The test is trying to write into a closed socket and the kernel sends
SIGPIPE in this case, which is perfectly normal and should not fail the
test.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
On a system with more than 10 network interfaces the link_nsid check
fails:
$ criu check --feature link_nsid
Warn (criu/cr-check.c:1237): NSID isn't supported
The function kerndat_link_nsid() uses:
nde.ifindex = 10;
This fails as there is already an interface with ifindex 10.
This patch moves the creation of the socket into the second network
namespace and the feature check succeeds.
Suggested-by: Jiri Benc <jbenc@redhat.com>
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
This reverts commit 6b0292e126.
handle_binary() is needed for preparing PIE header during compilation.
If we need to provide API for building another compel binary, probably
it should be a separate library from libcompel.{a,so}
IOW, there is no sense to have handle_binary() included into CRIU.
For CRIU it's needed only during the build to generate parasite header.
Move handle_elf() to compel binary from library, as it was previously
corrected in commit 64bb75a859 ("compel: Drop off handle-elf routines
from library").
Acked-by: Cyrill Gorcunov <gorcunov@gmail.com>
Cc: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Dmitry Safonov <dima@arista.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Libcompel supplies to the parasite PAGE_SIZE during infection.
On ppc64/aarch64 PAGE_SIZE can be different with Large pages,
under the cover it returns __page_size.
At this moment __page_size is located in criu binary, which
prevents using libcompel as .so library in other applications
than criu on ppc64/aarch64.
Export __page_size and __page_shift in libcompel.
Fixes: #572
Fixes: 2d965008d3 ("ppc64/aarch64: Dynamically define PAGE_SIZE")
Cc: Adrian Reber <areber@redhat.com>
Acked-by: Cyrill Gorcunov <gorcunov@gmail.com>
Reported-by: Alexey Shabalin
Signed-off-by: Dmitry Safonov <dima@arista.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Related: https://github.com/checkpoint-restore/criu/issues/577
Restoring a runc container which is running in the host's network
namespace locked the network (iptables-restore) without unlocking it.
This disables network logging if running in the host's network
namespace.
Suggested-by: Andrei Vagin <avagin@gmail.com>
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Recently, I introduced a new mode when a service fd are not dupped into
a fixed file descriptor number. A side effect of this is that we need to
close the old descritpor if it was installed.
Fixes: d349999967 ("criu: remove all magic of service-fd when it isn't required")
In vz7 we've a slightly different code base where fields
2 and 3 are already used. So lets reserve them and move
raw member to another number.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Just like with other inet sockets simply fetch additional
data (such as ICMP) and restore it back then.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Raw sockets may have arbitrary protocol so we
need different helper to lookup socket.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
So they would pass this check.
Note because we didn't allow raw socks in can_dump_ipproto
this routine won't be reached and it's safe to modify it this
way without breaking existing tests.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
IP_FREEBIND is not supported for SOCK_RAW ipv6 sockets.
See kernel rawv6_setsockopt() for the details.
For the rest of sockets, where they begin to support it:
the actual magic happens in do_ipv6_setsockopt(), and
IPV6_ADDRFORM optname changes sk->sk_prot to refer
to tcp_prot, udp_prot and udplite_prot, which contains
link to ip_setsockopt().
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
No need to call for do_dump_opt, since these params
are already fetched.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Don't allow to proceed dumping since we don't support
raw sockets restore yet.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
To collect raw sockets we need the kernel to support raw_diag module.
Signed-off-by: Cyrill Gorcunov <gorcunov@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
After recent update of flake8, we have a lot of e117 warnings:
test/zdtm.py:1748:5: E117 over-indented
test/zdtm.py:1751:5: E117 over-indented
test/zdtm.py:1755:6: E117 over-indented
test/zdtm.py:1757:7: E117 over-indented
test/zdtm.py:1764:6: E117 over-indented
test/zdtm.py:1766:5: E117 over-indented
test/zdtm.py:1767:6: E117 over-indented
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Recently, a kernel behaviour how siginfo is copied into user-space was
changed:
4ce5f9c9e754 ("signal: Use a smaller struct siginfo in the kernel")
According to the rt_sigqueueinfo man page, the caller should set
si_code, si_pid, si_uid, si_value and there is no guarantee about other
fields.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
So here it is -- the release with lots of new stuff and bugfixes.
