Being worked on for a while now by engineers from Amazon, Microsoft, and Google has been Kexec HandOver “KHO” as a means of allowing some kernel state to be retained when Kexec’ing into a new kernel such as for maintenance/security updates. The KHO patches in recent days were queued up into Andrew Morton’s “MM” staging area leading to hope that this work is ready for mainlining with the Linux 6.16 kernel cycle this summer.
KHO allows for Linux to preserve memory regions that could contain serialized system state and other data across Kexec when switching to a new kernel. Kexec HandOver is elaborated on within the v6 patch series cover letter as:
“Kexec today considers itself purely a boot loader: When we enter the new kernel, any state the previous kernel left behind is irrelevant and the new kernel reinitializes the system.
However, there are use cases where this mode of operation is not what we actually want. In virtualization hosts for example, we want to use kexec to update the host kernel while virtual machine memory stays untouched. When we add device assignment to the mix, we also need to ensure that IOMMU and VFIO states are untouched. If we add PCIe peer to peer DMA, we need to do the same for the PCI subsystem. If we want to kexec while an SEV-SNP enabled virtual machine is running, we need to preserve the VM context pages and physical memory.
…
To start us on the journey to support all the use cases above, this patch implements basic infrastructure to allow hand over of kernel state across kexec (Kexec HandOver, aka KHO). As a really simple example target, we use memblock’s reserve_mem. With this patch set applied, memory that was reserved using “reserve_mem” command line options remains intact after kexec and it is guaranteed to reside at the same physical address.”
More details on KHO and usage via the documentation patch.
With the KHO patches now part of Andrew Morton’s MM code, we’ll see if it’s submitted for the upcoming Linux 6.16 merge window in late May or early June if no last minute issues arise.
Google for their part is already building atop KHO for their new Live Update Orchestrator “LUO” feature for live kernel updates.
