Skip to content
Permalink
Branch: criu-dev
Commits on Apr 17, 2019
  1. Bump SONAME to 2

    adrianreber authored and avagin committed Apr 16, 2019
    libcriu.so used to have the SONAME
    
    $ readelf -d lib/c/libcriu.so   | grep SONAME
     0x000000000000000e (SONAME)             Library soname: [libcriu.so.1]
    
    The recent changes to libcriu (removed and added functions, changes from
    `char *`-args to `const char *`) are breaking ABI and API. This requires
    a new SONAME of 2. This patch changes the SONAME to 2:
    
    $ readelf -d lib/c/libcriu.so   | grep SONAME
     0x000000000000000e (SONAME)             Library soname: [libcriu.so.2]
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
Commits on Mar 29, 2019
  1. restore: support restoring threads with SELinux

    adrianreber authored and avagin committed Mar 26, 2019
    Restoring a multi-threaded process with CRIU's SELinux support fails
    because SELinux does not always support changing the process context of
    a multi-threaded process.
    
    Reading the man-page for setcon(), to change the context of a running
    process, it states that changing the SELinux context of a multi-threaded
    process can only work 'if the new security context is bounded by the old
    security context'.
    
    To be able to restore a process without the need to have 'the new
    security context [] bounded by the old security context', this sets the
    SELinux process context before creating the threads. Thus all threads
    are created with the process context of the main process.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
Commits on Mar 23, 2019
  1. test: add selinux00 test

    adrianreber authored and avagin committed Mar 22, 2019
    This tests if CRIU can restore a process with the same policy as during
    checkpointing.
    
    The test selinux00 is started and if SELinux is available the test
    process moves itself to another process context. To make this possible
    either a new SELinux policy needs to be available containing:
    
    fedora-selinux/selinux-policy@2d537ca
    
    Or for a short time SELinux is switched to permissive mode.
    
    The correct SELinux setup is done by zdtm/static/selinux00.checkskip and
    zdtm/static/selinux00.hook and after the test the previous SELinux
    policy state is restored.
    
    After the test case is restored the test case checks if it still has the
    same SELinux process context as before. If not the test cases fails.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
  2. net: add correct SELinux label to parasite socket

    adrianreber authored and avagin committed Mar 12, 2019
    If running on a system with SELinux enabled the socket for the
    communication between parasite daemon and the main CRIU process needs to
    be correctly labeled.
    
    Initially this was motivated by Podman's use case: The container is
    usually running as something like '...:...:container_t:...:....' and
    CRIU started from runc and Podman will run as
    '...:...:container_runtime_t:...:...'. As the parasite will be running
    with the same context as the container process: 'container_t'.
    
    Allowing a container process to connect via socket to the outside
    of the container ('container_runtime_t') is not desired and therefore
    CRIU needs to label the socket with the context of the
    container: 'container_t'.
    
    So this first gets the context of the root container process and tells
    SELinux to label the next created socket with the same label as the root
    container process. For this to work it is necessary to have the correct
    SELinux policies installed. For Fedora based systems this is part of the
    container-selinux package.
    
    This assumes that all processes CRIU wants to dump are labeled with the
    same SELinux context. If some of the child processes have different
    labels this will not work and needs additional SELinux policies. But the
    whole SELinux socket labeling relies on the correct SELinux being
    available.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
  3. lsm: dump and restore any SELinux process label

    adrianreber authored and avagin committed Mar 12, 2019
    There was support for SELinux process labels in CRIU but because it was
    never tested or verified CRIU only supported the 'unconfined_t' process
    label. This was basically no SELinux support.
    
    For successful container checkpoint and restore on a SELinux enabled
    host it is necessary that the restored container has the same process
    context as before checkpointing.
    
    This commit only removes the check if the label is 'unconfined_t' and
    now stores any process label to be restored.
    
    For 'normal' processes started from the command-line which are usually
    running in the 'unconfined_t' this just works.
    
    For the container use case this needs additional policies. The latest
    container-selinux package on Fedora has the necessary policy to allow
    CRIU (running as 'container_runtime_t' when used from Podman) to
    transition the restored process to 'container_t'.
    
    Restoring a process running under systemd's control (which means
    'unconfined_service_t' without additional policies) will fail because
    CRIU will be not allowed to change the context of the restored process.
    
    For each additional CRIU use case on SELinux enabled systems, besides
    container processes and command-line/shell processes, additional SELinux
    policies are required to allow CRIU to do a 'dyntransition' (change the
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
Commits on Mar 14, 2019
  1. test: fix compilation error

    adrianreber authored and avagin committed Mar 13, 2019
    binfmt_misc.c:168:23: error: ‘sprintf’ may write a terminating nul past the end of the destination [-Werror=format-overflow=]
      168 |   sprintf(path, "%s/%s", dirname, NAME[i]);
          |                       ^
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
  2. criu: fix gcc9 rawhide compilation errors

    adrianreber authored and avagin committed Mar 13, 2019
    Signed-off-by: Adrian Reber <areber@redhat.com>
Commits on Mar 4, 2019
  1. Rename version protobuf RPC members

    adrianreber authored and avagin committed Feb 26, 2019
    In rpc.proto the interface to query the CRIU version number uses major
    and minor as keywords. This creates errors when using the RPC
    definitions with C++: #625
    
    In this commit the fields are renamed from major to major_number and
    from minor to minor_number.
    
    For existing programs using the RPC protobuf definition this should be a
    transparent change. Only for programs importing the latest rpc.proto it
    will require code changes.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
Commits on Feb 20, 2019
  1. crit: display help message when using python3

    adrianreber authored and avagin committed Feb 18, 2019
    Running crit with python2 gives following minimal help message:
    
     $ crit/crit
     usage: crit [-h] {decode,encode,info,x,show} ...
     crit: error: too few arguments
    
    Using a python3 only system crit shows the following error:
    
     $ crit/crit
     Traceback (most recent call last):
       File "crit/crit", line 6, in <module>
         cli.main()
       File "/home/criu/crit/pycriu/cli.py", line 334, in main
         opts["func"](opts)
     KeyError: 'func'
    
    Using this patch the python3 output changes to:
    
     $ crit/crit
     usage: crit [-h] {decode,encode,info,x,show} ...
     crit: error: too few arguments
    
    Suggested-by: Andrei Vagin <avagin@gmail.com>
    Signed-off-by: Adrian Reber <areber@redhat.com>
Commits on Jan 10, 2019
  1. Printout early log messages

    adrianreber authored and avagin committed Jan 9, 2019
    Up until now any pr_* logging command (except pr_msg) was lost if
    logging has not been set up (log_init()).
    
    To make sure not logging messages are lost, vprint_on_level() now writes
    all messages (except LOG_MSG) to a temporary buffer which is written
    to the logging FD once that is set up.
    
    Improved-by: Andrei Vagin <avagin@gmail.com>
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
Commits on Dec 20, 2018
  1. Fix RPC configuration file test case

    adrianreber authored and avagin committed Dec 19, 2018
    The relevant test case test_rpc_with_configuration_file_overwriting_rpc()
    was actually designed around the broken behaviour. It was only working
    if a previous configuration file (set via environment variable in this
    case) and the RPC configuration file have the same name. The test case
    which tests that RPC configuration file settings are overwriting direct
    RPC settings now makes sure that no other configuration file is set via
    the environment variable. If it would be set, the test case would still
    succeed, even with the previous patch applied. Which is and which was the
    correct behaviour.
    
    So the main reason for this change is to test the more likely use case
    that the environment based configuration file and the RPC configuration
    file have different names.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
  2. Fix RPC configuration file handling

    adrianreber authored and avagin committed Dec 19, 2018
    While writing runc test cases to verify that runc correctly uses RPC
    configuration files it became clear that some things were not working as
    they are supposed to. Looking closer at the code to set log files
    via RPC configuration files I discovered that the code seems wrong (at
    least I did not understand it any more (or the intentions behind it)).
    
    This code tries to simplify that logic a bit and add more comments to
    make clear what the intentions of the RPC configuration file code is.
    
    v2:
      - fix existing test case to test better (more correct)
      - make changes requested by Andrei
    v3:
      - more changes as requested by Andrei
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
Commits on Dec 11, 2018
  1. criu: fix segfault in pre-dump

    adrianreber authored and avagin committed Sep 12, 2018
    By accident I found a segfault using pre-dump in combination with the
    page-server. Doing the following I was able to trigger it:
    
     * criu page-server -D /tmp/1
     * criu pre-dump -t PID -D /tmp/3 --track-mem
     * criu page-server -D /tmp/4 --prev-images-dir ../1
     * criu pre-dump -t PID -D /tmp/3 --track-mem
     --> segfault
    
    ...
    (00.010090) Warn  (criu/image.c:134): Failed to open parent directory
    ...
    (00.012984) Error (criu/mem.c:318): Pid-reuse detection failed: no parent inventory, check warnings in get_parent_stats
    ...
    (00.013037) Error (criu/mem.c:544): Can't dump page with parasite
    ...
    (00.013955) Pre-dumping tasks' memory
    (00.013966) 	Pre-dumping 8793
    (00.014380) Transferring pages:
    Segmentation fault (core dumped)
    
    Looking in cr-dump.c at cr_pre_dump_finish(int ret) the function gets
    the return code of the previous operations in 'ret' but it is
    immediately overwritten and never used.
    
    In older CRIU versions it used to be:
    
    	if (ret < 0)
    		goto err;
    
    but that is gone now. So this reintroduces the check for the int
    parameter given to cr_pre_dump_finish() by the function caller.
    
    As the commands used to trigged the segfault do not make much sense the
    result is still not usable and the same 'Warn' and 'Error' messages are
    printed, but the segfault is gone.
    
    V2:
      * set the return value correctly
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
Commits on Dec 4, 2018
  1. Fix kerndat_link_nsid() on systems with more than 10 interfaces

    adrianreber authored and avagin committed Nov 22, 2018
    On a system with more than 10 network interfaces the link_nsid check
    fails:
    
    $ criu check --feature link_nsid
    Warn  (criu/cr-check.c:1237): NSID isn't supported
    
    The function kerndat_link_nsid() uses:
    
     nde.ifindex = 10;
    
    This fails as there is already an interface with ifindex 10.
    
    This patch moves the creation of the socket into the second network
    namespace and the feature check succeeds.
    
    Suggested-by: Jiri Benc <jbenc@redhat.com>
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
  2. Do not lock network if running in the host network namespace

    adrianreber authored and avagin committed Nov 29, 2018
    Related: #577
    
    Restoring a runc container which is running in the host's network
    namespace locked the network (iptables-restore) without unlocking it.
    
    This disables network logging if running in the host's network
    namespace.
    
    Suggested-by: Andrei Vagin <avagin@gmail.com>
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
Commits on Nov 27, 2018
  1. Print out if a RPC configuration file is used

    adrianreber authored and avagin committed Nov 16, 2018
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
Commits on Nov 4, 2018
  1. tests: more python3 compatibility

    adrianreber authored and avagin committed Oct 29, 2018
    This makes two zdtm test scripts python3 compatible to run
    zdtm on a system without python2.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
Commits on Oct 30, 2018
  1. RPC: fix wrong log_level handling

    adrianreber authored and avagin committed Sep 6, 2018
    In RPC mode the log_level was always reset to the default log level of 2, if no
    configuration file was used.
    
