From: Andrew Morton <akpm@linux-foundation.org>
To: Oskar Gerlicz Kowalczuk <oskar@gerlicz.space>
Cc: Pasha Tatashin <pasha.tatashin@soleen.com>,
Mike Rapoport <rppt@kernel.org>, Baoquan He <bhe@redhat.com>,
Pratyush Yadav <pratyush@kernel.org>,
linux-kernel@vger.kernel.org, kexec@lists.infradead.org,
linux-mm@kvack.org
Subject: Re: [PATCH 1/5] liveupdate: block outgoing session updates during reboot
Date: Fri, 20 Mar 2026 18:23:52 -0700 [thread overview]
Message-ID: <20260320182352.ca6c88e409ff12d0368b03ae@linux-foundation.org> (raw)
In-Reply-To: <20260320163720.100456-1-oskar@gerlicz.space>
On Fri, 20 Mar 2026 17:37:16 +0100 Oskar Gerlicz Kowalczuk <oskar@gerlicz.space> wrote:
> When kernel_kexec() starts a live update handover, LUO serializes
> outgoing sessions before the reboot path freezes tasks or shuts
> devices down. That leaves a window where close() and
> LIVEUPDATE_SESSION_PRESERVE_FD can still mutate an existing outgoing
> session after luo_session_serialize() has already captured it.
>
> The race is dangerous because the next kernel may inherit stale file
> metadata or references to memory that userspace has already
> unpreserved. That breaks handover consistency and can later trigger
> restore failures on already torn down state.
>
> Mark the outgoing session set as rebooting while serialization is in
> progress, reject new mutations with -EBUSY, and make release wait
> until rebooting finishes before unpreserving files. Reset the flag and
> wake waiters when serialization rolls back, and use READ_ONCE() and
> WRITE_ONCE() so the state is visible across CPUs.
Sashiko AI review has quite a few questions:
https://sashiko.dev/#/patchset/20260320163720.100456-1-oskar@gerlicz.space
next prev parent reply other threads:[~2026-03-21 1:23 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2026-03-20 16:37 [PATCH 1/5] liveupdate: block outgoing session updates during reboot Oskar Gerlicz Kowalczuk
2026-03-20 16:37 ` [PATCH 2/5] kexec: abort liveupdate handover on kernel_kexec() unwind Oskar Gerlicz Kowalczuk
2026-03-20 16:37 ` [PATCH 3/5] liveupdate: fail session restore on file deserialization errors Oskar Gerlicz Kowalczuk
2026-03-20 16:37 ` [PATCH 4/5] liveupdate: validate handover metadata before using it Oskar Gerlicz Kowalczuk
2026-03-20 16:37 ` [PATCH 5/5] liveupdate: guard FLB counters against underflow Oskar Gerlicz Kowalczuk
2026-03-21 1:23 ` Andrew Morton [this message]
2026-03-21 10:25 ` [PATCH 1/5] liveupdate: block outgoing session updates during reboot oskar
2026-03-22 7:40 ` kernel test robot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260320182352.ca6c88e409ff12d0368b03ae@linux-foundation.org \
--to=akpm@linux-foundation.org \
--cc=bhe@redhat.com \
--cc=kexec@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=oskar@gerlicz.space \
--cc=pasha.tatashin@soleen.com \
--cc=pratyush@kernel.org \
--cc=rppt@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox