Currently we remap task_entries but it can be used from a sigchld hanler.
We need to block sigchld to remap task_entries and unlock it
when a restorer sigchld handler is set.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
ksigfillset is the same for all architectures and
here is no reasons to duplicate the same code many times.
In addition, this patch addes ksigemptyset and ksigaddset.
They will be used in the next patch.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
In the case where we don't rewrite anything, dirnew is never set, so we
shouldn't reset anything, because we didn't do any work.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
C standard specifies that the first enum element is 0 and the next ones
are +1 to a previous element (C90, "3.5.2.2 Enumeration
specifiers").
Therefore, there is no need to explicitly specify element values.
The explicit initializers were added in the first commit introducing
this enum (commit 46e8aee).
While at it, let's also add a comma after the last element, for any
future patch adding more elements to look better.
No functional change.
Cc: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The problem here is again caused by systemd :). Every process lives in some
child cgroup and not the root one, so we end up with a bunch of stuff like:
/init.scope
/system.slice/...
/user.slice/...
and nothing in the root cgroup. However, systemd opens
/sys/fs/cgroup/systemd, changes the perms, and keeps a fd around.
Unfortuantely, we don't track the perms on the "real root" cgroup here,
because nothing is at that level, so when we restore, our cgroup perms
changing code doesn't catch this perms change, and we get:
(00.361723) 1: Error (criu/files-reg.c:1487): File sys/fs/cgroup/systemd has bad mode 040755 (expect 040775)
To fix this, let's just support the --cgroup-root argument on dump too, and
rewrite the cgroup paths we dump accordingly.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
From 5f6b24723b Mon Sep 17 00:00:00 2001
From: "Tuan T. Pham" <tuan@vt.edu>
Date: Thu, 8 Sep 2016 03:42:12 -0400
Subject: [PATCH] Add script to install required packages to compile in Debian
In order to setup an environment to compile and to test CRIU
from source, we need to have required packages in Debian
environment.[^0] This script and its package list will help
setting it up.
contrib/debian/dev-packages.lst:
* List of required packages for Debian development environment
scripts/install-debian-pkgs.sh:
* A simple bash script instaling the required Debian packages
[0]: https://criu.org/Installation
Signed-off-by: Tuan T. Pham <tuan@vt.edu>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
v2: don't try to write "" to devices.allow, just skip it since we write 'a'
to devices.deny everywhere anyway.
v3: leave cgroup prop name as "devices.list" so it is caught in the later
tests for special-ness. also, don't write the last devices entry twice.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
C standard specifies that the first enum element is 0 and the next ones
are +1 to a previous element (C90, "3.5.2.2 Enumeration specifiers").
Therefore, there is no need to explicitly specify element values.
The explicit initializers were added in commit 5676383 (scripts:
Add ACT_MAX limit and make @action_names being const) but I do not
see the need for them in there either.
No functional change.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Before this patch vma sizes were hardcoded and weren't derived
from PAGE_SIZE value.
But all the actions with these vmas are based on PAGE_SIZE value.
That's why maps008 on PowerPC with "huge" PAGE_SIZE of 64k was simply
terminating due to invalid memory access.
This commit sets vma sizes to safe values derived from PAGE_SIZE.
New sizes are enough to perform all the actions test does with vmas.
Tested-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Eugene Batalov <eabatalov89@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This is need to catch the moment when binfmt_misc in mainline kernel is virtualized
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
In case of mount image is not containing binfmt_misc mountpoint,
add temporary mountpoint to mount tree and try to restore
binfmt_misc content in ordinary way. Then, umount temporary mountpoint.
v4: New
v5: Check for opts.has_binfmt_misc to determine if image presents
v6: Check for binfmt_misc_list to determine if binfmt_misc entries present
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Umount does not remove binfmt_misc content. If it's mounted once again,
the same entries remain registered.
Criu does not dump content of umounted binfmt_misc. So, after C/R we
lose it at all.
