- 24 Jun, 2015 1 commit
-
-
Tycho Andersen authored
Unfortunately, SECCOMP_MODE_FILTER is not currently exposed to userspace, so we can't checkpoint that. In any case, this is what we need to do for SECCOMP_MODE_STRICT, so let's do it. This patch works by first disabling seccomp for any processes who are going to have seccomp filters restored, then restoring the process (including the seccomp filters), and finally resuming the seccomp filters before detaching from the process. v2 changes: * update for kernel patch v2 * use protobuf enum for seccomp type * don't parse /proc/pid/status twice v3 changes: * get rid of extra CR_STAGE_SECCOMP_SUSPEND stage * only suspend seccomp in finalize_restore(), just before the unmap * restore the (same) seccomp state in threads too; also add a note about how this is slightly wrong, and that we should at least check for a mismatch Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
- 19 Jun, 2015 2 commits
-
-
Cyrill Gorcunov authored
For testing purpose we need to disable using of piegen utility. So lets add PIEGEN make option thus one can "PIEGEN=no make" to build criu without piegen at all. Signed-off-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
-
Andrey Vagin authored
Eric wants to restrict permissions for proc mounts in a non-root userns according with proc mounts in the root userns. Author: Eric W. Biederman <ebiederm@xmission.com> Date: Fri May 8 23:49:47 2015 -0500 mnt: Modify fs_fully_visible to deal with locked ro nodev and atime Ignore an existing mount if the locked readonly, nodev or atime attributes are less permissive than the desired attributes of the new mount. ... Signed-off-by:Andrey Vagin <avagin@openvz.org> Signed-off-by:
-
- 16 Jun, 2015 6 commits
-
-
Pavel Emelyanov authored
Reasoning: some systems have /sys/fs/cgroup stuff mounted as read-only and we have to either remount it rw or create our own set. The former doesn't look sane as this rw remounting is also done by ststemd, so let's return back to manual cgyard construction. This reverts commit 860df95f. Conflicts: cgroup.c include/cr_options.h Signed-off-by:
-
Tycho Andersen authored
Instead of keeping around multiple fds that point to various places in /proc, let's just use /proc and openat() things relative to it. Signed-off-by:
-
Tycho Andersen authored
This is a little tricky, since the threads are forked in the restorer blob, we can't open their attr/curent files to pass into the restorer blob. So, we pass in an fd for /proc that the restorer blob can use to access the attr/current files once they exist. N.B. this is still incorrect in that it restores the same credentials for all threads in the group; however, it matches the behavior of the current creds restore code, which also restores the same creds for all threads in the group. v2: use simple_sprintf() instead of pie_strcat() Signed-off-by:
-
Tycho Andersen authored
We'll use this in the next patch for printing paths to LSM files in /proc. Signed-off-by:
-
Tycho Andersen authored
o_O this is one of those "how has nobody ever hit this" bugs. According to: http://stackoverflow.com/questions/2535989/what-are-the-calling-conventions-for-unix-linux-system-calls-on-x86-64 syscall on x86_64 clobbers rcx and r11. We should mark these registers as clobbered in RUN_CLONE_RESTORE_FN so that gcc avoids using them, e.g.: ...<__export_restore_task> ... 