- 07 Nov, 2014 15 commits
-
-
Andrey Vagin authored
v2: don't forget to initialize groups Signed-off-by:
Andrey Vagin <avagin@openvz.org> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrey Vagin authored
Here are two issues: 1. All mounts in a new user namespace are locked, so we need to create a new root mount. We need to bind-mount root to itself. 2. /proc and /sys must be mounted before umounting /proc and /sys which were inhereted. It's a security policy. """ Author: Eric W. Biederman <ebiederm@xmission.com> Date: Sun Mar 24 14:28:27 2013 -0700 userns: Restrict when proc and sysfs can be mounted Only allow unprivileged mounts of proc and sysfs if they are already mounted when the user namespace is created. """ Signed-off-by: -
Andrey Vagin authored
Devices can not be created in a new user namespace. Signed-off-by:
-
Andrey Vagin authored
It is cleared when a process is forked in a new userns. Signed-off-by:
-
Andrey Vagin authored
In this patch we fill /proc/PID/uid_map and /proc/PID/gid_map for the root task. v2: initialize groups in a new namespace. Acked-by:
Serge E. Hallyn <serge.hallyn@ubuntu.com> v3: add a helper to initialize creds in a new userns v4: initialize userns creds in prepare_namespaces() Signed-off-by:
-
Andrey Vagin authored
For that we need to save per-namespace mappings of user and group IDs. And all id-s for tasks and files are saved from the target user namespace. v2: move code into collect_namespaces() Signed-off-by:
-
Andrey Vagin authored
We are going to support user namespaces and uid-s will be converted accoding with userns mappings. v2: conver id-s for sockets too Signed-off-by:
-
Andrey Vagin authored
It's unused now. v2: remove the proc_pid_stat_small struct too. Signed-off-by:
-
Andrey Vagin authored
It's a bad idea to a group of processes and only then check rights for this operation. We need to check permissions a soon as posible to reduce impacts in case of wrong permissions. In addtion criu doesn't to parse /proc/pid/state and gets all required infromation from /proc/pid/status. Signed-off-by:
-
Andrey Vagin authored
v2: don't leak FILE CID 73423 (#1 of 1): Resource leak (RESOURCE_LEAK) 15. leaked_storage: Variable f going out of scope leaks the storage it points to. Signed-off-by:
-
Andrey Vagin authored
We get sig and pgid from a parasite, because we need to get them from a target pid namespace. Signed-off-by:
-
Andrey Vagin authored
We have two reason for that: * parsing of /proc/pid/status is slow * parasite returns ids from a target userns Signed-off-by:
-
Andrey Vagin authored
Signed-off-by:
-
Andrey Vagin authored
Normally, one of the first steps after creating a new user namespace is to define the mappings used for the user and group IDs of the processes that will be created in that namespace. This is done by writing mapping information to the /proc/PID/uid_map and /proc/PID/gid_map files corresponding to one of the processes in the user namespace. Signed-off-by:
-
Andrey Vagin authored
When we create a new mntns in a userns, all inhereted mounts are marked as locked. pivot_root() returns EINVAL if a new root is locked. Signed-off-by:
-
- 06 Nov, 2014 1 commit
-
-
Andrey Vagin authored
page-server are not tested now. I suggest to add it in the pre-dump job. v2: execute all tests with and without page server Signed-off-by:
-
- 05 Nov, 2014 18 commits
-
-
Andrey Vagin authored
All out processes are stopped in a moment, when file locks are collected, so they can't to wait any locks. Here is a proof of this theory: [root@avagin-fc19-cr ~]# flock xxx sleep 1000 & [1] 23278 [root@avagin-fc19-cr ~]# flock xxx sleep 1000 & [2] 23280 [root@avagin-fc19-cr ~]# cat /proc/locks 1: FLOCK ADVISORY WRITE 23278 08:03:280001 0 EOF 1: -> FLOCK ADVISORY WRITE 23280 08:03:280001 0 EOF [root@avagin-fc19-cr ~]# gdb -p 23280 (gdb) ^Z [3]+ Stopped gdb -p 23280 [root@avagin-fc19-cr ~]# cat /proc/locks 1: FLOCK ADVISORY WRITE 23278 08:03:280001 0 EOF Currently criu can dump nothing, if we have one process which is waiting a lock. I don't see any reason to do this. v2: typo fix Cc: Qiang Huang <h.huangqiang@huawei.com> Reported-by: Mr Jenkins Signed-off-by:
