Although we don't want to restore the values on these files, we definitely
do want to restore the permissions, as certain container engines (lxc) make
use of this.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The root mount is always external and master_id is external too.
It's required to validate mounts. We already do this on restore,
but we need to do this on dump too. Otherwise we will get the error:
Mount %d %s (master_id: %d shared_id: %d) has unreachable sharing. Try --enable-external-masters.
https://jira.sw.ru/browse/PSBM-43260
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
If for some reason ptrace_poke_area return error
we might left dumpee with memfd descriptor opened.
Later in code we remove out injected blob making
dumpee to look untouched but descriptor will hang there.
lsof from container output:
| systemd-u 48 root 6u REG 0,4 0 53855 /memfd:CRIUMFD (deleted)
Thus lets close it immediately.
https://jira.sw.ru/browse/PSBM-43199
Signed-off-by: Cyrill Gorcunov <gorcunov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
We need to detach from all processes before waiting the root
task, because one of these processes may collect processes from a
target pid namespace. The pid namespace is destroyed only when all
processes have been killed and collected.
https://jira.sw.ru/browse/PSBM-43089
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This fixes the following test error:
FAIL: binfmt_misc.c:111: mount failed (errno = 1 (Operation not permitted))
CRIU tests (./test/zdtm.py run -a) passed.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
There's only one user of it, so better to reshuffle the arg set.
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
If we happen to get 0 as the fd for the mountpoint, there is an error:
(00.280617) Dumping task cwd id 0x2b root id 0x2b
(00.280697) mnt: Dumping mountpoints
(00.280702) mnt: 132: 34:/ @ ./run/lock
(00.280714) mnt: Path `/run/lock' resolved to `./run/lock' mountpoint
tar: /proc/self/fd/0: Cannot open: Not a directory
tar: Error is not recoverable: exiting now
(00.283581) Error (util.c:666): exited, status=2
(00.283598) Error (mount.c:1220): mnt: Can't dump tmpfs content
Instead, let's not ever use 0 as the mountpoint fd.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Introduce post-setup-namespaces action script
It needed to have possibility to run cutom script after mount
namespace is configured
Signed-off-by: Igor Sukhih <igor@parallels.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It's a debug message, and it shouldn't be printed with
pr_perror(). Also, we interested in debug in the both
cases: magic and extensions.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Generate random binfmt_misc entries of different types
and check that they remain registered after the signal.
v2: pr_perror() in cleanup, .desc file and TST_DIR in Makefile
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This test calls iptables to set a new packet filter using a shared
library libxt_standard.so. Unfortunately, depending on the
distribution we are running on, this shared library may be stored on a
different place.
This patch allows this test to be run on Debian like systems.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Depending on the distribution, binaries or shared libraries a test is
dependent of may not be stored at the same place.
This patch introduces the ability to define option in the dependency
list, by separating the optional target names by a '|' character.
For instance the dependency of test may be described this way:
{'flavor': 'ns', 'deps': [ '/bin/foo|/usr/bin/foo' ], 'flags': 'suid'}
Note, there shouldn't be any spaces around the '|'.
If none of the optional dependency is satisfied, an error is raised.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
The descriptor for test netns-nf and netns are referencing /bin/diff.
On Fedora this is a hard link to /usr/bin/diff created during the
install of the package diffutils. However this hard link doesn't exist
on Debian like systems.
Referencing /usr/bin/diff works in both cases.
Signed-off-by: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It turns out we can't just test for /proc/<pid>, because the kernel appends
(deleted), since the directory is actually deleted (vs. something like
/proc/1/mountinfo, where the file still exists in the unlinked directory,
so there is no (deleted)). See comment for details.
v2: s/ret/is_dead in /proc/<pid>/xxx test, split tests to correctly test
both cases
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
A static test should not change its state during C/R.
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This patch updates Makefile for measuring code coverage in CRIU.
criu binary should be compiled with option --coverage and linked with -lgcov
option. lcov utility creates HTML pages containing the source code annotated
with coverage information.
make GCOV=1
make test
make gcov
Look at gcov/html/index.html
Changes:
- disable optimization on compilation for gathering coverage data
- mention an option for coverage in help
- cleanup the files produced for code coverage
- make path to coverage files produced by tests in ns independent on environment
- add an option lcov_branch_coverage as branch coverage disabled by default
Signed-off-by: Sergey Bronnikov <sergeyb@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
A static test should not change its state during C/R
===================== Run zdtm/live/static/session00 in ns =====================
Start test
./session00 --pidfile=session00.pid --outfile=session00.out
Run criu dump
Run criu restore
7: Old files lost: set(['4'])
7: New files appeared: set([])
############# Test zdtm/live/static/session00 FAIL at fds compare ##############
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Replace stack alignment magic constant with
__stack_aligned__ macro.
Also align stack for sigaltstack test case.
Signed-off-by: Vijaya Kumar K <vijayak@caviumnetworks.com>
Reviewed-by: Christopher Covington <cov@codeaurora.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
dev_t is %ul on x86_64 and %ull on arm32
tty.c: In function 'get_tty_driver':
tty.c:247:2: error: format '%lx' expects argument of type 'long unsigned int', but argument 4 has type 'dev_t' [-Werror=format=]
snprintf(id, sizeof(id), "tty[%lx:%lx]", rdev, dev);
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
arm64 requires stack pointer to be aligned to 16 bytes.
Update all test cases that are using clone system call
to have 16 byte aligned stack pointer.
Signed-off-by: Vijaya Kumar K <vijayak@caviumnetworks.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
arm64 requires stack to be aligned to 16 bytes.
update RESTORE_ALIGN_STACK macro to always align
to 16 bytes.
Signed-off-by: Vijaya Kumar K <vijayak@caviumnetworks.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
arm64 expects stack to be aligned to 16 bytes.
If stack pointer is not aligned clone system call
fails during restore.
Signed-off-by: Vijaya Kumar K <vijayak@caviumnetworks.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
System call number 78 corresponds to readlinkat.
Where as 78 is mapped to readlink() in syscall.def for
arm.
With this patch, use sys_readlinkat instead of sys_readlink
and update syscall.def to point syscall number 78 to readlinkat()
instead of readlink()
Signed-off-by: Vijaya Kumar K <vijayak@caviumnetworks.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
prepare_loginuid() called on kerndat_loginuid where it tests for
loginuid restore feature. Let's omit error printing for feature test.
Signed-off-by: Dmitry Safonov <dsafonov@odin.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Currently if criu segfaulted, the inventory image isn't removed and
we can't detect that images are incomplete.
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