This patch forces mounting of unmounted binfmt_misc after we collected
mountpoints. If it's unmounted, we mount it back and add this mount
to the tree of collected mounted mountpoints. Further, binfmt_misc
content is dumped in usual way with the only difference, that mount
point itself is not dumped.
v2: Print error in case of umount() fail.
Move add_forced_mount() to another patch.
v3: Close binfmt_misc dir before its umount().
v4: Do not dump forced mounted mountpoint.
v5: Do not search for binfmt_misc mounted: use opts.has_binfmt_misc.
Do not count number of entries in binfmt_misc directory.
v6: Add CRTIME_MNT_ID.
Make mount function generic.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Set opts bit if binfmt_misc is mounted on root mnt_ns
v5: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Use name binfmt_misc.img for any mounted binfmt_misc.
Note, that newly created binfmt_misc images won't restore
on old criu.
Iterate over binfmt_misc_list if it's not empty on restore.
Also, because of above, let's change a behaviour of dump and now
we do not create binfmt_misc images if there is no registered
binfmt_misc entries.
v5: New
v6: Use {open,close}_image sequence to determ if image exists
Iterate over binfmt_misc_list
Suggested-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Also rename restore_binfmt_misc_entry() to write_binfmt_misc_entry()
v6: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Also add new format without suffix in file name
v6: New
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Don't do additional processing for ext-tty which are
expected to not have regfile in image.
Reported-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
When collecting tty records the @id may come in
as external tty entry which has no regular file
record (because it gonna be inherited on the
restore from the command line option).
Thus, make sure that deprecated_ok() is never
called on external ttys.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This program doesn't parse /etc/fstab or /etc/mtab,
it just calls the umount2 syscall.
It is another attempt to fix the error:
subprocess.CalledProcessError: Command '['mount', '--make-private', '/tmp/criu-root-C7MZS9']' returned non-zero exit status 1
OSError: [Errno 16] Device or resource busy: '/tmp/criu-root-C7MZS9'
Signed-off-by: Andrei Vagin <avagin@openvz.org>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Add a new option to zdtm.py to run "criu dedup" after "criu dump"
or "criu pre-dump".
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
So, this time we have quite a lot of new features for a monthly
release cadence, including --leave-stopped on restore, TMEM for
PPC and shmem changes tracking.
Also bugfixes, of course, and a little bit more deprecations.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
TL;DR: this allows to check if printf argument types are valid.
Apparently, gcc is not able to check if the printf arguments
are in sync with the format string, it a string is not a literal.
This can be seen by compiling the code with -Wformat-nonliteral:
CC criu/netfilter.o
criu/netfilter.c: In function ‘nf_connection_switch_raw’:
criu/netfilter.c:80:4: error: format not a string literal, argument
types not checked [-Werror=format-nonliteral]
dip, (int)dst_port, sip, (int)src_port);
Unfortunately we can't just add -Wformat-nonliteral to CFLAGS as there
is at least one other place in the code what uses non-literal string
as a format string for printf-like function. In this very case, though,
there is no need to use a non-literal, so change it to a define.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Apparently when travis checks patches, it compiles code with
-Wformat-security (most probably because the distro/gcc it uses
has it on by default), but on my system (Fedora 24/gcc 6.1.1)
this flag is not on. As a result, code compiles fine for me
but travis reports an error.
Add -Wformat-security to default CFLAGS. It helps to catch
problems like using printf(str) instead of printf("%s", str).
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It turned out that calling log_first_error() is possible w/o
calling log_keep_first_err(), so don't bug_on() on it, just
return NULL.
Reported-by: Adrian Reber <adrian@lisas.de>
Signed-off-by: Pavel Emelyanov <xemul@virtouzzo.com>
Reviewed-by: Adrian Reber <adrian@lisas.de>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Dmitry:
Thanks for the patch, it looks like it was part of commit 1c249d08870b
("x86: add 32-bit sigframe for rt_sigreturn") from criu-dev.
When I've prepared the patches set, I've tested patches separately from
the set on x86, but hadn't possibility to test them separately on ppc.
