- 15 Feb, 2018 31 commits
-
-
Kirill Tkhai authored
(Was "user_ns: Block SIGCHLD during namespaces generation") We don't want asynchronous signal handler during creation of namespaces (for example, in create_user_ns_hierarhy()) as we do wait() synchronous. So we need to block the signal. Do this once globally. v2: Set initial ret = 0 v3: Block signal globally in root_item before its children are created. v4: Move block to prepare_namespace() Suggested-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Kirill Tkhai <ktkhai@virtuozzo.com> Signed-off-by:
-
Kirill Tkhai authored
The action is run in a very lightweight process. Signed-off-by: -
Kirill Tkhai authored
In next patches usernsd will need to create transport socket in the same net_ns as other tasks do their TRANSPORT_FD_OFF sockets. Choose criu net_ns for that: this allows usernsd to do not wait for creation of other net_ns, i.e. to do not introduce new dependencies between tasks. In case of (root_ns_mask & CLONE_NEWUSER) != 0 root_item's user_ns does not allow to restore criu net_ns, so do prepare_net_namespaces() in sub-process to do not lose criu net. v3: Introduce __prepare_net_namespaces and execute it in cloned task. Signed-off-by:
-
Kirill Tkhai authored
Since net ns is assigned after prepare_fds() and, in common case, at the moment of open_ns_fd() call task points to a net ns, which differs to its target net ns, we can't get the ns from a task. So, get it from fdstore. Also, support userns ns fds. v2: Add comment Signed-off-by:
-
Andrei Vagin authored
-
Andrei Vagin authored
We shave a test case for external veth devices. This test case checks veth devices which are living in two dumped network namespaces. Signed-off-by: -
Andrei Vagin authored
A network device, which is connected to a bridge, is restored after the bridge. In this case we can set the master attribute and the device will be connected to the bridge automatically. Signed-off-by: -
Andrei Vagin authored
We will need to enumirate links a few times Signed-off-by: -
Andrei Vagin authored
It's a preparation for enumirating links a few times. Signed-off-by: -
Andrei Vagin authored
When we dump a veth device, the kernel reports where a peer device lives and we use this information to restore this veth pair. On restore we set a net ns id for a peer and it is created in the required netns. v2: add more comments Signed-off-by: -
Andrei Vagin authored
It will be used to restore links in different net namesapces. Signed-off-by: -
Andrei Vagin authored
In each network namespace we can set an id for another network namespace to be able to address it in netlink messages. For example, we can say that a peer of a veth devices has to be created in a network namespace with a specified id. If we request information about a veth device, a kernel will report where a peer device lives. An user are able to set this ID-s, so we have to dump and restore them. v2: add more commetns v3: make a union of nsfd_id and ns_fd, they are not used together Signed-off-by: -
Andrei Vagin authored
It will be used to dump netns id-s too. Signed-off-by: -
Andrei Vagin authored
It will be used to get or set netns id-s. Signed-off-by: -
Andrei Vagin authored
This function was added into libnl3 recently, but we have to support old versions of this library. Signed-off-by: -
Andrei Vagin authored
Each network namespaces has a list of ID-s for other namespaces, so if we request infomation about a veth device, we get an id for a namespace of a peer device. These ID-s can be set by users or by kernel when they are required. CRIU has to restore these ID-s for network namespaces. We have to remember that one netns can have different id-s in different network namespaces. Signed-off-by: -
Andrei Vagin authored
It is possible to assign id for network namespaces and this id will be used by the kernel in some netlink messages. If no id is assigned when the kernel needs it, it will be automatically assigned by the kernel. For example, this id is reported for peer veth devices. v2: add a comment Signed-off-by: -
Kirill Tkhai authored
Merge code with the same functionality in one Signed-off-by:
-
Kirill Tkhai authored
Nobody uses it. Signed-off-by:
-
Andrei Vagin authored
-
Andrew Vagin authored
This tests create a few processes which live in three network namespaces and have a few sockets which are created in different network namespaces. Acked-by:
Pavel Emelyanov <xemul@virtuozzo.com> Signed-off-by:
-
Andrei Vagin authored
Each sockets belongs to one network namespace and operates in this network namespace. socket_diag reports informations about sockets from one network namespace, but it doesn't report sockets which are not bound or connected to somewhere. So we need to have a way to get network namespaces for such sockets. Acked-by:
-
Andrei Vagin authored
