2
0
mirror of https://github.com/checkpoint-restore/criu synced 2025-08-31 06:15:24 +00:00
Commit Graph

6308 Commits

Author SHA1 Message Date
Dmitry Safonov
69fbdfaf52 criu/makefile: built-in.o already is in PROGRAM-BUILTINS
Delete it from there.

Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-16 10:46:41 +03:00
Pavel Tikhomirov
254a36d9b3 zdtm/ipc: migrate the array of more than one semaphore
We missed restore problems with multiple semaphores in one array
with vzt-cpt, enhance the test to catch it.

The problem was the change of 'struct sem' size which lead to wrong
memcpy of sem_array->sem_base in our kernel checkpointing.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-16 10:44:34 +03:00
Pavel Emelyanov
64cce1ccba nmk: Define FIND variable
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-16 10:43:18 +03:00
Cyrill Gorcunov
ca6911adf9 build: Drop protobuf/ from the sources
All sitting in images/ already.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 19:24:42 +03:00
Cyrill Gorcunov
40c5b331aa build: clean -- Remove criu itself
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 19:24:06 +03:00
Cyrill Gorcunov
47b59b4797 build: criu -- Fix deps for pie/lib.a and criu's built-in.o
- while arch-lib already depends on syscall lib better to put
   it into deps explicitly
 - criu's built-in.o must depend on the pie target rather than
   pie/lib.a only because it uses -blob.h for internal deps

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 19:23:39 +03:00
Cyrill Gorcunov
f96718b3e3 test: zdtm.py -- Fix criu reference
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 19:22:44 +03:00
Cyrill Gorcunov
06a96d22cd .gitignore -- Add back files to ignore
Have been removed while developing criu-2
series, need to check that they are cleaned
during "clean" stage.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 19:21:12 +03:00
Andrei Vagin
1c2c1f45f7 crtools: add Dockerfile to build criu on armv7hf, aarch64, ppc64le
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:57 +03:00
Tycho Andersen
d45116ff8b build: crit -- Fix install target
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:53 +03:00
Tycho Andersen
fb0126fda6 build: criu.pc -- Move it to lib/c
This is (I think) where it was intended to go based on the gitignore
rename, so let's actually generate it and install it to/from there.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:51 +03:00
Laurent Dufour
0ff731a6d0 build: test -- Fix criu-rtc.so build error
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:48 +03:00
Cyrill Gorcunov
db6cb69394 build: Move everything criu related into criu directory
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:45 +03:00
Cyrill Gorcunov
3410d39514 build: Move crit tool into crit directory
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:42 +03:00
Cyrill Gorcunov
da0eb1483b build: Move C and Python libraries into lib
Both CRIU library and CRIT python data are moved into
lib/c and lib/py.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:39 +03:00
Cyrill Gorcunov
f07970ae7b build: Override ARCH to x86 for travis sake
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:36 +03:00
Cyrill Gorcunov
e71e063890 build: Drop docs about old build engine
No longer valid.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:30 +03:00
Cyrill Gorcunov
594fb52753 build: Move @protobuf dir into @images
But keep @protobuf as a symlink: we have
this path encoded in sources. Gonna be
removed with time.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:27 +03:00
Cyrill Gorcunov
319f4a08a8 build: Import nmk on toplevel
- no more x86_64 in @ARCH, as in kernel it's traditional x86 entry
 - @build renamed to @build-old, will be deprecated

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:23 +03:00
Cyrill Gorcunov
d7016f1475 build: nmk -- Initial import
This is initial import of NMK engine which we gonna use for
CRIU and related tools building.

It's very tiny and while here we merge it as is in future
it gonna be rather a submodule from

	https://github.com/cyrillos/nmk

An idea is to have unified build engine for most tools
we're gonna use.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-15 15:32:20 +03:00
Dmitry Safonov
9445c31642 make: remove pie/pigen/*.{gcda, gcno, gcov} on clean
Not nice to leave them.

Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-12 16:54:08 +03:00
Dmitry Safonov
6effc59e2d zdtm.py: specify python version
Otherwise it may suck on some distros (Arch i.e):
make zdtm
make[2]: Entering directory '/home/japdoll/tools/criu/test'
./zdtm.py run -a --parallel 2
  File "./zdtm.py", line 33
    print "        ..."
                      ^
SyntaxError: Missing parentheses in call to 'print'
Makefile:25: recipe for target 'zdtm' failed
make[2]: *** [zdtm] Error 1
make[2]: Leaving directory '/home/japdoll/tools/criu/test'
Makefile:9: recipe for target 'all' failed
make[1]: *** [all] Error 2
make[1]: Leaving directory '/home/japdoll/tools/criu/test'
Makefile:258: recipe for target 'test' failed
make: *** [test] Error 2

Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-12 16:54:05 +03:00
Dmitry Safonov
5d2d54a849 makefile: make DEBUG & GMONLDOPT simply expanded variables
As they store just a value, not any recursive expands, lets simplify.