1894: 49 89 db mov r11,rbx 1897: 4c 8d 4c 24 60 lea r9,[rsp+0x60] 189c: 48 89 eb mov rbx,rbp 189f: 48 89 44 24 10 mov QWORD PTR [rsp+0x10],rax 18a4: 48 8d 44 24 30 lea rax,[rsp+0x30] 18a9: 48 89 44 24 18 mov QWORD PTR [rsp+0x18],rax 18ae: eb 53 jmp 1903 <clone_end+0x15> 00000000000018b0 <clone_emul>: 18b0: 48 8b 74 24 08 mov rsi,QWORD PTR [rsp+0x8] 18b5: 48 83 ee 10 sub rsi,0x10 18b9: 48 89 ef mov rdi,rbp 18bc: 48 89 7e 08 mov QWORD PTR [rsi+0x8],rdi 18c0: 49 8b 7b 20 mov rdi,QWORD PTR [r11+0x20] 18c4: 48 89 3e mov QWORD PTR [rsi],rdi 18c7: 48 c7 c7 00 0d 05 00 mov rdi,0x50d00 18ce: 48 8b 54 24 18 mov rdx,QWORD PTR [rsp+0x18] 18d3: 4d 89 fa mov r10,r15 18d6: b8 38 00 00 00 mov eax,0x38 18db: 0f 05 syscall 18dd: 48 85 c0 test rax,rax 18e0: 74 05 je 18e7 <thread_run> 18e2: 48 89 c5 mov rbp,rax 18e5: eb 07 jmp 18ee <clone_end> 00000000000018e7 <thread_run>: 18e7: 48 31 ed xor rbp,rbp 18ea: 58 pop rax 18eb: 5f pop rdi 18ec: ff d0 call rax 00000000000018ee <clone_end>: 18ee: 41 83 c5 01 add r13d,0x1 18f2: 49 81 c7 00 8c 00 00 add r15,0x8c00 18f9: 45 39 6b 14 cmp DWORD PTR [r11+0x14],r13d will cause a seg fault because r11 is clobbered. Signed-off-by:
-
Cyrill Gorcunov authored
Otherwise getting | parasite-syscall.c: In function ‘parasite_infect_seized’: | parasite-syscall.c:1222:5: error: ‘elf_relocs’ undeclared (first use in this function) Simply wrap the @elf_relocs_apply with macros. Reported-by:
-
- 15 Jun, 2015 8 commits
-
-
Cyrill Gorcunov authored
When been playing wich checkpoint/restore of container I found that we can't reuse existing controller if they were pre-created. For example currently in PCS7 we're bindmount cgroups which belong to a container in a form of /sys/fs/cgroup/<controller>/<container> ==> /sys/fs/cgroup/<controller> so that CRIU dumps such configuration fine but on restore it recreates controllers from the scratch which we would like to bindmount them and ask CRIU to restore subcgroups and their parameters. So I extended --manage-cgroups option to take <mode> arguments. Detailed description in docs. Signed-off-by:
-
Cyrill Gorcunov authored
Currently we always create temporary directory where we restore cgroups, but this won't work in case if mounting cgroups is forbidden from inside of a container for some reason (as in OpenVZ kernel). So one can pass --cgroup-yard option to specify an existing directory where cgroups are living. By default we assume it lays in /sys/fs/cgroup. Signed-off-by:
-
Cyrill Gorcunov authored
For example some linkers generate @__export_parasite_args as symbol which won't relocate. Handle such case properly. Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
Otherwise it's confusing since. Signed-off-by:
-
Tycho Andersen authored
The error I got was: CC pie/piegen/elf-x86-64.o In file included from pie/piegen/elf-x86-32.c:16:0: pie/piegen/elf.c: In function ‘handle_elf_x86_32’: pie/piegen/elf.c:476:3: error: format ‘%lx’ expects argument of type ‘long unsigned int’, but argument 6 has type ‘Elf32_Word’ [-Werror=format=] pr_debug("Copying section '%s'\n" \ ^ Signed-off-by: -
Laurent Dufour authored
On PPC64, the hard definition of TFD_IOC_SET_TICKS doesn't match the kernel one. We should use the _IOW based on to be more flexible here. Signed-off-by:
Laurent Dufour <ldufour@linux.vnet.ibm.com> Acked-by:
-
- 11 Jun, 2015 9 commits
-
-
Tycho Andersen authored
We'll need this for use in the restorer blob for restoring LSMs. It looks like arm already has openat, so I think it's just x86 and ppc that need it. In any case, please double check this, as I've only tested it on x86. Signed-off-by:
-
Andrew Vagin authored
Reported-by: Mr Jenkins Signed-off-by:
Ruslan Kuprieiev <rkuprieiev@cloudlinux.com> Signed-off-by:
-
Andrey Vagin authored
If the netns image is absent, the NetnsEntry entry will not be initialized. Currently restore from old images crashes: Core was generated by `criu swrk 3'. Program terminated with signal SIGSEGV, Segmentation fault. $0 0x0000000000427d80 in netns_entry.free_unpacked () (gdb) bt $0 0x0000000000427d80 in netns_entry.free_unpacked () $1 0x0000000000436d07 in prepare_net_ns () $2 0x0000000000457c78 in prepare_namespace () $3 0x0000000000432917 in restore_task_with_children () $4 0x00007fc86acfccfd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:111 v2: remove debugging code Cc: Pavel Tikhomirov <ptikhomirov@virtuozzo.com> Signed-off-by:
Pavel Tikhomirov <ptikhomirov@virtuozzo.com> Signed-off-by:
-
Laurent Dufour authored