This ioctl is called for a socket and returns a file descriptor for network namespace where a socket has been created. Acked-by:
-
Andrei Vagin authored
Each socket has to be restored from a proper network namespaces where it was created. We set a specified network namespace before restoring a socket. A task network namespace is set after restoring all files. v2: don't set the root netns for transport sockets Acked-by:
-
Andrei Vagin authored
We need this to avoid conflicts with file descriptors, which has to be restored. Currently open_proc_pid() doesn't used during restoring file descriptors, but we are going to use it to restore sockets in proper network namespaces. Acked-by:
-
Andrei Vagin authored
Restore all network namespaces from the root task and then set a proper namespace for each task after restoring sockets, because we need to switch network namespaces to restore sockets. Each socket has to be created in a proper network namespace. v2: fix a typo bug Acked-by:
-
Andrei Vagin authored
Each socket has to be restored in a proper namespaces where it has been created. Here is an issue about unconnected and unbound sockets, they are not reported via socket-diag and we can't to get their network namespaces. v2: add a comment before get_socket_ns() remove nsid from sk_packet_entry Acked-by: -
Pavel Emelyanov authored
Signed-off-by: -
Andrei Vagin authored
PID ussualy means processs ID, but prepare_net_ns works with namespaces. travis-ci: success for Dump and restore nested network namespaces (rev4) Signed-off-by:
Dmitry Safonov <dsafonov@virtuozzo.com> Signed-off-by:
-
Andrei Vagin authored
ns_id will be used to collect sockets and other per-netns resources travis-ci: success for Dump and restore nested network namespaces (rev4) Signed-off-by:
-
Andrei Vagin authored
There are a number of global variables around this descriptor (e.g. open_proc_fd) and their values are saved in memory which are not shared between processes. travis-ci: success for Dump and restore nested network namespaces (rev4) Signed-off-by:
-
- 19 Dec, 2017 5 commits
-
-
Pavel Emelyanov authored
This time we shifted the update one month, due to the amount of changes not being very big. And got pretty big update, including a set of bugfixes and new functionality. Signed-off-by: -
Andrei Vagin authored
It has two arguments "pos_l and "pos_h" instead of one "off". It is used to handle 64-bit offsets on 32-bit kernels. SYSCALL_DEFINE5(preadv, unsigned long, fd, const struct iovec __user *, vec, unsigned long, vlen, unsigned long, pos_l, unsigned long, pos_h) https://github.com/checkpoint-restore/criu/issues/424Signed-off-by:Andrei Vagin <avagin@openvz.org> Reviewed-by:
Dmitry Safonov <0x7f454c46@gmail.com> Signed-off-by:
-
Vitaly Ostrosablin authored
Due to way CRIU handles paths (as relative to workdir), there's a case, where migration would fail. Simple example is a ghost file in filesystem root (with root being cwd). For example, "/unlinked" becomes "unlinked". And original code piece scans path for other slashes, which would be missing in this case. But it's still a perfectly valid case, and there's no need to fail. So if there's no parent dir - we just don't need to create one and we can just return 0 here instead of failing. Signed-off-by:
Vitaly Ostrosablin <vostrosablin@virtuozzo.com> Signed-off-by:
-
Andrei Vagin authored
The kernel doesn't have an interface to get a sent queue for udp sockets, so currently we can't dump them and criu dump has to fail in such cases. Signed-off-by: -
Andrei Vagin authored
Now we block all sockets with non-zero idiag_wqueue, but it doesn't mean that a CORK option is enabled for a socket. A packet can be in a network stack and it is accounted into idiag_wqueue. https://github.com/checkpoint-restore/criu/issues/409Signed-off-by:
-
- 12 Dec, 2017 4 commits
-
-
Pavel Tikhomirov authored
Except for several false positives done by: find -type f -name "*.c" -not -path "./test/*" -exec sed -i 's/\(\<pr_err.*[^\][^n]\)\("[,)]\)/\1\\n\2/g' {} \; Signed-off-by:Pavel Tikhomirov <ptikhomirov@virtuozzo.com> Signed-off-by:
-
Pavel Begunkov authored
Leases can be set only on regular files. Thus, as optimization we can skip attempts to find associated leases in 'correct_file_leases_type' for other fd types. Signed-off-by:
Pavel Begunkov <asml.silence@gmail.com> Signed-off-by:
-
Pavel Begunkov authored
-- check childs' errors in file_leases03 -- test c/r of lease transfered to child process Signed-off-by:
-
Pavel Begunkov authored
CRIU creates dictinct lock record for each file descriptor on the same OFD. The patch removes this duplicates. To do so, it adds new field into struct file_lock, which stores pid of fd, on which lock was found. 'owner pid' is not actually helpful, because the original fd, on which lock have been set, can be already closed. Also it purges crutches doing the same stuff but only for file leases. Signed-off-by:
-
