- 23 Jul, 2015 1 commit
-
-
Andrey Vagin authored
It's required for zdtm/live/static/different_creds cc -g -O2 -Wall -Werror -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=0 -iquote ../../lib/arch/x86/include -I../../lib -c -o different_creds.o different_creds.c different_creds.c:7:28: fatal error: sys/capability.h: No such file or directory Signed-off-by:
Andrew Vagin <avagin@openvz.org> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
- 21 Jul, 2015 6 commits
-
-
Ruslan Kuprieiev authored
Reported-by:
Andrew Vagin <avagin@gmail.com> Signed-off-by:
Ruslan Kuprieiev <kupruser@gmail.com> Signed-off-by:
-
Cyrill Gorcunov authored
The kernel doesnt allow to call lseek on /dev/kmsg if it has been opened with O_WRONLY mode so our restore procedure fails. Thus if we meet a file which fits the condition above -- set it's position to predefined value which tells criu to not call lseek on restore. Signed-off-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
-
Andrey Vagin authored
Signed-off-by:
-
Andrey Vagin authored
to be able to use any symbols in paths Signed-off-by:
-
Andrey Vagin authored
mountinfo contains mangled paths. space, tab and back slash were replaced with usual octal escape, so we need to replace these charecter back. v2: declare cure_path as static Signed-off-by:
-
Andrey Vagin authored
For example: mount -t tmpfs "" test v2: don't leak memory Reported-by:
Ross Boucher <boucher@gmail.com> Signed-off-by:
-
- 16 Jul, 2015 7 commits
-
-
Ruslan Kuprieiev authored
Currently, libcriu is connecting to CRIU service by itself, just asking user for a path to socket. But in some cases users need to provide fd instead path. For example, sometimes task has no access to criu socket because of strict security mesures, but is able to inherit fd from a parent that has access to criu socket. v2, use union for addr and fd Signed-off-by:
Ruslan Kuprieiev <rkuprieiev@cloudlinux.com> Signed-off-by:
-
Ruslan Kuprieiev authored
We only need a rpc.pb-c.h header. Signed-off-by:
-
Ruslan Kuprieiev authored
criu_opts contains rpc options and notify callback, so we can keep all options in just one structure. This will allow us to easily extend libcriu functionality and yet keep all options in one place. We're also not hiding rpc opts structure anymore, so it is pretty clear where power-user should put his own CriuOpts instance if he would like to do that. Signed-off-by:
-
Tycho Andersen authored
8ffbe754 moved the rst_mem_lock() call, but didn't move the corresponding LSM allocations, so we do that here. One unfortunate thing is that we have to split this into two steps: first we have to read the creds to figure out exactly how much memory to allocate for the lsm string. Since prepare_creds() wants to write directly to the task_restore_args struct and that can't be allocated until after we lock the restore memory, we break it up into two steps. Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
-
Tycho Andersen authored
We need to wait for listen() as well as bind() for internal unix sockets, or we can race like this: (00.135950) 1: Opening standalone socket (id 0xb ino 0x9422f peer 0) (00.135974) 353: Error (sk-unix.c:701): Can't connect 0x947c4 socket: Connection refused (00.136390) 1: Error (cr-restore.c:1228): 353 exited, status=1 (00.136407) 1: Putting 0x9422f into listen state (where 0x9422f is the peer for 0x947c4) This race was pretty rare for me, but I've run 1000 tests and it didn't happen so hopefully this patch fixes it :) Signed-off-by:
Andrew Vagin <avagin@odin.com> Signed-off-by:
-
Andrey Vagin authored
Signed-off-by:
-
Cyrill Gorcunov authored
In commit c7d646af we introduced cgroup resotre modes but when option passed via RPC code it simply either true or false which erroniously maps to CG_MODE_PROPS or CG_MODE_IGNORE modes. Lets map @true to CG_MODE_SOFT to preserve backward compatibility and enhance this option in future via separate option. Reported-by:
Ross Boucher <rboucher@gmail.com> Signed-off-by:
-
- 15 Jul, 2015 8 commits
-
-
Andrey Vagin authored
It's rudiment. close_old_fds() closes all extra descriptors. Signed-off-by:
-
Andrey Vagin authored
* reopen a pipe descriptor via /proc/self/fd/X * give another end of a pipe to "criu restore" Signed-off-by:
-
Andrey Vagin authored
Signed-off-by:
-
Andrey Vagin authored
When we restore an inhereted pipe, we have only one end and we don't know whether it's write or read one. So we need to call reopen_pipe each time. Signed-off-by:
-
Andrey Vagin authored
Otherwise we can get an error like this: 1: \t\tCreate transport fd /crtools-fd-1-5 ... 1: Found id pipe:[122747] (fd 8) in inherit fd list 1: File pipe:[122747] will be restored from fd 9 duped from inherit 1: Error (util.c:131): fd 5 already in use (called at files.c:872) Signed-off-by:
-
Andrey Vagin authored
rst_tcp_repair_sockets is filled when all sockets are collected, but the repair mode should be disabled only for sockets which are restored in a current process. https://bugzilla.openvz.org/show_bug.cgi?id=3281 v2: add a comment v3: typo fix Fixes: 73e303c8 ('rst: Fix rst_tcp_sock memory management') Signed-off-by:
-
Andrey Vagin authored
linux/seccomp.h doesn't use in the different_creds test. Signed-off-by:
-
Tycho Andersen authored
We don't use this any more (and the test was deleted in a previous patch), so let's get rid of this too. Signed-off-by:
-
- 14 Jul, 2015 14 commits
-
-
Pavel Emelyanov authored
This reverts commit 063c5b89.
