[PATCH v2 06/22] vfio/pci: Retrieve preserved device files after Live Update

Samiullah Khawaja skhawaja at google.com
Mon Feb 23 15:27:35 PST 2026 

On Thu, Jan 29, 2026 at 09:24:53PM +0000, David Matlack wrote:
>From: Vipin Sharma <vipinsh at google.com>
>
>Enable userspace to retrieve preserved VFIO device files from VFIO after
>a Live Update by implementing the retrieve() and finish() file handler
>callbacks.
>
>Use an anonymous inode when creating the file, since the retrieved
>device file is not opened through any particular cdev inode, and the
>cdev inode does not matter in practice.
>
>For now the retrieved file is functionally equivalent a opening the
>corresponding VFIO cdev file. Subsequent commits will leverage the
>preserved state associated with the retrieved file to preserve bits of
>the device across Live Update.
>
>Signed-off-by: Vipin Sharma <vipinsh at google.com>
>Co-developed-by: David Matlack <dmatlack at google.com>
>Signed-off-by: David Matlack <dmatlack at google.com>
>---
> drivers/vfio/device_cdev.c             | 21 ++++++---
> drivers/vfio/pci/vfio_pci_liveupdate.c | 60 +++++++++++++++++++++++++-
> drivers/vfio/vfio_main.c               | 13 ++++++
> include/linux/vfio.h                   | 12 ++++++
> 4 files changed, 98 insertions(+), 8 deletions(-)
>
>diff --git a/drivers/vfio/device_cdev.c b/drivers/vfio/device_cdev.c
>index 8ceca24ac136..935f84a35875 100644
>--- a/drivers/vfio/device_cdev.c
>+++ b/drivers/vfio/device_cdev.c
>@@ -16,14 +16,8 @@ void vfio_init_device_cdev(struct vfio_device *device)
> 	device->cdev.owner = THIS_MODULE;
> }
>
>-/*
>- * device access via the fd opened by this function is blocked until
>- * .open_device() is called successfully during BIND_IOMMUFD.
>- */
>-int vfio_device_fops_cdev_open(struct inode *inode, struct file *filep)
>+int __vfio_device_fops_cdev_open(struct vfio_device *device, struct file *filep)
> {
>-	struct vfio_device *device = container_of(inode->i_cdev,
>-						  struct vfio_device, cdev);
> 	struct vfio_device_file *df;
> 	int ret;
>
>@@ -52,6 +46,19 @@ int vfio_device_fops_cdev_open(struct inode *inode, struct file *filep)
> 	vfio_device_put_registration(device);
> 	return ret;
> }
>+EXPORT_SYMBOL_GPL(__vfio_device_fops_cdev_open);
>+
>+/*
>+ * device access via the fd opened by this function is blocked until
>+ * .open_device() is called successfully during BIND_IOMMUFD.
>+ */
>+int vfio_device_fops_cdev_open(struct inode *inode, struct file *filep)
>+{
>+	struct vfio_device *device = container_of(inode->i_cdev,
>+						  struct vfio_device, cdev);
>+
>+	return __vfio_device_fops_cdev_open(device, filep);
>+}
>
> static void vfio_df_get_kvm_safe(struct vfio_device_file *df)
> {
>diff --git a/drivers/vfio/pci/vfio_pci_liveupdate.c b/drivers/vfio/pci/vfio_pci_liveupdate.c
>index f01de98f1b75..7f4117181fd0 100644
>--- a/drivers/vfio/pci/vfio_pci_liveupdate.c
>+++ b/drivers/vfio/pci/vfio_pci_liveupdate.c
>@@ -8,6 +8,8 @@
>
> #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt
>
>+#include <linux/anon_inodes.h>
>+#include <linux/file.h>
> #include <linux/kexec_handover.h>
> #include <linux/kho/abi/vfio_pci.h>
> #include <linux/liveupdate.h>
>@@ -108,13 +110,68 @@ static int vfio_pci_liveupdate_freeze(struct liveupdate_file_op_args *args)
> 	return ret;
> }
>
>+static int match_device(struct device *dev, const void *arg)
>+{
>+	struct vfio_device *device = container_of(dev, struct vfio_device, device);
>+	const struct vfio_pci_core_device_ser *ser = arg;
>+	struct pci_dev *pdev;
>+
>+	pdev = dev_is_pci(device->dev) ? to_pci_dev(device->dev) : NULL;
>+	if (!pdev)
>+		return false;