Impact: cleanup

Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-12 16:54:03 +03:00
Dmitry Safonov
bd0c5281fd makefile: move PROTOUFIX export to arm section
As SRCARCH := arm defined two lines above, no need for additional ifeq.

Impact: cleanup

Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Reviewed-by: Christopher Covington <cov@codeaurora.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-12 16:54:01 +03:00
Tycho Andersen
518b444012 tests: get rid of HAVE_SECCOMP nonsense
Because of the #undef (probably left over from some debugging I did that
accidentally got committed), this test never ran. Anyway, this is all
unnecessary because we can just use the seccomp_filter feature flag in the
tests.

Also reenable the seccomp_filter_tsync test.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-12 16:42:53 +03:00
Tycho Andersen
726d87d9b9 tests: get rid of seccomp_filter_tsync.checkskip
This is superceded by criu check seccomp_filter and doesn't work on some
systems anyway.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-12 16:42:50 +03:00
Pavel Emelyanov
5b82e5c448 zdtm: Temporarily disable seccomp_filter_tsync test
It always exits with "no support" message and checkskip works strangely. Need
to resolve those two first."

Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-11 13:40:13 +03:00
Tycho Andersen
7684e832e0 rst-malloc: s/rst_mem_cpos/rst_mem_align_cpos
Since we need to align some allocations (but not most of them), let's
always align them when checking the current position.

v2: always rst_mem_align() before the beginning of each "set" of
    allocations
v3: merge rst_mem_align and rst_mem_cpos

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Cyrill Gorcunov <gorcunov@gmail.com>
CC: Andrey Vagin <avagin@openvz.org>
Acked-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-11 12:57:22 +03:00
Tycho Andersen
c9393ec5dc rst alloc: align on reporting cpos too
Since we align in rst_mem_alloc, we should also align when reporting the
current position; if we don't and things get unlucky, we report a different
position than where the pointer is actually allocated, which fucks things
up quite bad :)

Closes #111

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-10 16:36:19 +03:00
Andrey Vagin
7fe2bee80d seize: detach from external processes before killing dumped processes (v2)
When we kill a container, all processes from its pidns are killed by
SIGKILL, but we don't expect that someone from the freezer cgroup will
be killed too if it was not dumped.

(00.468446) Error (seize.c:439): Unexpected child 79162
(00.468489) Error (seize.c:440): BUG at seize.c:440

This situation is posiable, if someone enters into pidns by setns.

In this patch, we deatches from extra processes before killing dumped
processes. In this case, we are not get signals if someone is killed.

v2: use process_to_wait insread of adding a new var

https://jira.sw.ru/browse/PSBM-43795
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-09 11:47:36 +03:00
Andrew Vagin
0ce60fdb85 pie: print an error and notify criu in error cases
Cc: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Acked-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-09 11:45:44 +03:00
Cyrill Gorcunov
15850963f9 memfd: Fix typos in memfd tests
I manage to miss source refresh. Sorry.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-09 11:44:55 +03:00
Cyrill Gorcunov
d54e7bbfd1 memfd: Use CONFIG_HAS_MEMFD to not fail on old kernels
memfd is available since 3.16 kernel so don't fail
building criu on earlier kernels but simply don't
use it on older kernels.

Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 22:15:05 +03:00
Cyrill Gorcunov
ab5442de40 memfd: Test for __NR_memfd_create during building
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 22:14:38 +03:00
Tycho Andersen
36aedc3b11 zdtm.py: fix checkskip logic
Fix checkskip logic, also emit a clearer reason when checkskip fails as to
why the test was skipped.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 21:26:41 +03:00
Tycho Andersen
5219c5a3b8 lsm: don't crash with "undefined" profile in images
If the profile is "undefined" render_lsm_profile doesn't render anything,
since there is no need to set a profile. We shouldn't crash in this case.

We never hit this bug because we are careful not to put an "undefined"
profile into the images. But, if someone else edits the images, we
shouldn't crash on restore because of that.

Closes #110

Reported-by: Coverity
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 21:26:13 +03:00
Kirill Tkhai
7c4a37f5b3 files-reg: Fix rm_parent_dirs() counter
Looks like it's a leftover from one of intermediate versions..

