This patch brings add_to_string() and construct_string() helpers.
They allow to create a string with variable amount of parameters in sprintf()
manner, but supporting string allocation (and reallocation if necessary)
v2:
1) Helpers were renamed to xstrcat() and xsprintf() respectively.
2) Added printf attributes to force compiler check
Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
restore_creds uses prctl, so if we block this call in the seccomp filter
test, it causes things to fail (hang actually, seems we have some unhandled
error path here).
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Note that this doesn't actually fix the problem, because seccomp could
block the setuid call, and since we're now restoring when the task isn't
ptraced and in SECCOMP_SUSPEND mode, we can't guarantee that the seccomp
filters won't be suspended.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In order to restore seccomp correctly, we need to do it before
restore_creds() in the restorer blob. But, if the seccomp policy forbids
e.g. prctl, if the task doesn't have SUSPEND_SECCOMP set it will die when
trying to restore creds. To solve this, we break attach_to_tasks up into
two parts: 1. we attach and set SUSPEND_SECCOMP (but let the tasks continue
normally), and then after the RESTORE_CREDS stage we 2. attach to the tasks
and stop them on the final sigreturn.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We call mount from one namespace and umount from another namespace,
so we check that their parents are from one shared group.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Now we save files, maps and mounts for each test process
and we need to compare them separately for each process.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Restore dumpable flag after setfsuid to assure that created /proc/self/*
file inode had task's credentials. Without it it would have root creds
and trying to access proc files of task will fail from non-root user
in generic vfs permission check.
Signed-off-by: Dmitry Safonov <dsafonov@odin.com>
Acked-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Since commit ea747b0755 receive queue for
such DGRAM sockets restores twice: in open_unix_sk() and post_open_unix_sk().
It should be made only once. So, keep that commit logic only for sockets
without alive sender.
Signed-off-by: Kirill Tkhai <ktkhai@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It is restored from the userns.
21:22:31.443: 4: FAIL: loginuid.c:93: loginuid value 3 is different after restore: 100003
Cc: Dmitry Safonov <dsafonov@odin.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Reviewed-by: Dmitry Safonov <dsafonov@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Noticed this when I was looking over the LSM code for Cyrill's task =>
thread creds set. We set this to null to save some work later, but we
forget to free it first.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
unseize_task_and_threads sends SIGKILL in unseize_task under condition
(st == TASK_DEAD). Which obviously kills task.
Move freezer_detach after pstree_wait to detach only from alive tasks
to get rid of the following errors:
(00.242163) Error (seize.c:223): Unable to detach from 23064
: No such process
(00.242177) Error (seize.c:223): Unable to detach from 23065
: No such process
Signed-off-by: Dmitry Safonov <dsafonov@odin.com>
Acked-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
... so it can be used from non-root:
(Higher value means it would be killed earlier so everyone should be
possible to change his value to bigger than zero)
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
System call sys_fcntl() in _some_ kernels can silently drop some flags during
set and return success code.
This patch adds double check, that all the fd flags were really set.
Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Patch restores freezer cgroup state between finalize_restore stages.
It should be done after first stage because we cannot unmap restorer blob
from frozen process, and before second stage because we must freeze processes
before they continue run.
We also need to move fini_cgroup between these stages to provide freezer
cgroup state restorer access to cgroup mount directories.
Error handlers contains fini_cgroup, so we are sure that fini_cgroup call
won't be missed.
Patch restores state only for one freezer cgroup from --freeze-cgroup option,
not all states from whole hierarchy, because CRIU supports checkpoint from
freezer cgroup hierarchy only with THAWED state, except root cgroup from
--freeze-cgroup option.
Signed-off-by: Evgeniy Akimov <geka666@gmail.com>
Signed-off-by: Eugene Batalov <eabatalov89@gmail.com>
Acked-by: Andrew Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
First stage of finalize_restore unmaps the restorer blob, second stage
detaches from processes. After first stage process tree is completely
restored and processes are ready to continue run through sigreturn.
This splitting allows us to execute something between these stages (e.g.
restore freezer cgroup state).
Signed-off-by: Evgeniy Akimov <geka666@gmail.com>
Signed-off-by: Eugene Batalov <eabatalov89@gmail.com>
Acked-by: Andrew Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
CRIU sets freezer.state to "THAWED" during process tree dumping. That's why
we can't simply save freezer.state file contents to cgroups image. New
special function get_real_freezer_state() returns freezer cgroup state
observed before CRIU dumping start. Patch puts its return value to dump file.
Signed-off-by: Evgeniy Akimov <geka666@gmail.com>
Signed-off-by: Eugene Batalov <eabatalov89@gmail.com>
Acked-by: Andrew Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In this case it has an external master_id and we want to test that
criu can handle it correctly.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The thread_bomb test was rewrited and
ZDTM_THREAD_BOMB should be equal 5 now.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It works for tests which are executed in a separate pidns
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It's an external one and it's already created and we don't have proper
shared mount.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We don't need to remount a mount as private, when a source mount and
a new mount has the same master_id and shared_id
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The value of loginuid cannot be changed inside container, with the
exception if it was not set yet. This value is inherited on fork() from
parent.
So, to restore original loginuid values for all tasks:
- unset the container parent loginuid
- all children will have this value unsetted
- on child restore set value from dump
See http://lxr.free-electrons.com/source/kernel/audit.c#L635https://jira.sw.ru/browse/PSBM-41993
Signed-off-by: Dmitry Safonov <dsafonov@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Standalone criu target should not be used here
because it doesn't carry all prerequisites needed.
Instead simply use @all.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
When running test in ns/uns flavor zdtm.py builds a temp root in test/ directory.
The new action allows to remove all this stuff automatically.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This will be required for page-cache and page-proxy set.
Signed-off-by: Rodrigo Bruno <rbruno at gsd.inesc-id.pt>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
A freezer cgroup can contain tasks which will be not dumped,
criu unfreezes the group, so we need to freeze all extra
task with ptrace like we do for target tasks.
Currently we attache and send an interrupt signals to these tasks,
but we don't call waitpid() for them, so then waitpid(-1, ...)
returns these tasks where we don't expect to see them.
v2: execute freezer_detach() only if opts.freeze_cgroup is set
calculate extra tasks in a freezer cgroup correctly
v3: s/frozen_processes/processes_to_wait/
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It will be used to mount AutoFS, because context creation is required in
addition to actual mount operation.
Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This patch introduces three helpers:
1) pstree_item_by_real() - search for pstree item by real pid.
2) pstree_item_by_virt() - search for pstree item by virtual pid.
3) pid_to_virt() - return virtual pis by real one.
Note: pstree_item_by_virt() and pid_to_virt() will be used to migrate AutoFS.
Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
