Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

memfd_secret: add memfd-secret file support #2247

Open
wants to merge 192 commits into
base: criu-dev
Choose a base branch
from

Commits on Jun 12, 2023

  1. Add flog to CRIU

    Change made through this commit:
    - Include copy of flog as a seperate tree.
    - Modify the makefile to add and compile flog code.
    
    Signed-off-by: prakritigoyal19 <prakritigoyal19@gmail.com>
    prakritigoyal19 authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    823db1b View commit details
    Browse the repository at this point in the history
  2. flog: Missing varargs init or cleanup (VARARGS)

    CID 302713 (checkpoint-restore#1 of 1): Missing varargs init or cleanup (VARARGS)
     va_end was not called for argptr.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    1444b72 View commit details
    Browse the repository at this point in the history
  3. Run 'make indent' on 'flog/'

    Separate commit for easier criu-dev <-> master transfer.
    
    Acked-by: Mike Rapoport <rppt@linux.ibm.com>
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    cc193dc View commit details
    Browse the repository at this point in the history
  4. flog: typo: mmaped -> mmapped

    It is mapped, not maped. Same applies for mmap I guess.
    
    Found by codespell, except it wants to change it to mapped,
    which will make it less specific.
    
    Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
    kolyshkin authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    1fa21a0 View commit details
    Browse the repository at this point in the history
  5. flog: fix some codespell warnings

    Brought to you by
    
        codespell -w
    
    (using codespell v2.1.0).
    
    [v2: use "make indent" on the result]
    
    Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
    kolyshkin authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    7eaf7a3 View commit details
    Browse the repository at this point in the history
  6. limit the field width of 'scanf'

    Fixes: checkpoint-restore#2121
    
    Signed-off-by: Pengda Yang <daz-3ux@proton.me>
    Daz-3ux authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    aed3f34 View commit details
    Browse the repository at this point in the history
  7. sk-inet: Add IP TOS socket option

    The TOS(type of service) field in the ip header allows you specify the
    priority of the socket data.
    
    Signed-off-by: Suraj Shirvankar <surajshirvankar@gmail.com>
    h0lyalg0rithm authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    d6860d0 View commit details
    Browse the repository at this point in the history
  8. zdtm: Add tests for ip tos restore

    Signed-off-by: Suraj Shirvankar <surajshirvankar@gmail.com>
    h0lyalg0rithm authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    0dd4668 View commit details
    Browse the repository at this point in the history
  9. dump: increase fcntl call failure judgment

    The pipe_size type is unsigned int, when the fcntl call fails and
    return -1, it will cause a negative rollover problem.
    
    Signed-off-by: zhoujie <zhoujie133@huawei.com>
    hdzhoujie authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    13eb876 View commit details
    Browse the repository at this point in the history
  10. compel: support XSAVE on newer Intel CPUs

    Newer Intel CPUs (Sapphire Rapids) have a much larger xsave area than
    before. Looking at older CPUs I see 2440 bytes.
    
        # cpuid -1 -l 0xd -s 0
        ...
            bytes required by XSAVE/XRSTOR area     = 0x00000988 (2440)
    
    On newer CPUs (Sapphire Rapids) it grows to 11008 bytes.
    
        # cpuid -1 -l 0xd -s 0
        ...
            bytes required by XSAVE/XRSTOR area     = 0x00002b00 (11008)
    
    This increase the xsave area from one page to four pages.
    
    Without this patch the fpu03 test fails, with this patch it works again.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    970c4ab View commit details
    Browse the repository at this point in the history
  11. ci: fix new codespell errors

    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    1d4c5ed View commit details
    Browse the repository at this point in the history
  12. scripts: make newer versions of shellcheck happy

    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    d98c533 View commit details
    Browse the repository at this point in the history
  13. criu-ns: make --pidfile option show pid in caller pidns

    Using the fact that we know criu_pid and criu is a parent of restored
    process we can create pidfile with pid on caller pidns level.
    
    We need to move mount namespace creation to child so that criu-ns can
    see caller pidns proc.
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Snorch authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    8e0697d View commit details
    Browse the repository at this point in the history
  14. docs: rename amdgpu_plugin.txt to criu-amdgpu-plugin.txt

    By default, the file name 'amdgpu_plugin.txt' is used also as the name
    for the corresponding man page (`man amdgpu_plugin`). However, when
    this man page is installed system-wide it would be more appropriate
    to have a prefix 'criu-' (e.g., `man criu-amdgpu-plugin`).
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    806ee35 View commit details
    Browse the repository at this point in the history
  15. lib/c: add empty_ns interfaces to libcriu

    crun wants to set empty_ns and this interface is missing from the
    library. This adds it to libcriu.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    f57bda4 View commit details
    Browse the repository at this point in the history
  16. criu-ns: Add --criu-binary argument to run_criu()

    --criu-binary argument provides a way to supply the CRIU binary
    location to run_criu().
    
    Related to: checkpoint-restore#1909
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    f308272 View commit details
    Browse the repository at this point in the history
  17. criu-ns: Add support for older Python version in CI

    These changes remove and update the changes introduced in
    7177938 in favor of the
    Python version in CI.
    
    os.waitstatus_to_exitcode() function appeared in Python 3.9
    
    Related to: checkpoint-restore#1909
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    38db5e1 View commit details
    Browse the repository at this point in the history
  18. criu-ns: Add tests for criu-ns script

    These changes add test implementations for criu-ns script.
    
    Fixes: checkpoint-restore#1909
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    8094df8 View commit details
    Browse the repository at this point in the history
  19. criu-ns: Install Python pathlib module in CentOS 7

    These changes fix the `ImportError: No module named pathlib`
    error when executing criu-ns tests located at criu/test/others/criu-ns
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    f0e9358 View commit details
    Browse the repository at this point in the history
  20. criu-ns: Update shebang line to python

    CentOS 7 CI environment uses Python 2. To execute criu-ns
    script in CentOS 7 changing the current shebang line to
    python is required.
    
    This reverse the changes made in a15a63f
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    9130fef View commit details
    Browse the repository at this point in the history
  21. timers: improve and fix posix timer id sequence checks

    This is a patch proposed by Thomas here:
    https://lore.kernel.org/all/87ilczc7d9.ffs@tglx/
    
    It removes (created id > desired id) "sanity" check and adds proper
    checking that ids start at zero and increment by one each time when we
    create/delete a posix timer.
    
    First purpose of it is to fix infinite looping in create_posix_timers on
    old pre 3.11 kernels.
    
    Second purpose is to allow kernel interface of creating posix timers
    with desired id change from iterating with predictable next id to just
    setting next id directly. And at the same time removing predictable next
    id so that criu with this patch would not get to infinite loop in
    create_posix_timers if this happens.
    
    Thanks a lot to Thomas!
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    KAGA-KOKO authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    358f09c View commit details
    Browse the repository at this point in the history
  22. action-scripts: Add pre-stream hook

    This hook allows to start image streamer process from an action script.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    104a828 View commit details
    Browse the repository at this point in the history
  23. cgroup/restore: split prepare_task_cgroup code into two separate func…

    …tions
    
    This does cgroup namespace creation separately from joining task
    cgroups. This makes the code more logical, because creating cgroup
    namespace also involves joining cgroups but these cgroups can be
    different to task's cgroups as they are cgroup namespace roots
    (cgns_prefix), and mixing all of them together may lead to
    misunderstanding.
    
    Another positive thing is that we consolidate !item->parent checks in
    one place in restore_task_with_children.
    
    Signed-off-by: Valeriy Vdovin <valeriy.vdovin@virtuozzo.com>
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    valeriyvdovin authored and avagin committed Jun 12, 2023
    Configuration menu
    Copy the full SHA
    4d137b8 View commit details
    Browse the repository at this point in the history

Commits on Jun 15, 2023

  1. Fix dumping hugetlb-based memfd on kernels < 4.16.

    4.15-based kernels don't allow F_*SEAL for memfds created with MFD_HUGETLB.
    Since seals are not possible in this case, fake F_GETSEALS result as if it
    was queried for a non-sealing-enabled memfd.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    af0e413 View commit details
    Browse the repository at this point in the history
  2. Fix mount(cgroup2) for older kernels.

    Linux 4.15 doesn't like empty string for cgroup2 mount options.
    Pass NULL then to satisfy the kernel check. Log the options for
    easier debugging.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    11288c9 View commit details
    Browse the repository at this point in the history
  3. Restore THP_DISABLE prctl.

    The original commit added saving THP_DISABLED flag value, but missed
    restoring it. There is restoring code, but used only when --lazy_pages
    mode is enabled. Restore the prctl flag always. While at it, rename the
    `has_thp_enabled` -> `!thp_disabled` for consistency.
    
    Fixes: bbbd597 (2017-06-28 "mem: add dump state of THP_DISABLED prctl")
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    9e6454f View commit details
    Browse the repository at this point in the history
  4. Log if prctl(SET_THP_DISABLE) doesn't work as expected.

