(cc'ing linux-api) On Thu, May 15, 2025 at 06:23:04PM +0000, Pasha Tatashin wrote: > This v2 series introduces the LUO, a kernel subsystem designed to > facilitate live kernel updates with minimal downtime, > particularly in cloud delplyoments aiming to update without fully > disrupting running virtual machines. > > This series builds upon KHO framework [1] by adding programmatic > control over KHO's lifecycle and leveraging KHO for persisting LUO's > own metadata across the kexec boundary. The git branch for this series > can be found at: > https://github.com/googleprodkernel/linux-liveupdate/tree/luo/rfc-v2 > > Changelog from v1: > - Control Interface: Shifted from sysfs-based control > (/sys/kernel/liveupdate/{prepare,finish}) to an ioctl interface > (/dev/liveupdate). Sysfs is now primarily for monitoring the state. > - Event/State Renaming: LIVEUPDATE_REBOOT event/phase is now > LIVEUPDATE_FREEZE. > - FD Preservation: A new component for preserving file descriptors. > Subsystem Registration: A formal mechanism for kernel subsystems > to participate. > - Device Layer: removed device list handling from this series, it is > going to be added separately. > - Selftests: Kernel-side selftest hooks and userspace selftests are > now included. > KHO Enhancements: > - KHO debugfs became optional, and kernel APIs for finalize/abort > were added (driven by LUO's needs). > - KHO unpreserve functions were also added. > > What is Live Update? > Live Update is a specialized reboot process where selected kernel > resources (memory, file descriptors, and eventually devices) are kept > operational or their state preserved across a kernel transition (e.g., > via kexec). For certain resources, DMA and interrupt activity might > continue with minimal interruption during the kernel reboot. > > LUO v2 Overview: > LUO v2 provides a framework for coordinating live updates. It features: > State Machine: Manages the live update process through states: > NORMAL, PREPARED, FROZEN, UPDATED. > > KHO Integration: > > LUO programmatically drives KHO's finalization and abort sequences. > KHO's debugfs interface is now optional configured via > CONFIG_KEXEC_HANDOVER_DEBUG. > > LUO preserves its own metadata via KHO's kho_add_subtree and > kho_preserve_phys() mechanisms. > > Subsystem Participation: A callback API liveupdate_register_subsystem() > allows kernel subsystems (e.g., KVM, IOMMU, VFIO, PCI) to register > handlers for LUO events (PREPARE, FREEZE, FINISH, CANCEL) and persist a > u64 payload via the LUO FDT. > > File Descriptor Preservation: Infrastructure > liveupdate_register_filesystem, luo_register_file, luo_retrieve_file to > allow specific types of file descriptors (e.g., memfd, vfio) to be > preserved and restored. > > Handlers for specific file types can be registered to manage their > preservation and restoration, storing a u64 payload in the LUO FDT. > > Example WIP for memfd preservation can be found here [2]. > > User-space Interface: > > ioctl (/dev/liveupdate): The primary control interface for > triggering LUO state transitions (prepare, freeze, finish, cancel) > and managing the preservation/restoration of file descriptors. > Access requires CAP_SYS_ADMIN. > > sysfs (/sys/kernel/liveupdate/state): A read-only interface for > monitoring the current LUO state. This allows userspace services to > track progress and coordinate actions. > > Selftests: Includes kernel-side hooks and userspace selftests to > verify core LUO functionality, particularly subsystem registration and > basic state transitions. > > LUO State Machine and Events: > > NORMAL: Default operational state. > PREPARED: Initial preparation complete after LIVEUPDATE_PREPARE > event. Subsystems have saved initial state. > FROZEN: Final "blackout window" state after LIVEUPDATE_FREEZE > event, just before kexec. Workloads must be suspended. > UPDATED: Next kernel has booted via live update. Awaiting restoration > and LIVEUPDATE_FINISH. > > Events: > LIVEUPDATE_PREPARE: Prepare