This is needed for the case when the target descriptor is image
cache/proxy socket.
Signed-off-by: Rodrigo Bruno <rbruno@gsd.inesc-id.pt>
Signed-off-by: Katerina Koukiou <k.koukiou@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
After fds restore set merge we no longer need two lists.
Don't BUG in eventpoll when the tfd is not on the list.
This situation means that it's restored, so it's safe
to report OK from this place.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
This is to avoid long item->pid->ns[0].virt for vpid(item).
This is
1) for f in $(git grep -l 'ns\[0\]'); do
sed -e 's/\([a-zA-Z0-9_]\+\)->pid->ns\[0\].virt/vpid(\1)/g' -i $f;
done
2) adding of vpid() routine
3) some manual fixlets
Reviewed-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
We should only get to the post-open stage for standalone
sockets with peers. All the others return 0 from ->open
which means "restore is over".
This change avoids double calling or rst_file_params and
restore_socket_opts for those ones.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Trying to use the FEATURE_CHECK RPC with criu_req->criu_opts set to NULL
makes CRIU segfault. Technically there is no reason to have a valid
criu_req->criu_opt during feature check. The only reason was to set the
image directory for setproctitle(). This removes the segfault and the
unnecessary requirement of setting criu_req->criu_opts.
Another possible solution would have been to return an error if
criu_req->criu_opts is NULL but so far it seems unnecessary to have
criu_req->criu_opts during feature check.
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
This will help us catch bugs where the arguments are not in line
with the format string.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
criu/sk-queue.c | 33 ++++++++++++---------------------
1 file changed, 12 insertions(+), 21 deletions(-)
In order to prepare for the use of sockets to transfer the image files
lseek calls needs to be removed. For sk-queue, we now read the packet
data at the same time than the header. This has the disadvantage to
consume more memory between the image read and the packets restore, but
should hopefully be affordable.
Signed-off-by: Rodrigo Bruno <rbruno@gsd.inesc-id.pt>
Signed-off-by: Katerina Koukiou <k.koukiou@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
When criu is compiled with GCOV=1, .gc* files created are never
cleaned. While 'git clean -dxf' does the job and is popular
among the criu devs, it still feels good to have good ol'
make clean doing the right thing.
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
For most of the CLI tools I see, adding -v option increases their verbosity.
Currently, this is not the case for criu. Default verbosity is set it 2,
and using -v actually decreases the verbosity level to 1, so to increase
verbosity you need to use -vvv (or -v3). To me, this behavior is
quite counterintuitive.
This patch changes the way -v works (but retains -vNUM as it was). Now,
using -v increases verbosity by +1 from the default value (and e.g. -vvv
increases it by +3).
Surely, this changes user experience: for example someone who
was using -v (rather than -v1 or -v0) to silent warnings, will
now have verbosity increased. IMHO this is for the better.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
"zdtm.py run -a" doesn't work on Alpine:
find: unrecognized: -executable
So run zdtm/static/env00 for now to be sure that
it is not broken at all.
travis-ci: success for travis: execute tests on Alpine
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It works faster and allows to check exit codes.
travis-ci: success for series starting with [1/2] page-server: don't return a server pid from page-server
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
We see the "No space left on device" error on the current version,
so let's try to use a newer version of Alpine, maybe this error
has been fixed there.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Here we check that a master of a bind-mounted slave was opened in the
root mount namespace. The problem is that we restore all mounts in the
root mount namespace. Only when all mounts are restored, we create other
mount namespaces. So when we are restoring mounts, we can open files
only in the root mount namespace.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Currently all mounts are restored in a one mount namespace, then
this namespace is cloned to restore other mount namespaces and
we need another copy of this namespace to clean link remap files.
Let's define terms:
A - the root mount namespace
B - the mount namespace where link remap files are destroyed
Currently we restore all mounts in the B namespace and then
clone it into the A namespace.
But it doesn't work in a case, when we have to open file
descriptores to restore mounts (e g to restore bind-mount
pty slaves), because a file descriptor has to be opened from
a specified mount (which is one of restore mount namespaces).
This patch reworks code so, that all mounts is restored in the A mount
namespace and then the B mount namespace is created. In this case
we can open files from the root mount namespace (A).
$ ./zdtm.py run -t zdtm/static/pty-console --iter 5
====================== Run zdtm/static/pty-console in ns =======================
Start test
Test is SUID
./pty-console --pidfile=pty-console.pid --outfile=pty-console.out
Run criu dump
Run criu restore
Run criu dump
=[log]=> dump/zdtm/static/pty-console/36/2/dump.log
------------------------ grep Error ------------------------
(00.106521) Error (criu/files-reg.c:1132): Can't lookup mount=563 for fd=4 path=/ptmx
(00.106585) Error (criu/cr-dump.c:1325): Dump files (pid: 70) failed with -1
(00.129041) Error (criu/cr-dump.c:1674): Dumping FAILED.
------------------------ ERROR OVER ------------------------
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Now we create pty pairs when file descriptors are restored.
The problem is that a slave tty can be bind-mounted to somewhere
and in this case we have to create this pair and hold a master file
descritore before related file descriptors will not be restored.
In this patch, a unix socket is used to hold file descriptros.
And we use SK_PEEK_OFF and MSG_PEEK to get any of them.