    If prctl(SET_THP_DISABLE) is not used due to bad semantics, log it
    for easier debugging.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    7ca6856 View commit details
    Browse the repository at this point in the history
  5. zdtm: thp_disable: Output a single failure message

    While at it, don't carry over stale errno to the fail() message.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    d3a33ca View commit details
    Browse the repository at this point in the history
  6. zdtm: thp_disable: Verify prctl(THP_DISABLE) migration

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    6006cb6 View commit details
    Browse the repository at this point in the history
  7. zdtm: thp_disable: Verify MADV_NOHUGEPAGE before migration

    Add a sanity check for THP_DISABLE. This discovered a broken commit
    in Google's kernel tree.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 15, 2023
    Configuration menu
    Copy the full SHA
    c75c017 View commit details
    Browse the repository at this point in the history

Commits on Jun 16, 2023

  1. Fill FPU init state if it's not provided by kernel.

    Apparently Skylake uses init-optimization when saving FPU state, and ptrace()
    returns XSTATE_BV[0] = 0 meaning FPU was not used by a task (in init state).
    Since CRIU restore uses sigreturn to restore registers, FPU state is always
    restored. Fill the state with default values on dump to make restore happy.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 16, 2023
    Configuration menu
    Copy the full SHA
    c6ee1ba View commit details
    Browse the repository at this point in the history

Commits on Jun 17, 2023

  1. compel/test: Return 0 in case of error in fdspy

    This commit revises the error handling in the fdspy test. Previously,
    a failure case could have been incorrectly reported as successful because
    of a specific check `pass != 0`, leading to potential false positives
    when `check_pipe_ends()` returned `-1` due to a read/write pipe error.
    
    To improve this, we've adjusted the error handling to return `0` in case
    of any error. As such, the final success condition remains unchanged. This
    approach will help accurately differentiate between successful and failed
    cases, ensuring the output "All OK" is printed for success, and "Something
    went WRONG" for any failure.
    
    Fixes: 5364ca3 ("compel/test: Fix warn_unused_result")
    
    Signed-off-by: Haorong Lu <ancientmodern4@gmail.com>
    ancientmodern authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    9e2e560 View commit details
    Browse the repository at this point in the history
  2. Allow passing --leave_stopped by RPC.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    3d4d943 View commit details
    Browse the repository at this point in the history
  3. Allow passing --display_stats via RPC.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    mclapinski authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    161a5ff View commit details
    Browse the repository at this point in the history
  4. Allow passing --log_to_stderr via RPC.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    mclapinski authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    7f7b553 View commit details
    Browse the repository at this point in the history
  5. zdtm: Allow overriding /tmp.

    Use $TMPDIR for tests_root as the host's /tmp might not have enough
    features or space.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    e55e168 View commit details
    Browse the repository at this point in the history
  6. zdtm: Add timeouts for test commands.

    Extend ability to limit time taken to all CRIU invocations.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    0bd5abe View commit details
    Browse the repository at this point in the history
  7. zdtm: Allow --keep-going for single test.

    We don't want test framework to change its behaviour on whether we
    run a single or multiple tests in a run. When we shard the test suite
    it can result in some shards having a single test to run and
    unexpectedly change the test output format.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    05f2319 View commit details
    Browse the repository at this point in the history
  8. zdtm: Implement test sharding.

    Allow to split test suite into predictable sets to parallelize runs on
    multiple machines or VMs.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    e595787 View commit details
    Browse the repository at this point in the history
  9. zdtm: sock_opts00: Improve error messages.

    Make it clear that the option numbers are indexes not the option
    identifiers ("names"). Also show the value change that prompted test
    failure.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 17, 2023
    Configuration menu
    Copy the full SHA
    9301aba View commit details
    Browse the repository at this point in the history

Commits on Jun 19, 2023

  1. Allow skipping iptables/nftables invocation.

    Make it possible to skip network lock to enable uses that break connections
    anyway to work without iptables/nftables being present.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 19, 2023
    Configuration menu
    Copy the full SHA
    a2c4dd2 View commit details
    Browse the repository at this point in the history
  2. test/thp_disable: fix lint

    The fail() macro provides a new line character at the end of the
    message. This patch fixes the following lint check that currently
    fails in CI:
    
    $ git --no-pager grep -E '^\s*\<(pr_perror|fail)\>.*\\n"'
    test/zdtm/static/thp_disable.c:		fail("prctl(GET_THP_DISABLE) returned unexpected value: %d != 1\n", ret);
    test/zdtm/static/thp_disable.c:		fail("Flags changed %lx -> %lx\n", orig_flags, new_flags);
    test/zdtm/static/thp_disable.c:		fail("Madvs changed %lx -> %lx\n", orig_madv, new_madv);
    test/zdtm/static/thp_disable.c:		fail("post-migration prctl(GET_THP_DISABLE) returned unexpected value: %d != 1\n", ret);
    test/zdtm/static/thp_disable.c:		fail("Flags changed %lx -> %lx\n", orig_flags, new_flags);
    test/zdtm/static/thp_disable.c:		fail("Madvs changed %lx -> %lx\n", orig_madv, new_madv);
    
    Fixes: checkpoint-restore#2193
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jun 19, 2023
    Configuration menu
    Copy the full SHA
    f018893 View commit details
    Browse the repository at this point in the history

Commits on Jun 22, 2023

  1. sockets: Increase the size of sockets hashmap to 16K.

    During dump, CRIU stores the structs representing sockets in a statically sized
    hashmap of size 32. We have some (admittedly crazy) tasks that use tens of
    thousands of sockets, and seem to spend most of the dump time iterating over
    the linked lists of the map.
    
    16K is chosen arbitrarily, so that it reduces the lengths of the chains to few
    elements on average, while not introducing significant memory overhead.
    
    From: Radosław Burny <rburny@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    e6427c5 View commit details
    Browse the repository at this point in the history
  2. pipes: Plug pipe fd leak in "Unable to set a pipe size" error case.

    From: Piotr Figiel <figiel@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    12290f4 View commit details
    Browse the repository at this point in the history
  3. kerndat: Make socket feature probing work on IPv6-only host.

    Try IPv6 if IPv4 sockets are not supported.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 22, 2023
    Configuration menu
    Copy the full SHA
    f5cd44f View commit details
    Browse the repository at this point in the history

Commits on Jun 26, 2023

  1. restore: remove unused secbits field.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 26, 2023
    Configuration menu
    Copy the full SHA
    1e90fc8 View commit details
    Browse the repository at this point in the history

Commits on Jun 28, 2023

  1. build: Remove HAS_MEMFD test

    The test for HAS_MEMFD is empty and noit used. Remove it.
    
    Fixes: 5ee1ac1 ("criu: remove FEATURE_TEST_MEMFD")
    Change-Id: I43b8f0cfd50ce9bdf93dafb647377318df1deae8
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 28, 2023
    Configuration menu
    Copy the full SHA
    aa6b633 View commit details
    Browse the repository at this point in the history
  2. build: Debug system feature tests.

    `make` without `-s` option will normally show the commands executed. In
    the case of detecting build environment features current makefile will
    cause detected features to be seen as 'echo #define' commands, but not
    detected ones will be silent. Change it so that all tried features can
    be seen (outside of make's silent mode) regardless of detection result.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 28, 2023
    Configuration menu
    Copy the full SHA
    2d76e4b View commit details
    Browse the repository at this point in the history
  3. build: Fix LIBS vs LDFLAGS order.

    $LDFLAGS can contain `-Ldir`s that are required by '-lib's in $LIBS.
    Reverse the order so that `-L` options make effect.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 28, 2023
    Configuration menu
    Copy the full SHA
    722a90c View commit details
    Browse the repository at this point in the history
  4. build: Use make-provided AR for building libzdtmtst.

    Make $(AR) used also for libzdtmtst build.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 28, 2023
    Configuration menu
    Copy the full SHA
    85f53bd View commit details
    Browse the repository at this point in the history
  5. build: Guard against libbsd's version of __aligned.

    When trying to build CRIU with libbsd enabled the compilation fails due
    to duplicate definition of __aligned macro. Other such definitions are
    already wrapped with #ifndef make __aligned definition consistent and
    make it easier in the future to use the libbsd features if needed.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 28, 2023
    Configuration menu
    Copy the full SHA
    eece28d View commit details
    Browse the repository at this point in the history
  6. build: libnfnetlink: Remove nla_get_s32().

    nla_get_s32() was added to libnl 3.2.7 in 2015. Remove CRIU's definition
    as it breaks build when statically linking the binary.
    
