- 02 Mar, 2018 40 commits
-
-
Kirill Tkhai authored
This patch makes the call of service fds relocation after root_prepare_shared()->prepare_fd_pid(). Next patches will make service_fd_base depend on task's max fd used, and for root_item we need to read all fles to know the maximum of them. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Next patches will make service_fd_base not contant. It will be "floating" and change from task to task. This patch makes preparation for that: it closes old service fd after it's duplicated. Currently the code is unused as in case of !(rsti(me)->clone_flags & CLONE_FILES), the child has the same id as its parent, and the duplication just does not occur. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Refactoring for next patches. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
This patch counts maximum of inherited fds. The value will be used in next patch. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Next patches will make service fds numbers not connected not rlimit. Change the name to better fit its goal. Also, leave service_fd_rlim_cur variable to have cached access to rlimit value. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> v2: More comments Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Mark area, where service fds modifications are prohibited. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
This patch populates/occupies PROC_FD_OFF fd number, which is goint to be replaced atomically in next patches. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
This patch populates and occupies ROOT_FD_OFF fd, which guarantees it won't be reused by ordinary fds. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
This patch introduces sfds_protected, which allows to mask areas, where modifications of sfds are prohibited. That guarantees, that populated sfds won't be reused. v4: New v5: Add comment and print sfd type before BUG(). Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Function to print call trace of a process. Borrowed from this fm: https://www.gnu.org/software/libc/manual/html_node/Backtraces.html backtrace() and backtrace_symbols() are not implemented in alpine, so we use __GLIBC__ ifdef to do not compile this function there. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Net namespace does not act on /proc/[pid] context, so this close is completely useless. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
1)Further mntns_set_root_fd() calls install_service_fd(), which silently closes already open fd. So, kill close_service_fd() and make __mntns_get_root_fd() atomical in ROOT_FD_OFF modifications. 2)close_pid_proc() is not need here, as it's about root_item's /proc directory and __mntns_get_root_fd() actions don't act on it. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Here we need to close proc self fd only, as it's not a service fd, and it can occupy real task fd number. Closing of PROC_PID_FD_OFF is useless action here, because it's already occupy a service fd number. So, we skip this excess syscall, and leave PROC_PID_FD_OFF open. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Place stdin in fdstore. Kill SELF_STDIN_OFF. v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Next patch will move SELF_STDIN_OFF sfd to fdstore. This patch moves fdstore_init() before tty_prep_fds(). v4: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Create a zombie with specific pgid and check that pgid remains the same after restore. This test hangs criu restore without any of two previous patches: 1)without "restore: Call prepare_fds() in restore_one_zombie()" in 100% cases; 2)without "restore: Split restore_one_helper() and wait exiting zombie children" fail is racy, but you can add something like criu/cr-restore.c: ## -1130,6 +1130,8 @@ static int restore_one_zombie(CoreEntry *core) if (task_entries != NULL) { restore_finish_stage(task_entries, CR_STATE_RESTORE); + if (current->parent->pid->state == TASK_ALIVE) + sleep(2); zombie_prepare_signals(); } and it will fail with almost 100% probability. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Cleanup fork() definition and make a generic function for all archs. It may be useful, when you want to add more clone flags to fork(), or if you want to pass more, than one argument to child function (glibc's clone alows only one). Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Zombie is also can be choosen as a parent for task helper like any other task. If the task helper exits between restore_finish_stage(CR_STATE_RESTORE) and zombie_prepare_signals()->SIG_UNBLOCK, the standard criu SIGCHLD handler is called, and the restore fails: (00.057762) 41: Error (criu/cr-restore.c:1557): 40 exited, status=0 (00.057815) Error (criu/cr-restore.c:2465): Restoring FAILED. This patch makes restore_one_zombie() behave as restore_one_helper() and to wait children exits before allowing SIGCHLD. This makes us safe against races with exiting children. See next patch for test details. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Zombie may be choosen as parent for task helper during solving pgid dependences. In this situation, it becomes to share fdt with the helper and it has to call prepare_fds() to decrement fdt->nr. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Make it possible to use this function by tests. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
CTL_TTY_OFF and reserve_service_fd() are unused now, so purge them from the code. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
