- 14 Mar, 2017 40 commits
-
-
Dmitry Safonov authored
Adds a helper to parse compatible vdso blob at time of vdso_init(). The following patches will remove parsing vdso in restorer. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
Dmitry Safonov <dsafonov@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@virtuozzo.com> Signed-off-by:
Andrei Vagin <avagin@virtuozzo.com>
-
Dmitry Safonov authored
The next patch will remove filling in restorer rt symtable for compat tasks. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
I'll need to validate compat vdso/vvar positioning in the same way. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
We need to know compatible vdso/vvar sizes, so add pid argument to parse another process - it's needed to fork(), remap vdso and parse child's vdso/vvar in CRIU. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
On first versions of x86 compat patches it returned 0 or err. In merged version it returns error < 0 or vDSO blob's size. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
Oh, thanks god - those silly crippy macro are gone! The best part of removing second parasite, I think. This is partial revert to commit 8c3b3bc2efa0 ("parasite-syscall: deserialize compat parasite's answers"). travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by: -
Dmitry Safonov authored
Parasite transfers pages in the same iovec format now: drop compatible format (yay!). travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
Let's try having one with two entries/exits. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
No need in two libraries if we have only one parasite blob. With left hand I write code - with right I erase it. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
As we have only one pie lib - no need to name it {native,compat}. The next patch cleans Makefile. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by: -
Dmitry Safonov authored
It's needed for ELF magic, not for platform. Will help to simplify Makefile.library (the very next patch). travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
To drop the second parasite blob, create another entry in 64-bit parasite. Didn't remove parasite-head-compat.S - it we gonna support native 32-bit buids, we gonna need it. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Dmitry Safonov authored
I'll need them in parasite head and in exit. travis-ci: success for Rectify 32-bit compatible C/R on x86 Signed-off-by:
-
Kir Kolyshkin authored
Now, when many useless options were dropped, it's easy to provide a complete description of CLI in usage(). Signed-off-by:
Kir Kolyshkin <kir@openvz.org> Signed-off-by:
-
Kir Kolyshkin authored
Signed-off-by:
-
Kir Kolyshkin authored
After seeing a bunch of silent build failures, like this: > GEN criu/pie/parasite-native-blob.h > criu/pie/Makefile:121: recipe for target 'criu/pie/parasite-native-blob.h' failed I finally took a look at why are they silent, only to discover that compel prints errors to stdout, and of course its stdout is silenced in criu/pie/Makefile (unless you run make with V=1, in which case it prints tons and tons of very useful information). I am so shocked by this evil plan! Anyway, let's print errors to stderr like all sane programs do. Signed-off-by:
-
Kir Kolyshkin authored
I am not quite sure how that happened, but compel hgen was not used for ARM/ARM64, instead there's a simple version of it, called gen-offsets.sh. The main difference is, shell script doesn't handle ELF relocations, which apparently is not (currently?) needed for ARM. It's bad to maintain two tools for the same functionality, so this patch kills gen-offsets.sh and related stuff, making compel hgen working on ARM. ELF relocations are still not handled, this code is #ifdef-ed out for now and can be fixed to work on ARM later. This patch also kills some macros and defines that seem obsoleted now. For example, compel_relocs_apply() is now called unconditionally, as it handles the trivial case of 0 relocs just fine. Now, I checked that the blob headers generated by compel hgen and gen-offsets.h are similar (i.e. generated blob code and values defined are the same), but haven't done much above that. Signed-off-by:
-
Kir Kolyshkin authored
This -u option always looked wrong to me, I mean, how the hell a user is supposed to know where the hell those headers are? It took quite a while to figure out what to do with it, but the end result is -- this option is not needed at all and can easily be dropped. For finding paths to includes, there is a -I compiler option, there's no need to specify something to compel. In fact, it should know by itself where its own headers are kept (and emit -I... to cflags if needed), but that's another story which is to be told when we'll decide to pack compel as a standalone tool. For now, just add "#include <compel/compel.h>" and be done. Signed-off-by:
-
Kir Kolyshkin authored
The way the Makefile is written, parasite.h is added to gcc command line, like this: gcc -o spy spy.c libcompel.a parasite.h Surely this is not what we want, as parasite.h is included to spy.c The fix is to use "order-only prerequisite", as described by https://www.gnu.org/software/make/manual/html_node/Prerequisite-Types.htmlSigned-off-by:
-
Kir Kolyshkin authored
This is just to avoid a level of code block nesting/indentation that can easily be avoided. Signed-off-by:
-
Kir Kolyshkin authored
They are no longer needed. Signed-off-by:
-
Kir Kolyshkin authored
