Three parts.
Proc: open of map_files' link doesn't work on sockets. We fstatat
it and check that it's a socket (it will be packet), then save
the socket inode on vma_area.
Dump: we resolve socket inode to socket id and save it on vma.
We use id, not inode, since on restore we'll have to mmap some
opened file, not just abstract socket with inode.
Restore: when reading vma-s we just need to find out on what fd
the respective packet socket is opened (i.e. -- no map-and-close
sockets supported by now) and dup() it to let restorer mmap it
back.
All this make it possible to c/r the tcpdump tool!
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We can have a situation, when a socket is bound, but isn't listen yet.
I can't find a situation, when we should not restore parameters.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
A stream socket may be bound, but is not listen yet.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It's no longer true, we've deresigned the parasite
pretty time ago.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
No need for explicit conversion here. It simply brings more noise.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We have more than 2 levels right now, update the usage message.
Signed-off-by: Huang Qiang <h.huangqiang@huawei.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
If we use -v [num] to set log_level and we happen to set it in the end of
arguments, the [num] we set may not work. This patch will fix it.
Signed-off-by: Huang Qiang <h.huangqiang@huawei.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Sizes of send and recv buffers are set to maximum to restore queues,
after that sizes of buffers are restored.
O_NONBLOCK is set to a socket to prevent blocking during restore.
#2411
v2: do the same for unix sockets.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
One thing to note. The socket filter proggie is a set of struct-s
wuth 8 and 16 bits values in it. Protobuf doesn't support such thing
and it's too annoying to mess with yet another message for that.
Instead, I encode all this stuff into array of fixed64 fields to
handle endianity (yes, protobuf handles it, but each field is not
just 64-bit value, but a structure).
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Print PASS only once.
Signed-off-by: Stanislav Kinsbursky <skinsbursky@openvz.org>
Acked-by: Andrew Vagin <avagin@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This test makes sure, that processes tree is restored before opened files.
This is guaranteed by holding child's "/proc/<pid>/stat" file opened by parent.
It was inspired by OpenVZ bug:
#2404
IOW, OpenVZ can't restore container with such test inside.
v2:
1) Test renamed + carefull cleanup + minor updates.
Signed-off-by: Stanislav Kinsbursky <skinsbursky@openvz.org>
Acked-by: Andrew Vagin <avagin@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The length of bootstrap in the print is old and wrong, we need to fix
it and unify the length variable.
Signed-off-by: Huang Qiang <h.huangqiang@huawei.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We'll support other tcp states and udp-specific info eventually.
This introduced switch() looks more friendly to this future.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We can't dump application that put some data in write queue and is
about to add more, as there's currently no way to fetch this data
back, and just dropping it means breaking the app-level protocol.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Move the checks to parasite_args() and make them build-time.
This gets rid of bunch of BUILD_BUG_ON-s in parasite.c.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It seems I've screwed the setup and mount points on
my testing machine thus mountpoint test become failing.
Nevertheless, better to report where exactly we've failed
for easier investigation.
With this patch I get
| ./mountpoints --pidfile=mountpoints.pid --outfile=mountpoints.out
| 20:26:07.398: 1745: umount(`/dev') failed: Device or resource busy
| 20:26:07.398: 1745: umount(`/vz') failed: Device or resource busy
| 20:26:07.399: 1745: umount(`/vz') failed: Device or resource busy
| 20:26:07.399: 1745: umount(`/vz') failed: Device or resource busy
| 20:26:07.399: 1745: umount(`/vz') failed: Device or resource busy
| 20:26:07.399: 1745: FAIL: mountpoints.c:60: Can't umount all the filesystems (errno = 16)
| 20:26:07.404: 1744: ERR: test.c:298: Test exited with unexpectedly with code 1
| (errno = 4)
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
errno is no guaranteed to be clear if call exit with
success. Thus make sure we've ret negative here and
test for errno then.
http://bugzilla.openvz.org/show_bug.cgi?id=2412
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The SO_PEERNAME sockopt reports -EINVAL if the len passed is greater
than the real one, and copies part of the address otherwise. Need to
pass there "good" optlen not to get -EINVAL falsely. On the other
hand, since we only need to check for connected/not-connected it's
enough to push there 1 byte.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It's almost the same as find_first_sid, lets use
it instead.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
* Increase sizes of tcp rcv and snd bufffers
* Fill buffers
* Dump/Restore
* Check, that all data were restored
This test reproduces a problem from buf #2411
v2: don't use test_waitsig() in external processes, because they
can be out of this pid name-space.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
We have own mechanism to restore controlling
terminal thus we don't need the kernel to create
it in implicit way.
#2409
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Andrew Vagin <avagin@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It's being found that we fail to restore tasks which
are not session leaders but have controlling terminals.
This patch reworks tty_find_restoring_task logic to fix
the problem. The problem itself basically was the following --
in case if there no sid present even on master peer or on both
master/slave peers, we were trying to find a restoring task,
and that's wrong since we have peers which do not belong our
session.
#2409
Reported-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Andrew Vagin <avagin@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Writing to last_pid sysctl is CAP_SYS_ADMIN potected. Thus restoring
creds before it won't work in all the cases.
Fix this by making all threads restore creds themselves, and the
thread group leader -- after all of them.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Acked-by: Andrey Vagin <avagin@parallels.com>
Here are two things:
* A test process is a session leader
* It has a terminal, which are not conrolling for anyone.
For bug #2409
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
The size of vector depends on the kernel config
so use the real size of a vector dumped. Otherwise
we might fail on restore.
Reported-by: Stanislav Kinsbursky <skinsbursky@parallels.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Threads do not share creds, thus they should restore them from
group leader (or restore them in the same state which is less
appealing).
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
