It works faster and allows to check exit codes.
travis-ci: success for series starting with [1/2] page-server: don't return a server pid from page-server
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
We see the "No space left on device" error on the current version,
so let's try to use a newer version of Alpine, maybe this error
has been fixed there.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Here we check that a master of a bind-mounted slave was opened in the
root mount namespace. The problem is that we restore all mounts in the
root mount namespace. Only when all mounts are restored, we create other
mount namespaces. So when we are restoring mounts, we can open files
only in the root mount namespace.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Currently all mounts are restored in a one mount namespace, then
this namespace is cloned to restore other mount namespaces and
we need another copy of this namespace to clean link remap files.
Let's define terms:
A - the root mount namespace
B - the mount namespace where link remap files are destroyed
Currently we restore all mounts in the B namespace and then
clone it into the A namespace.
But it doesn't work in a case, when we have to open file
descriptores to restore mounts (e g to restore bind-mount
pty slaves), because a file descriptor has to be opened from
a specified mount (which is one of restore mount namespaces).
This patch reworks code so, that all mounts is restored in the A mount
namespace and then the B mount namespace is created. In this case
we can open files from the root mount namespace (A).
$ ./zdtm.py run -t zdtm/static/pty-console --iter 5
====================== Run zdtm/static/pty-console in ns =======================
Start test
Test is SUID
./pty-console --pidfile=pty-console.pid --outfile=pty-console.out
Run criu dump
Run criu restore
Run criu dump
=[log]=> dump/zdtm/static/pty-console/36/2/dump.log
------------------------ grep Error ------------------------
(00.106521) Error (criu/files-reg.c:1132): Can't lookup mount=563 for fd=4 path=/ptmx
(00.106585) Error (criu/cr-dump.c:1325): Dump files (pid: 70) failed with -1
(00.129041) Error (criu/cr-dump.c:1674): Dumping FAILED.
------------------------ ERROR OVER ------------------------
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Now we create pty pairs when file descriptors are restored.
The problem is that a slave tty can be bind-mounted to somewhere
and in this case we have to create this pair and hold a master file
descritore before related file descriptors will not be restored.
In this patch, a unix socket is used to hold file descriptros.
And we use SK_PEEK_OFF and MSG_PEEK to get any of them.
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
When we need to get a file descriptor, we have to set peek offset
and then to peek a message. There are two system calls, so we need
to be sure that nobody changes a socket peek offset after we set it.
Acked-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
We need a storage for file descriptors which is shared between processes
and doesn't use a lot of file descriptors. We are going to use it on
restore and if it will use file descriptors, we will have to find
descriptors which don't used by all restored processes to not confilict
with their descriptors.
There are two solutions. The first one is a service (process) which
handles to command push_fd(id, fd) and pop_fd(id, fd).
Another solution is to save descriptros in a unix socket. It requires
only one extra descriptor which we can register as a service fd. Each
unix socket has a buffer and can fit a number of file descriptros. We
can use SK_PEEK_OFF and MSG_PEEK to get file descriptros from a socket
as many times as we need.
This patch implements the second solution.
v2: call recvmsg with MSG_PEEK
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Now Docker creates a pty pair from a container devpts to use is as console.
A slave tty is set as a control tty for the init process and bind-mounted
into /dev/console. The master tty is handled externelly.
Now CRIU can handle external resources, but here we have internal resources
which are used externaly.
https://github.com/opencontainers/runc/issues/1202
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
In 2.11 we've had several got bronek:
- page-server start via RPC
- Fedora build
- ppc64le restorer switch
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Recent Fedora releases add -Wp,-D_FORTIFY_SOURCE=2 to rpm builds,
which breaks compiling pie code on some architectures due to its
trying to use (absent) memcpy_chk() instead of usual memcpy().
We must stand strong against FORTIFY_SOURCE in pie code.
No pasaran! Viva la resistance!
NOTE: in tests, FORTIFY_SOURCE is disabled for completely different
reasons (see commit d1a36cc9 for details), so we're not touching it.