for reboot, serialize state. > LIVEUPDATE_FREEZE: Final opportunity to save state before kexec. > LIVEUPDATE_FINISH: Post-reboot cleanup in the next kernel. > LIVEUPDATE_CANCEL: Abort prepare or freeze, revert changes. > > [1] https://lore.kernel.org/all/20250509074635.3187114-1-changyuanl@xxxxxxxxxx > https://github.com/googleprodkernel/linux-liveupdate/tree/luo/kho-v8 > [2] https://github.com/googleprodkernel/linux-liveupdate/tree/luo/memfd-v0.1 > > RFC v1: https://lore.kernel.org/all/20250320024011.2995837-1-pasha.tatashin@xxxxxxxxxx > > Changyuan Lyu (1): > kho: add kho_unpreserve_folio/phys > > Pasha Tatashin (15): > kho: make debugfs interface optional > kho: allow to drive kho from within kernel > luo: luo_core: Live Update Orchestrator > luo: luo_core: integrate with KHO > luo: luo_subsystems: add subsystem registration > luo: luo_subsystems: implement subsystem callbacks > luo: luo_files: add infrastructure for FDs > luo: luo_files: implement file systems callbacks > luo: luo_ioctl: add ioctl interface > luo: luo_sysfs: add sysfs state monitoring > reboot: call liveupdate_reboot() before kexec > luo: add selftests for subsystems un/registration > selftests/liveupdate: add subsystem/state tests > docs: add luo documentation > MAINTAINERS: add liveupdate entry > > .../ABI/testing/sysfs-kernel-liveupdate | 51 ++ > Documentation/admin-guide/index.rst | 1 + > Documentation/admin-guide/liveupdate.rst | 62 ++ > .../userspace-api/ioctl/ioctl-number.rst | 1 + > MAINTAINERS | 14 +- > drivers/misc/Kconfig | 1 + > drivers/misc/Makefile | 1 + > drivers/misc/liveupdate/Kconfig | 60 ++ > drivers/misc/liveupdate/Makefile | 7 + > drivers/misc/liveupdate/luo_core.c | 547 +++++++++++++++ > drivers/misc/liveupdate/luo_files.c | 664 ++++++++++++++++++ > drivers/misc/liveupdate/luo_internal.h | 59 ++ > drivers/misc/liveupdate/luo_ioctl.c | 203 ++++++ > drivers/misc/liveupdate/luo_selftests.c | 283 ++++++++ > drivers/misc/liveupdate/luo_selftests.h | 23 + > drivers/misc/liveupdate/luo_subsystems.c | 413 +++++++++++ > drivers/misc/liveupdate/luo_sysfs.c | 92 +++ > include/linux/kexec_handover.h | 27 + > include/linux/liveupdate.h | 214 ++++++ > include/uapi/linux/liveupdate.h | 324 +++++++++ > kernel/Kconfig.kexec | 10 + > kernel/Makefile | 1 + > kernel/kexec_handover.c | 343 +++------ > kernel/kexec_handover_debug.c | 237 +++++++ > kernel/kexec_handover_internal.h | 74 ++ > kernel/reboot.c | 4 + > tools/testing/selftests/Makefile | 1 + > tools/testing/selftests/liveupdate/.gitignore | 1 + > tools/testing/selftests/liveupdate/Makefile | 7 + > tools/testing/selftests/liveupdate/config | 6 + > .../testing/selftests/liveupdate/liveupdate.c | 440 ++++++++++++ > 31 files changed, 3933 insertions(+), 238 deletions(-) > create mode 100644 Documentation/ABI/testing/sysfs-kernel-liveupdate > create mode 100644 Documentation/admin-guide/liveupdate.rst > create mode 100644 drivers/misc/liveupdate/Kconfig > create mode 100644 drivers/misc/liveupdate/Makefile > create mode 100644 drivers/misc/liveupdate/luo_core.c > create mode 100644 drivers/misc/liveupdate/luo_files.c > create mode 100644 drivers/misc/liveupdate/luo_internal.h > create mode 100644 drivers/misc/liveupdate/luo_ioctl.c > create mode 100644 drivers/misc/liveupdate/luo_selftests.c > create mode 100644 drivers/misc/liveupdate/luo_selftests.h > create mode 100644 drivers/misc/liveupdate/luo_subsystems.c > create mode 100644 drivers/misc/liveupdate/luo_sysfs.c > create mode 100644 include/linux/liveupdate.h > create mode 100644 include/uapi/linux/liveupdate.h > create mode 100644 kernel/kexec_handover_debug.c > create mode 100644 kernel/kexec_handover_internal.h > create mode 100644 tools/testing/selftests/liveupdate/.gitignore > create mode 100644 tools/testing/selftests/liveupdate/Makefile > create mode 100644 tools/testing/selftests/liveupdate/config > create mode 100644 tools/testing/selftests/liveupdate/liveupdate.c > > -- > 2.49.0.1101.gccaa498523-goog > -- Sincerely yours, Mike.
