Restore of namespaces requires executions of external tools
(ip, tar, etc). We want to know return codes, so we should
block a default sigchld handler. Before we did that for each
command, I suggest to block SIGCHLD, then restore namespace and
unblock SIGCHLD.
The default sigchld handler is used for catching target processes,
but all this processes (except a current one ) are started after
restoring namespaces.
Currently we forgot to block SIGCHLD before executing "ip",
and this bug was caught.
Reported-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It seems otherwise older gcc compilers do treat this
statement as incomplete.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reported-by: Huang Qiang <h.huangqiang@huawei.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The biggest acheivement since v0.1 -- initial support for LXC containers!
Other less notable (but still great) things done are:
* Implemented support for TTY-s
* Added support for packet sockets
* Bug-fix here and there
Note, that images generated by v0.1 tool are accepted by v0.2 one.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We don't support yet detached terminals migration,
so fail early if we can't proceed.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Andrew Vagin <avagin@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Will need it to verify that live tty pairs exist.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Andrew Vagin <avagin@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
To trace paired ttys we will need one more bitmap
so rename tty_test_and_set_index to tty_test_and_set
because we will need this helper in another context.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Andrew Vagin <avagin@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CC ipc_ns.o
ipc_ns.c: In function ‘dump_ipc_msg’:
ipc_ns.c:240:2: error: ‘message’ may be used uninitialized in this function [-Werror=uninitialized]
ipc_ns.c:192:17: note: ‘message’ was declared here
cc1: all warnings being treated as errors
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We do have build-time tests for that but it's not enough, better to
be on safe side and double check the arguments size.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
rcv_wscale is a symetric parameter with snd_wscale.
Both this parameters are set on a connection handshake.
Without this value a remote window size can't be interpreted correctly,
because a value from a packet should be shifted on rcv_wscale.
This patch doesn't break a back compatibility, a rcv window
will be restored with the same bug (rcv_wscale = 0).
v2: Update to a new kernel interface:
[PATCH] tcp: restore rcv_wscale in a repair mode (v2)
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Before 256 bytes were used for that, it may be not enough.
For example it was not enough for a NFS point on my test system.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In commit 97cfb707 we extended scm_fdset structure
up to 7K thus we need to increase the parasite stack
size enough to hold it. It was not noticed simply because
we were poking arguments area of memory.
The memory map of args and stack for parasite look like
+-----------+ min address
| | |
| arguments | v (8K)
| |
+-----------+
| |
| stack | ^ (16K)
| | |
+-----------+ max address
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Otherwise there is a race between files with same names:
link(name -> ghost) link(name->ghost)
open(name)
unlink(name)
open(name) -> ENOENT
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
One function is used on restoring and one is used on dumping,
so each function has own prefix rst or cpt.
The both functions have the same effect, so the main part of the names
is same and it describes "unlock_tcp_connections".
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
network-script.sh is used for locking and unlocking network in CT.
Here is an example of an LXC config:
lxc.console=none
lxc.utsname = test-lxc
lxc.network.type = veth
lxc.network.flags = up
lxc.network.link = br0
lxc.network.name = eth0
lxc.mount = /root/test-lxc/etc/fstab
lxc.rootfs = /root/test-lxc-root/
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Restore must not fail after unlocking connections.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Early we moved prepare_shared() to a root task,
because several preparation actions should be executed
in a target namespace set (e.g.: ghost files).
TCP sockets are a subset of init sockets,
they should be unlocked before resume. It's convient to do
from crtools.
An image can't be read more than one time, because we want to
send it via network.
For this two reasons prepare_shared is spitted in two parts,
one for crtools and one for a root task.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
For another netns we don't need to lock separate connections,
an external chanel can be locked.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Scripts are executed when external actions required.
CRTOOLS_SCRIPT_ACTION contains a required action.
If a script doesn't know a current action, it should exit with 0.
The first usecase will be lock/unlock network.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
TCP_REPAIR should be droppet when a network is unlocked.
A network should be unlocked at the last moment, because
after this moment restore must not failed, otherwise a state of
a tcp connection can be changed and a state of one side in our image
will be invalid.
v2: use xremalloc instead of mmap and remmap
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Use sys_setsockopt and declare a function in a header as "static inline"
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
There are places when we have to select which fd to ->open
and which to ->receive. To avoid deadlocks we sort them in
an ascending order on { pid, fd } pair.
Make this idea more formal by introducing an explicit function
doing this check and call it where appropriate (pipe.c master
selection is also simplified to fit new ... API).
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Don't do explicit switch by file type in files.c and don't export
intimate knowledge of pty being master/slave. Use a file desc op
for that.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Until I figure out how to make them work in ns.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We need to do two non-trivial things with ttys -- interconnect
slaves to masters (or to each other) and setup ctl-tty restoring
task.
Now this is done in subsequently depending on each other steps:
1. collect ttys
2. interconnect slaves and mark ctl-tty tasks
3. collect fake fds for tty-ctl tasks
4. setup orphaned slaves
We can relax this logic in two ways:
1. don't split marking ctl-tty tasks and then creating fds for them
do it in one step at the end
2. don't interconnect slaves with masters and orphaned slaves in
two steps -- do it in one place after fds are collected
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In case if there is no master peer associated
with a slave peer we have two cases
- the master peer was closed before slave
- we just have no master peer at all, but
only slave one
This patch addresses only first case -- we open
fake master and hook slaves on it, then close it
immediately.
The second case will be addressed later.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
tty entries might have no parameters assigned if they
are hanging on closed master, we should take into
account when we do verify them.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
If we've met a hanging up terminal we can escape
lot of work but dump a minimum information needed
for restore.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This patch squashes tty_get_sid, tty_get_pgrp into
one tty_get_sid_pgrp helper (which allows to detect
if dumping terminal is hanging up, the real use of
this ability will be addressed in next patch).
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The dangling slave peers might have no data associate
with them if master peer is closed and link is hanging
up. Thus make this parameters optional to not blow the
image with data which never will be used.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Add ability to use the same macros in restorer code.
In the future we will add ability to show arguments like printf.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Instead -- mmap it once in root task and then mremap it later.
No mremap of original restorer can be done, since in that case
the restorer vma would be tied to crtools binary which in turn
will make set-exe-file prctl to fail with EBUSY.
Note -- after mremap the original vmas list becomes non relevant,
but it's OK. Only new holes appear inside which is OK for munmap.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This will avoid exec bit on restorer args and will make
it possible for shared restorer eventually.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
There was a strange thing -- task args size is aligned, but when
threads args ptr is get this alignment was lost. Fix this and make
all the bufs page-aligned.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