    From: Uros Prestor <urosp@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 28, 2023
    Configuration menu
    Copy the full SHA
    0588c3b View commit details
    Browse the repository at this point in the history

Commits on Jun 30, 2023

  1. action-scripts: allow shell scripts in rpc mode

    Container runtimes commonly use CRIU with RPC. However, this prevents
    the use of action-scripts set in a CRIU configuration file due to the
    explicit scripts mode introduced with the following commit:
    
      ac78f13
      actions: Introduce explicit scripts mode
    
    This patch enables container checkpoint/restore with action-scripts
    specified via configuration file.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jun 30, 2023
    Configuration menu
    Copy the full SHA
    b02d53a View commit details
    Browse the repository at this point in the history
  2. docker/podman: test c/r with action-script

    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jun 30, 2023
    Configuration menu
    Copy the full SHA
    cde9bcf View commit details
    Browse the repository at this point in the history
  3. rpc: Support gathering external file list after freezing process tree.

    New 'query-ext-files' action for `criu dump` is sent after
    freezing the process tree. This allows to defer gathering
    the external file list when the process tree is in a stable
    state and avoids race with the process creating and deleting
    files.
    
    Change-Id: Iae32149dc3992dea086f513ada52cf6863beaa1f
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 30, 2023
    Configuration menu
    Copy the full SHA
    8ba6efb View commit details
    Browse the repository at this point in the history
  4. rpc: Support setting images_dir by path.

    Google's RPC client process is in a different pidns and has more privileges --
    CRIU can't open its /proc/<pid>/fd/<fd>.  For images_dir_fd to be useful here
    it would need to refer to a passed or CRIU's fd.
    
    From: Michał Cłapiński <mclapinski@google.com>
    Change-Id: Icbfb5af6844b21939a15f6fbb5b02264c12341b1
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jun 30, 2023
    Configuration menu
    Copy the full SHA
    6cfe7aa View commit details
    Browse the repository at this point in the history

Commits on Jul 5, 2023

  1. util: Downgrade ignored errors to warnings.

    If the error is ignored it is not important enough - make it a warning
    instead.
    
    From: Mian Luo <mianl@google.com>
    Change-Id: If2641c3d4e0a4d57fdf04e4570c49be55f526535
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 5, 2023
    Configuration menu
    Copy the full SHA
    fb8ca64 View commit details
    Browse the repository at this point in the history
  2. kerndat: unexport kerndat_nsid()

    kerndat_nsid() is not used outside kerndat.c. Make it static.
    
    Change-Id: I52e518ecb7c627cc1866e373411b2be3f71a2c9d
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 5, 2023
    Configuration menu
    Copy the full SHA
    f0d1b89 View commit details
    Browse the repository at this point in the history
  3. kerndat: Don't fail on NETLINK/nsid support missing.

    If not dumping netns nor connections, nsid support is not used. Don't
    fail the run as if the support is needed, the dumping process will fail
    later.
    
    Change-Id: I39a086756f6d520c73bb6b21eaf6d9fb49a18879
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 5, 2023
    Configuration menu
    Copy the full SHA
    a5939b0 View commit details
    Browse the repository at this point in the history
  4. util: Make CRIU run_id machine-level unique.

    Instead of relying on chance of CLOCK_MONOTONIC reading being unique,
    use pid namespace ID that combined with the process ID will make it
    unique on the machine level.
    
    If pidns is not enabled on a kernel we'll get ENOENT, but then CRIU's
    pid will already be unique. If there is some other error, log it but
    continue, as the socket clash (if it happens) will result in a failed
    run anyway.
    
    Fixes: 45e048d (2022-03-31 "criu: generate unique socket names")
    Fixes: 408a7d8 (2022-02-12 "util: add an unique ID of the current criu run")
    Change-Id: I111c006e1b5b1db8932232684c976a84f4256e49
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 5, 2023
    Configuration menu
    Copy the full SHA
    ba11426 View commit details
    Browse the repository at this point in the history
  5. zdtm: Update netns purpose comment in zdtm_ct.

    With the parasite socket clash now guaranteed not to happen,
    the comment becomes obsolete. netns is steel needed though, so
    update the comment to point at the requirement.
    
    Change-Id: I3cfb253cd5c53b91b955fcb001530b4aee5129f4
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 5, 2023
    Configuration menu
    Copy the full SHA
    4c2b71c View commit details
    Browse the repository at this point in the history

Commits on Jul 7, 2023

  1. readme: refactor asciinema link for video playback

    Instead of opening the image directly, the commit refactors the
    asciinema image embedded link to redirect users to the corresponding
    video.
    
    Signed-off-by: Abhishek Guleri <abhishekguleri24@gmail.com>
    Guleri24 authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    3a932e9 View commit details
    Browse the repository at this point in the history
  2. ci: disable CentOS 7 test in Cirrus CI

    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    42a5b64 View commit details
    Browse the repository at this point in the history
  3. ci: clean up CentOS 7 related tweaks

    We have disabled CentOS 7 tests in CI. This patch reverts the
    changes introduced in the following commit:
    
    24bc083
    ci: disable some tests on CentOS 7
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    f8466ca View commit details
    Browse the repository at this point in the history
  4. coredump: drop python 2 support

    This patch reverts changes introduced for Python 2 compatibility
    in commits:
    
      1c866db (Add new files for running criu-coredump via python 2 or 3)
    
      3180d35 (Add support for python3 in criu-coredump).
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    e9901cd View commit details
    Browse the repository at this point in the history
  5. crit: drop python 2 support

    This patch reverts changes introduced with the following commits:
    
    4feb070
    crit: enable python2 or python3 based crit
    
    b78c4e0
    test: fix crit test and extend it
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    91edb5f View commit details
    Browse the repository at this point in the history
  6. crit: add requirements.txt for pip>=20.1

    When building with pip version 20.0.2 or older, the pip install
    command creates a temporary directory and copies all files from
    ./crit. This results in the following error message:
    
        ModuleNotFoundError: No module named 'pycriu'
    
    This error appears because the symlink 'pycriu' uses a relative path
    that becomes invalid '../lib/py/'.
    
    The '--no-build-isolation' option for pip install is needed to enable
    the use of pre-installed dependencies (e.g., protobuf) during build.
    
    The '--ignore-installed' option for pip is needed to avoid an error when
    crit is already installed. For example, crit is installed in the GitHub
    CI environment as part of the criu OBS package as a dependency for
    podman.
    
    Distributions such as Arch Linux have adopted an externally managed
    python installation in compliance with PEP 668 [1] that prevents pip
    from breaking the system by either installing packages to the system or
    locally in the home folder. The '--break-system-packages' [2] option
    allows pip to modify an externally managed Python installation.
    
    [1] https://peps.python.org/pep-0668/
    [2] https://pip.pypa.io/en/stable/cli/pip_uninstall/
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    02bd1bc View commit details
    Browse the repository at this point in the history
  7. remove python-future dependency

    This commit removes the dependency on the __future__ module, which was
    used to enable Python 3 features in Python 2 code. With support for
    Python 2 being dropped, it is no longer necessary to maintain backward
    compatibility.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    c794f39 View commit details
    Browse the repository at this point in the history
  8. make: remove checks for python 2 binary

    This commit removes the checks for the Python 2 binary in the makefile
    and makes sure that ZDTM tests always use python3. Since support for
    Python 2 has been dropped, these checks are no longer needed.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    5f4d92f View commit details
    Browse the repository at this point in the history
  9. test/criu-ns: drop python 2 compatibility

    This patch is replacing the set_blocking() function with
    os.set_blocking(). This function was introduced for compatibility with
    Python 2 in commit 8094df8di (criu-ns: Add tests for criu-ns script).
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    cc5742d View commit details
    Browse the repository at this point in the history
  10. test/others: drop setup_swrk() py2 compatibility

    This patch removes the code introduced for compatibility
    with Python 2 in commits:
    
    4c1ee3e
    test/other: Resolve Py3 compatibility issues
    
    6b615ca
    test/others: Reuse setup_swrk()
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    a8cfec9 View commit details
    Browse the repository at this point in the history
  11. lib/py: drop python 2 compatibility

    This patch removes code introduced for compatibility with
    Python 2 in commits:
    
      bf80fee (lib: correctly handle stdin/stdout (Python 3))
    
      b82f222 (lib: fix crit-recode fix for Python 2)
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    460c4d2 View commit details
    Browse the repository at this point in the history
  12. zdtm: drop python 2 compatibility

    This patch removes the code for Python 2 compatibility introduced
    with commit e65c7b5 (zdtm: Replace imp module with importlib).
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    75d9d68 View commit details
    Browse the repository at this point in the history
  13. cgroup: Propagate error on cgroup mount failure.

    This makes the error to mount cgroup hierarchy a bit less noisy:
    
    Error (criu/cgroup.c:623): cg: Unable to mount cgroup2 : Invalid argument'
    
    Instead of
    
    Error (criu/cgroup.c:623): cg: Unable to mount cgroup2 : Invalid argument'
    Error (criu/cgroup.c:715): cg: failed walking /proc/self/fd/-1/zdtmtst for empty cgroups: No such file or directory'
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    b759678 View commit details
    Browse the repository at this point in the history
  14. files-reg: Debug "open file on overmounted mount" error.

