- 05 Jul, 2016 40 commits
-
-
Pavel Tikhomirov authored
when run several tests simultaneousely it seem that some iptables commands can intersect and if we do not wait xtables lock criu fails: (00.009263) Running iptables [iptables -t filter -A INPUT --protocol tcp --source 127.0.0.1 --sport 55074 --destination 127.0.0.1 --dport 8880 -j DROP] Another app is currently holding the xtables lock. Perhaps you want to use the -w option? (00.014367) Error (util.c:660): exited, status=4 (00.014416) Error (netfilter.c:88): Iptables configuration failed: Success (00.014432) ---------------------------------------- (00.014461) Error (cr-dump.c:1297): Dump files (pid: 24) failed with -1 https://ci.openvz.org/job/CRIU/job/CRIU-virtuozzo/branch/criu-dev/3/Signed-off-by:
Pavel Tikhomirov <ptikhomirov@virtuozzo.com> Acked-by:
Andrew Vagin <avagin@virtuozzo.com> Signed-off-by:
Pavel Emelyanov <xemul@virtuozzo.com>
-
Eugene Kolomeetz authored
Now readlink is called in host context, this is obviously wrong. Signed-off-by:
Eugene Kolomeetz <klm@virtuozzo.com> Signed-off-by:
-
Eugene Kolomeetz authored
Let's use $(...) form, it is more readable, and used in other places. Signed-off-by:
-
Stanislav Kinsburskiy authored
Otherwise the following errors can be triggered: /usr/libexec/criu/scripts/systemd-autofs-restart.sh: line 64: [: =: unary operator expected /usr/libexec/criu/scripts/systemd-autofs-restart.sh: line 77: [: =: unary operator expected Signed-off-by:
Stanislav Kinsburskiy <skinsbursky@virtuozzo.com> Signed-off-by:
-
Stanislav Kinsburskiy authored
Signed-off-by:
-
Stanislav Kinsburskiy authored
Restore_ns helper closes passed namepsace fd unconditionally. Thus new_pid_ns must be invalidated in any case after calling for it. Signed-off-by:
-
Stanislav Kinsburskiy authored
Fily system type is not necessarily located in the column number 9. But look like we can rely on " - " pattern: it's always located immediately after dash. Signed-off-by:
-
Stanislav Kinsburskiy authored
There can be a situation, when autofs mount is catatonic, but doesn't know about it yet. It wasn't possible to distinguish between such mounts and others, which are active, but not accessible for some reason. And all of such mounts were threated as undumpable. Such "hidden" catatonic mounts can appear if: 1) autofs master process has exited without switching the mount to catatonic mode (or was killed). 2) mount point was unmounted, but not propagated to nested mount namespace with private mounts. These mounts can be handled by accessing the mount point. If it's catatonic, it will update it's internals on first failed request to the autofs master. Then we can read options again and dump the mountpoint as catatonic. Signed-off-by:
-
Stanislav Kinsburskiy authored
No not return error from autofs_find_pipe_read_end, if pipe end wasn't found, because read_fd remains negative. There is another explicit check in the caller of this function for read_fd and proper messages are printed in such a case. Return -ENOENT in case of read end of the pipe doesn't exist to distinguish with other error types (will be used later). Signed-off-by:
-
Stanislav Kinsburskiy authored
Unfortunatelly, autofs doesn't allow to discover it's type. At least without accessing master process. That means, that stat can be used to determine whether some other file system is mounted on top of autofs (which we need to take a decision whether to move restore fs aside or not), because it simply stuck. This patch does fs type discovering by parsing CTs mountinfo. Signed-off-by:
-
Stanislav Kinsburskiy authored
This patch slightly changes the logic on systemd autofs service restart script: 1) It tries to bind-mount the mountpoint on top of autofs (if any) somewhere before service restart, and replace new mount point on top of autofs (if any) by the saved one after. 2) It doesn't exit in case of error, trying to recover as much as possible in case of failure instead and then continue services restarting. The reason for introducing new logic is that there can be some other, stateful, file system on top of autofs (say, tmpfs), which state was restore during migration. With current script this state will be lost, while this patch allows to preserve restored mount point after service restart. Signed-off-by:
-
Stanislav Kinsburskiy authored
This was a silly mistake: bind-mounts share the same superblock, thus dentry creation on a bind-monut will fail with EEXIST. Signed-off-by:
Cyrill Gorcunov <gorcunov@openvz.org> Signed-off-by:
-
Stanislav Kinsburskiy authored
This is essential to make sure, that we won't use the same pipe descriptor for different pipes. Otherwise we can run into problem with fd send via unix sockets. Signed-off-by:
-
Cyrill Gorcunov authored
Signed-off-by:
Dmitry Safonov <dsafonov@virtuozzo.com> Signed-off-by:
-
Stanislav Kinsburskiy authored
This is log cleanup patch. Pr_perror prints new line by itself. Signed-off-by:
-
Stanislav Kinsburskiy authored
Otherwise information about real pid is lost in case of pid_to_virt returned zero. This is required to output the real pid in error message instead of always outputting zero (result of pid_to_virt). IOW, would be nice to know the process pid we failed to find in the tree. Signed-off-by:
-
Stanislav Kinsburskiy authored
Without correct pid namespace systemctl is not able to determine whether autofs is active or not. The reason is unaccessible proc due to mount namespace change without pid namespace change. Signed-off-by:
-
Cyrill Gorcunov authored
This will be installed into $(prefix)/libexec/criu/scripts. Signed-off-by:
Cyrill Gorcunov <gorcunov@virtuozzo.com> Signed-off-by:
-
Stanislav Kinsburskiy authored
This script restarts systemd autofs services to workaround a problem, when systemd doesn't consider autofs mount as own after restore (alien device ID problem) v4: Environment variable NS_PID was renamed to CRTOOLS_INIT_PID v2: 1) Added different checks: for process with pid, active service, systemd based container. Signed-off-by:
-
Stanislav Kinsburskiy authored
Signed-off-by:
-
Stanislav Kinsburskiy authored
Signed-off-by:
-
Stanislav Kinsburskiy authored
Signed-off-by:
-
Stanislav Kinsburskiy authored
This will lead to segmentation fault. Signed-off-by:
-
Stanislav Kinsburskiy authored
Type dev_t corresponds to "unsigned long". v2: explicitly cast to "long" Signed-by:
-
Stanislav Kinsburskiy authored
Type dev_t corresponds to "unsigned long". Signed-by:
-
Stanislav Kinsburskiy authored
Otherwise dump fails. Signed-off-by:
-
Andrew Vagin authored
In file included from /home/travis/build/xemul/criu/criu/include/autofs.h:16:0, from autofs.c:7: /usr/include/linux/auto_fs.h:54:12: error: ‘NAME_MAX’ undeclared here (not in a function) char name[NAME_MAX+1]; In file included from /home/travis/build/xemul/criu/criu/include/autofs.h:16:0, from autofs.c:7: /usr/include/linux/auto_fs.h:54:12: error: ‘NAME_MAX’ undeclared here (not in a function) char name[NAME_MAX+1]; Signed-off-by: -
Mike Rapoport authored
The following error happens when building CRIU on Fedora 22: CC autofs.o autofs.c: In function ‘autofs_mount’: autofs.c:892:9: error: implicit declaration of function ‘add_post_prepare_cb’ [-Werror=implicit-function-declaration] ret = add_post_prepare_cb(autofs_add_mount_info, mi); ^ cc1: all warnings being treated as errors Adding forward declaration of add_post_prepare_cb resolves the issue. Signed-off-by:Mike Rapoport <rapoport@il.ibm.com> Signed-off-by:
-
Stanislav Kinsburskiy authored
Signed-off-by:
-
Stanislav Kinsburskiy authored
The only way to check, whether autofs migration is supported from the kernel side is to check actual mount point options (search for "pipe_ino" option). This checker first tries to find autofs on host. If there is no any, temporary mounts autofs by itself. Signed-off-by:
-
Stanislav Kinsburskiy authored
Required for test/zdtm/static/autofs test. Signed-off-by:
-
Stanislav Kinsburskiy authored
1) Support autofs kernel-user exchange protocol 2) Test mounts: direct, indirect, offset (?) (migrated and operational). 3) Test cases, when write end of the pipe is closed, and when it's not. 4) Test catatonic mounts. 5) Test nested mounts are migrated (tmpfs suits it good) Signed-off-by:
-
Stanislav Kinsburskiy authored
In case of mounting AutoFS indirect mount points, target dentry doesn't exist and has to be created. Signed-off-by:
-
Stanislav Kinsburskiy authored
AutoFS mount point is managed by user space daemon, which receives requests from kernel via pipe, passed on mount operation. Kernel hold write end, while user space process - read end. Thus, for successfull AutoFS migration, this connection has to be restored. Autofs restore is tricky. Mount point is created by init process in pair with per-mount context to be able to fix up actual kernel-userspace pipe connection, when all the mount points are restored. The problems with restoring pipe connection are: 1) It has to be done from actual AutoFS mount point master process context, because pipe and pgrp values are taken from current in kernel. 2) Actual mounts are created by "init" process, and mount point owner (master) have to set later. 3) To update mount point master one requires an opened write end of the pipe. To provide AutoFS mount point master with resources, mentioned above, the following was implemented: 1) If mount master doesn't have write pipe end opened, it is created as a clone of read pipe end file descriptor and added to master's fds list. This end is required to reconfigure mount point master. 2) Another pipe fle is created with explicit "post_open" callback, which is used for actual mount point reconfiguration. 3) Mount point in created by init process. Mount data, required to restore the owner, is copied to shared memory location by post-mount callback. Signed-off-by:
-
Stanislav Kinsburskiy authored
This structures and helpers are needed to simplify autofs mounts reconfiguring during restore. Note: taken from automount package. Signed-off-by:
-
Stanislav Kinsburskiy authored
This helper is used by autofs restore to add temporary pipe structures. Signed-off-by:
-
Stanislav Kinsburskiy authored
This helpers will be used by autofs restore to create temporary pipe descriptors. Signed-off-by:
-
Stanislav Kinsburskiy authored
This list contains all per-process used file fdinfo's, sorted by fd number. Will be used to safely create new artificial file descriptors and also allow to recreate temporary descriptors with original number, if possible, like AutoFS tries to preserve original pipe write end descriptor, when it was closed. This patch also adds a couple of simple helpers to find unused file descriptor: 1) fd_is_used() does exactly what it is named 2) find_unused_fd() returns "hint_fd" if unused or last used descriptor plus one. Signed-off-by:
-
Stanislav Kinsburskiy authored
AutoFS mount point is managed by user space daemon, which receives requests from kernel via pipe, passed on mount operation. Kernel hold write end, while user space process - read end. Thus, for successful AutoFS migration, this connection has to be restored. During this stage, all the autofs parameters and parsed and collected in per-mount autofs structure. It also does check that autofs mounts is not in interim state. Below are major tricks to be performed to dump AutoFS mount: 1) Read end of the pipe in the process have to be discovered: it will be used to restore the pipe in case of write pipe end in closed in the process. Note: migration of AutoFS mounts, which process group leader doesn't have read pipe end opened is not supported. 2) Read pipe end has to be empty. Otherwise autofs is an interim state. Interim state is determined by control pipe contents: if it's not empty, then it means, that kernel requested some operation (mount/umount), which is in process right now. In case of pipe is not empty, dump is aborted. 3) Mount points are collected (parsed) from initial pid namespace, which leads to real pgrp value in AutoFS options instead of virtual one. This have to be fixed. Note: we don't care about virtual pgrp in case of catatonic mounts Signed-off-by:
-
Stanislav Kinsburskiy authored
Autofs uses packetized pipe (with O_DIRECT), migration of which is not supported. Luckely, because we support only empty autofs pipes, they can be collected into some list and then explicitly treated as normal pipes on dump. Note: packetized mode is set by kernel inself on mount operation. So, we don't need to carry the flag at all. Signed-off-by:
-
