Engineers from Google have published a discussion on the implementation of live kernel updates in Linux core sets using the Live Update Orchestrator (Luo) subsystems. This new system, unlike Livepatch, KSPLICE, KPATCH, and KGRAFT, allows for a full reboot and update of the Linux core without stopping the operation of individual devices. The project is based on a set of patches called khao (kexec handover) to the Kexec mechanism, allowing for the loading of a new kernel while the current one is running without physical reboot.
The main use case for Luo is in cloud environments, where updating the KVM hypervisor can be done without disrupting the operation of virtual machines. This means that virtual machines can be suspended during the kernel reload, while all devices attached to them remain operational.
Luo ensures that devices’ state is maintained before and after switching to a new kernel to keep the system and applications running smoothly. Operations involving DMA and interruption processing are also managed seamlessly during the kernel reboot process.
To facilitate coordination and switching to the new kernel, Luo provides an API for subsystems like KVM, Immu hypervisor, interruptions, and drivers to integrate handlers for tracking and participating in the live update process. Memory state transfer from the old kernel to the new one is facilitated by KHO (Kexec Handover), with management handled through SYSFS “/SYS/KERNEL/LiveUpdate/{stat, prepare, finish}”.