    Log the mount and file that were the cause of failing a dump.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    ce33c49 View commit details
    Browse the repository at this point in the history
  15. compel: Log the status word with "Task is still running" errors.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    b42e7af View commit details
    Browse the repository at this point in the history
  16. sk-unix: Log both peer names when failing on an external stream unix …

    …socket.
    
    Make debugging dump failures resulting in "sk unix: Can't dump half
    of stream unix connection" errors easier.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    cf01c32 View commit details
    Browse the repository at this point in the history
  17. soccr: Log offset when failed to restore socket's queued data.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    13c08b8 View commit details
    Browse the repository at this point in the history
  18. soccr: Log name of socket queue that failed to restore.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    dc3f4b5 View commit details
    Browse the repository at this point in the history
  19. log: Remove error logs for ignored or otherwise logged subprocess exits.

    Errors in early restore.log for status=1 from a subprocess are confusing,
    esp. that they don't show what command failed. Since the result is
    either ignored or logged anyway, mark the calls as "can fail".
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    4d67f67 View commit details
    Browse the repository at this point in the history
  20. mount: Demote fsnotify logs for ignored failures.

    Make logs about inaccessible mounts warnings, as the failures are
    normally harmless (e.g. failure to read /dev/cgroup) and don't
    make the CRIU run fail. (If it happens that the fsnotify can't
    find a file, then to debug, full CRIU logs will be necessary anyway.)
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    fb149f7 View commit details
    Browse the repository at this point in the history
  21. irmap: Reduce error log severity to warning.

    These errors originate from the filesystem scanning in irmap.c and are mostly
    benign. Nevertheless, if they do result in a failed irmap lookup, that failed
    lookup is more interesting from an application perspective.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    cf4b225 View commit details
    Browse the repository at this point in the history
  22. kerndat: bind ipv6-socket only if ipv6 is enabled

    Fixes: checkpoint-restore#2222
    Fixes: f1c8d38 ("kerndat: check if setsockopt IPV6_FREEBIND is supported")
    Signed-off-by: Yan Evzman <yevzman@gmail.com>
    Signed-off-by: Andrei Vagin <avagin@google.com>
    yevzman authored and avagin committed Jul 7, 2023
    Configuration menu
    Copy the full SHA
    a4bb3f9 View commit details
    Browse the repository at this point in the history

Commits on Jul 10, 2023

  1. zdtm: replace NR_fstat with NR_statx

    NR_fstat is a deprecated syscall, some
    modern architectures such as riscv and
    loongarch64 no longer support this syscall.
    It is usually replaced by NR_statx.
    
    NR_statx is supported since linux 4.10.
    
    Signed-off-by: znley <shanjiantao@loongson.cn>
    znley authored and avagin committed Jul 10, 2023
    Configuration menu
    Copy the full SHA
    a96aa58 View commit details
    Browse the repository at this point in the history
  2. kerndat: don't leak a socket file descriptor

    kerndat_has_ipv6_freebind creates a socket but doesn't close it.
    
    Signed-off-by: Andrei Vagin <avagin@google.com>
    avagin committed Jul 10, 2023
    Configuration menu
    Copy the full SHA
    935e60d View commit details
    Browse the repository at this point in the history
  3. ci: add workflow to ensure self-contained commits

    Signed-off-by: Prajwal S N <prajwalnadig21@gmail.com>
    snprajwal authored and avagin committed Jul 10, 2023
    Configuration menu
    Copy the full SHA
    2d6f04c View commit details
    Browse the repository at this point in the history

Commits on Jul 19, 2023

  1. include: add common header files for loongarch64

    Signed-off-by: znley <shanjiantao@loongson.cn>
    znley authored and mihalicyn committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    f684719 View commit details
    Browse the repository at this point in the history
  2. compel: add loongarch64 support

    Signed-off-by: znley <shanjiantao@loongson.cn>
    znley authored and mihalicyn committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    52630db View commit details
    Browse the repository at this point in the history
  3. images: add loongarch64 core image

    Signed-off-by: znley <shanjiantao@loongson.cn>
    znley authored and mihalicyn committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    521383d View commit details
    Browse the repository at this point in the history
  4. criu: add loongarch64 support to parasite and restorer

    Signed-off-by: znley <shanjiantao@loongson.cn>
    znley authored and mihalicyn committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    95fbd7e View commit details
    Browse the repository at this point in the history
  5. zdtm: add loongarch64 support

    Signed-off-by: znley <shanjiantao@loongson.cn>
    znley authored and mihalicyn committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    c941282 View commit details
    Browse the repository at this point in the history
  6. ci: add workflow for loongarch64

    Signed-off-by: znley <shanjiantao@loongson.cn>
    znley authored and mihalicyn committed Jul 19, 2023
    Configuration menu
    Copy the full SHA
    f70c782 View commit details
    Browse the repository at this point in the history

Commits on Jul 22, 2023

  1. util: Implement fchown() and fchmod() wrappers.

    Add generic wrappers for fchown() and fchmod() that skip the calls if
    no changes are needed. This will allow to unify places where we can
    avoid errors when no-op requests are not permitted.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    9f69484 View commit details
    Browse the repository at this point in the history
  2. sk-unix: Avoid restore_file_perms() EPERM error for no-op changes.

    Note: This removes the difference in calling convention of
    restore_file_perms() returning -errno that was the only call that did
    this in the caller.
    
    From: Radosław Burny <rburny@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    923e66b View commit details
    Browse the repository at this point in the history
  3. files-reg: Avoid EPERM in ghost_apply_metadata() for no-op changes.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    5f214bc View commit details
    Browse the repository at this point in the history
  4. cgroup: Replace restore_perms() with cr_fchperm().

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    6e23125 View commit details
    Browse the repository at this point in the history
  5. memfd: Avoid EPERM for no-op chown().

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    00d061b View commit details
    Browse the repository at this point in the history
  6. tty: Avoid EPERM for no-op chown().

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    e90fbd7 View commit details
    Browse the repository at this point in the history
  7. restore: Avoid need for CAP_SETPCAP if not changing uids.

    When CRIU is run with the task's credentials on restore, don't set uids
    and gids. This avoids the need to modify the SECURE_NO_SETUID_FIXUP flag
    which requires CAP_SETPCAP.
    
    From: Andy Tucker <agtucker@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    b9f360b View commit details
    Browse the repository at this point in the history
  8. restore: Skip setgroups() when already correct.

    Skip calling setgroups() when the list of auxiliary groups already has
    the values we want.  This allows restoring into an unprivileged user
    namespace where setgroups() is disabled.
    
    From: Ambrose Feinstein <ambrose@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 22, 2023
    Configuration menu
    Copy the full SHA
    53dd6ba View commit details
    Browse the repository at this point in the history

Commits on Jul 26, 2023

  1. restore: Fix capability migration requirements between different kern…

    …els.
    
    When restoring on a kernel that has different number of supported
    capabilities than checkpoint one, check that the extra caps are unset.
    
    There are two directions to consider:
    
    1) dump.cap_last_cap > restore.cap_last_cap
    	- restoring might reduce the processes' capabilities if restored
    	  kernel doesn't support checkpointed caps. Warn.
    
    2) dump.cap_last_cap < restore.cap_last_cap
    	- restoring will fill the extra caps with zeroes. No changes.
    
    Note: `last_cap` might change without affecting `n_words`.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Jul 26, 2023
    Configuration menu
    Copy the full SHA
    ff67ad8 View commit details
    Browse the repository at this point in the history

Commits on Jul 27, 2023

  1. prctl: Migrate prctl(NO_NEW_PRIVS) setting.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe committed Jul 27, 2023
    Configuration menu
    Copy the full SHA
    6bad5d2 View commit details
    Browse the repository at this point in the history
  2. prctl: test prctl(NO_NEW_PRIVS) setting

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe committed Jul 27, 2023
    Configuration menu
    Copy the full SHA
    d490218 View commit details
    Browse the repository at this point in the history
  3. restore: Skip dropping BSET capability if irrelevant.

    prctl(NO_NEW_PRIVS) when set prevents child processes gaining
    capabilities not in permitted set. In this case, inability to
    clear capability from BSET that is not in the permitted set is
    harmless.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe committed Jul 27, 2023
    Configuration menu
    Copy the full SHA
    988a5f4 View commit details
    Browse the repository at this point in the history

Commits on Aug 1, 2023

  1. sk-inet: Extend 'TCP repair off' failure log.

    Include the file descriptor and error code in the debug message to make
    it more useful.
    
