Skip to content
Permalink
Branch: criu-dev
Commits on Mar 16, 2016
  1. cr-check: Inspect errno on syscall failures

    filbranden authored and xemul committed Mar 14, 2016
    After replacing sys_kcmp with syscall() and sys_prctl with prctl(), the
    API is changed to return -1 and set errno on failure (instead of
    returning the negative value of the error code directly on return.)
    
    Commit 8ceab58 ("crtools: no more linked with builtin syscall")
    replaced calls to sys_kcmp and sys_prctl, but did not update the checks
    for ret to check for -1 and errno, so update them here.
    
    Also make the comparisons for the return value explicit checks for a
    negative value (expected -1) instead of just failing on a non-zero value
    with the implicit comparison.
    
    Add %m to report what errno was set to on failed syscalls, to make it
    easier to troubleshoot a check failure.
    
    Tested that now `criu check --ms` stopped reporting the misleading:
      prctl: One needs CAP_SYS_RESOURCE capability to perform testing.
    Instead, now it reports:
      Error (cr-check.c:165): System call kcmp is not supported: No such process
      Warn  (cr-check.c:195): Skipping unssuported PR_SET_MM_MAP: Invalid argument
      prctl: PR_SET_MM is not supported: Invalid argument
    And those messages include the error message that explains why the
    syscall failed.
    
    Reported-by: Saied Kazemi <saied@google.com>
    Fixes: 8ceab58 ("crtools: no more linked with builtin syscall")
    Cc: Laurent Dufour <ldufour@linux.vnet.ibm.com>
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Commits on Aug 27, 2014
  1. zdtm: fallback to mknod(/dev/ptmx) when CONFIG_DEVPTS_MULTIPLE_INSTAN…

    filbranden authored and xemul committed Aug 27, 2014
    …CES is not set
    
    A kernel without that option configured does not have /dev/pts/ptmx, so
    fallback to the previous way of creating it using mknod instead.
    
    The previous code was trying to bind mount ptmx on top of a symlink, which does
    not actually work... Keep only the symlink call and use a relative symlink
    instead. Adjust the error message of the symlink case to mention symlink()
    instead of mknod() and also /dev/ptmx instead of /dev/pts.
    
    Tested:
    - zdtm test suite runs on ^ns/static/.* before and after the change.
    - Same on a kernel with CONFIG_DEVPTS_MULTIPLE_INSTANCES unset.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@openvz.org>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Commits on Aug 26, 2014
  1. zdtm: add missing entries to zdtm .gitignore

    filbranden authored and xemul committed Aug 26, 2014
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  2. zdtm: sort .gitignore entries

    filbranden authored and xemul committed Aug 26, 2014
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  3. test: enhance library lookup when building mntns root

    filbranden authored and xemul committed Aug 26, 2014
    Use a single awk script to parse the ldd output. Filter out other cases that
    are clearly not libraries, such as static builds ("not a dynamic executable")
    and linux-gate.so. Make the grep for vdso more specific into linux-vdso.so.
    
    Tested:
    - sudo test/zdtm.sh '^ns/.*'
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  4. test: replace use of pcre grep with awk

    filbranden authored and xemul committed Aug 26, 2014
    Unfortunately, grep -P is not ubiquitous, so use awk with two regexps to
    simulate the negative forward lookup in the grep -P expression.
    
    Using awk doesn't really make it too unreadable, as using boolean operators
    such as && and || might actually make it more intuitive than the extended
    regexp.
    
    Tested:
    - sudo make -C test zdtm_ns
    - sudo make -C test zdtm_nons
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  5. crtools: bump up the getopt return values to outside the ascii range

    filbranden authored and xemul committed Aug 26, 2014
    The return values were getting dangerously close to the range of meaningful
    values, in particular the next candidate 63 is equal to '?' which is the
    typical return value in case of error.
    
    The return values for long options may be any integer, so bump them up to
    outside the ascii range, start above 1000. For ease of review this patch, keep
    the existing range (41-62) and increment each value by 1000.
    
    Tested:
    - Ran "criu --help", works fine.
    - Manual dump and restore with some of the options, worked fine.
    - Ran the zdtm test suite, tests passed.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Commits on Jun 26, 2014
  1. make: fix "make criu" after arch-specific vdso broke it

    filbranden authored and xemul committed Jun 25, 2014
    Building criu with "make criu" on a clean tree was not working, failing on:
    
      make[1]: *** No rule to make target `arch/x86/vdso-pie.o'.  Stop.
      make: *** [arch/x86/vdso-pie.o] Error 2
    
    git bisect traced the regression to commit c473461 (vdso: Make it arch
    specific) which apparently dropped the rule to build $(ARCH_DIR)/vdso-pie.o
    using the pie rule.  Restore the dependency for "make criu" to work again from
    a clean tree.
    
    Tested:
    $ git clean -fdx
    $ make criu
    
    Fixes: c473461
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Commits on Jun 25, 2014
  1. dump: do not fail dump when robust_lists are disabled

    filbranden authored and xemul committed Jun 25, 2014
    Robust lists may be disabled, for example if the "futex_cmpxchg_enabled"
    variable in the kernel is unset.
    
    Detect that case by checking that both "get_robust_list" and "set_robust_list"
    syscalls return ENOSYS and do not make criu dump fail in that case, but simply
    assume an empty list, which is consistent with the syscalls not being
    available.
    
    Tested: Successfully ran the zdtm test suite on a kernel where the
    "get_robust_list" and "set_robust_list" syscalls are disabled.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Commits on Jun 24, 2014
  1. git: add /dev to test/.gitignore

    filbranden authored and xemul committed Jun 18, 2014
    The /dev directory is also created by zdtm when running ns/ enabled tests.
    Add it to the list, together with entries such as /bin and /lib.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  2. zdtm: add missing entries to test/zdtm/.gitignore

    filbranden authored and xemul committed Jun 18, 2014
    This adds new tests "cgroup00" and "clean_mntns" to the .gitignore file.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  3. zdtm: add new dumpable02 test to check that dumpable flag set to 0 or…

    filbranden authored and xemul committed Jun 18, 2014
    … 2 works
    
    This confirms that the fix to handle dumpable flag set to 2 still works after
    restore.
    
    To force dumpable flag set to 0 or 2 (whatever the fs.suid_dumpable is set to),
    chmod the test binary to 0111 (executable, but not readable) and execv() it
    while running as non-root.  The kernel will unset the dumpable flag to prevent
    a core dump or ptrace to giving the user access to the pages of the binary
    (which are supposedly not readable by that user.)
    
    Tested:
    - # test/zdtm.sh static/dumpable02
      Test: zdtm/live/static/dumpable02, Result: PASS
    - # test/zdtm.sh ns/static/dumpable02
      Test: zdtm/live/static/dumpable02, Result: PASS
    - Used -DDEBUG to confirm the value of the dumpable flag was 0 or 2 to match
      the fs.suid_dumpable sysctl in the tests (both in and out of namespaces.)
    - Confirmed that the test fails if the commit that fixes handling of dumpable
      flag with value 2 is reverted and the fs.suid_dumpable sysctl is set to 2.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  4. restore: preserve dumpable flag when it is set to 2

    filbranden authored and xemul committed Jun 18, 2014
    Commit d5bb7e9 started to preserve the dumpable flag across migration by
    using prctl to get the value on dump and set it back on restore.
    
    On some situations, the dumpable flag can be set to 2.  This happens when it is
    not reset (with prctl) after using setuid() or after using execv() on a binary
    that has executable but not read permissions, when the fs.suid_dumpable sysctl
    is also set to 2.  However, it is not possible to set it to 2 using prctl,
    which would make criu restore fail.
    
    Fix this by checking for the value before passing it to prctl.  In case the
    value of the dumpable flag was 2 at the source, check whether it is already 2
    at the destination, which is likely to happen if the fs.suid_dumpable sysctl is
    also set to 2 where restore is running.  In that case, preserve the value,
    otherwise reset it to 0 which is the most secure fallback.
    
    Fixes: d5bb7e9
    
    Tested:
    - Using dumpable02 zdtm test after setting fs.suid_dumpable to 2.
      # sysctl -w fs.suid_dumpable=2
      # test/zdtm.sh ns/static/dumpable02
      4: DEBUG: before dump: dumpable=2
      4: DEBUG: after restore: dumpable=2
      4: PASS
      Test: zdtm/live/static/dumpable02, Result: PASS
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  5. Revert "pie: A quick workaround for PR_SET_DUMPABLE == 2 restore error."

    filbranden authored and xemul committed Jun 18, 2014
    This reverts commit 8870aa1.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  6. zdtm: add new dumpable01 test to check that dumpable flag is preserved

    filbranden authored and xemul committed Jun 18, 2014
    This confirms that the fix in commit d5bb7e9 to preserve the dumpable flag
    after migration is working as expected.
    
    In this test case, the dumpable flag is expected to always be set to 1, as
    test_init will use prctl to reset it to 1 after using setuid and setgid.
    
    Tested:
    - # test/zdtm.sh static/dumpable01
      Test: zdtm/live/static/dumpable01, Result: PASS
    - # test/zdtm.sh ns/static/dumpable01
      Test: zdtm/live/static/dumpable01, Result: PASS
    - Confirmed that the test fails after reverting commit d5bb7e9.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Commits on May 26, 2014
  1. zdtm: add missing entries to test/zdtm/.gitignore

    filbranden authored and xemul committed May 22, 2014
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  2. zdtm: keep entries in test/zdtm/.gitignore sorted

    filbranden authored and xemul committed May 22, 2014
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  3. make: use -pthread when linking with -lrt

    filbranden authored and xemul committed May 22, 2014
    This is required when linking statically.  It is also consistent with
    the rules for other zdtm tests that link with -lrt.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  4. make: respect USERCFLAGS in zdtm makefiles

    filbranden authored and xemul committed May 22, 2014
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  5. make: fix dependencies for "make criu" to work

    filbranden authored and xemul committed May 22, 2014
    Without the added dependencies, "make criu" will fail when trying to
    build arch/x86/crtools.d because it can not find include/config.h, the
    extra dependencies force the "config" rule to be processed before the
    dependencies of "criu" are evaluated.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
  6. make: clean up obj-ext-src-y objects on "make clean"

    filbranden authored and xemul committed May 22, 2014
    This is needed for lib/rpc.pb-c.{d,o} to be removed by "make clean".
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Cyrill Gorcunov <gorcunov@openvz.org>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Commits on May 20, 2014
  1. zdtm: fix cow01 test to fail on system errors

    filbranden authored and xemul committed May 20, 2014
    Add extra troubleshooting messages for errors and failures so that the
    output can help troubleshoot the issue.
    
    Make error handling more uniform by using -1 for errors (e.g. opening
    files, reading from pagemap, etc.) and 1 for failures (data mismatch,
    pages not COWed when expected to be, etc.)
    
    Tested: Ran this test with criu versions known to have problems with COW
    and with problems to read from pagemap due to the dumpable flag not
    being preserved.
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Acked-by: Andrew Vagin <avagin@parallels.com>
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Commits on May 13, 2014
  1. dump: preserve the dumpable flag on criu dump/restore

    filbranden authored and xemul committed May 13, 2014
    Preserve the dumpable flag, which affects whether a core dump will be
    generated, but also affects the ownership of the virtual files under
    /proc/$pid after restoring a process.
    
    Tested: Restored a process with a criu including this patch and looked
    at /proc/$pid to confirm that the virtual files were no longer all owned
    by root:root.
    
    zdtm tests pass except for cow01 which seems to be broken.
    (see https://bugzilla.openvz.org/show_bug.cgi?id=2967 for details.)
    
    This patch fixes https://bugzilla.openvz.org/show_bug.cgi?id=2968
    
    Signed-off-by: Filipe Brandenburger <filbranden@google.com>
    Change-Id: I8c386508448a84368a86666f2d7500b252a78bbf
    Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
You can’t perform that action at this time.