentation/ABI/testing/sysfs-kernel-liveupdate
> create mode 100644 kernel/liveupdate/luo_sysfs.c
>
> diff --git a/Documentation/ABI/testing/sysfs-kernel-liveupdate b/Documentation/ABI/testing/sysfs-kernel-liveupdate
> new file mode 100644
> index 000000000000..bb85cbae4943
> --- /dev/null
> +++ b/Documentation/ABI/testing/sysfs-kernel-liveupdate
> @@ -0,0 +1,51 @@
> +What: /sys/kernel/liveupdate/
> +Date: May 2025
> +KernelVersion: 6.16.0
> +Contact: pasha.tatashin@...een.com
> +Description: Directory containing interfaces to query the live
> + update orchestrator. Live update is the ability to reboot the
> + host kernel (e.g., via kexec, without a full power cycle) while
> + keeping specifically designated devices operational ("alive")
> + across the transition. After the new kernel boots, these devices
> + can be re-attached to their original workloads (e.g., virtual
> + machines) with their state preserved. This is particularly
> + useful, for example, for quick hypervisor updates without
> + terminating running virtual machines.
> +
> +
> +What: /sys/kernel/liveupdate/state
> +Date: May 2025
> +KernelVersion: 6.16.0
> +Contact: pasha.tatashin@...een.com
> +Description: Read-only file that displays the current state of the live
> + update orchestrator as a string. Possible values are:
> +
> + "normal" No live update operation is in progress. This is
> + the default operational state.
> +
> + "prepared" The live update preparation phase has completed
> + successfully (e.g., triggered via the
> + /dev/liveupdate event). Kernel subsystems have
> + been notified via the %LIVEUPDATE_PREPARE
> + event/callback and should have initiated state
> + saving. User workloads (e.g., VMs) are generally
> + still running, but some operations (like device
> + unbinding or new DMA mappings) might be
> + restricted. The system is ready for the reboot
> + trigger.
> +
> + "frozen" The final reboot notification has been sent
> + (e.g., triggered via the 'reboot()' syscall),
> + corresponding to the %LIVEUPDATE_REBOOT kernel
> + event. Subsystems have had their final chance to
> + save state. User workloads must be suspended.
> + The system is about to execute the reboot into
> + the new kernel (imminent kexec). This state
> + corresponds to the "blackout window".
> +
> + "updated" The system has successfully rebooted into the
> + new kernel via live update. Restoration of
> + preserved resources can now occur (typically via
> + ioctl commands). The system is awaiting the
> + final 'finish' signal after user space completes
> + restoration tasks.
> diff --git a/kernel/liveupdate/Kconfig b/kernel/liveupdate/Kconfig
> index f6b0bde188d9..75a17ca8a592 100644
> --- a/kernel/liveupdate/Kconfig
> +++ b/kernel/liveupdate/Kconfig
> @@ -29,6 +29,24 @@ config LIVEUPDATE
>
> If unsure, say N.
>
> +config LIVEUPDATE_SYSFS_API
> + bool "Live Update sysfs monitoring interface"
> + depends on SYSFS
> + depends on LIVEUPDATE
> + help
> + Enable a sysfs interface for the Live Update Orchestrator
> + at /sys/kernel/liveupdate/.
> +
> + This allows monitoring the LUO state ('normal', 'prepared',
> + 'frozen', 'updated') via the read-only 'state' file.
> +
> + This interface complements the primary /dev/liveupdate ioctl
> + interface, which handles the full update process.
> + This sysfs API may be useful for scripting, or userspace monitoring
> + needed to coordinate application restarts and minimize downtime.
> +
> + If unsure, say N.
> +
> config KEXEC_HANDOVER
> bool "kexec handover"
> depends on ARCH_SUPPORTS_KEXEC_HANDOVER && ARCH_SUPPORTS_KEXEC_FILE
> diff --git a/kernel/liveupdate/Makefile b/kernel/liveupdate/Makefile
> index c67fa2797796..47f5d0378a75 100644
> --- a/kernel/liveupdate/Makefile
> +++ b/kernel/liveupdate/Makefile
> @@ -13,3 +13,4 @@ obj-$(CONFIG_KEXEC_HANDOVER) += kexec_handover.o
> obj-$(CONFIG_KEXEC_HANDOVER_DEBUG) += kexec_handover_debug.o
>
> obj-$(CONFIG_LIVEUPDATE) += luo.o
> +obj-$(CONFIG_LIVEUPDATE_SYSFS_API) += luo_sysfs.o
> diff --git a/kernel/liveupdate/luo_core.c b/kernel/liveupdate/luo_core.c
> index 64d53b31d6d8..bd07ee859112 100644
> --- a/kernel/liveupdate/luo_core.c
> +++ b/kernel/liveupdate/luo_core.c
> @@ -100,6 +100,7 @@ static inline bool is_current_luo_state(enum liveupdate_state expected_state)
> static void __luo_set_state(enum liveupdate_state state)
> {
> WRITE_ONCE(luo_state, state);
> + luo_sysfs_notify();
> }
>
> static inline void luo_set_state(enum liveupdate_state state)
> diff --git a/kernel/liveupdate/luo_internal.h b/kernel/liveupdate/luo_internal.h
> index 01bd0d3b023b..9091ed04c606 100644
> --- a/kernel/liveupdate/luo_internal.h
> +++ b/kernel/liveupdate/luo_internal.h
> @@ -47,4 +47,10 @@ int luo_file_freeze(u64 token);
> int luo_file_cancel(u64 token);
> int luo_file_finish(u64 token);
>
> +#ifdef CONFIG_LIVEUPDATE_SYSFS_API
> +void luo_sysfs_notify(void);
> +#else
> +static inline void luo_sysfs_notify(void) {}
> +#endif
> +
> #endif /* _LINUX_LUO_INTERNAL_H */
> diff --git a/kernel/liveupdate/luo_sysfs.c b/kernel/liveupdate/luo_sysfs.c
> new file mode 100644
> index 000000000000..935946bb741b
> --- /dev/null
> +++ b/kernel/liveupdate/luo_sysfs.c
> @@ -0,0 +1,92 @@
> +// SPDX-License-Identifier: GPL-2.0
> +
> +/*
> + * Copyright (c) 2025, Google LLC.