    Fixes: e7ba909 (2016-03-14 "cr-check: Inspect errno on syscall failures")
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    cc500d9 View commit details
    Browse the repository at this point in the history
  2. memfd: dump and restore permissions.

    memfd is created by default with +x permissions set. This can be changed
    by a process using fchmod() and expected to prevent using this fd for
    exec(). Migrate the permissions.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    f2d9672 View commit details
    Browse the repository at this point in the history
  3. zdtm/memfd00: test memfd file mode

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 1, 2023
    Configuration menu
    Copy the full SHA
    88249fe View commit details
    Browse the repository at this point in the history

Commits on Aug 3, 2023

  1. apparmor: fix incorrect usage of sizeof on char ptr

    In criu/apparmor.c: write_aa_policy(), the arg path is passed as a char
    pointer. The original code used sizeof(path) to get the size of it,
    which is incorrect as it always return the size of the char pointer
    (typically 8 or 4), not the actual capacity of the char array.
    
    Given that this function is only invoked with path declared as `char
    path[PATH_MAX]`, replacing sizeof(path) with PATH_MAX should correctly
    represent the maximum size of it.
    
    Fixes: 8723e3f ("check: add a feature test for apparmor_stacking")
    
    Signed-off-by: Haorong Lu <ancientmodern4@gmail.com>
    ancientmodern authored and avagin committed Aug 3, 2023
    Configuration menu
    Copy the full SHA
    9118601 View commit details
    Browse the repository at this point in the history

Commits on Aug 4, 2023

  1. page-xfer: Pull tcp_cork,nodelay().

    Move tcp_cork() and tcp_nodelay() to the only user: page-xfer.c. While
    at it, fix error messages (as they do not refer to restoring the sockopt
    values) and demote them as they are not fatal to the page transfer.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 4, 2023
    Configuration menu
    Copy the full SHA
    1db922f View commit details
    Browse the repository at this point in the history
  2. irmap: scan user-provided paths in order

    Make the scan use the order of paths that came from the user.
    
    Fixes: 4f2e4ab ("irmap: add --irmap-scan-path option"; 2015-09-16)
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 4, 2023
    Configuration menu
    Copy the full SHA
    72494ed View commit details
    Browse the repository at this point in the history

Commits on Aug 7, 2023

  1. amdgpu_plugin: remove duplicated log prefix

    The log prefix "amdgpu_plugin:" is defined with `LOG_PREFIX` in
    `amdgpu_plugin.c`.  However, the prefix is also included in each
    log message. As a result it appears duplicated in the log messages:
    
    (00.044324) amdgpu_plugin: amdgpu_plugin: devices:1 bos:58 objects:148 priv_data:45696
    (00.045376) amdgpu_plugin: amdgpu_plugin: Thread[0x5589] started
    (00.167172) amdgpu_plugin: amdgpu_plugin: img_path = amdgpu-kfd-62.img
    (00.083739) amdgpu_plugin: amdgpu_plugin : amdgpu_plugin_dump_file() called for fd = 235
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Aug 7, 2023
    Configuration menu
    Copy the full SHA
    242de4e View commit details
    Browse the repository at this point in the history

Commits on Aug 8, 2023

  1. scripts/apt: don't hide apt output

    It is required to investigate issues.
    
    Signed-off-by: Andrei Vagin <avagin@google.com>
    avagin committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    6fc5bc6 View commit details
    Browse the repository at this point in the history
  2. ci/docker: install all required packages

    This change fixes the issue:
    ```
    The following packages have unmet dependencies:
     docker-ce : Depends: containerd.io (>= 1.6.4)
    E: Unable to correct problems, you have held broken packages.
    ```
    
    Signed-off-by: Andrei Vagin <avagin@google.com>
    avagin committed Aug 8, 2023
    Configuration menu
    Copy the full SHA
    2199220 View commit details
    Browse the repository at this point in the history

Commits on Aug 18, 2023

  1. lib/py: add VMA_AREA_MEMFD constant

    The VMA_AREA_MEMFD constant was introduced with commit
    
    29a1a88
    memfd: add memory mapping support
    
    This patch extends the status map used in CRIT and coredump with the
    value of this constant to recognize it.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Aug 18, 2023
    Configuration menu
    Copy the full SHA
    e1cda9f View commit details
    Browse the repository at this point in the history

Commits on Aug 21, 2023

  1. loongarch64: reformat syscall_64.tbl for 8-wide tabs

    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Aug 21, 2023
    1 Configuration menu
    Copy the full SHA
    288d6a6 View commit details
    Browse the repository at this point in the history
  2. dump+restore: Implement membarrier() registration c/r.

    Note: Silently drops MEMBARRIER_CMD_REGISTER_GLOBAL_EXPEDITED as it's
    not currently detectable. This is still better than silently dropping
    all membarrier() registrations.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 21, 2023
    1 Configuration menu
    Copy the full SHA
    2f50da4 View commit details
    Browse the repository at this point in the history
  3. zdtm: membarrier: test migration of membarrier() registration

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 21, 2023
    Configuration menu
    Copy the full SHA
    b5c3ccc View commit details
    Browse the repository at this point in the history
  4. Put a cap on the size of single preadv in restore operation.

    While each preadv() is followed by a fallocate() that removes the data
    range from image files on tmpfs, temporarily (between preadv() and
    fallocate()) the same data is in two places; this increases the memory
    overhead of restore operation by the size of a single preadv.
    Uncapped preadv() would read up to 2 GiB of data, thus we limit that to
    a smaller block size (128 MiB).
    
    Based-on-work-by: Paweł Stradomski <pstradomski@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 21, 2023
    Configuration menu
    Copy the full SHA
    5fedcaa View commit details
    Browse the repository at this point in the history

Commits on Aug 24, 2023

  1. github: auto-remove changes requested and awaiting reply labels

    Labels are removed when new comments are posted.
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    649292c View commit details
    Browse the repository at this point in the history
  2. loongarch64: fix syscall_64.tbl

    The 288d6a6 change broke all the syscall numbers.
    
    Reported-by: Michał Mirosław <emmir@google.com>
    Fixes: (288d6a6 "loongarch64: reformat syscall_64.tbl for 8-wide tabs")
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    942b5fd View commit details
    Browse the repository at this point in the history
  3. memfd: don't set fd attributes not needed for vma mapping

    There is only one user of memfd_open() outside of memfd.c: open_filemap().
    It is restoring a file-backed mapping and doesn't need nor expect to
    update F_SETOWN nor the fd's position.  Check the inherited_fd() handling
    in the callers to simplify the code.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 24, 2023
    Configuration menu
    Copy the full SHA
    359b257 View commit details
    Browse the repository at this point in the history

Commits on Aug 25, 2023

  1. ci/loongarch64: compile tests before running zdtm.py

    Otherwise tests fail by timeout.
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    675c5e4 View commit details
    Browse the repository at this point in the history
  2. kerndat: Make pagemap check more robust against swapped out pages.

    Fix test of whether the kernel exposes page frame numbers to cope with the
    possibility that the top of the stack is swapped out, which was happening
    in about one 1 out of 3 million runs.  This lead to a later failure when
    trying to read the PFN of the zero page, after which criu would exit with
    no error message.
    
    Original-From: Ambrose Feinstein <ambrose@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    af31e8e View commit details
    Browse the repository at this point in the history
  3. compel/infect: include the relevant pid in "no-breakpoints restore" d…

    …ebug message
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    38baf73 View commit details
    Browse the repository at this point in the history
  4. proc_parse: remove trivial goto from vma_get_mapfile_user()

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    ba27d27 View commit details
    Browse the repository at this point in the history
  5. test/other: add test for action-script

    This commit is introducing a test for the action-script functionality
    of CRIU to verify that pre-dump, post-dump, pre-restore, pre-resume,
    post-restore, post-resume hooks are executed during dump/restore.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Aug 25, 2023
    Configuration menu
    Copy the full SHA
    2df6ec5 View commit details
    Browse the repository at this point in the history

Commits on Aug 28, 2023

  1. proc_parse: Log smaps entry while dumping VMA.

    Help debugging problems with restoring custom VMAs.
    
    From: Michał Cłapiński <mclapinski@google.com>
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe committed Aug 28, 2023
    Configuration menu
    Copy the full SHA
    92b96a5 View commit details
    Browse the repository at this point in the history
  2. kerndat: Make errors from clone3() check more precise.