    This saves the log level set via RPC in opts.log_level and a configuration file
    can overwrite it later, but if it is only set via RPC this value is not ignored
    now.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  2. Documentation: update RPC configuration file section

    adrianreber authored and avagin committed Aug 2, 2018
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  3. criu/action-scripts: remove duplicate code

    adrianreber authored and avagin committed Aug 9, 2018
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  4. check: add a feature check for external network namespaces

    adrianreber authored and avagin committed Aug 9, 2018
    This is obviously not a real check. This only exists, so that CRIU
    clients/users can check if this CRIU version supports the external
    network namespace feature. Theoretically the CRIU client or user could
    also parse the version, but especially for CLI users version comparison
    in the shell is not easy.
    
    This feature check does not exist for RPC as RPC has a special version
    call which does not require string parsing and the external network
    namespace feature is available for all CRIU versions newer than 3.9.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  5. cr-service: fix gcc-8 error

    adrianreber authored and avagin committed Aug 2, 2018
    The latest patches to cr-service.c broke compilation with gcc-8:
    
    criu/cr-service.c: In function ‘setup_opts_from_req’:
    criu/cr-service.c:323:3: error: ‘strncpy’ specified bound 4096 equals destination size [-Werror=stringop-truncation]
       strncpy(images_dir_path, opts.imgs_dir, PATH_MAX);
       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    criu/cr-service.c:343:3: error: ‘strncpy’ specified bound 4096 equals destination size [-Werror=stringop-truncation]
       strncpy(work_dir_path, opts.work_dir, PATH_MAX);
       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    cc1: all warnings being treated as errors
    
    This fixes the errors by specifying the strncpy() size as 'PATH_MAX - 1'.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  6. cr-service: add support for configuration files in RPC mode

    adrianreber authored and avagin committed Aug 1, 2018
    With this commit it is possible to specify a configuration file via
    RPC. In python this would look like this:
    
     req.opts.config_file = 'path/to/config_file'
    
    With this commit CRIU's configuration file handling works like this:
    
     * apply_config(global_conf)
     * apply_config(user_conf)
     * apply_config(environment variable)
     * apply_config(config file via CLI)
     * apply_rpc_options() or apply_cli_options()
     * apply_config(rpc_conf) (only for RPC)
    
    This is at least (probably) the third iteration of the RPC configuration
    file code and it still is complicated.
    
    Most CRIU options are correctly used by just writing the new values to
    the corresponding fields of the opts structure. For the RPC case there
    are, however, a few options (output, work_dir, imgs_dir) which need
    special handling.
    
    So the RPC configuration file is parsed twice. First time to get output,
    work_dir and imgs_dir. Once those are read and correctly used, the RPC
    code overwrites all options again by values set by the RPC interface. At
    the end the RPC configuration file is read a second time and finally
    overwrites the values set via RPC.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  7. tests: add configuration file test via RPC

    adrianreber authored and avagin committed Aug 1, 2018
    This test checks the following things:
    
     * Does configuration file parsing work at all.
     * Does the parser detect wrong options.
     * Does the configuration file work via RPC.
     * Do the configuration file options not overwrite the RPC settings in
       the default setup.
     * Is it possible to tell CRIU to prefer the configuration file via RPC.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  8. RPC: Evaluate configuration file before switching to RPC mode

    adrianreber authored and avagin committed Aug 1, 2018
    When CRIU is started in RPC mode ('criu swrk') it used to ignore all
    command-line options and configuration files. This moves the jump to RPC
    mode after the configuration file parsing to enable configuration.
    
    With this configuration files are now also evaluated in RPC mode and it
    is possible to change the behavior of CRIU via the configuration file if
    used via RPC.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  9. config: add support for CRIU_CONFIG_FILE

    adrianreber authored and avagin committed Aug 1, 2018
    With this it is possible to point the environment variable
    CRIU_CONFIG_FILE to a CRIU configuration file.
    
