service_binary is either set to a const char * (CR_DEFAULT_SERVICE_BIN)
or to a user provided char *, but there is no reason to give a char *.
Users of such function will most likely provide a const char *,
that will generate a warning.
Thus, we add the const qualifier to better represent the usage of
service_binary, and avoid such warnings.
Signed-off-by: Ronny Chevalier <ronny.chevalier@hp.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
CID 161693 (#1 of 1): Resource leak (RESOURCE_LEAK)
5. leaked_storage: Variable new going out of scope leaks the storage it points to.
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Commit d9486bd720 ("arm/pie/build: do not produce relocatable parasite
object") removed -r from LDFLAGS used to compile criu pie. This
functionality somehow never made it to criu-dev, and was also lost
in master then compel was ported to it.
Make it work with compel.
Unfortunately it was not as simple as I initially thought, as -r flag
to ld was built into nmk. This patch removes it, and adds it to all
places that need intermediate linking.
Cc: Dmitry Safonov <dsafonov@virtuozzo.com>
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
As all builds are done from top source dir, there is no need
to have SRC_DIR.
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
The problem is, -Wa is a flag for assembler, but CFLAGS are also used
to generate dependencies, and clang complains loudly when it is used
for deps:
> > DEP compel/arch/x86/plugins/std/syscalls-64.d
> > clang-3.8: error: argument unused during compilation:
> > '-Wa,--noexecstack'
This patch moved the noexecflag from assembler to linker. I am not
100% sure but the end result seems to be the same.
This fixes dependency generation when using clang instead of gcc.
I surely have done my research before proposing this change, and
I have tested this change as good as I could.
Sorry, I should have provided more background in the commit message.
Here it goes.
There are a few ways to have non-executable stack:
1. mark the assembler source file (.S) with .section
.note.GNU-stack,"",%progbits
2. pass the -Wa,--noexecstack to compiler
3. pass the -z execstack to linker
All three ways are fine, let's see them in greater details.
Some people say (1) is the best way, but we have way too many
.S files now (23 of them, to be exact). Anyway, I can certainly do it
this way if you like, just let me know. It would look like this:
--- a/compel/arch/aarch64/plugins/std/syscalls/syscall-aux.S
+++ b/compel/arch/aarch64/plugins/std/syscalls/syscall-aux.S
@@ -3,6 +3,8 @@
* that are not implemented in the AArch64 Linux kernel
*/
+.section .note.GNU-stack,"",%progbits
+
ENTRY(sys_open)
mov x3, x2
mov x2, x1
Way (2) is what is currently used. Unfortunately it breaks dependency
generation with clang. One way to fix it would be to filter-out the bad
flag when we're generating deps. I tried experimenting with
$(filter-out) function in Makefiles today but it's complicated and I failed
to make it work.
Way (3) is what this commit offers. It seem to work fine while being
the least intrusive.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Reviewed-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
It is already present in rpc, so lets add it to libcriu too.
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It is already present in CLI and RPC, so libcriu should reflect it too.
travis-ci: success for lib: add inherit_fd
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
C standard specifies that the first enum element is 0 and the next ones
are +1 to a previous element (C90, "3.5.2.2 Enumeration
specifiers").
Therefore, there is no need to explicitly specify element values.
The explicit initializers were added in the first commit introducing
this enum (commit 46e8aee).
While at it, let's also add a comma after the last element, for any
future patch adding more elements to look better.
No functional change.
Cc: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It seems that the different libc (musl) which Alpine Linux uses produces
different errors than the usual glibc. This patch fixes most include
errors. Two errors are not yet resolved on Alpine Linux's libc (musl):
* proc_parse.c: In function 'parse_posix_timers':
proc_parse.c:2125:34: error: 'SIGEV_THREAD_ID' undeclared (first use in this function)
timer->spt.it_sigev_notify = SIGEV_THREAD_ID;
proc_parse.c:2125:34: note: each undeclared identifier is reported only once for each function it appears in
Seems difficult to fix as including <linux/signal.h>, which provides
this #define, generates more different error messages related to
time.h and linux/time.h collisions. It is not yet clear if additional
guards would help in the header files.
* fsnotify.c: In function 'open_by_handle':
fsnotify.c:107:9: error: implicit declaration of function 'open_by_handle_at' [-Werror=implicit-function-declaration]
return open_by_handle_at(fd, arg, O_PATH);
The function open_by_handle_at() is not provided by Alpine Linux's
libc (musl).