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe committed Aug 28, 2023
    Configuration menu
    Copy the full SHA
    a04fac5 View commit details
    Browse the repository at this point in the history
  3. kerndat: check_pagemap: close(fd) on error path

    Plug a fd leak when returning error from check_pagemap().
    (Cosmetic, as the process will exit soon anyway.)
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 28, 2023
    Configuration menu
    Copy the full SHA
    d0f88ff View commit details
    Browse the repository at this point in the history
  4. kerndat: check_pagemap: reword retried case explanation

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 28, 2023
    Configuration menu
    Copy the full SHA
    6d0e785 View commit details
    Browse the repository at this point in the history

Commits on Aug 29, 2023

  1. memfd: return original memfd fd for execveat()

    If there is only a single RW opened fd for a memfd, it can be used
    to pass it to execveat() with AT_EMPTY_PATH to have its contents
    executed.  This currently works only for the original fd from
    memfd_create().  For now we ignore processes that reopen the memfd's
    rw and expect a particular executability trait of it.  (Note: for
    security purposes recent kernels have SEAL_EXEC to make memfds
    non-executable.)
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    e0d13ef View commit details
    Browse the repository at this point in the history
  2. zdtm: test execveat(memfd)

    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Aug 29, 2023
    Configuration menu
    Copy the full SHA
    a652c68 View commit details
    Browse the repository at this point in the history

Commits on Aug 31, 2023

  1. CONTRIBUTING.md: don't mention ctags

    Ctags is mentioned in the beginning of the "Edit the source code" which
    is really confusing: Do you need ctags to edit CRIU code? - No. It is
    just one helpful tool to browse the code, and we do not want to enforce
    it. So, what is it doing in contribution guide? People who really need
    it should be able to find it in Makefile or just write oneliner of their
    own to collect tags...
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Snorch authored and avagin committed Aug 31, 2023
    Configuration menu
    Copy the full SHA
    959a32d View commit details
    Browse the repository at this point in the history
  2. CONTRIBUTING.md: improve coding-style related sections

    This is highlight that code readability is the real goal of all the
    coding-style rules. We should not do coding-style just for coding-style,
    e.g. when clang-format suggests crazy formating we should not follow it
    if we feel it is bad.
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Snorch authored and avagin committed Aug 31, 2023
    Configuration menu
    Copy the full SHA
    75146b0 View commit details
    Browse the repository at this point in the history
  3. lint: don't fail workflow on indent fail

    There are multiple cases where good human readable code block is
    converted to an unreadable mess by clang-format, so we don't want to
    rely on clang-format completely. Also there is no way, as far as I can
    see, to make clang-format only fix what we want it to fix without
    breaking something.
    
    So let's just display hints inline where clang-format is unhappy. When
    reviewer sees such a warning it's a good sign that something is broken
    in coding-style around this warning.
    
    We add special script which parses diff generated by indent and
    generates warning for each hunk.
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Snorch authored and avagin committed Aug 31, 2023
    Configuration menu
    Copy the full SHA
    03541c0 View commit details
    Browse the repository at this point in the history

Commits on Sep 4, 2023

  1. vagrant: update to version 2.3.7

    This patch also updated the download URL format
    
    from
        https://releases.hashicorp.com/vagrant/2.3.7/vagrant_2.3.7_x86_64.deb
    
    to
        https://releases.hashicorp.com/vagrant/2.3.7/vagrant_2.3.7-1_amd64.deb
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    1df618a View commit details
    Browse the repository at this point in the history
  2. vagrant: run tests with fedora 38

    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Sep 4, 2023
    Configuration menu
    Copy the full SHA
    82bfb67 View commit details
    Browse the repository at this point in the history

Commits on Sep 14, 2023

  1. dump: use MEMBARRIER_CMD_GET_REGISTRATIONS when available

    MEMBARRIER_CMD_GET_REGISTRATIONS can tell us whether or not the process used
    MEMBARRIER_CMD_REGISTER_GLOBAL_EXPEDITED unlike the old probing method.
    
    Falls back to the old method when MEMBARRIER_CMD_GET_REGISTRATIONS is
    unavailable.
    
    Signed-off-by: Michal Clapinski <mclapinski@google.com>
    mclapinski authored and avagin committed Sep 14, 2023
    Configuration menu
    Copy the full SHA
    4b7287b View commit details
    Browse the repository at this point in the history
  2. zdtm: test MEMBARRIER_CMD_GLOBAL_EXPEDITED migration

    Check membarrier registration both ways:
    1. By issuing membarrier commands and checking if they succeed.
    2. By issuing MEMBARRIER_CMD_GET_REGISTRATIONS.
    
    The first way is needed for older kernels. The second way is needed to test
    MEMBARRIER_CMD_GLOBAL_EXPEDITED.
    
    Signed-off-by: Michal Clapinski <mclapinski@google.com>
    mclapinski authored and avagin committed Sep 14, 2023
    Configuration menu
    Copy the full SHA
    d752479 View commit details
    Browse the repository at this point in the history
  3. criu/plugin: Add environment variable to cap size of buffers.

    The amdgpu plugin would create a memory buffer at the size
    of the largest VRAM bo (buffer object). On some systems, VRAM
    size exceeds RAM size, so the largest bo might be larger than
    the available memory.
    
    Add an environment variable KFD_MAX_BUFFER_SIZE, which caps the
    size of this buffer. By default, it is set to 0, and has no
    effect. When active, any bo larger than its value will be
    saved to/restored from file in multiple passes.
    
    Signed-off-by: David Francis <David.Francis@amd.com>
    fdavid-amd authored and avagin committed Sep 14, 2023
    Configuration menu
    Copy the full SHA
    f043f53 View commit details
    Browse the repository at this point in the history

Commits on Sep 20, 2023

  1. compel: Add support for ppc64le scv syscalls

    Power ISA 3.0 added a new syscall instruction. Kernel 5.9 added
    corresponding support.
    
    Add CRIU support to recognize the new instruction and kernel ABI changes
    to properly dump and restore threads executing in syscalls. Without this
    change threads executing in syscalls using the scv instruction will not
    be restored to re-execute the syscall, they will be restored to execute
    the following instruction and will return unexpected error codes
    (ERESTARTSYS, etc) to user code.
    
    Signed-off-by: Younes Manton <ymanton@ca.ibm.com>
    ymanton authored and avagin committed Sep 20, 2023
    Configuration menu
    Copy the full SHA
    4766ffa View commit details
    Browse the repository at this point in the history

Commits on Sep 22, 2023

  1. lib/pycriu: generate version.py

    The version of CRIU is specified in the Makefile.versions file.
    This patch generates '__varion__' value for the pycriu module.
    This value can be used by crit to implement `--version`.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    4ae1518 View commit details
    Browse the repository at this point in the history
  2. crit/setup.py: use __version__ from pycriu

    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    b8b2fe6 View commit details
    Browse the repository at this point in the history
  3. py/cli: add --version option

    This patch implements the '--version' for the crit tool.
    
    $ crit --version
    3.17
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Sep 22, 2023
    Configuration menu
    Copy the full SHA
    150eecc View commit details
    Browse the repository at this point in the history

Commits on Sep 25, 2023

  1. ci: stop testing ubuntu overlayfs

    They break it with each kernel rebase. More details are here:
    https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1857257
    
    Last time, it was fixed a few month ago and it has been broken again in
    5.15.0-1046-azure.
    
    Let's bind-mount the CRIU directory into a test container to make it
    independent of a container file system.
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Sep 25, 2023
    Configuration menu
    Copy the full SHA
    5e37ccf View commit details
    Browse the repository at this point in the history

Commits on Sep 26, 2023

  1. zdtm: If ignoring kernel taint, also ignore taint changes.

    At least in Google's VM environment, the kernel taints are unrelated to CRIU
    runs.  Don't fail tests if taints change, if kernel taints are ignored.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Sep 26, 2023
    Configuration menu
    Copy the full SHA
    1a6c015 View commit details
    Browse the repository at this point in the history
  2. zdtm: cgroup04: Improve error messages.

    Make the errno values reported by cgroup04 always correct and showing
    relevant parameters.
    Constify constant strings, while at it.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Sep 26, 2023
    Configuration menu
    Copy the full SHA
    f74140c View commit details
    Browse the repository at this point in the history
  3. zdtm: cgroup04: Improve skip check's robustness.

    cgroup04 test needs full control over mem and devices cgroup hierarchies.
    Make the test's .checkskip script better at detecting if the cgroups are
    available for use.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Sep 26, 2023
    Configuration menu
    Copy the full SHA
    66369f9 View commit details
    Browse the repository at this point in the history
  4. zdtm: Treat ESRCH from kill() as success.

    This fixes a failure to clean up after a failed test, where CRIU didn't start properly.
    
    ```
    ===================== Run zdtm/transition/socket-tcp in h ======================
    Start test
    ./socket-tcp --pidfile=socket-tcp.pid --outfile=socket-tcp.out
    Traceback (most recent call last):
      File ".../zdtm_py.py", line 1906, in do_run_test
        cr(cr_api, t, opts)
      File ".../zdtm_py.py", line 1584, in cr
        cr_api.dump("dump")
      File ".../zdtm_py.py", line 1386, in dump
        self.__dump_process = self.__criu_act(action,
      File ".../zdtm_py.py", line 1224, in __criu_act
        raise test_fail_exc("CRIU %s" % action)
    test_fail_exc: CRIU dump
    
    During handling of the above exception, another exception occurred:
    
    Traceback (most recent call last):
      File "<embedded module '_launcher'>", line 182, in run_filename_from_loader_as_main
      File "<embedded module '_launcher'>", line 34, in _run_code_in_main
      File ".../zdtm_py.py", line 2790, in <module>
        fork_zdtm()
      File ".../zdtm_py.py", line 2782, in fork_zdtm
        do_run_test(tinfo[0], tinfo[1], tinfo[2], tinfo[3])
      File ".../zdtm_py.py", line 1922, in do_run_test
        t.kill()
      File ".../zdtm_py.py", line 509, in kill
        os.kill(int(self.__pid), sig)
    ProcessLookupError: [Errno 3] No such process
    ```
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Sep 26, 2023
    Configuration menu
    Copy the full SHA
    87c42d5 View commit details
    Browse the repository at this point in the history
  5. zdtm: socket_udp_shutdown: Make the test fail instead of timing out.