[v2: resend the correct (latest) version]
Reported-by: Reported-by: Adrian Reber <adrian@lisas.de>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The JUMP_TO_RESTORER_BLOB assembly macro has been rewrote through the
commit '89d6b39cfe36 ppc64: pie -- Add ppc64le relocation's
processing', but the Clobber list hasn't been updated.
This doesn't generate build neither runtime errors since the Clobber
list was larger than needed but GCC 7 is now raising an error when an
assembly macro is clobbering the r2 register.
This patch fix the Clobber list to just modified registers.
Fixes: 89d6b39cfe ("ppc64: pie -- Add ppc64le relocation's processing")
Reported-by: Adrian Reber <adrian@lisas.de>
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Commit 10801f36 (page-server: don't return a server pid from
page-server) broke page-server starting via RPC -- the latter
code checks for return value being <=0 as failure.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
This is a bugfix-mostly release. Interesting new features include
the huge rework of files restoring engine which fixed us bugs we
haven't seen in reality :) but have proven they exist. Als this
rework opens the way for scm-rigts c/r we need for nginx.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
As runc uses the RPC interface to run criu it is necessary to expose
the newly added status-fd feature via RPC. Using the status-fd interface
makes it possible to use lazy migration with runc.
travis-ci: success for RPC: make status-fd option available via RPC (rev3)
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
We will need it to include types once compel
gets into own directory.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Migrating a process between a system with the 'xsave' CPU flag and
another system without the 'xsave' CPU flags is not possible and
fails during restore. To avoid this situation it is possible to boot
the source system of the migration with 'noxsave' kernel command-line.
Unfortunately criu currently tries to detect the presence of 'xsave'
with the macro X86_FEATURE_XSAVE which represents the features of
the CPU without taking into account if the operating system has
disabled 'xsave'. Checking for 'xsave' availability with the macro
X86_FEATURE_OSXSAVE detects correctly if Linux has been booted
with disabled 'xsave' and thus migrating processes between hosts
with and without 'xsave' is possible if the kernel uses the flag
'noxsave'.
travis-ci: success for criu dump fails when using noxsave (rev2)
Signed-off-by: Adrian Reber <areber@redhat.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Nowadays we have parasite and restorer logs just start with pie:
prefix. Let's add timestamps in restorer too.
For parasite adding timestamps would require passing the start
timeval through the libcompel which is not (yet) clear how to do.
travis-ci: success for pie: Print timestamps in restorer
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
When we collect all the read_page requests into one big preadv
call, the latter one may not read all the data in one go and
return less bytes read, than requested.
This is valid and already met in a bug :) So advance the iovec
set with the ret value and continue reading.
v2: Compilation fix on arm-s
A little bit more debugging
https://github.com/xemul/criu/issues/271
travis-ci: success for series starting with [1/2] pagemap: Support async pages reading by chunks (v2)
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This patch reworks this function, removes mess and fix
the next coverity issue:
394 m->parent = parent;
CID 175314 (#1 of 1): Dereference after null check (FORWARD_NULL)
27. var_deref_model: Passing null pointer &parent->children to list_add_tail, which dereferences it. [show details]
travis-ci: success for mount: simplify mnt_build_ids_tree()
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The problem is in the chroot test:
geninfo: ERROR: /home/travis/build/xemul/criu/test/zdtm/static/chroot.dir.test/home/travis/build/xemul/criu/images/timer.gcno: could not open file
We can just ignore these errors.
travis-ci: success for travis: fix collecting code coverage
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This patch fixes an exit code if a page-server is started
as a daemon. Now the criu exits with a pid of a page server,
it's meaningless, because pid is usually bigger than 128.
travis-ci: success for series starting with [1/2] page-server: don't return a server pid from page-server
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Currently we check errno, but musl-libc doesn't zero it,
if fscanf() has returned EOF without errors.
travis-ci: success for A few fixes for Alpine Linux
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
They are not implemented in musl-libc (alpine).
travis-ci: success for A few fixes for Alpine Linux
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
In the case when one eventpoll in polled by another eventpoll,
we should wait till the polled epoll is opened. So, as the stage
FLE_RESTORED is after FLE_OPEN, it's also OK.
travis-ci: success for eventpoll: Fix dependency check
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The callers of rfi_remap() are interested in a errno,
linkat_hard() returns. So, preserve errno before we
call rm_parent_dirs().