The checkpoint and restore of the Power PC floating point registers is buggy. The issue is that the signal frame context is defined to store double value while the protocol buffer is handling unsigned 64bits integer value. A silent cast done by the compiler was modifying the restored value in our back. This fix changes the type used when manipulating the FP registers value to be consistent between checkpoint and restart. Signed-off-by:
-
Andrey Vagin authored
Otherwise the root yard can be propagated into the host mount namespace and remain there and criu will fail, because it will not be able to remove the roots yard. It occures if we give a shared mount as root to "criu restore" and criu converts it into a slave mount. Reported-by:
-
Laurent Dufour authored
Add prefix to the piegen's error and debug output to avoid confusion and fix few debug lines. Signed-off-by:
-
Laurent Dufour authored
Since opts is defined as extern in piegen.h, there is no need to pass it as argument. Signed-off-by:
-
Laurent Dufour authored
Introduce a new -o argument to piegen to specify generate file name. Send the debug stream to stdout and force it to /dev/null in the makefile if V=1 is not specify. Signed-off-by:
-
Laurent Dufour authored
handle elf should return 0 on success. Signed-off-by:
-
- 08 Jun, 2015 14 commits
-
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
To hide @nr_gotpcrel Signed-off-by:
-
Laurent Dufour authored
When building the blob in the generated header file, we may shrink the output blobk and only copy the sections with the SHF_ALLOC bit set, the other ones are not needed at runtime. Signed-off-by:
-
Laurent Dufour authored
This cleans the assembly code, removing no more needed trick with the register 2 (TOC pointer). As a consequence, the __export_restore_task_trampoline() and __export_unmap_trampoline() are no more needed. Thus, the changes introduced by the commit de9df910 ("Per architecture restorer trampolines") in cr-restore.c are no more used but are not impacting runtime code anyway. Signed-off-by:
-
Laurent Dufour authored
PowerPC linking requires the TOC to be in its own section and to be aligned. Signed-off-by:
-
Cyrill Gorcunov authored
- Move relocs application into a separate file which get compiled as a regular C file in criu (pie/pie-relocs.[ch]) - Move types used by piegen into pie/piegen/uapi/types.h Signed-off-by:
-
Cyrill Gorcunov authored
At moment both parasite and restorer do not have any relocs because we support x86-64 only, but this will be changed soon so do a call and apply relocations. Signed-off-by:
-
Cyrill Gorcunov authored
We should use provided @nr_relocs instead of ARRAY_SIZE here. Didn't spot it earlier simply because at moment on x86-64 there is no relocs at all. Also when we apply relocation they are to be computed from virtual base of parasite address, not from local memory map address, so add @vbase parameter. And fix typo on addend in gotpcrel. Signed-off-by:
-
Cyrill Gorcunov authored
In case of @gotpcrel relocations we need additional space to carry pointers. Signed-off-by:
-
Cyrill Gorcunov authored
After this patch one can run ARCH="ia32" make to build 32bit version on CRIU on 64bit host. Note this is only build procedure which tuned up, the CRIU itself is not yet ready to make a checkpoint/restore cycle -- a lot of additional code is needed and here we rather put stubs simply to make build procedure run. Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
There is no rip addressing in 32bit code but PIE code require GOT tables and friend which we better escape for performance sake. So lets use pc relocations it should do the trick. Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
To support x86-32 mode we will need own syscall table. Here is it. Note the CRIU itself doesn't support such mode yet. Meanwhile put syscall table here just in case if someone is adding new syscall 32 bit variant should be updated as well. Signed-off-by:
-