> + * Pasha Tatashin <pasha.tatashin@...een.com>
> + */
> +
> +/**
> + * DOC: LUO sysfs interface
> + *
> + * Provides a sysfs interface at ``/sys/kernel/liveupdate/`` for monitoring LUO
> + * state. Live update allows rebooting the kernel (via kexec) while preserving
> + * designated device state for attached workloads (e.g., VMs), useful for
> + * minimizing downtime during hypervisor updates.
> + *
> + * /sys/kernel/liveupdate/state
> + * ----------------------------
> + * - Permissions: Read-only
> + * - Description: Displays the current LUO state string.
> + * - Valid States:
> + * @normal
> + * Idle state.
> + * @prepared
> + * Preparation phase complete (triggered via '/dev/liveupdate'). Resources
> + * checked, state saving initiated via %LIVEUPDATE_PREPARE event.
> + * Workloads mostly running but may be restricted. Ready forreboot
> + * trigger.
> + * @frozen
> + * Final reboot notification sent (triggered via 'reboot'). Corresponds to
> + * %LIVEUPDATE_REBOOT event. Final state saving. Workloads must be
> + * suspended. System about to kexec ("blackout window").
> + * @updated
> + * New kernel booted via live update. Awaiting 'finish' signal.
> + *
> + * Userspace Interaction & Blackout Window Reduction
> + * -------------------------------------------------
> + * Userspace monitors the ``state`` file to coordinate actions:
> + * - Suspend workloads before @frozen state is entered.
> + * - Initiate resource restoration upon entering @updated state.
> + * - Resume workloads after restoration, minimizing downtime.
> + */
> +
> +#include <linux/kobject.h>
> +#include <linux/liveupdate.h>
> +#include <linux/sysfs.h>
> +#include "luo_internal.h"
> +
> +static bool luo_sysfs_initialized;
> +
> +#define LUO_DIR_NAME "liveupdate"
> +
> +void luo_sysfs_notify(void)
> +{
> + if (luo_sysfs_initialized)
> + sysfs_notify(kernel_kobj, LUO_DIR_NAME, "state");
> +}
> +
> +/* Show the current live update state */
> +static ssize_t state_show(struct kobject *kobj, struct kobj_attribute *attr,
> + char *buf)
> +{
> + return sysfs_emit(buf, "%s\n", luo_current_state_str());
Because the window of kernel live update is short, it is difficult to
statistics how many times the kernel is live updated.
Is it possible to add a variable to statistics the times that the kernel
is live updated?
For example, define a global variable of type atomic_t or u64 in the
core module:
#include <linux/atomic.h>
static atomic_t klu_counter = ATOMIC_INIT(0);
Every time a live update completes successfully, increment the counter:
atomic_inc(&klu_counter);
Then exporting this value through /proc or /sys so that user space can
check it:
static ssize_t klu_counter_show(struct kobject *kobj, struct
kobj_attribute *attr, char *buf)
{
return sprintf(buf, "%d\n", atomic_read(&klu_counter));
}
Yanjun.Zhu
> +}
> +
> +static struct kobj_attribute state_attribute = __ATTR_RO(state);
> +
> +static struct attribute *luo_attrs[] = {
> + &state_attribute.attr,
> + NULL
> +};
> +
> +static struct attribute_group luo_attr_group = {
> + .attrs = luo_attrs,
> + .name = LUO_DIR_NAME,
> +};
> +
> +static int __init luo_init(void)
> +{
> + int ret;
> +
> + ret = sysfs_create_group(kernel_kobj, &luo_attr_group);
> + if (ret) {
> + pr_err("Failed to create group\n");
> + return ret;
> + }
> +
> + luo_sysfs_initialized = true;
> + pr_info("Initialized\n");
> +
> + return 0;
> +}
> +subsys_initcall(luo_init);
Powered by blists - more mailing lists