Reported-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
We are going to create slave pty-s to bind-mount them,
but at this moment we don't have file_desc-s and actually
can't open /dev/ptmx by path.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Save one syscall and analyze recvmsg() error code to check
that there is no data in the socket.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
As a slight side effect even expected fle is checked for being
task_fle(), but that's OK.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Acked-by: Kirill Tkhai <ktkhai@virtuozzo.com>
The tail of the recv_fd_from_peer() matches this routine :)
So call one and rename, since it no longer keeps fd for
future only.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Acked-by: Kirill Tkhai <ktkhai@virtuozzo.com>
We've received tmp, which is not expected one, so check for it.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Acked-by: Kirill Tkhai <ktkhai@virtuozzo.com>
These chnages allows us to:
* avoid difference between the root mount namespace and other mount namespaces
* support a read-only root mount
* don't create temporary directories in the root mount
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Andrew Vagin reported the problem found by a checker:
CID 174702 (#1 of 1): Out-of-bounds access (INCOMPATIBLE_CAST)
incompatible_cast: Pointer &f->raw.counter points to an object whose
effective type is int (32 bits, signed) but is dereferenced as a wider
unsigned long (64 bits, unsigned). This may lead to memory corruption.
It looks like, this points to real problem, which may happen on big-endian
platforms. In the code I relay on the fact, that FDS_EVENT_BIT has a small
number and the value, it determines, fits into int type without problems.
But it's correct only for little-endian.
In case of big-endian, if the word size is 8 bytes, then FDS_EVENT value
is in the last bytes, so there is an access to wrong memory.
To fix the problem, I suggest to use little-endian byte order to work
with task_st futex. Then, the bits from 0 to 31 will be in the low adresses,
i.e. in task_st futex. There is new primitives test_and_set_bit_le() and
set_bit_le() borrowed from the linux kernel for that.
This fixes the problem, but I suppose, the checker does not see the problem
so deep, and just compares the types size, so it will fail again.
So, let's enlarge the bit field size to silence it.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Iterate over currently unrestored files only.
v4: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Since we keep files of all types in a single list (fds), it's possible
to use only function for that and to call it unconditionally.
v4: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Nobody uses pid, so let's kill it. Also, pass pstree_item parameter
to open_fdinfos() instead of list, as this function operates on fds
list only.
v4: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Since eventpoll opening time is set by dependencies
(see epoll_not_ready_tfd()), we may safely store them
in generic list.
v4: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Since tty opening order is set by dependencies,
we may safely store all ttys in generic list.
v4: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Fixup ctty right after it's open. It'll need for
merging tty files in single fds list: set ctty
before next fle in list is processed. See next
patch for the details.
v4: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Firstly masters, then slaves and lastly ctty.
v4: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This make open fds asynchronous. Now we restore them in a poll-style.
Every ->open callback operates like a poll. It returns 1, i.e. "call me again",
if some events have not received yet, or 0, if restoring of a fle
has finished.
We iterate over list of file descriptors and look at its return value.
If there were not progress in restoring of a fle, we sleep on task_st
futex. As all events are sent together with changing task_st, we will
be woken up, when there is a some new work for us.
v6: Add a comment about open method return values
v5: Clear FDS_EVENT every beginning of cycle.
Use 0, -1 and 1 for successful return error and "again" request.
v4: unix: 1)standalone sockets return ORV_AGAIN after first open
to reopen fd by generic code
2)do not call post_open_unix_sk() for !standalone sockets
inet, epoll: return ORV_AGAIN after first open to reopen fd by generic code
autofs: iterate used list instead of fds list
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This breaks everything, because files.c can't have
a deal with this yet. But next patch will teach it.
v5: Use hard-coded 0, -1 and 1 for successful return,
error and "again" request.
v4: tty: merge new_fd assignment to receive_tty()
and return this function result directly.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
