Dump the with "new" prlimit syscall that works on arbitrary pid.
Restore is done in restorer _after_ mappings mixup and _before_
caps drop to make it set any max value.
The RLIM_INFINITY is handled explicitly to help future 64<->32
bits migration.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Usually the PTYs represent a pair of links -- master peer and slave
peer. Master peer must be opened before slave. Internally, when kernel
creates master peer it also generates a slave interface in a form of
/dev/pts/N, where N is that named pty "index". Master/slave connection
unambiguously identified by this index.
Still, one master can carry multiple slaves -- for example a user opens
one master via /dev/ptmx and appropriate /dev/pts/N in sequence.
The result will be the following
master
`- slave 1
`- slave 2
both slave will have same master index but different file descriptors.
Still inside the kernel pty parameters are same for both slaves. Thus
only one slave parameters should be restored, there is no need to carry
all parameters for every slave peer we've found.
Not yet addressed problems:
- At moment of restore the master peer might be already closed for
any reason so to resolve such problem we need to open a fake master
peer with proper index and hook a slave on it, then we close
master peer.
- Need to figure out how to deal with ttys which have some
data in buffers not yet flushed, at moment this data will
be simply lost during c/r
- Need to restore control terminals
- Need to fetch tty flags such as exclusive/packet-mode,
this can't be done without kernel patching
[ avagin@:
- ideas on contol terminals restore
- overall code redesign and simplification
]
v4:
- drop redundant pid from dump_chrdev
- make sure optional fown is passed on regular ptys
- add a comments about zeroifying termios
- get rid of redundant empty line in files.c
v5 (by avagin@):
- complete rework of tty image format, now we have
two files -- tty.img and tty-info.img. The idea
behind to reduce data being stored.
v6 (by xemul@):
- packet mode should be set to true in image,
until properly fetched from the kernel
- verify image data on retrieval
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
CC: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
When dumping a tmpfs mount we need to take its contents with us.
So, use tar for it and put it into the image dir.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
If an image isn't specified, crtool shows content of all images.
Now crtools aborts in this case due to BUG_ON(1) in show methods
for raw images. I sugget to skip such images.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Support only basic packet socket functionality -- create and bind.
This should be enough to start testing dhclient inside container.
Other stuff (filter, mmaps, fanouts, etc.) will come later.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The pb_read thing is no longer a macros. This will allow to
factor out objects collecting on restore.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Only the fact of the fd presence, its flags and fown and the sigmask.
The sigpending state is tightly coupled with the task's sigpending
state which is not yet supported.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Only support the lo device. This is not final yet (much more
stuff is to be handled for a link) but is rather a skeleton
showing how to do it and letting us check the LXC container
early.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Raw images are supposed to be files with non-crtools contents.
E.g. tarballs with tmpfs contents or iptables-save output. Another
example is -- ip tool addr and route dumps we're about to merge
soon.
Having these type of images allows to use the open_image and the
cr_fdset engine easily.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Currently we store the images version in the core file. This is
bad, since core file describes a single process (or thread) and
says nothing about the images set as a whole (let alone the fact
that it's being parsed too late).
Thus introduce the inventory image file which describes the image
set the way we need (want). For now the only entry in it is the
images version. In the future it can be extended.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Checkpoint and restore of fifo is similar to
pipes c/r except the pipe end-points are named
file.
Because the fifo has a name we use regular files
facility for fifo path c/r.
Still there is a trick used to "open" fifo:
the opening procedure migh sleep if a fifo's peer
is not yet opened, so before doing a real open
we yield a fake open procedure (with O_RDWR flag)
which prevents us from sleeping even if peer
is not yet ready. Also we need writable fifo
end to restore data queued.
v2:
- add open/priv members to reg_file_info
- make open_fifo_fd to use open_fe_fd
- comment on pipe_id
- make sure the fifo data is not restored twice
v3:
- drop useless fixme comment and add sane one
v4:
- Use restore_data flag to escape data restore duplication
- Use S_ISREG for file contents copying
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