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 21:25:27 +03:00
Kirill Tkhai
8822708339 files-reg: Delete ghost file numeric index
Since ghost_files content is not available for parent
tasks, leave ghost_file names unchanged.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 21:25:15 +03:00
Kirill Tkhai
f42024814b files-reg: Revert: Make try_clean_ghost() use struct ghost_file ptr
ghost_files populates another process, than who does try_clean_ghost(),
so this list is not visible for the cleaner. Revert the patch.

Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 21:24:58 +03:00
Dmitry Safonov
3815004841 kerndat: do not report error on loginuid feature test
Fix for commit 0ce8e42995 ("kerndat: do not report errors on feature
test").
That commit hid error messages for feature testing when you cannot
write to /proc/*/loginuid files because of missing kernel patch that
allows unsetting loginuid value on older kernels, but it didn't hide
error messages in case of disabled CONFIG_AUDITSYSCALL - then you
don't have loginuid files.
Also fixed comment for kerndat feature test: procfs file might fail
to open if it's missing and that's fine - !CONFIG_AUDITSYSCALL case,
but it can't fail due permission fault on _read_ (then something is
wrong, lets report a problem).

Reported-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 20:25:45 +03:00
Andrew Vagin
46cf4edb60 travis: install libnl-3-dev
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 20:21:37 +03:00
Pavel Emelyanov
3606e755ce crit: Do not recode new netns-ct/-exp images
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 13:07:05 +03:00
Andrew Vagin
42165243eb test: check that contracks are dumped and restored
This tests sets filters which drops all packets which don't
belongs to current tcp connections and creates one tcp connection.

Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 11:42:43 +03:00
Andrew Vagin
afde3659e3 net: set the IP_CT_TCP_FLAG_BE_LIBERAL flag for conntracks
Currently the kernel doesn't report sequence numbers for contracks
and tries to restore them from first packets.
When we are restoring a tcp connection, we send a window probe and
set seq - 1 in it to get ack immediatly.

        /* Use a previous sequence.  This should cause the other
         * end to send an ack.  Don't queue or clone SKB, just
         * send it.
         */
        tcp_init_nondata_skb(skb, tp->snd_una - !urgent, TCPHDR_ACK);

But conntrack doesn't like this, because then we get ack, which is greater than seq.
It looks like we try to ack data which we haven't received yet.

[  735.528073] td_maxwin == 0
               seq=1081132048 ack=2965916432+(0) sack=2965916432+(0) win=342 end=1081132048
               tcp_in_window: sender end=0 maxend=0 maxwin=0 scale=0 receiver end=0 maxend=0 maxwin=0 scale=0
[  735.533409] log_invalid:
               seq=2965916431 ack=1081132049+(0) sack=1081132049+(0) win=342 end=2965916431
               tcp_in_window: sender end=2965916431 maxend=2965916773 maxwin=342 scale=0 receiver end=1081132048 maxend=1081132390 maxwin=342 scale=0
[  735.537651] nf_ct_tcp: ACK is over the upper bound (ACKed data not seen yet)

The kernel sets IP_CT_TCP_FLAG_BE_LIBERAL for new conntracks,
if we are in the middle of a connection.

Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 11:42:40 +03:00
Andrew Vagin
0dcfcc0ea5 net: dump netfilter conntracks and expectations
We request all contracks via netlink and save netlink messages which
describe them in an image file, then we send these netlink messages back on restore.

https://github.com/xemul/criu/issues/54
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-08 11:41:59 +03:00
Andrew Vagin
7ad74ec25b rst-malloc: use rst_mem_alloc_cont to allocate arrays
rst_mem_alloc() returns alligned slices. When we want to
allocate an array element, we don't expect to get a hole between
a new element and an old one.

Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-07 11:09:52 +03:00
Andrew Vagin
7458b054f9 rst-malloc: return aligned pointers to sizeof(void *) (v4)
Stas found that if we don't align a pointer,
futex and atomic operations can fail.

v2: don't hard-code the size of void *
v3: add a function to allocate memory without gaps with
    a privious slice. It's used to allocate arrays.
v4: don't change rst_mem_cpos

Cc: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-07 11:09:44 +03:00
Andrew Vagin
b09356f4d7 test/tempfs_subns: wait all child processes
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-06 20:52:28 +03:00
Tycho Andersen
2f41a8a823 check: dump seccomp filters is in --ms
As of 4.4,
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=f8e529ed9
c/r of seccomp filters is supported, so let's check for it in --ms.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-06 20:48:04 +03:00
Tycho Andersen
fe76ccde97 check: suspend seccomp is in --ms
As of 4.3,
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=13c4a9011
PTRACE_O_SUSPEND_SECCOMP is in the mainline kernel, so we should check for
it in --ms.

Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
2016-02-06 20:47:56 +03:00