| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CA+CK2bCN7x=eMwfTXF-2+vR=Gn3=41z6Xxx6wM1m7i-rxzug9w@mail.gmail.com> Date: Sun, 23 Nov 2025 07:15:44 -0500 From: Pasha Tatashin <pasha.tatashin@...een.com> To: Mike Rapoport <rppt@...nel.org> Cc: pratyush@...nel.org, jasonmiu@...gle.com, graf@...zon.com, dmatlack@...gle.com, rientjes@...gle.com, corbet@....net, rdunlap@...radead.org, ilpo.jarvinen@...ux.intel.com, kanie@...ux.alibaba.com, ojeda@...nel.org, aliceryhl@...gle.com, masahiroy@...nel.org, akpm@...ux-foundation.org, tj@...nel.org, yoann.congal@...le.fr, mmaurer@...gle.com, roman.gushchin@...ux.dev, chenridong@...wei.com, axboe@...nel.dk, mark.rutland@....com, jannh@...gle.com, vincent.guittot@...aro.org, hannes@...xchg.org, dan.j.williams@...el.com, david@...hat.com, joel.granados@...nel.org, rostedt@...dmis.org, anna.schumaker@...cle.com, song@...nel.org, linux@...ssschuh.net, linux-kernel@...r.kernel.org, linux-doc@...r.kernel.org, linux-mm@...ck.org, gregkh@...uxfoundation.org, tglx@...utronix.de, mingo@...hat.com, bp@...en8.de, dave.hansen@...ux.intel.com, x86@...nel.org, hpa@...or.com, rafael@...nel.org, dakr@...nel.org, bartosz.golaszewski@...aro.org, cw00.choi@...sung.com, myungjoo.ham@...sung.com, yesanishhere@...il.com, Jonathan.Cameron@...wei.com, quic_zijuhu@...cinc.com, aleksander.lobakin@...el.com, ira.weiny@...el.com, andriy.shevchenko@...ux.intel.com, leon@...nel.org, lukas@...ner.de, bhelgaas@...gle.com, wagi@...nel.org, djeffery@...hat.com, stuart.w.hayes@...il.com, ptyadav@...zon.de, lennart@...ttering.net, brauner@...nel.org, linux-api@...r.kernel.org, linux-fsdevel@...r.kernel.org, saeedm@...dia.com, ajayachandra@...dia.com, jgg@...dia.com, parav@...dia.com, leonro@...dia.com, witu@...dia.com, hughd@...gle.com, skhawaja@...gle.com, chrisl@...nel.org Subject: Re: [PATCH v7 01/22] liveupdate: luo_core: Live Update Orchestrator On Sun, Nov 23, 2025 at 6:12 AM Mike Rapoport <rppt@...nel.org> wrote: > > On Sat, Nov 22, 2025 at 05:23:28PM -0500, Pasha Tatashin wrote: > > Introduce LUO, a mechanism intended to facilitate kernel updates while > > keeping designated devices operational across the transition (e.g., via > > kexec). The primary use case is updating hypervisors with minimal > > disruption to running virtual machines. For userspace side of hypervisor > > update we have copyless migration. LUO is for updating the kernel. > > > > This initial patch lays the groundwork for the LUO subsystem. > > > > Further functionality, including the implementation of state transition > > logic, integration with KHO, and hooks for subsystems and file > > descriptors, will be added in subsequent patches. > > > > Create a character device at /dev/liveupdate. > > > > A new uAPI header, <uapi/linux/liveupdate.h>, will define the necessary > > structures. The magic number for IOCTL is registered in > > Documentation/userspace-api/ioctl/ioctl-number.rst. > > > > Signed-off-by: Pasha Tatashin <pasha.tatashin@...een.com> > > Reviewed-by: Pratyush Yadav <pratyush@...nel.org> > > Reviewed-by: Mike Rapoport (Microsoft) <rppt@...nel.org> Thank you > > with a few nits below > > > --- > > > diff --git a/kernel/liveupdate/Kconfig b/kernel/liveupdate/Kconfig > > index a973a54447de..90857dccb359 100644 > > --- a/kernel/liveupdate/Kconfig > > +++ b/kernel/liveupdate/Kconfig > > @@ -1,4 +1,10 @@ > > # SPDX-License-Identifier: GPL-2.0-only > > +# > > +# Copyright (c) 2025, Google LLC. > > +# Pasha Tatashin <pasha.tatashin@...een.com> > > +# > > +# Live Update Orchestrator > > +# > > If you are adding copyrights it should have Amazon and Microsoft as well. > I believe those from kexec_handover.c would work. > > @Alex? Sure, or I can remove all of them from Kconfig, whatever you prefer :-) > > > menu "Live Update and Kexec HandOver" > > depends on !DEFERRED_STRUCT_PAGE_INIT > > @@ -51,4 +57,25 @@ config KEXEC_HANDOVER_ENABLE_DEFAULT > > The default behavior can still be overridden at boot time by > > passing 'kho=off'. > > > > +config LIVEUPDATE > > + bool "Live Update Orchestrator" > > + depends on KEXEC_HANDOVER > > + help > > + Enable the Live Update Orchestrator. Live Update is a mechanism, > > + typically based on kexec, that allows the kernel to be updated > > + while keeping selected devices operational across the transition. > > + These devices are intended to be reclaimed by the new kernel and > > + re-attached to their original workload without requiring a device > > + reset. > > + > > + Ability to handover a device from current to the next kernel depends > > + on specific support within device drivers and related kernel > > + subsystems. > > Sorry, somehow this slipped during v6 review. > These days LUO is less about devices and more about file descriptors :) Device preservation through file descriptors: memfd, iommufd, vfiofd are all dependencies for preserving devices. That Kconfig description is correct and essential because the core complexity of the LUO is the preservation of device state and I/O across a kernel transition, which is a harder problem than just preserving memory or files, for that we could have used a file system instead of inventing something new with logic of can_preserve() etc. Device preservation requires exactly what is stated in the description for this config: "Ability to handover a device from current to the next kernel depends on specific support within device drivers and related kernel subsystems." The only subsystem that is getting upstreamed with this series is MEMFD, it is a hard pre-requirement for iommufd preservation; the other subsystems: VFIO, PCI, IOMMU are WIP. > > + > > + This feature primarily targets virtual machine hosts to quickly update > > + the kernel hypervisor with minimal disruption to the running virtual > > + machines. > > + > > + If unsure, say N. > > + > > endmenu > > -- > Sincerely yours, > Mike.
Powered by blists - more mailing lists