There are two problems. The first is CTL_TTY_OFF occupies one of the biggest available fds in the system. It's a number near service_fd_rlim_cur. Next patches want to allocate service fds lower, than service_fd_rlim_cur, and they want to know max used fd from file fles after the image reading. But since one of fds is already set very big (CTL_TTY_OFF) on a stage of collection fles, the only availabe service fds are near service_fd_rlim_cur. It's vicious circle, and the only way is to change ctl tty fd allocation way. The second problem is ctl tty is ugly out of generic file engine fixup (see open_fd()). This is made because ctl tty is the only slave fle, which needs additional actions (see tty_restore_ctl_terminal()). Another file types just receive their slave fle, and do not do anything else. This patch moves ctl tty to generic engine and solves all the above problems. To do that, we implement new CTL_TTY file type, which open method waits till slave tty is received and then calls tty_restore_ctl_terminal() for that. It fits to generic engine well, and allocates fd via find_unused_fd(), and do not polute file table by big fd numbers. Next patch will kill currently unneed CTL_TTY leftovers and will remove CTL_TTY_OFF service fd from criu. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Move the function and reduce its arguments number. This is cleanup needed to keep all tty code together. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Just mark the fle as "fake" and the engine will do all the work. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
service_fd_id is id of a specific task, while other tasks in shared fd table group may have bigger id numbers. In this case given unused fd intersects with service fds of such tasks. This leads to undefined behaviour. Fix that. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
This patch speeds up creation of child process by disabling iteration over open files for the most cases. Really, we don't need that now, as previous patches make parent files do not leak: mnt namespace fds are stored in fdstore, pid proc files are closed directly. So, now we can skip closing old files for the most cases, except some CLONE_FILES cases: we need that only if parent have CLONE_FILES in its flags (and for root_item). Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
When task is in pid namespace, getpid() can't be used to identify it. So, use vpid instead of that. Also, move log_init_by_pid() above pid check. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Child does not know about parent's pid proc fd, and it can't close it by fd. Next patch will do close_old_files() optional, and it will base on the fact there is no leftover fds. So, close pid proc directly. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
This allows to decrese number of file descriptors, which are passed to children, and that is need to close in close_old_files(). Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>: Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
No functional changes. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
The both branches need this, so move it up. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
mntns_get_root_fd() may be called by a task from !root_user_ns, and it fails if so. Put root fd to fdstore to allow use it every task. v3: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
CR_PROC_FD_OFF is need for accessing to foreign tasks fds, and will be used in the future. TRANSPORT_FD_OFF is for uniformity. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
I need named socket to communicate with pid_ns helpers (see next patches) and receive answer from them (it's impossible to send answer to unnamed socket). As we already have transport socket, we'll reuse it for the above goal too. This patch makes transport sockets be created before creation of children tasks. Also, now they are created not only for alive tasks (so we need additional manipulations for TASK_HELPERS, e.g., to call prepare_fdt()). v5: Return CLONE_FILES clone() argument during task helpers creation. Also get rid of fdt_mutex as CLONE_FILES processes does not close old files after clone, and we don't have intertersections between them. Also, socket() system call can't return a fd in service fds range, which was the main reason to have this mutex. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
Next patches will create transport sockets in task helpers. As helpers are forked using CLONE_FILES, they must resolve shared fds to create their own service fds. This patch allows that. I've digged in the code, and there is no a reason, we need pid_rst_prio() during choosing of fdt restorer. So, this case may be safely deleted, which guarantees, that in case of TASK_HELPER, the restorer of fdt will be parent, i.e., no one TASK_HELPER will be restorer of fdt. v5: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
This is refactoring, which will be used in next patches. BUG_ON() just to mention that parent must be set before call of this function. v5: New Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Kirill Tkhai authored
We close it in sigreturn_restore() for unification with other service fds, so kill the second close() from here. Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Cyrill Gorcunov authored
This minimize chances to hit problem where files used for page transfer are trying to use same number reserved for service fd. Signed-off-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Cyrill Gorcunov authored
Will need it to unlimit the files allocation for service fd reserving and later for parasite code run (which is implemented in vz7 instance and soon will be ported into vanilla). Signed-off-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-