[PATCH v3 0/5] liveupdate: serialization safety and race fixes

Sun May 17 12:01:27 PDT 2026

On 05-17 20:43, Mike Rapoport wrote:
> On Fri, May 15, 2026 at 12:37:17AM +0000, Pasha Tatashin wrote:
> > This series addresses several issues related to the synchronization
> > between the reboot process and LUO session management.
> > 
> > Changes in v3:
> > - Refined the session mutation blocking to use a dedicated global
> >   rwsem (luo_session_serialize_rwsem) instead of pinning individual
> >   mutexes.
> > - Fixed a use-after-free race in luo_file_unpreserve_files() where
> >   a module could be released before its file handler ID was erased.
> > - Fixed a TOCTOU race in luo_session_retrieve() by extending the
> >   lock scope to overlap with session mutex acquisition.
> > - Removed an unused 'ser' field from struct luo_session.
> > - Dropped the KHO skip patch as it was not needed.
> > 
> > 1. Skip LUO serialization for context-preserving kexec: A
> > preserve_context kexec returns to the current kernel, which is unrelated
> > to live update where state is passed to the next kernel. Skipping
> > serialization avoids unnecessary work and prevents sessions from being
> > left in a frozen state upon return.
> > 
> > 2. Block session mutations during reboot: During the reboot() syscall,
> > user processes may still be running concurrently and attempting to
> > mutate sessions. To prevent this, we introduce luo_session_serialize_rwsem.
> > All mutation operations (create, retrieve, release, ioctl) hold the
> > read lock. The serialization process holds the write lock indefinitely
> > on success, effectively freezing the subsystem.
> > 
> > 3. Fix use-after-free in luo_file_unpreserve_files(): Reorder module_put()
> > to ensure the file handler module remains pinned while its operations
> > are being accessed during cleanup.
> > 
> > 4. Fix TOCTOU race in luo_session_retrieve(): Extend the rwsem lock
> > scope to prevent a session from being released between lookup and
> > mutex acquisition.
> > 
> > 5. Remove unused ser field from struct luo_session: Clean up the
> > session structure by removing a field that was never utilized.
> 
> Sashiko is still unhappy:
> https://sashiko.dev/#/patchset/20260515003722.938123-1-pasha.tatashin@soleen.com
> 
> Didn't verify it's actually right, but its complaints seem legit.

Reviewed the complaints, a couple things are legit, I will address 
them and respin.

> Among other things sashiko noted a TOCTOU issue and then found it's fixed
> by a later patch, maybe move the TOCTOU fix earlier in the series?

Sure, will move it earlier, while I think, as long as it is fixed in 
ther series it does not matter where it is :-)

Pasha