Re: [RFC v2 10/16] luo: luo_ioctl: add ioctl interface

[Pratyush Yadav <pratyush@kernel.org>]

On Sun, Jul 06 2025, Mike Rapoport wrote:

> On Tue, Jun 24, 2025 at 11:50:49AM +0200, Christian Brauner wrote:
>> On Thu, May 15, 2025 at 06:23:14PM +0000, Pasha Tatashin wrote:
>> > Introduce the user-space interface for the Live Update Orchestrator
>> > via ioctl commands, enabling external control over the live update
>> > process and management of preserved resources.
>> > 
>> > Create a misc character device at /dev/liveupdate. Access
>> > to this device requires the CAP_SYS_ADMIN capability.
>> > 
>> > A new UAPI header, <uapi/linux/liveupdate.h>, defines the necessary
>> > structures. The magic number is registered in
>> > Documentation/userspace-api/ioctl/ioctl-number.rst.
>> > 
>> > Signed-off-by: Pasha Tatashin <pasha.tatashin@soleen.com>
>> > ---
>> >  .../userspace-api/ioctl/ioctl-number.rst      |   1 +
>> >  drivers/misc/liveupdate/Makefile              |   1 +
>> >  drivers/misc/liveupdate/luo_ioctl.c           | 199 ++++++++++++
>> >  include/linux/liveupdate.h                    |  34 +-
>> >  include/uapi/linux/liveupdate.h               | 300 ++++++++++++++++++
>> >  5 files changed, 502 insertions(+), 33 deletions(-)
>> >  create mode 100644 drivers/misc/liveupdate/luo_ioctl.c
>> >  create mode 100644 include/uapi/linux/liveupdate.h
>
> ...
>
>> > +static const struct file_operations fops = {
>> > +	.owner          = THIS_MODULE,
>> > +	.open           = luo_open,
>> > +	.unlocked_ioctl = luo_ioctl,
>> > +};
>> > +
>> > +static struct miscdevice liveupdate_miscdev = {
>> > +	.minor = MISC_DYNAMIC_MINOR,
>> > +	.name  = "liveupdate",
>> > +	.fops  = &fops,
>> > +};
>> 
>> I'm not sure why people are so in love with character device based apis.
>> It's terrible. It glues everything to devtmpfs which isn't namespacable
>> in any way. It's terrible to delegate and extremely restrictive in terms
>> of extensiblity if you need additional device entries (aka the loop
>> driver folly).
>> 
>> One stupid question: I probably have asked this before and just swapped
>> out that I a) asked this already and b) received an explanation. But why
>> isn't this a singleton simple in-memory filesystem with a flat
>> hierarchy?
>> 
>> mount -t kexecfs kexecfs /kexecfs
>> 
>> So userspace mounts kexecfs (or the kernel does it automagically) and
>> then to add fds into that thing you do the following:
>> 
>> linkat(fd_my_anon_inode_memfd, "", -EBADF, "kexecfs/my_serialized_memfd", AT_EMPTY_PATH)
>
> Having an ability to link a file descriptor to kexecfs would have been
> nice. We could even create a dependency hierarchy there, e.g.
>
> mkdir -p kexecfs/vm1/kvm/{iommu,memfd}
>
> linkat(kvmfd, "", -EBADF, "kexecfs/vm1/kvm/kvmfd", AT_EMPTY_PATH)
> linkat(iommufd, "", -EBADF, "kexecfs/vm1/kvm/iommu/iommufd", AT_EMPTY_PATH)
> linkat(memfd, "", -EBADF, "kexecfs/vm1/kvm/memfd/memfd", AT_EMPTY_PATH)
>
> But unfortunately this won't work because VFS checks that new and old paths
> are on the same mount. And even if cross-mount links were allowed, VFS does
> not pass the file objects to link* APIs, so preserving a file backed by
> anon_inode is another issue.

Yep, I was poking around the VFS code last week and saw the same
problem.

>
>> which will serialize the fd_my_anon_inode_memfd. You can also do this
>> with ioctls on the kexecfs filesystem of course.
>
> ioctls seem to be the only option, but I agree they don't have to be bound
> to a miscdev.

I suppose you can have a special file, say "preserve_fd", where you can
write() the FD number.

This is in some ways similar to how you would write it to the ioctl()
via the arg buffer/struct. And I suppose you can have other special
files to do the things that other ioctls would do.

That is one way to do it, although I dunno if it classifies as a
"proper" use of the VFS APIs...

-- 
Regards,
Pratyush Yadav