First, if we can't open dd_cwd, we leak opened dd_root.
Second, if chroot(dd_root) fails, we leak opened dd_cwd.
Instead of adding more close() statements in place, let's
change the code to close both fds on exit path.
Reported by Coverity, CID 51639, CID 51631.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Andrew Vagin <avagin@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Although there is the skip() macro, this doesn't actually do anything to skip
the test. I looked into adding a test_skip() function in the zdtm lib, but
there didn't seem an easy race-free way to propagate an exit code up to
run_test in zdtm.sh, so we add the checkskip hook for use in the apparmor test
(e.g. when apparmor isn't avialable in the kernel, or is disabled).
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This patch adds support for checkpoint and restore of two linux security
modules (apparmor and selinux). The actual checkpoint or restore code isn't
that interesting, other than that we have to do the LSM restore in the restorer
blob since it may block any number of things that we want to do as part of the
restore process.
I tried originally to get this to work using libraries in the restorer blob,
but I could _not_ get things to work correctly (I assume I was doing something
wrong with all the static linking, you can see my draft attempts here:
https://github.com/tych0/criu/commits/apparmor-using-libraries ). I can try to
resurrect this if it makes more sense, to do it that way, though.
v2: lsm_profile lives in creds.proto instead of the task core, look in a more
canonical place for selinuxfs and don't try to special case any selinux
profile names.
v3: only allow unconfined selinux profiles
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Note that we should only do the ns specific mounting when we are actually in a
ns test.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In case if there is no .gitid file we might endup
with build error. Make sure it exist.
Reported-by: Pavel Emelyanov <xemul@parallels.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In case opts.ps_socket is set (see commit 7058714),
we don't call accept() and so the peer address (caddr)
is left uninitialized, but we try to print it.
Fix by moving the printing code to right after accept().
Reported by Coverity, CID 51645.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Fixing comment leading to think that 32bit tasks are supported, which is
not the case.
For the record, ppc64le is not supporting 32bit task, while ppc64 (the Big
Endian architecture) has an option to support 32bit task but CRIU doesn't
yet run on ppc64.
Reported-by: Christopher Covington <cov@codeaurora.org>
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We might miss entry in "ri ? ri - 1" expression when ri = 1.
Lets use known array size instead.
For some reason it didn't trigger on my tests earlier.
Reported-by: Andrew Vagin <avagin@odin.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Andrew Vagin <avagin@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Locks created by flock() are associated with an open file description
This means that duplicate file descriptors (created by, for example,
fork or dup) refer to the same lock.
Reported-by: Mr Jenkins
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
When it is run, cscope complains about files it cannot find:
cscope: cannot find file test/zdtm/live/streaming/socket-tcp.c
cscope: cannot find file test/zdtm/live/streaming/socket-tcp6.c
cscope: cannot find file test/zdtm/live/static/socket-tcpbuf-local.c
cscope: cannot find file test/zdtm/live/static/mntns_shared_bind02.c
cscope: cannot find file test/zdtm/live/static/socket_listen6.c
cscope: cannot find file test/zdtm/live/static/socket-tcp6.c
cscope: cannot find file test/zdtm/live/static/socket-tcpbuf6.c
cscope: cannot find file test/zdtm/live/static/mntns_link_ghost.c
cscope: cannot find file test/zdtm/live/transition/fork2.c
These files are relative symbolic links, and since cscope is run at the top
directory, the ../* links are not valid.
This patch removes the symbolic links from the list of scanned files. This
is not removing any tags since the real file are still scanned.
In addition, the test directory is not taken in account.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Fix the following error:
> > LINK arch/x86/syscalls.built-in.o
> > arch/x86/crtools.c:36:20: error: unused function '__check_code_syscall'
> > [-Werror,-Wunused-function]
> > static inline void __check_code_syscall(void)
As the function consists of a few BUILD_BUG_ONs, it gets optimized out.
Let's add __attribute__((__unused__)) so clang stops complaining.
[v2: s/used/unused/, fix all the arches, whitespace cleanup]
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
I use Makefile.local to add my own rules for submitting a build
to Coverity. As those rules contain login credentials, they should
be kept private. Including Makefile.local (if present) seems to be
the best way to achieve that.
Also, add Makefile.local to .gitignore to make sure it never gets
commited into repo.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
When open_image() was modified to return a pointer rather than an int
in commit 295090c1, these two checks were overlooked and never fixed.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Andrew Vagin <avagin@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
When using pr_perror(), format string should not end with \n,
as it is added by the macro itself.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Andrew Vagin <avagin@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Some architectures like ppc64 requires a trampoline to be called prior to
the standard restorer services.
This patch introduces 3 trampolines which can be overwritten by
architectures in arch/x/include/asm/restore.h:
- arch_export_restore_thread
- arch_export_restore_task
- arch_export_unmap
The architecture which doesn't need to overwrite them, has nothing to do.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This patch initiates the ppc64le architecture support in CRIU.
Note that ppc64 (Big Endian) architecture is not yet supported since there
are still several issues to address with this architecture. However, in the
long term, the two architectures should be addressed using the almost the
same code, so sharing the ppc64 directory.
Major ppc64 issues:
Loader is not involved when the parasite code is loaded. So no relocation
is done for the parasite code. As a consequence r2 must be set manually
when entering the parasite code, and GOT is not filled.
Furthermore, the r2 fixup code at the services's global address which has
not been fixed by the loader should not be run. Branching at local address,
as the assembly code does is jumping over it.
On the long term, relocation should be done when loading the parasite code.
We are introducing 2 trampolines for the 2 entry points of the restorer
blob. These entry points are dealing with r2. These ppc64 specific entry
points are overwritting the standard one in sigreturn_restore() from
cr-restore.c. Instead of using #ifdef, we may introduce a per arch wrapper
here.
CRIU needs 2 kernel patches to be run powerpc which are not yet upstream:
- Tracking the vDSO remapping
- Enabling the kcmp system call on powerpc
Feature not yet supported:
- Altivec registers C/R
- VSX registers C/R
- TM support
- all lot of things I missed..
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
00:03:27.746 (00.008815) Error (bfd.c:149): bfd: Error reading file: No such process
Reported-by: Mr Jenkins
Signed-off-by: Andrew Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It isn't required here and Mr Jenkins can't execute this job.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CRIU always retores the mounts as MNT_RELATIME. This is because the
kernel uses this mode by default, so we need to pass MS_STRICTATIME
explicitely if we didn't see "noatime" or "MS_RELATIME".
While at it, make mnt_opt2flag[] and sb_opt2flag "static", otherwise
gcc actually creates these arrays on stack even if there are "const".
Signed-off-by: Oleg Nesterov <oleg@redhat.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
/proc/locks can contain a wrong pid for a lock and we always need to
check this fact. Starting with the 4.1 kernel, locks are reported
in fdinfo.
v2: rebase to the curret master
skip note_file_lock()
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Starting with the 4.1 kernel, fdinfo contains information about file
locks.
v2: s/has_lock/has_fdinfo_lock/
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
- ext pipe test should build binar
- criu no longer accepts "extra" empty arguments
- adduser doesn't add more than one same user
All this came unnoticed due to error in tests failure detection
(36a13cbd test: don't ignore errors other other tests)
Signed-off-by: Andrew Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We need a custom flags to build 32bit varian of criu
on 64bit host system, lets pass @ldflags-y here for
that.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
So won't be a warning on x86-32 (I don't like PRI conversion,
it's ugly as hell, plain long is enough here).
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
