- 21 Dec, 2015 11 commits
-
-
Andrey Ryabinin authored
Currently criu dump may hang indefinitely. E.g. in wait for task that blocked in vfork() or task could be in D state for some other reason. This patch adds time limit on collecting tasks during the dump operation. If collecting processes takes too long, the dump process will be terminated. Timeout is 5 seconds by default, but it could be changed via parameter. Signed-off-by:
Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrey Ryabinin authored
This moves cleanup code from cr_dump_tasks()/cr_pre_dump_tasks() into separte functions. No functional changes here. Signed-off-by:
Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrey Ryabinin authored
Obviously we should print pre_dump_ret value if pre-dump failed. Signed-off-by:
Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrey Ryabinin authored
Use 'goto err;' everywhere. Remove 'pstree_switch_state(root_item, TASK_ALIVE)' on error path as all collect_pstree() callers do this if collect_pstree() failed. Signed-off-by:
Andrey Ryabinin <aryabinin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Dmitry Safonov authored
1. Use PROC_SELF instead pid as prepare_pid_* used on restore only to set value to current process. 2. Do not set default values. Signed-off-by:
Dmitry Safonov <dsafonov@odin.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Stanislav Kinsburskiy authored
Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Stanislav Kinsburskiy authored
Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Stanislav Kinsburskiy authored
Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Stanislav Kinsburskiy authored
v2: Added free of original cg->path. Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Stanislav Kinsburskiy authored
v2: Check for empty string is simplified Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Stanislav Kinsburskiy authored
This patch brings add_to_string() and construct_string() helpers. They allow to create a string with variable amount of parameters in sprintf() manner, but supporting string allocation (and reallocation if necessary) v2: 1) Helpers were renamed to xstrcat() and xsprintf() respectively. 2) Added printf attributes to force compiler check Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
- 18 Dec, 2015 13 commits
-
-
Tycho Andersen authored
restore_creds uses prctl, so if we block this call in the seccomp filter test, it causes things to fail (hang actually, seems we have some unhandled error path here). Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Tycho Andersen authored
Note that this doesn't actually fix the problem, because seccomp could block the setuid call, and since we're now restoring when the task isn't ptraced and in SECCOMP_SUSPEND mode, we can't guarantee that the seccomp filters won't be suspended. Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Tycho Andersen authored
Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
In order to restore seccomp correctly, we need to do it before restore_creds() in the restorer blob. But, if the seccomp policy forbids e.g. prctl, if the task doesn't have SUSPEND_SECCOMP set it will die when trying to restore creds. To solve this, we break attach_to_tasks up into two parts: 1. we attach and set SUSPEND_SECCOMP (but let the tasks continue normally), and then after the RESTORE_CREDS stage we 2. attach to the tasks and stop them on the final sigreturn. Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
We call mount from one namespace and umount from another namespace, so we check that their parents are from one shared group. Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
Now we save files, maps and mounts for each test process and we need to compare them separately for each process. Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Pavel Emelyanov authored
Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Dmitry Safonov authored
Restore dumpable flag after setfsuid to assure that created /proc/self/* file inode had task's credentials. Without it it would have root creds and trying to access proc files of task will fail from non-root user in generic vfs permission check. Signed-off-by:
Dmitry Safonov <dsafonov@odin.com> Acked-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Kirill Tkhai authored
Since commit ea747b07 receive queue for such DGRAM sockets restores twice: in open_unix_sk() and post_open_unix_sk(). It should be made only once. So, keep that commit logic only for sockets without alive sender. Signed-off-by:
Kirill Tkhai <ktkhai@odin.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
It is restored from the userns. 21:22:31.443: 4: FAIL: loginuid.c:93: loginuid value 3 is different after restore: 100003 Cc: Dmitry Safonov <dsafonov@odin.com> Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Reviewed-by:
Dmitry Safonov <dsafonov@odin.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Tycho Andersen authored
Noticed this when I was looking over the LSM code for Cyrill's task => thread creds set. We set this to null to save some work later, but we forget to free it first. Signed-off-by:
Tycho Andersen <tycho.andersen@canonical.com> Acked-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
Cc: Dmitry Safonov <dsafonov@odin.com> Reported-by:
Dmitry Safonov <dsafonov@odin.com> Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Tested-by:
Dmitry Safonov <dsafonov@odin.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
- 17 Dec, 2015 1 commit
-
-
Dmitry Safonov authored