>+
>+	return ser->bdf == pci_dev_id(pdev) && ser->domain == pci_domain_nr(pdev->bus);
>+}
>+
> static int vfio_pci_liveupdate_retrieve(struct liveupdate_file_op_args *args)
> {
>-	return -EOPNOTSUPP;
>+	struct vfio_pci_core_device_ser *ser;
>+	struct vfio_device *device;
>+	struct file *file;
>+	int ret;
>+
>+	ser = phys_to_virt(args->serialized_data);
>+
>+	device = vfio_find_device(ser, match_device);
>+	if (!device)
>+		return -ENODEV;
>+
>+	/*
>+	 * Simulate opening the character device using an anonymous inode. The
>+	 * returned file has the same properties as a cdev file (e.g. operations
>+	 * are blocked until BIND_IOMMUFD is called).
>+	 */
>+	file = anon_inode_getfile_fmode("[vfio-device-liveupdate]",
>+					&vfio_device_fops, NULL,
>+					O_RDWR, FMODE_PREAD | FMODE_PWRITE);
>+	if (IS_ERR(file)) {
>+		ret = PTR_ERR(file);
>+		goto out;
>+	}
>+
>+	ret = __vfio_device_fops_cdev_open(device, file);
>+	if (ret) {
>+		fput(file);
>+		goto out;
>+	}
>+
>+	args->file = file;
>+
>+out:
>+	/* Drop the reference from vfio_find_device() */
>+	put_device(&device->device);
>+
>+	return ret;
>+}
>+
>+static bool vfio_pci_liveupdate_can_finish(struct liveupdate_file_op_args *args)
>+{
>+	return args->retrieved;
> }
>
> static void vfio_pci_liveupdate_finish(struct liveupdate_file_op_args *args)
> {
>+	kho_restore_free(phys_to_virt(args->serialized_data));
> }
>
> static const struct liveupdate_file_ops vfio_pci_liveupdate_file_ops = {
>@@ -123,6 +180,7 @@ static const struct liveupdate_file_ops vfio_pci_liveupdate_file_ops = {
> 	.unpreserve = vfio_pci_liveupdate_unpreserve,
> 	.freeze = vfio_pci_liveupdate_freeze,
> 	.retrieve = vfio_pci_liveupdate_retrieve,
>+	.can_finish = vfio_pci_liveupdate_can_finish,
> 	.finish = vfio_pci_liveupdate_finish,
> 	.owner = THIS_MODULE,
> };
>diff --git a/drivers/vfio/vfio_main.c b/drivers/vfio/vfio_main.c
>index 276f615f0c28..89c5feef75d5 100644
>--- a/drivers/vfio/vfio_main.c
>+++ b/drivers/vfio/vfio_main.c
>@@ -13,6 +13,7 @@
> #include <linux/cdev.h>
> #include <linux/compat.h>
> #include <linux/device.h>
>+#include <linux/device/class.h>
> #include <linux/fs.h>
> #include <linux/idr.h>
> #include <linux/iommu.h>
>@@ -1758,6 +1759,18 @@ int vfio_dma_rw(struct vfio_device *device, dma_addr_t iova, void *data,
> }
> EXPORT_SYMBOL(vfio_dma_rw);
>
>+struct vfio_device *vfio_find_device(const void *data, device_match_t match)
>+{
>+	struct device *device;
>+
>+	device = class_find_device(vfio.device_class, NULL, data, match);
>+	if (!device)
>+		return NULL;
>+
>+	return container_of(device, struct vfio_device, device);
>+}
>+EXPORT_SYMBOL_GPL(vfio_find_device);
>+
> /*
>  * Module/class support
>  */
>diff --git a/include/linux/vfio.h b/include/linux/vfio.h
>index 9aa1587fea19..dc592dc00f89 100644
>--- a/include/linux/vfio.h
>+++ b/include/linux/vfio.h
>@@ -419,4 +419,16 @@ int vfio_virqfd_enable(void *opaque, int (*handler)(void *, void *),
> void vfio_virqfd_disable(struct virqfd **pvirqfd);
> void vfio_virqfd_flush_thread(struct virqfd **pvirqfd);
>
>+#if IS_ENABLED(CONFIG_VFIO_DEVICE_CDEV)
>+int __vfio_device_fops_cdev_open(struct vfio_device *device, struct file *filep);
>+#else
>+static inline int __vfio_device_fops_cdev_open(struct vfio_device *device,
>+					       struct file *filep)
>+{
>+	return -EOPNOTSUPP;
>+}
>+#endif /* IS_ENABLED(CONFIG_VFIO_DEVICE_CDEV) */
>+
>+struct vfio_device *vfio_find_device(const void *data, device_match_t match);
>+
> #endif /* VFIO_H */
>-- 
>2.53.0.rc1.225.gd81095ad13-goog
>

Reviewed-by: Samiullah Khawaja <skhawaja at google.com>

More information about the kexec mailing list