Mainly, the new code is for integration with Docker and to support
modern hardware.
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
safe_dump produces only standard YAML tags and
cannot represent an arbitrary Python object.
Reported-by: Mr Jenkins
Signed-off-by: Andrei Vagin <avagin@gmail.com>
This makes two zdtm test scripts python3 compatible to run
zdtm on a system without python2.
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
The Go bindings for CRIU and the P.Haul extension have been moved into
a separate repository.
This patch removes the following from the criu-dev branch:
- lib/go/*
- phaul/*
- scripts/travis/phaul
The removed files are available in
https://github.com/checkpoint-restore/go-criu
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
A few controllers can be merged and before this patch, criu required to
set a new root by specifying all merged controllers.
This patch allows to specify a new root for each controller separately,
but criu will check that all merged controllers will have the same path.
https://github.com/checkpoint-restore/criu/issues/544
Signed-off-by: Andrei Vagin <avagin@gmail.com>
If we want to use flock64, we have to use fcntl64. Otherwise we will get
errors like this:
ERR: file_locks07.c:49: Can't set ofd lock (errno = 22 (Invalid argument))
Reported-by: Mr Jenkins
Signed-off-by: Andrei Vagin <avagin@gmail.com>
It looks like, this one is no more needed.
You were a hard child, RIP.
Signed-off-by: Dmitry Safonov <dima@arista.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Kernel will send signal with ABI of *syscall* that made rt_sigacation().
In sigaction_compat_abi():
> if (in_ia32_syscall())
> act->sa.sa_flags |= SA_IA32_ABI;
So, we can omit switching to ia32 mode and just call int80 like in other places.
We still need 32-bit argument for syscall (sig action pointer).
As call32_from_64() switches mode, it's .text should be placed in lower 4Gb,
which was the reason of segfault if linker places criu code above 4Gb.
Oops, my bad.
Fixes: #567
Reported-by: Andrey Vagin <avagin@gmail.com>
Signed-off-by: Dmitry Safonov <dima@arista.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Looks like, we're missing the check which potentially can add us
some troubles.
Signed-off-by: Dmitry Safonov <dima@arista.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
%ebx, %ecx aren't specified as clobbers in chk_proc_fpu(),
while asm cpuid overwrites them.
In the turn, %ebx is used as a code position by gcc now:
1661: e8 9a 00 00 00 call 1700 <__x86.get_pc_thunk.bx>
1666: 81 c3 46 68 00 00 add $0x6846,%ebx
Which results in dereferencing some ugly garbage (result of cpuid).
Let's use zdtm/lib cpuid() function instead.
Signed-off-by: Dmitry Safonov <dima@arista.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Here is one of popular error, when we call fork, then run a child code
and instead of exiting from a child process, we returns from a current
function with an error code.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
There are a few patches in linux-next, which added this check:
ipc: IPCMNI limit check for semmni
ipc: IPCMNI limit check for msgmni and shmmni
Signed-off-by: Andrei Vagin <avagin@gmail.com>
cr_check() initializes root_item and calls collect_pstree_ids. It was
not designed to be called directly from a service process.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
setup_opts_from_req() sets up logging and call kerndat_init().
Investigated-by: Adrian Reber <areber@redhat.com>
Fixes: 6e04f3b2dd06 ("criu: call kerndat_init() after log_init()")
Signed-off-by: Andrei Vagin <avagin@gmail.com>
When restoring a task in it's user namespace we had: "Unable to open
pages-3.img: Permission denied" when trying to open pages images for
write. (Write is needed for memory images deduplication feature to
work.)
These patch makes do_open_image open images fd through usernsd, to have
root permissions.
Also increase MAX_UNSFD_MSG_SIZE as path and metadata don't fit, and
remove a workaround in prepare_vma_ios.
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Rename the local variables 'pb' to 'pbuff' to avoid conflict with the
imported 'pb' module.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
Signed-off-by: Andrei Vagin <avagin@gmail.com>
Otherwise all external tty-s will share the same tty info,
what is obviously wrong.
v2: allocate a separate tty index range for externl terminals
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Andrei Vagin <avagin@gmail.com>