    When -- after restore -- sockets can't communicate, the test times out
    while waiting on recvfrom(). Since the communication is local, send()
    works instantaneously - so mark sockets with SOCK_NONBLOCK and report
    failure if the message is not received immediately.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Sep 26, 2023
    Configuration menu
    Copy the full SHA
    a056519 View commit details
    Browse the repository at this point in the history

Commits on Sep 27, 2023

  1. zdtm: check userns once

    All test logs are flooded with the "userns is supported" messages...
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Sep 27, 2023
    Configuration menu
    Copy the full SHA
    8b5f3af View commit details
    Browse the repository at this point in the history

Commits on Sep 28, 2023

  1. Return page size as unsigned long

    Currently page_size() returns unsigned int value that is after "bitwise
    not" is promoted to unsigned long value e.g. in uffd.c
    handle_page_fault. Since the value is unsigned promotion is done with 0
    MSB that results in lost of MSB pagefault address bits. So make
    page_size to return  unsigned long to avoid such situation.
    
    Signed-off-by: Vladislav Khmelevsky <och95@yandex.ru>
    yota9 authored and avagin committed Sep 28, 2023
    Configuration menu
    Copy the full SHA
    1e4f5fb View commit details
    Browse the repository at this point in the history

Commits on Sep 29, 2023

  1. vma: Add !VVAR condition to vma_entry_can_be_lazy

    Currently most of the times we don't have problems with VVAR segment and
    lazy restore because when VDSO is parked there is an munmap call that
    calls UFFDIO_UNREGISTER on the destination address.
    But we don't want to enable userfaultfd for VDSO and VVAR at the first
    place.
    yota9 authored and avagin committed Sep 29, 2023
    Configuration menu
    Copy the full SHA
    4f0c07f View commit details
    Browse the repository at this point in the history
  2. criu: change the comment about magic numbers

    Signed-off-by: Michal Clapinski <mclapinski@google.com>
    mclapinski authored and avagin committed Sep 29, 2023
    Configuration menu
    Copy the full SHA
    5de9040 View commit details
    Browse the repository at this point in the history

Commits on Oct 5, 2023

  1. plugins: the UPDATE_VMA_MAP callback returns fd with the full control

    It means CRIU has to close it when it is not needed.
    
    It looks more logically correct and matches the behaviour of
    the RESTORE_EXT_FILE callback.
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    f832d87 View commit details
    Browse the repository at this point in the history
  2. amdgpu: don't leak fd on an error path in open_img_file

    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    25f685e View commit details
    Browse the repository at this point in the history
  3. amdgpu: print an error if the dup syscall fails

    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    01d559d View commit details
    Browse the repository at this point in the history
  4. ci: enable build with amdgpu plugin

    This patch adds the `libdrm-dev` package to the list of CRIU
    dependencies installed in CI to build CRIU with amdgpu plugin.
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    f593257 View commit details
    Browse the repository at this point in the history
  5. amdgpu: fix clang warnings

    amdgpu_plugin.c:930:6: error: variable 'buffer' is used uninitialized whenever 'if' condition is true [-Werror,-Wsometimes-uninitialized]
            if (ret) {
                ^~~
    amdgpu_plugin.c:988:8: note: uninitialized use occurs here
            xfree(buffer);
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    2ff90f0 View commit details
    Browse the repository at this point in the history
  6. memfd: don't reopen file descriptors for memory mappings

    One memfd can be shared by a few restored files. Only of these files is
    restored with a file created with memfd_open. Others are restored by reopening
    memfd files via /proc/self/fd/.
    
    It seems unnecessary for restoring memfd memory mappings. We can always use the
    origin file.
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    f54cf19 View commit details
    Browse the repository at this point in the history
  7. zdtm/memfd04: check execveat on memfd that has memory mappings

    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Oct 5, 2023
    Configuration menu
    Copy the full SHA
    c20fb83 View commit details
    Browse the repository at this point in the history

Commits on Oct 6, 2023

  1. clang-format: disable column limit constraint

    The "ColumnLimit: 120" is not only allowing lines to be longer than 80
    characters but it also forces line wrapping at 120 characters. If total
    expression length is more than 120 characters, clang-format will try to
    wrap it as close to 120 as it can, it would not even allow to wrap at 80
    characters if we really want it. But as we all know 80 characters is
    Linux kernel coding style default and as far as our coding style is
    based on it it is really strange to prohibit wrapping lines at 80
    characters...
    
    Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
    Snorch authored and avagin committed Oct 6, 2023
    Configuration menu
    Copy the full SHA
    5bf7652 View commit details
    Browse the repository at this point in the history

Commits on Oct 7, 2023

  1. pie: Mark __export_*() functions as externally_visible

    GCC's lto source:
    > To avoid this problem the compiler must assume that it sees the
    > whole program when doing link-time optimization.  Strictly
    > speaking, the whole program is rarely visible even at link-time.
    > Standard system libraries are usually linked dynamically or not
    > provided with the link-time information.  In GCC, the whole
    > program option (@option{-fwhole-program}) asserts that every
    > function and variable defined in the current compilation
    > unit is static, except for function @code{main} (note: at
    > link time, the current unit is the union of all objects compiled
    > with LTO).  Since some functions and variables need to
    > be referenced externally, for example by another DSO or from an
    > assembler file, GCC also provides the function and variable
    > attribute @code{externally_visible} which can be used to disable
    > the effect of @option{-fwhole-program} on a specific symbol.
    
    As far as I read gcc's source, ipa_comdats() will avoid placing symbols
    that are either already in a user-defined section or have
    externally_visible attribute into new optimized gcc sections.
    
    Signed-off-by: Dmitry Safonov <dima@arista.com>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    0x7f454c46 authored and avagin committed Oct 7, 2023
    Configuration menu
    Copy the full SHA
    e3391ed View commit details
    Browse the repository at this point in the history
  2. util: allow to run criu under strace

    fork_and_ptrace_attach has to fork a child with CLONE_UNTRACED,
    so that strace doesn't trace it.
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Oct 7, 2023
    Configuration menu
    Copy the full SHA
    24e2492 View commit details
    Browse the repository at this point in the history

Commits on Oct 8, 2023

  1. tun: don't parse buffers that have not been filled with data

    read_ns_sys_file() can return an error, but we are trying to parse a
    buffer before checking a return code.
    
    CID 417395 (checkpoint-restore#3 of 3): String not null terminated (STRING_NULL)
    2. string_null: Passing unterminated string buf to strtol, which expects
       a null-terminated string.
    
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Oct 8, 2023
    Configuration menu
    Copy the full SHA
    4e5247a View commit details
    Browse the repository at this point in the history
  2. apparmor: remove the redundant check

    This check is redundant as line 201 checks for this condition.
    
    Signed-off-by: Taemin Ha <taeminha@cs.utexas.edu>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    Taemin Ha authored and avagin committed Oct 8, 2023
    Configuration menu
    Copy the full SHA
    3015aad View commit details
    Browse the repository at this point in the history
  3. arch/x86: remove the redundant check

    The is_native field is a boolean. Therefore, else if() should can be
    changed to a simple else{}.
    
    Signed-off-by: Taemin Ha <taeminha@cs.utexas.edu>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    Taemin Ha authored and avagin committed Oct 8, 2023
    Configuration menu
    Copy the full SHA
    9e05b65 View commit details
    Browse the repository at this point in the history
  4. zdtm/cow00: fix typo

    The condition meant to check fd2 instead of fd1, which is checked in
    line 24.
    
    Signed-off-by: Taemin Ha <taeminha@cs.utexas.edu>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    Taemin Ha authored and avagin committed Oct 8, 2023
    Configuration menu
    Copy the full SHA
    06a3f13 View commit details
    Browse the repository at this point in the history
  5. zdtm/thread_different_uid_gid: remove the redundant check

    line 131 checks if (ret >= 0). line 133 could be replaced by a simple else statement
    
    Signed-off-by: Taemin Ha <taeminha@cs.utexas.edu>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    Taemin Ha authored and avagin committed Oct 8, 2023
    Configuration menu
    Copy the full SHA
    c03c737 View commit details
    Browse the repository at this point in the history
  6. criu/proc_parse: refactor the eventpoll parser

    Eventpollentry's fields are set only when ret == 3 or ret == 6. The
    remaining cases can be grouped together to an error
    
    Signed-off-by: Taemin Ha <taemin.ha@utexas.edu>
    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    Taemin Ha authored and avagin committed Oct 8, 2023
    Configuration menu
    Copy the full SHA
    ab73a84 View commit details
    Browse the repository at this point in the history

Commits on Oct 12, 2023

  1. files-reg: don't change the file pos in get_build_id

    At this point the correct position is already restored, so reading from
    the fd results in the position being moved forward by 5 bytes.
    