    The order the configuration files are evaluated now is:
    
     1. global (/etc/criu/default.conf)
     2. user ($HOME/.criu/default.conf)
     3. CRIU_CONFIG_FILE
     4. --config FILENAME
     5. CLI
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  10. opts: use xstrdup () to assign char * options

    adrianreber authored and avagin committed Aug 1, 2018
    With the previous change to dynamically allocate memory for each
    possible configuration source (three different configuration files, CLI,
    RPC) the char * options can no longer directly point to the character
    strings extracted by getopt() as the memory might be free'd at some
    point. This introduces a macro to set the char * options which first
    does a xfree() and then a xstrdup().
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  11. config: use dynamic variables for configuration files

    adrianreber authored and avagin committed Aug 1, 2018
    The code to read and parse configuration files was writing the result of
    the global configuration file to one variable and the result from the
    configuration file in the user's home to another variable:
    
      char **global_conf = NULL;
      char **user_conf = NULL;
    
    With this change the code now uses dynamic memory allocation to handle
    the different configuration files.
    
    It used to be:
    
      * parse global config
      * parse user config
      * evaluate global config
      * evaluate user config
      * evaluate CLI
    
    And now it is:
    
      * parse global config
      * evaluate global config
      * parse user config
      * evaluate user config
      * evaluate CLI
    
    This change is in preparation for the upcoming setting of a
    configuration file via environment variable and RPC configuration file
    usage.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  12. config: move init_opts() to config.c

    adrianreber authored and avagin committed Aug 1, 2018
    This just moves the functions init_opts() and deprecated_ok() also to
    config.c as that is where most of the option and configuration setup
    and handling is done today.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  13. config: remove more unused option handling

    adrianreber authored and avagin committed Aug 1, 2018
    The variable show_dump_file and show_fmt are assigned but never used,
    this remove the assignment. The CLI option still exists to not break the
    user interface.  It exists, but it is unused.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  14. config: remove unused pid option

    adrianreber authored and avagin committed Aug 1, 2018
    This removes the code around '--pid, -p' which is not used at all. The
    command-line option is still available to not break CRIU users, but as
    the result has not been used, just  remove the code assigning it.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  15. config: move getopt out of main()

    adrianreber authored and avagin committed Aug 1, 2018
    This moves the whole getopt setup and analysis out of main() into its
    own function in config.c.
    
    The main motivation for this change is to be able to call getopt parsing
    and configuration file parsing also from the RPC code path.
    
    In one of the discussion emails about configuration files in CLI and RPC
    mode the following architecture was proposed:
    
    apply_config(global_conf)
    apply_config(user_conf)
    apply_config(pre_conf)
    parse_command_line()
    apply_rpc_options()
    apply_config(post_conf)
    
    And especially for the last step the getopt parsing needs to be out of
    main() and callable from the RPC code path.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  16. image: add a few missing newlines in pr_warn()

    adrianreber authored and avagin committed Jul 26, 2018
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  17. config: fix valgrind leak

    adrianreber authored and avagin committed Jul 24, 2018
    Running 'criu dump -t <PID>' with a configuration file under valgrind
    where <PID> does not exist, gives:
    
    ==14336== 600 bytes in 5 blocks are definitely lost in loss record 5 of 5
    ==14336==    at 0x4C29BC3: malloc (vg_replace_malloc.c:299)
    ==14336==    by 0x5D387A4: getdelim (in /usr/lib64/libc-2.17.so)
    ==14336==    by 0x439829: getline (stdio.h:117)
    ==14336==    by 0x439829: parse_config (config.c:69)
    ==14336==    by 0x439CB2: init_configuration.isra.1 (config.c:159)
    ==14336==    by 0x439F75: init_config (config.c:212)
    ==14336==    by 0x439F75: parse_options (config.c:487)
    ==14336==    by 0x42499F: main (crtools.c:140)
    
    ==14336== LEAK SUMMARY:
    ==14336==    definitely lost: 600 bytes in 5 blocks
    
    With this patch:
    
    ==17892== LEAK SUMMARY:
    ==17892==    definitely lost: 0 bytes in 0 blocks
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
  18. test rpc: remove unnecessary import, close fd

    adrianreber authored and avagin committed Jun 29, 2018
    Signed-off-by: Adrian Reber <areber@redhat.com>
    Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Older
You can’t perform that action at this time.