And for x86 it didn't matter when to call restore_gpregs() before compat
patches, so I didn't catch that it does matter for ppc.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
1. Fix uninitialized use of pr in cr_dedup_one_pagemap and get_page:
https://github.com/xemul/criu/issues/178
2. In ud_open, close pr in case of error returned from find_vmas->
collect_uffd_pages as we free lpi with lpi->pr open; so need check in
lpi_fini if uffd is >0 before close
v2:rebase to new criu-dev
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Acked-by: Mike Rapoport <rppt@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
An atexit hook is executed for forked processes too,
clean_tests_root() has to be called only once.
v2: fix flak8 warnings
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Make sure travis/jenkins complain if someone sends a patch
that results in criu --help output violate standard terminal
width requirement.
Cc: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Remove that weird special case from check_add_feature() function, making
it a separate pr_check_features(), which prints a SEP-separated list of
feature names, obeying the max WIDTH, and prepending each line with
OFFSET. That way, we have a decept --help output:
--feature FEAT only check a particular feature, one of:
mnt_id, mem_dirty_track, aio_remap, timerfd, tun,
userns, fdinfo_lock, seccomp_suspend,
seccomp_filters, loginuid, cgroupns, autofs
Alternatively, we could just drop the functionality of showing all the
individual features to check.
[v2: use %s in pr_msg to fix a -Wformat-security warning]
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
* Fix English and rephrase
* Mark with curly braces that PID and NS_FILE are exclusive options
* Fix 80 columns violations
* Remove usage examples
* Remove the "experimental feature" warning
* Add an empty line before "Check options" header
As for removals, I believe --help output is not the proper place for
examples or notices.
Was:
-J|--join-ns NS:PID|NS_FILE[,EXTRA_OPTS]
Join exist namespace and restore process in it.
Namespace can be specified in pid or file path format.
--join-ns net:12345 or --join-ns net:/foo/bar.
Extra_opts is optional, for now only user namespace support:
--join-ns user:PID,UID,GID to specify uid and gid.
Please NOTE: join-ns with user-namespace is not fully tested.
It may be dangerous to use this feature
Check options:
Now:
-J|--join-ns NS:{PID|NS_FILE}[,OPTIONS]
Join existing namespace and restore process in it.
Namespace can be specified as either pid or file path.
OPTIONS can be used to specify parameters for userns:
user:PID,UID,GID
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
There is no need to have it here.
Also, remove curly braces around {net} to avoid confusion.
Was:
--empty-ns {net}
Create a namespace, but don't restore its properies
(assuming it will be restored by action scripts)
Now:
--empty-ns net Create a namespace, but don't restore its properies
(assuming it will be restored by action scripts)
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
* Simplify phrases, removing duplicate words -- saving 1 line
* Drop <>, use UPPERCASE for variable parts as in other places
* Obey 80 columns
Was:
--inherit-fd fd[<num>]:<existing>
Inherit file descriptors. This allows to treat file desc
riptor
<num> as being already opened via <existing> one and ins
tead of
trying to open we inherit it:
tty[rdev:dev]
pipe[inode]
socket[inode]
file[mnt_id:inode]
Now:
--inherit-fd fd[NUM]:RES
Inherit file descriptors, treating fd NUM as being
already opened via an existing RES, which can be:
tty[rdev:dev]
pipe[inode]
socket[inode]
file[mnt_id:inode]
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
In general, we do not end the [last] sentence of an option description
with a period. In a few cases, we do that -- let's fix it.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
* fix a typo (descrition -> description)
* add a comma before "but"
* remove a period at the end of the sentence
Was:
--cgroup-props-file FILE
same as --cgroup-props but taking descrition
from the path specified.
Now:
--cgroup-props-file FILE
same as --cgroup-props, but taking description
from the path specified
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
* fix a typo (usig)
* slightly rephrased
* remove a period at the end
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Hopefully without losing any meaning, but now it fits in 80 cols
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