This patch resolves the following errors/warnings and has been tested on
RHEL7(x86_64/powerpc64le) and Fedora 24:
cr-service.c: In function 'cr_service':
cr-service.c:1082:26: error: passing argument 2 of 'accept' from incompatible pointer type [-Werror=incompatible-pointer-types]
sk = accept(server_fd, &client_addr, &client_addr_len);
^
In file included from /usr/include/fortify/sys/socket.h:20:0,
from cr-service.c:11:
/usr/include/sys/socket.h:301:5: note: expected 'struct sockaddr * restrict' but argument is of type 'struct sockaddr_un *'
int accept (int, struct sockaddr *__restrict, socklen_t *__restrict);
^
cc1: all warnings being treated as errors
files.c: In function 'open_transport_fd':
files.c:845:19: error: passing argument 2 of 'bind' from incompatible pointer type [-Werror=incompatible-pointer-types]
ret = bind(sock, &saddr, sun_len);
^
In file included from /usr/include/fortify/sys/socket.h:20:0,
from files.c:12:
/usr/include/sys/socket.h:298:5: note: expected 'const struct sockaddr *' but argument is of type 'struct sockaddr_un *'
int bind (int, const struct sockaddr *, socklen_t);
^
cc1: all warnings being treated as errors
In file included from fsnotify.c:18:0:
/usr/include/sys/poll.h:1:2: error: #warning redirecting incorrect #include <sys/poll.h> to <poll.h> [-Werror=cpp]
#warning redirecting incorrect #include <sys/poll.h> to <poll.h>
^
cc1: all warnings being treated as errors
In file included from /root/criu/criu/include/timerfd.h:7:0,
from /root/criu/criu/include/restorer.h:18,
from arch/x86/crtools.c:16:
/root/criu/criu/include/files.h:43:14: error: field 'stat' has incomplete type
struct stat stat;
In file included from arch/x86/vdso-pie.c:6:0:
/root/criu/criu/include/syscall.h:22:66: error: unknown type name 'loff_t'
extern long sys_pread (unsigned int fd, char *buf, size_t count, loff_t pos) ;
^
/root/criu/criu/include/syscall.h:83:31: error: unknown type name 'clockid_t'
extern long sys_timer_create (clockid_t which_clock, struct sigevent *timer_event_spec, kernel_timer_t *created_timer_id
^
/root/criu/criu/include/syscall.h:88:38: error: unknown type name 'clockid_t'
extern long sys_clock_gettime (const clockid_t which_clock, const struct timespec *tp) ;
^
In file included from netfilter.c:5:0:
/usr/include/wait.h:1:2: error: #warning redirecting incorrect #include <wait.h> to <sys/wait.h> [-Werror=cpp]
#warning redirecting incorrect #include <wait.h> to <sys/wait.h>
^
cc1: all warnings being treated as errors
pie/restorer.c: In function '__export_restore_task':
pie/restorer.c:1276:23: error: 'LOCK_EX' undeclared (first use in this function)
ret = sys_flock(fd, LOCK_EX);
^
pie/restorer.c:1276:23: note: each undeclared identifier is reported only once for each function it appears in
pie/restorer.c:1310:23: error: 'LOCK_UN' undeclared (first use in this function)
ret = sys_flock(fd, LOCK_UN);
^
sk-unix.c: In function 'open_unixsk_standalone':
sk-unix.c:1169:19: error: passing argument 2 of 'connect' from incompatible pointer type [-Werror=incompatible-pointer-types]
if (connect(sk, &addr, sizeof(addr.sun_family))) {
^
In file included from /usr/include/fortify/sys/socket.h:20:0,
from sk-unix.c:1:
/usr/include/sys/socket.h:299:5: note: expected 'const struct sockaddr *' but argument is of type 'struct sockaddr_un *'
int connect (int, const struct sockaddr *, socklen_t);
^
cc1: all warnings being treated as errors
c/criu.c: In function 'criu_local_set_parent_images':
c/criu.c:169:26: error: implicit declaration of function 'strdup' [-Werror=implicit-function-declaration]
opts->rpc->parent_img = strdup(path);
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
For the previously added option to skip in-flight connections this adds
that option to the RPC interface. The skip in-flight connections is also
described in criu.txt.
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Needed for container migration, where arguments are
set via p.haul as rpc request.
Signed-off-by: Nikita Spiridonov <nspiridonov@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Seems @rpc-> part has been sneaked out (forgot to
push into index), as result it built fine locally,
but not when applied from the patch.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
For handling --cgroup-props, --cgroup-props-file and
--cgroup-dump-controller from RPC interface.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This reverts commit a98014f306be4b4fefdf01af31e1efa5d83e5e4f.
As per Saied Kazemi, actually dump works without seccomp support
from the kernel on non-seccomped tasks. The only problem was with
criu check, but this would be addressed separately.
Reverting the commit not to burden the API with (yet) unneeded stuff.
Conflicts:
lib/c/criu.h
Sometimes we may want to use CRIU on older kernels which don't support
dumping seccomp state where we don't actually care about the seccomp state.
Of course this is unsafe, but it does allow for c/r of things using
seccomp on these older kernels in some cases. When the task is in
SECCOMP_MODE_STRICT or SECCOMP_MODE_FILTER with filters that block the
syscalls criu's parasite code needs, the dump will still fail.
Note that we disable seccomp by simply feigning that we are in mode 0. This
is a little hacky, but avoids distributing ifs throughout the code and
keeps them in this one place.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Saied Kazemi <saied@google.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Both CRIU library and CRIT python data are moved into
lib/c and lib/py.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