-
Andrey Vagin authored
This combination was forbidden in 3.12 commit 40a0d32d1eaffe6aac7324ca92604b6b3977eb0e : "fork: unify and tighten up CLONE_NEWUSER/CLONE_NEWPID checks" and then it was permited again in 3.13: commit 1f7f4dde5c945f41a7abc2285be43d918029ecc5 fork: Allow CLONE_PARENT after setns(CLONE_NEWPID) Cc: Adrian Reber <adrian@lisas.de> Signed-off-by:
-
Tycho Andersen authored
v2: use the test list instead of the file for telling zdtm.sh the test will fail Signed-off-by: -
Tycho Andersen authored
We'll use this in the next patch when testing the creds comparison for threads. v2: use an explicit list in zdtm.sh instead of a file in the test dir Signed-off-by:
-
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
And rename it for easier grepping Signed-off-by: -
Andrey Vagin authored
Signed-off-by:
-
Pavel Emelyanov authored
After we got the total remapable rst memory size, we no longer can allocate from it, otherwise the bootstrap area will not have enough size. Signed-off-by: -
Pavel Emelyanov authored
It's similar to previous patch with tcp mem -- no need to realloc big arrays and then memcpy data between them. It's enough just to walk timerfd objects at the very end. Signed-off-by: -
Pavel Emelyanov authored
In current scheme we grow an array with realloc()-s then memcpy() the result into rst_mem. I propose to get rid or realloc-s (we already have objects for the data we need to keep) and memcpy-s (and put objects directly into rst_mem at the end). Signed-off-by: -
Pavel Emelyanov authored
Calling rst_mem_alloc() in a loop with increasing size causes the n^2 memory grow :) since _alloc is not _realloc. Signed-off-by:
-
- 13 Jul, 2015 4 commits
-
-
Saied Kazemi authored
The help message of CRIU has grown in size and is truncated because the size of the private buffer in log.c is too small. This patch increases the size of the buffer. [ The "bad" message is the --help output one ] Signed-off-by:
Saied Kazemi <saied@google.com> Signed-off-by:
-
Andrey Vagin authored
The kill syscall queues a signal, but doesn't wait when it will be handled. We need to wait processes if we kill them. The user doesn't expect to find processes after dump in this case. PTRACE_DETACH returns errors for dead tasks, so we don't need to do it in these cases. Cc: Nikita Spiridonov <nspiridonov@odin.com> Signed-off-by:
-
Ruslan Kuprieiev authored
Having ability to have your own options structure is quite nice and allows much more flexible use of libcriu in cases when you want to have a bunch of instances of options structures. This patch also allows users to use raw CriuOpts structure modified in any suitable way, whether by libcriu's criu_local_set methods or by using protobuf-c directly. It is also worth noting, that backward-compatibility in API and ABI is preserved. Signed-off-by:
-
Cyrill Gorcunov authored
| CID 96750 (#1 of 1): Resource leak (RESOURCE_LEAK) | 163. leaked_storage: Variable sec_hdrs going out of scope leaks the storage it points to. Signed-off-by:
-
