- 17 Nov, 2015 10 commits
-
-
Tycho Andersen authored
v2: include zdtm.py desc file Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Tycho Andersen authored
v2: use a non-racy version of fork_and_ptrace_attach Signed-off-by:
-
Tycho Andersen authored
This commit adds basic support for dumping and restoring seccomp filters via the new ptrace interface. There are two current known limitations with this approach: 1. This approach doesn't support restoring tasks who first do a seccomp() and then a setuid(); the test elaborates on this and I don't think it is tough to do, but it is not done yet. 2. Filters are compared via memcmp(), so two tasks which have the same parent task and install identical (via memory) filters will have those filters considered to be the "same". Since we force all tasks to have the same creds (including seccomp filters) right now, this isn't a problem. The approach used here is very similar to the cgroup approach: the actual filters are stored in a seccomp.img, and each task has an id that points to the part of the filter tree it needs to restore. This keeps us from dumping the same filter multiple times, since filters are inherited on fork. v2: * remove unused seccomp_filters field from struct rst_info * rework memory layout for passing filters to restorer blob * add a sanity check when finding inherited filters Signed-off-by:
-
Andrew Vagin authored
Otherwise the kernel can set it as a control terminal for the currect session and CRIU will not be able to set it as a control terminal for the target process. Reported-by:
Andrey Ryabinin <aryabinin@virtuozzo.com> Acked-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
-
Andrew Vagin authored
Signed-off-by:
-
Andrew Vagin authored
Signed-off-by:
-
Andrew Vagin authored
v2: add comments and rename ns_created to ns_populated. Reported-by:
-
Andrew Vagin authored
It can be the same with a parent one and the helper will inherit all parent resources. Now we can dereference item->ids for all task. It's used in restore_task_mnt_ns, for example. Reported-by: Mr Jenkins Signed-off-by:
-
Andrew Vagin authored
If processes share a file descriptor table, they all have their own set of service descriptors. close_old_fds() closes all file descriptors execpt service descriptors Fixes: 9d60724e ("restore: restore mntns before creating private vma-s (v3)") Signed-off-by:
-
Andrew Vagin authored
close_olds_fds() knows nothing about more than one set of service file descriptros, so it's better to call it before forking children as it was bedore 9d60724e ("restore: restore mntns before creating private vma-s") The root task restores all processes and pin them with file descriptors, then a task restores a mount namespace by opening the file descriptor of the root task via /proc/pid/fd/X. Reported-by: Mr Jenkins Signed-off-by:
-
- 14 Nov, 2015 1 commit
-
-
Andrew Vagin authored
We need to open a file to restore a file mapping and this file can be from a current mntns. v2: All namespaces are resotred from the root task and then other tasks calls setns() to set a proper mntns. v3: fix comments from Pavel Signed-off-by:
-
- 13 Nov, 2015 7 commits
-
-
Cyrill Gorcunov authored
There might be several same terminals opened (say tty6 or whatever) which gonna look as separate files but actually pointing to the same tty kernel instance. Moreover if it's a controlling terminal we will be trying to restore it as many times as find non zero sid on a peer. Instead lets do a simple trick first: choose a leader from a terminal group and use it only for controlling terminal restoration. https://jira.sw.ru/browse/PSBM-40969Signed-off-by:
Andrew Vagin <avagin@odin.com> Signed-off-by:
-
Andrew Vagin authored
errno is used in open_path() Signed-off-by:
-
Andrew Vagin authored
Signed-off-by:
-
Andrew Vagin authored
v2: add a file mapping from a test tmpfs mount Signed-off-by:
-
Andrey Ryabinin authored
open_mountpoint() have to operate in target's mount namespace, which may differ from root's namespace - root_item->pid.real. So obtain the correct mount namespace from mount_info and use it in switch_ns(). Signed-off-by:
-
Pavel Emelyanov authored
If two ns_flavor.init() are called in parallel then all the os.mkdir() calls would end up with EEXISTS exception. Signed-off-by: -
Pavel Emelyanov authored
There are tests (e.g. on locks) that can conflict with each other, so wait for all the other jobs to finish before running such. v2: Wait for the excl test to finish before launching more of them. Signed-off-by:
-
- 12 Nov, 2015 22 commits
-
-
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Andrey Vagin authored
Signed-off-by:
Andrey Vagin <avagin@openvz.org> Signed-off-by:
-
Andrew Vagin authored
Signed-off-by:
-
Pavel Emelyanov authored
This test expects that it _will_ be C/R-ed into new hierarchy Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
This thing is new and can be absent in ip tool, which is OK and is handled by net.c code itself. Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
Otherwise they are left after test and make zdtm.py list thing these files are tests too. Signed-off-by: -
Pavel Emelyanov authored
Signed-off-by: -
Andrew Vagin authored
zdtm.sh doesn't suppport dependencies. This test uses the ip tool. Signed-off-by:
-
Pavel Emelyanov authored
Signed-off-by: -
Pavel Emelyanov authored
If the pagemap we read at some point covers two (or more) pagemaps in parent images, we cannot just call the parent page read for all those pages. Instead, we must call parent page read with shorter requests so that it handles its own pagemaps properly. Signed-off-by: -
Andrew Vagin authored
Signed-off-by:
-
Pavel Emelyanov authored
This guy runs on tmpfs for dumps and maps04 is too heavy for it Signed-off-by: -
Cyrill Gorcunov authored
On arm | CC crtools.o | In file included from arch/arm/include/asm/bitops.h:4:0, | from arch/arm/include/asm/types.h:9, | from include/proc_parse.h:5, | from include/ptrace.h:8, | from cr-restore.c:27: | cr-restore.c: In function 'restore_priv_vma_content': | include/compiler.h:60:17: error: comparison of distinct pointer types lacks a cast [-Werror] | (void) (&_min1 == &_min2); \ | Reported-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Andrew Vagin authored
I'm too lazy to install new tools on all test hosts. Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
-
Cyrill Gorcunov authored
Grabbed from kernel. Probably worth to gather all bits manipulators here in future. Signed-off-by:
-