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
When we need to get a file descriptor, we have to set peek offset
and then to peek a message. There are two system calls, so we need
to be sure that nobody changes a socket peek offset after we set it.
Acked-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
We need a storage for file descriptors which is shared between processes
and doesn't use a lot of file descriptors. We are going to use it on
restore and if it will use file descriptors, we will have to find
descriptors which don't used by all restored processes to not confilict
with their descriptors.
There are two solutions. The first one is a service (process) which
handles to command push_fd(id, fd) and pop_fd(id, fd).
Another solution is to save descriptros in a unix socket. It requires
only one extra descriptor which we can register as a service fd. Each
unix socket has a buffer and can fit a number of file descriptros. We
can use SK_PEEK_OFF and MSG_PEEK to get file descriptros from a socket
as many times as we need.
This patch implements the second solution.
v2: call recvmsg with MSG_PEEK
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Now Docker creates a pty pair from a container devpts to use is as console.
A slave tty is set as a control tty for the init process and bind-mounted
into /dev/console. The master tty is handled externelly.
Now CRIU can handle external resources, but here we have internal resources
which are used externaly.
https://github.com/opencontainers/runc/issues/1202
travis-ci: success for A few fixes to c/r a docker container with a console (rev3)
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
In 2.11 we've had several got bronek:
- page-server start via RPC
- Fedora build
- ppc64le restorer switch
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Recent Fedora releases add -Wp,-D_FORTIFY_SOURCE=2 to rpm builds,
which breaks compiling pie code on some architectures due to its
trying to use (absent) memcpy_chk() instead of usual memcpy().
We must stand strong against FORTIFY_SOURCE in pie code.
No pasaran! Viva la resistance!
NOTE: in tests, FORTIFY_SOURCE is disabled for completely different
reasons (see commit d1a36cc9 for details), so we're not touching it.
[v2: resend the correct (latest) version]
Reported-by: Reported-by: Adrian Reber <adrian@lisas.de>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The JUMP_TO_RESTORER_BLOB assembly macro has been rewrote through the
commit '89d6b39cfe36 ppc64: pie -- Add ppc64le relocation's
processing', but the Clobber list hasn't been updated.
This doesn't generate build neither runtime errors since the Clobber
list was larger than needed but GCC 7 is now raising an error when an
assembly macro is clobbering the r2 register.
This patch fix the Clobber list to just modified registers.
Fixes: 89d6b39cfe ("ppc64: pie -- Add ppc64le relocation's processing")
Reported-by: Adrian Reber <adrian@lisas.de>
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Commit 10801f36 (page-server: don't return a server pid from
page-server) broke page-server starting via RPC -- the latter
code checks for return value being <=0 as failure.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
This is a bugfix-mostly release. Interesting new features include
the huge rework of files restoring engine which fixed us bugs we
haven't seen in reality :) but have proven they exist. Als this
rework opens the way for scm-rigts c/r we need for nginx.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
As runc uses the RPC interface to run criu it is necessary to expose
the newly added status-fd feature via RPC. Using the status-fd interface
makes it possible to use lazy migration with runc.
travis-ci: success for RPC: make status-fd option available via RPC (rev3)
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
We will need it to include types once compel
gets into own directory.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Migrating a process between a system with the 'xsave' CPU flag and
another system without the 'xsave' CPU flags is not possible and
fails during restore. To avoid this situation it is possible to boot
the source system of the migration with 'noxsave' kernel command-line.
Unfortunately criu currently tries to detect the presence of 'xsave'
with the macro X86_FEATURE_XSAVE which represents the features of
the CPU without taking into account if the operating system has
disabled 'xsave'. Checking for 'xsave' availability with the macro
X86_FEATURE_OSXSAVE detects correctly if Linux has been booted
with disabled 'xsave' and thus migrating processes between hosts
with and without 'xsave' is possible if the kernel uses the flag
'noxsave'.
travis-ci: success for criu dump fails when using noxsave (rev2)
Signed-off-by: Adrian Reber <areber@redhat.com>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Nowadays we have parasite and restorer logs just start with pie:
prefix. Let's add timestamps in restorer too.
For parasite adding timestamps would require passing the start
timeval through the libcompel which is not (yet) clear how to do.
travis-ci: success for pie: Print timestamps in restorer
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
When we collect all the read_page requests into one big preadv
call, the latter one may not read all the data in one go and
return less bytes read, than requested.
This is valid and already met in a bug :) So advance the iovec
set with the ret value and continue reading.
v2: Compilation fix on arm-s
A little bit more debugging
https://github.com/xemul/criu/issues/271
travis-ci: success for series starting with [1/2] pagemap: Support async pages reading by chunks (v2)
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This patch reworks this function, removes mess and fix
the next coverity issue:
394 m->parent = parent;
CID 175314 (#1 of 1): Dereference after null check (FORWARD_NULL)
27. var_deref_model: Passing null pointer &parent->children to list_add_tail, which dereferences it. [show details]
travis-ci: success for mount: simplify mnt_build_ids_tree()
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The problem is in the chroot test:
geninfo: ERROR: /home/travis/build/xemul/criu/test/zdtm/static/chroot.dir.test/home/travis/build/xemul/criu/images/timer.gcno: could not open file
We can just ignore these errors.
travis-ci: success for travis: fix collecting code coverage
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