unseize_task_and_threads sends SIGKILL in unseize_task under condition (st == TASK_DEAD). Which obviously kills task. Move freezer_detach after pstree_wait to detach only from alive tasks to get rid of the following errors: (00.242163) Error (seize.c:223): Unable to detach from 23064 : No such process (00.242177) Error (seize.c:223): Unable to detach from 23065 : No such process Signed-off-by:
Dmitry Safonov <dsafonov@odin.com> Acked-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
- 16 Dec, 2015 15 commits
-
-
Dmitry Safonov authored
... so it can be used from non-root: (Higher value means it would be killed earlier so everyone should be possible to change his value to bigger than zero) Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Stanislav Kinsburskiy authored
System call sys_fcntl() in _some_ kernels can silently drop some flags during set and return success code. This patch adds double check, that all the fd flags were really set. Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Evgeniy Akimov authored
Patch restores freezer cgroup state between finalize_restore stages. It should be done after first stage because we cannot unmap restorer blob from frozen process, and before second stage because we must freeze processes before they continue run. We also need to move fini_cgroup between these stages to provide freezer cgroup state restorer access to cgroup mount directories. Error handlers contains fini_cgroup, so we are sure that fini_cgroup call won't be missed. Patch restores state only for one freezer cgroup from --freeze-cgroup option, not all states from whole hierarchy, because CRIU supports checkpoint from freezer cgroup hierarchy only with THAWED state, except root cgroup from --freeze-cgroup option. Signed-off-by:
Evgeniy Akimov <geka666@gmail.com> Signed-off-by:
Eugene Batalov <eabatalov89@gmail.com> Acked-by:
Andrew Vagin <avagin@openvz.org> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Evgeniy Akimov authored
First stage of finalize_restore unmaps the restorer blob, second stage detaches from processes. After first stage process tree is completely restored and processes are ready to continue run through sigreturn. This splitting allows us to execute something between these stages (e.g. restore freezer cgroup state). Signed-off-by:
Evgeniy Akimov <geka666@gmail.com> Signed-off-by:
Eugene Batalov <eabatalov89@gmail.com> Acked-by:
Andrew Vagin <avagin@openvz.org> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Evgeniy Akimov authored
CRIU sets freezer.state to "THAWED" during process tree dumping. That's why we can't simply save freezer.state file contents to cgroups image. New special function get_real_freezer_state() returns freezer cgroup state observed before CRIU dumping start. Patch puts its return value to dump file. Signed-off-by:
Evgeniy Akimov <geka666@gmail.com> Signed-off-by:
Eugene Batalov <eabatalov89@gmail.com> Acked-by:
Andrew Vagin <avagin@openvz.org> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Pavel Emelyanov authored
This one prints the /proc/pid/maps-like output, but with slightly more details. Like this 1 exe /zdtm/live/static/maps00 00400000-00406000 r-x /zdtm/live/static/maps00 00605000-00606000 r-- /zdtm/live/static/maps00 + 0x5000 00606000-00607000 rw- /zdtm/live/static/maps00 + 0x6000 7f4037845000-7f40379f9000 r-x /lib64/libc.so.6 7f40379f9000-7f4037bf8000 --- /lib64/libc.so.6 + 0x1b4000 7f4037bf8000-7f4037bfc000 r-- /lib64/libc.so.6 + 0x1b3000 7f4037bfc000-7f4037bfe000 rw- /lib64/libc.so.6 + 0x1b7000 7f4037bfe000-7f4037c03000 rw- 7f4037c03000-7f4037c23000 r-x /lib64/ld-linux-x86-64.so.2 7f4037e1e000-7f4037e22000 rw- 7f4037e22000-7f4037e23000 r-- /lib64/ld-linux-x86-64.so.2 + 0x1f000 7f4037e23000-7f4037e24000 rw- /lib64/ld-linux-x86-64.so.2 + 0x20000 7f4037e24000-7f4037e25000 rw- 7fff34652000-7fff34699000 rw- [stack?] 7fff346e2000-7fff346e4000 r-- 7fff346e4000-7fff346e6000 r-x [vdso] ffffffffff600000-ffffffffff601000 r-x [vsyscall] * Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Pavel Emelyanov authored
Shows files opened by tasks. The output is like 1 0: /dev/null 1: /zdtm/live/static/session00.outns 2: /zdtm/live/static/session00.outns cwd: /zdtm/live/static root: / 6 0: /dev/null 1: /zdtm/live/static/session00.out.inprogress 2: /zdtm/live/static/session00.out.inprogress 3: pipe[18305] cwd: /zdtm/live/static root: / 10 0: /dev/null 1: /zdtm/live/static/session00.out.inprogress 2: /zdtm/live/static/session00.out.inprogress 3: pipe[18308] cwd: /zdtm/live/static root: / Signed-off-by:
Pavel Emelyanov <xemul@parallels.com> Appreciated-by: avagin@openvz.org
-
Pavel Emelyanov authored
Shows process tree from image. The output is like PID PGID SID COMM 1 1 1 session00 4 4 4 session00 7 7 7 session00 8 4 4 session00 11 11 11 session00 12 4 4 session00 13 13 13 session00 14 14 14 session00 15 4 4 session00 6 4 4 session00 10 9 9 session00 (the above is for session00 test). Signed-off-by:
Pavel Emelyanov <xemul@parallels.com> Appreciated-by: avagin@openvz.org
-
Pavel Emelyanov authored
Signed-off-by:
Pavel Emelyanov <xemul@parallels.com> Appreciated-by: avagin@openvz.org
-
Andrew Vagin authored
In this case it has an external master_id and we want to test that criu can handle it correctly. Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
The thread_bomb test was rewrited and ZDTM_THREAD_BOMB should be equal 5 now. Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-
Andrew Vagin authored
It works for tests which are executed in a separate pidns Signed-off-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@parallels.com>
-