Currently, some compel internals are exposed to user API (both C and CLI), making its usage more complicated than it can be. In particular, compel user have to specify a number of parameters (names for various data) on the command line, and when in C code assign a struc piegen_opt_t fields using the same names, without using those identifiers anywhere else in the code. It makes sense to hide this complexity from a user, which is what this commit does. First, remove the ability to specify individual names for data, instead introducing a prefix that is prepended to all the names. Second, generate a function %PREFIX%_setup_c_header() which does all the needed assignments. Third, convert users (criu/pie and compel test) to the new API. NOTE that this patch breaks ARM, as compel hgen is not used for ARM. This is to be fixed by a later patch in the series. Signed-off-by:
-
Kir Kolyshkin authored
This is purely cosmetical, no functional change. 1. Make sure relocs table is well aligned. 2. printf("%#02x", 1) prints 0x01, but for 0 it prints 0, not 0x00 as one would expect, so output is somewhat ugly. Use "0x%02x" format instead to make it more uniform and well aligned. Signed-off-by: -
Kir Kolyshkin authored
Signed-off-by:
-
Kir Kolyshkin authored
TODO: describe optional ones. Signed-off-by:
-
Kir Kolyshkin authored
Instead of hardcoding list of architectures to usage(), let's generate it from the data. Signed-off-by:
-
Kir Kolyshkin authored
This: $ ./compel/compel-host --help ./compel/compel-host: option '--help' requires an argument Signed-off-by:
-
Kir Kolyshkin authored
getopt_long() prints an error message and returns '?' in cases - an unknown option is given - a required option argument is missing In such cases, we need to show usage and exit with an error. Signed-off-by:
-
Kir Kolyshkin authored
In case our command line is not good, it's not enough to just show usage info -- it is much better to explicitly say what's wrong. Signed-off-by:
-
Kir Kolyshkin authored
Without this check, if -o is not given, compel will fail with the following error: Can't open (null) It's non-trivial to figure out that it means -o is required. While at it, initialize the corresponding field. Signed-off-by:
-
Kir Kolyshkin authored
It will be easier to modify that way. This also fixes incorrect exit code from compel -h. Signed-off-by:
-
Kir Kolyshkin authored
Checks for a number of arguments are to be done after option parsing. With this patch, compel -V now works. Signed-off-by:
-
Kir Kolyshkin authored
Got this when using compel hgen on arm 32-bit: Error (compel/src/lib/handle-elf-host.c:115): String section header @0xf66e11ec is out of [0xf66e1174, 0xf66e1264) Looking at this, it does not make sense. For the reference, sizeof(Elf_Shdr) is 0x28, so end position is also well within bounds. Apparently, the check for string section header bounds is wrong as the last argument of __ptr_struct_oob() is supposed to be a region size, not the region end address as it is. This always worked before because the check was too relaxed, and compel was never used on 32-bit ARM. This time it didn't work because of a 32-bit overflow, which helped to find this bug. This is a fix to commit 6402f03 ("compel: separate get_strings_section from __handle_elf"). Cc: Dmitry Safonov <dsafonov@virtuozzo.com> Signed-off-by:Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
-
Cyrill Gorcunov authored
Simply run tracee from specfied IP assuming it's arelady have trapping instruction in stream. It's unsafe low-level function use with caution. travis-ci: success for compel: A fix and new helper Signed-off-by:
-
Dmitry Safonov authored
Why should we have self-unmapping code in parasite? It looks like, we can drop this code using simple sys_unmap() injection (like that I did for `criu exec` action and for cases where we failed to insert parasite by some reason, but still need to unmap remotes). It's an RFC, so just a suggestion - maybe I miss something you have in mind - please, describe that/those things. My motivation is: - less code, defined commands for PIE, one BUG() less, one jump to PIE less - I'm making one 64-bit parasite on x86 instead of two 32 and 64 bit. It works (branch 32-one-parasite) with long-jump in the beginning to 64-bit code from 32-bit task. On parasite curing it sig-returns from 64-bit parasite to 32-bit task, this point we're trapping in CRIU. After that we command parasite to unmap itself, so it long-jumps again to parasite 64-bit code, unmaps, we caught task after sys_unmap and the task is with 64-bit CS. We can't set 32-bit registers after this - kernel checks that registers set is the same on PTRACE_SETREGSET: > > static int ptrace_regset(struct task_struct *task, int req, unsigned int type, > > struct iovec *kiov) ... > > if (!regset || (kiov->iov_len % regset->size) != 0) > > return -EINVAL; So, to return again to 32-bit task I need sigreturn() again or add long-jump with 32-bit CS. I've disable that for 32-bit testing with (in compel_cure_remote): - if (ctl->addr_cmd) { + if (ctl->addr_cmd && user_regs_native(&ctl->orig.regs)) { And it works. It also works for native tasks, so why should we keep it? travis-ci: success for compel: kill self-unmap in parasite Cc: Cyrill Gorcunov <gorcunov@openvz.org> Cc: Pavel Emelyanov <xemul@virtuozzo.com> Cc: Andrei Vagin <avagin@virtuozzo.com> Signed-off-by: -
Pavel Emelyanov authored
The library can be used not only to run infection blobs, but also just to execute syscalls remotely and here's an example of how to do this. Signed-off-by:
-
Pavel Emelyanov authored
And, at the same time, an example of how to work with compel. Based on titanic preliminary work of Cyrill :) Signed-off-by:
-
Pavel Emelyanov authored
It uses regs caller doesn't always know and is actually a core routine under the API compel_syscall() one. Signed-off-by:
-
Pavel Emelyanov authored
The size value should be page_size() aligned, which is inconvenient for callers, and also differs from the bsize only a little bit, so it's nicer to have the nr_gotpcrel value which is anyway generated by compel hgen. Signed-off-by:
-
Pavel Emelyanov authored
These names are generated by compel hgen, so there's no need in making callers know them. Signed-off-by:
-