-
Andrey Vagin authored
Fixes: e47eccb1 ("page-server: don't forget to close a sever socket") Signed-off-by:
-
Andrey Vagin authored
CID 73370: Resource leak (RESOURCE_LEAK) 13. leaked_storage: Variable timer going out of scope leaks the storage it points to. Signed-off-by:
-
Andrey Vagin authored
CID 73377: Resource leak (RESOURCE_LEAK) 10. leaked_storage: Variable values going out of scope leaks the storage it points to. Signed-off-by:
-
Andrey Vagin authored
CID 73347 (#7-4 of 7): Resource leak (RESOURCE_LEAK) 21. leaked_handle: Handle variable sk going out of scope leaks the handle. Signed-off-by:
-
Andrey Vagin authored
I think this version of code is a bit more readable. It doesn't do memcpy and doesn't allocate FILE. Everyone knows arguments for read(), but only a few of us know arguments for fread(). CID 73345 (#1 of 1): String not null terminated (STRING_NULL) 2. string_null_argument: Function fread does not terminate string *buf. [Note: The source code implementation of the function has been overridden by a builtin model.] Cc: Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
-
Andrey Vagin authored
CID 73354 (#1 of 1): Resource leak (RESOURCE_LEAK) 9. leaked_handle: Handle variable sock going out of scope leaks the handle Signed-off-by:
-
Andrey Vagin authored
list_for_each_entry_safe() should be used, you we are going to delete something from a list. CID 73383 (#1 of 1): Read from pointer after free (USE_AFTER_FREE) 4. deref_after_free: Dereferencing freed pointer prop. Cc: Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
-
Andrey Vagin authored
This function doesn't allocate memory, so it should not release it. CID 73380 (#1 of 1): Use after free (USE_AFTER_FREE) 14. deref_arg: Calling munmap dereferences freed pointer addr. Signed-off-by:
-
Andrey Vagin authored
CID 73379 (#1 of 1): Use after free (USE_AFTER_FREE) 31. deref_arg: Calling fclose dereferences freed pointer fp. Signed-off-by:
-
Andrey Vagin authored
CID 73348 (#1 of 1): Resource leak (RESOURCE_LEAK) 19. leaked_handle: Handle variable sk going out of scope leaks the handle. Signed-off-by:
-
Andrey Vagin authored
When a process, which starts a service, exits, we know that we can connect to the page server and we expect to find pidfile. If we create pidfile from a page server process, we have a race window. Signed-off-by:
-
Andrey Vagin authored
CID 73381 (#1 of 1): Out-of-bounds write (OVERRUN) 15. overrun-local: Overrunning array loc_buf of 4096 bytes at byte offset 4096 using index len (which evaluates to 4096). CID 73355 (#1 of 1): Out-of-bounds write (OVERRUN) 6. overrun-local: Overrunning array loc_buf of 4096 bytes at byte offset 4096 using index ret (which evaluates to 4096) Signed-off-by:
-
Pavel Emelyanov authored
Signed-off-by:
Andrew Vagin <avagin@parallels.com>
-
Pavel Emelyanov authored
Introduced by eb214be2, the empty mnt_share list cannot produce the list_first_entry element :) Signed-off-by:
-
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Cyrill Gorcunov authored
Some kernel modules such as pktgen runs kthred upon new-net creation taking last_pid we were requested. Lets workaround this problem using clone + unshare bundle. Signed-off-by:
Cyrill Gorcunov <gorcunov@openvz.org> Acked-by:
-
- 30 Oct, 2014 6 commits
-
-
Cyrill Gorcunov authored
| tty.c: In function ‘tty_restore_ctl_terminal’: | include/criu-log.h:42:16: error: ‘index’ may be used uninitialized in this function [-Werror=maybe-uninitialized] Same time assign CONSOLE_INDEX for debug info. Signed-off-by:
-
Andrey Vagin authored
and return an error, if a proccess live in another userns, because criu doesn't support it. Signed-off-by:
-
Andrey Vagin authored
readlink() does not append a null byte to buf. Signed-off-by:
-
Andrey Vagin authored
CRIU reads /proc/pid/ns/[NS] and fails of a link is not exist. Signed-off-by:
-
Andrey Vagin authored
Signed-off-by:
-
Pavel Emelyanov authored
When creating helpers, we need to make sure their PIDs do not intersect with threads' IDs. Signed-off-by:
-
