Re: [PATCH v2 1/2] liveupdate: prevent double management of files
From: Pasha Tatashin
Date: Wed Mar 25 2026 - 12:24:36 EST
On Wed, Mar 25, 2026 at 11:32 AM Mike Rapoport <rppt@xxxxxxxxxx> wrote:
>
> On Mon, Mar 23, 2026 at 08:31:44PM +0000, Pasha Tatashin wrote:
> > Currently, LUO does not prevent the same file from being managed twice
> > across different active sessions.
> >
> > Use a global xarray `luo_preserved_files_xa` to keep track of file
>
> Do we really need _xa suffix?
I liked it, because `luo_preserved_files` is a little too plain, and
not self-descriptive. Anyways, I can change it.
Pasha
>
> > pointers being preserved by LUO. Update luo_preserve_file() to check and
> > insert the file pointer into this xarray when it is preserved, and
> > erase it in luo_file_unpreserve_files() when it is released.
> >
> > This ensures that the same file (struct file) cannot be managed by
> > multiple sessions. If another session attempts to preserve an already
> > managed file, it will now fail with -EBUSY.
> >
> > Signed-off-by: Pasha Tatashin <pasha.tatashin@xxxxxxxxxx>
> > ---
> > kernel/liveupdate/luo_file.c | 17 +++++++++++++++--
> > 1 file changed, 15 insertions(+), 2 deletions(-)
> >
> > diff --git a/kernel/liveupdate/luo_file.c b/kernel/liveupdate/luo_file.c
> > index a38ea4975824..5f48c3c8c561 100644
> > --- a/kernel/liveupdate/luo_file.c
> > +++ b/kernel/liveupdate/luo_file.c
> > @@ -110,11 +110,15 @@
> > #include <linux/sizes.h>
> > #include <linux/slab.h>
> > #include <linux/string.h>
> > +#include <linux/xarray.h>
> > #include "luo_internal.h"
> >
> > static DECLARE_RWSEM(luo_file_handler_lock);
> > static LIST_HEAD(luo_file_handler_list);
> >
> > +/* Keep track of files being preserved by LUO */
> > +static DEFINE_XARRAY(luo_preserved_files_xa);
> > +
> > /* 2 4K pages, give space for 128 files per file_set */
> > #define LUO_FILE_PGCNT 2ul
> > #define LUO_FILE_MAX \
> > @@ -249,6 +253,7 @@ static bool luo_token_is_used(struct luo_file_set *file_set, u64 token)
> > * Context: Can be called from an ioctl handler during normal system operation.
> > * Return: 0 on success. Returns a negative errno on failure:
> > * -EEXIST if the token is already used.
> > + * -EBUSY if the file descriptor is already preserved by another session.
> > * -EBADF if the file descriptor is invalid.
> > * -ENOSPC if the file_set is full.
> > * -ENOENT if no compatible handler is found.
> > @@ -277,6 +282,11 @@ int luo_preserve_file(struct luo_file_set *file_set, u64 token, int fd)
> > if (err)
> > goto err_fput;
> >
> > + err = xa_insert(&luo_preserved_files_xa, (unsigned long)file,
> > + file, GFP_KERNEL);
> > + if (err)
> > + goto err_free_files_mem;
> > +
> > err = -ENOENT;
> > scoped_guard(rwsem_read, &luo_file_handler_lock) {
> > list_private_for_each_entry(fh, &luo_file_handler_list, list) {
> > @@ -289,11 +299,11 @@ int luo_preserve_file(struct luo_file_set *file_set, u64 token, int fd)
> >
> > /* err is still -ENOENT if no handler was found */
> > if (err)
> > - goto err_free_files_mem;
> > + goto err_erase_xa;
> >
> > err = luo_flb_file_preserve(fh);
> > if (err)
> > - goto err_free_files_mem;
> > + goto err_erase_xa;
> >
> > luo_file = kzalloc_obj(*luo_file);
> > if (!luo_file) {
> > @@ -323,6 +333,8 @@ int luo_preserve_file(struct luo_file_set *file_set, u64 token, int fd)
> > kfree(luo_file);
> > err_flb_unpreserve:
> > luo_flb_file_unpreserve(fh);
> > +err_erase_xa:
> > + xa_erase(&luo_preserved_files_xa, (unsigned long)file);
> > err_free_files_mem:
> > luo_free_files_mem(file_set);
> > err_fput:
> > @@ -366,6 +378,7 @@ void luo_file_unpreserve_files(struct luo_file_set *file_set)
> > luo_file->fh->ops->unpreserve(&args);
> > luo_flb_file_unpreserve(luo_file->fh);
> >
> > + xa_erase(&luo_preserved_files_xa, (unsigned long)luo_file->file);
> > list_del(&luo_file->list);
> > file_set->count--;
> >
> > --
> > 2.43.0
> >
>
> --
> Sincerely yours,
> Mike.