- 07 Aug, 2014 7 commits
-
-
Andrey Vagin authored
CID 1168165 (#2 of 2): Untrusted array index read (TAINTED_SCALAR) 40. tainted_data: Using tainted variable "hoff" as an index into an array "str" $ man 3 scanf n Nothing is expected; instead, the number of characters consumed thus far from the input is stored through the next pointer, which must be a pointer to int. This is not a conversion, although it can be suppressed with the * assignment-suppression character. The C standard says: "Execution of a %n directive does not increment the assignment count returned at the comple‐ tion of execution" but the Corrigendum seems to contradict this. Probably it is wise not to make any assumptions on the effect of %n conversions on the return value. So it isn't not enough to check a return code from scanf(). Cc: Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:Andrey Vagin <avagin@openvz.org> Acked-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrey Vagin authored
CID 1230179 (#1 of 1): Resource leak (RESOURCE_LEAK) 15. leaked_storage: Variable "ncd" going out of scope leaks the storage it points to. Signed-off-by:
-
Andrey Vagin authored
CID 1168169 (#1 of 1): Dereference after null check (FORWARD_NULL) 7. var_deref_model: Passing "mi" to function "do_bind_mount(struct mount_info *)", which dereferences null "mi->bind" Signed-off-by:
-
Andrey Vagin authored
Coverity: 1230177 Dereference before null check There may be a null pointer dereference, or else the comparison against null is unnecessary. In parse_task_cgroup: All paths that lead to this null pointer comparison already dereference the pointer earlier (CWE-476) Signed-off-by:
-
Christopher Covington authored
This brings the changes made in the following commits to the aarch64 copy of the code. commit 7794f67f Author: Cyrill Gorcunov <gorcunov@openvz.org> Date: Tue Aug 5 13:59:18 2014 +0400 vdso: x86 -- Fix missing ability to remap vDSO if only one zone present commit 066add0d Author: Cyrill Gorcunov <gorcunov@openvz.org> Date: Tue Aug 5 13:07:00 2014 +0400 vdso: x86 -- Simplify vdso_proxify Signed-off-by:
Christopher Covington <cov@codeaurora.org> Acked-by:
-
Tycho Andersen authored
Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Acked-by:
-
Cyrill Gorcunov authored
Reported-by: Jenkins Signed-off-by:
-
- 06 Aug, 2014 31 commits
-
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
Will need it to carry timerfd entries. Signed-off-by:
-
Christopher Covington authored
This is required to support checkpoint and restore of timers that notify via file descriptors on ARM and AArch64. Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Andrey Vagin authored
v2: change an author field in a test Signed-off-by:
-
Andrey Vagin authored
Check that files opened before switching to new mount namespace remain in it after restore. Right now this is not so :( Andrey is fixing the issue. Christopher, can you check whether the ns_child's call to system() works in your minimal set-ups (it launches cat and awk). If not, then I should rewrite this routine in pure C. The first version was written by Pavel (xemul@). v2: don't use test_init_ns don't call awk and cat Signed-off-by: -
Andrey Vagin authored
v2: add a comment before mntns_get_root_by_mnt_id(-1); Signed-off-by:
-
Andrey Vagin authored
Here is a problem with ghost files. Links are created on restore, but they can't be created on any mount point, because a mount point can be non-root bind-mount of another one. So we need to find the root mount and create all links there. v2: clean up v3: add optimization for the case when both links on the same mount point. v4: don't look up mount points by mnt_id in a second time. Signed-off-by:
-
Andrey Vagin authored
On restore we add a temporary root to a mount point path. It's convinient for restoring mount namespaces, but real paths are used for restoring link-remap files. v2: replace the offset field on a char * field Signed-off-by:
-
Andrey Vagin authored
The m->bind will be used to get the "lowest" mount. A mount is called "lowest" in the chain of bind-mounts when its m->bind is NULL. I.e. -- it's the mount of the root dir of an FS, all the others are bind-mounted from it. The propagate_siblings() is called for each new mount and sets the bind field for others. A part of these other mounts can be already mounted. Signed-off-by:
-
Christopher Covington authored
This modifies the x86 VDSO code to work on AArch64. Signed-off-by:
-
Christopher Covington authored
While it duplicates hundreds of lines of code, this is the short term strategy Cyrill and I have agreed to for supporting VDSOs across multiple architectures [1]. With better understanding of where things differ per-architecture, or even improved consolidation in the kernel, we can hopefully move to a more shared implementation in the future. 1. http://lists.openvz.org/pipermail/criu/2014-August/015218.htmlAcked-by:
-
Ruslan Kuprieiev authored
As it was reported, some systems don't use /etc/passwd. On such systems getpwuid fails with undefined errno(see getpwuid(3)) not allowing criu to restrict ids with user additional groups. Luckily, on such systems criu is run as root, so we can just skip obtaining additional groups, as they don't matter for root. Reported-by:
Ruslan Kuprieiev <kupruser@gmail.com> Tested-by:
-
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
This makes the API simpler. Signed-off-by: -
Pavel Emelyanov authored
This makes the API simpler. Signed-off-by: -
Ruslan Kuprieiev authored
This test creates 2 users to check how secure is using criu with setuid bit set. Signed-off-by:
-
Ruslan Kuprieiev authored
Currently check_ids is used to check uids only. So lets rename it and drop crid argument, as we can use cr_uid directly. Signed-off-by:
-
Ruslan Kuprieiev authored
Currently, we only check if process gids match primary gid of user. But process and user have additional groups too. So lets: 1) check that process rgid,egid and sgid are in the user's grouplist. 2) on restore check that user has all groups from the images. Signed-off-by: -
Cyrill Gorcunov authored
Otherwise we might take a look on last vma from previous cycle not running vdso analisys at all. Signed-off-by:
-
Cyrill Gorcunov authored
Occasionally I ruined the ability to do a in-place remap for pre 3.16 kernels. Bring it back. CID 1230182: Logically dead code (DEADCODE) Signed-off-by:
-
Cyrill Gorcunov authored
No need for second if() statement, merge everything in previous one. Signed-off-by:
-
Pavel Emelyanov authored
... free the pointer itself :) Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Ruslan Kuprieiev authored
Signed-off-by:
-
Ruslan Kuprieiev authored
When performing "make clean" rpc_pb2.pyc should be deleted as well. Signed-off-by:
-
- 05 Aug, 2014 2 commits
-
-
Andrey Vagin authored
openat() is used to open files, so absolute pathes can't be used v2: change the comment Signed-off-by:
-
Andrey Vagin authored
Here is a bug now. A path for devices and directories should be generated with a specified root. Signed-off-by:
-