    Fixes: 9191f87 ("criu/files-reg.c: add build-id validation functionality")
    Signed-off-by: Michal Clapinski <mclapinski@google.com>
    mclapinski authored and avagin committed Oct 12, 2023
    Configuration menu
    Copy the full SHA
    811a380 View commit details
    Browse the repository at this point in the history
  2. zdtm/lib: add missing signal.h header

    Signed-off-by: Michal Clapinski <mclapinski@google.com>
    mclapinski authored and avagin committed Oct 12, 2023
    Configuration menu
    Copy the full SHA
    d9ca0c7 View commit details
    Browse the repository at this point in the history
  3. zdtm/static: test the offset migration of ELF files

    Signed-off-by: Michal Clapinski <mclapinski@google.com>
    mclapinski authored and avagin committed Oct 12, 2023
    Configuration menu
    Copy the full SHA
    42c1c84 View commit details
    Browse the repository at this point in the history

Commits on Oct 13, 2023

  1. zdtm: cgroup_ifpriomap: Improve skip check's robustness.

    cgroup_ifpriomap test needs net_prio cgroup, which might not be
    available. Make the .checkskip script check it.
    
    Signed-off-by: Michał Mirosław <emmir@google.com>
    osctobe authored and avagin committed Oct 13, 2023
    Configuration menu
    Copy the full SHA
    711775f View commit details
    Browse the repository at this point in the history

Commits on Oct 17, 2023

  1. lib: use separate packages for pycriu and crit

    Newer versions of pip use an isolated virtual environment when building
    Python projects. However, when the source code of CRIT is copied into
    the isolated environment, the symlink for `../lib/py` (pycriu) becomes
    invalid. As a workaround, we used the `--no-build-isolation` option for
    `pip install`. However, this functionality has issues in some versions
    of PIP [1, 2]. To fix this problem, this patch adds separate packages
    for pycriu and crit, and each package is installed independently.
    
    [1] pypa/pip#8221
    [2] pypa/pip#8165 (comment)
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Oct 17, 2023
    Configuration menu
    Copy the full SHA
    df24fe8 View commit details
    Browse the repository at this point in the history

Commits on Oct 22, 2023

  1. Makefile: introduce ARCHCFLAGS for arch specific cflags

    Do not use $(USERCFLAGS) for anything other than what the user provide.
    
    Signed-off-by: Marcus Folkesson <marcus.folkesson@gmail.com>
    marcusfolkesson authored and avagin committed Oct 22, 2023
    Configuration menu
    Copy the full SHA
    c474816 View commit details
    Browse the repository at this point in the history

Commits on Nov 28, 2023

  1. comple: correct the syscall number of bind on ARM64

    In the compel/arch/arm/plugins/std/syscalls/syscall.def, the syscall number of bind on ARM64 should be 200 instead of 235
    
    Signed-off-by: Sally Kang <snapekang@gmail.com>
    SallyKAN authored and avagin committed Nov 28, 2023
    Configuration menu
    Copy the full SHA
    d88dcef View commit details
    Browse the repository at this point in the history

Commits on Nov 29, 2023

  1. ci: fix rawhide netlink error

    The rawhide netlink errors are fixed with a newer kernel than the
    default 6.2 available in Fedora 38.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    5e56756 View commit details
    Browse the repository at this point in the history
  2. test: check for btrfs in the current directory

    The old test was checking if '/' is btrfs but we should check if the
    current directory is btrfs.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    4213f16 View commit details
    Browse the repository at this point in the history
  3. ci: switch to permissive selinux mode during test

    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber committed Nov 29, 2023
    Configuration menu
    Copy the full SHA
    9d3e71a View commit details
    Browse the repository at this point in the history

Commits on Nov 30, 2023

  1. ci: fix codespell errors

    Signed-off-by: Andrei Vagin <avagin@gmail.com>
    avagin committed Nov 30, 2023
    Configuration menu
    Copy the full SHA
    b17a73b View commit details
    Browse the repository at this point in the history

Commits on Dec 6, 2023

  1. docker-test: fix condition for max tries

    Replace a recursive call with a loop.
    
    Reported-by: Andrei Vagin <avagin@gmail.com>
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Dec 6, 2023
    Configuration menu
    Copy the full SHA
    95975e0 View commit details
    Browse the repository at this point in the history
  2. docker-test: downgrade docker to v24.0.7

    Checkpoint/restore with version 25.0.0-beta.1 fails
    with the following error:
    
    $ docker start --checkpoint=c1 cr
    Error response from daemon: failed to create task for container: content digest fdb1054b00a8c07f08574ce52198c5501d1f552b6a5fb46105c688c70a9acb45: not found: unknown
    
    Release notes:
    moby/moby#46816
    
    Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
    rst0git authored and avagin committed Dec 6, 2023
    Configuration menu
    Copy the full SHA
    0da1ab2 View commit details
    Browse the repository at this point in the history

Commits on Dec 8, 2023

  1. Makefile: Use common warnings settings for loongarch64

    WARNINGS variable should be amended, not redefined.
    We still need, e.g.,  `-Wno-dangling-pointer` to build
    criu on loongarch64 with gcc13.
    
    Signed-off-by: Ivan A. Melnikov <iv@altlinux.org>
    iv-m authored and avagin committed Dec 8, 2023
    Configuration menu
    Copy the full SHA
    378da3b View commit details
    Browse the repository at this point in the history

Commits on Dec 11, 2023

  1. tty: skip ioctl(TIOCSLCKTRMIOS) if possible

    If ioctl(TIOCSLCKTRMIOS) fails with EPERM it means that a CRIU
    process lacks of CAP_SYS_ADMIN capability. But we can use
    ioctl(TIOCGLCKTRMIOS) to *read* current ->termios_locked
    value from the kernel and if it's the same as we already have
    we can skip failing ioctl(TIOCSLCKTRMIOS) safely.
    
    Adrian has recently posted [1] a very good patch to allow ioctl(TIOCSLCKTRMIOS)
    for processes that have CAP_CHECKPOINT_RESTORE (right now it requires CAP_SYS_ADMIN).
    
    [1] https://lore.kernel.org/all/20231206134340.7093-1-areber@redhat.com/
    
    Suggested-by: Andrei Vagin <avagin@gmail.com>
    Signed-off-by: Alexander Mikhalitsyn <aleksandr.mikhalitsyn@canonical.com>
    mihalicyn authored and avagin committed Dec 11, 2023
    Configuration menu
    Copy the full SHA
    dc49eb4 View commit details
    Browse the repository at this point in the history
  2. ci: do not use 'tail' for skip-file-rwx-check test

    Newer versions of 'tail' rely on inotify and after a restore 'tail' is
    unhappy with the state of inotify and just stops.
    
    This replaces 'tail' with a minimal shell based test (thanks Andrei).
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Dec 11, 2023
    Configuration menu
    Copy the full SHA
    1573064 View commit details
    Browse the repository at this point in the history
  3. ci: fix centos-stream 9 ci errors

    The image has a too old version of nettle which does not work with gnutls.
    Just upgrade to the latest to make the error go away.
    
    Signed-off-by: Adrian Reber <areber@redhat.com>
    adrianreber authored and avagin committed Dec 11, 2023
    Configuration menu
    Copy the full SHA
    561f845 View commit details
    Browse the repository at this point in the history

Commits on Dec 16, 2023

  1. images: protobuf definitions for memfd_secret

    Adds protobuf definitions needed to checkpoint and restore
    memfd_secret fd.
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura committed Dec 16, 2023
    Configuration menu
    Copy the full SHA
    137bf63 View commit details
    Browse the repository at this point in the history
  2. memfd_secret: save secretmem stat

    Adds support to save secretmem page stats when C/R a memfd_secret
    fd containing process.
    
    Updates images/stats.proto to add statistics about C/R
    memfd_secret fd.
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura committed Dec 16, 2023
    Configuration menu
    Copy the full SHA
    4ca4628 View commit details
    Browse the repository at this point in the history
  3. memfd_secret: add memfd_secret file support

    See "man 2 memfd_secret".
    
    Fixes: checkpoint-restore#2188
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura committed Dec 16, 2023
    Configuration menu
    Copy the full SHA
    11291df View commit details
    Browse the repository at this point in the history
  4. zdtm: update check_pages_counts() to support memfd_secret dump stats

    These changes update `check_pages_counts()` to support
    `secmempages_written` stat.
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura committed Dec 16, 2023
    Configuration menu
    Copy the full SHA
    b32867f View commit details
    Browse the repository at this point in the history
  5. zdtm: add test for memfd_secret

    Adds a zdtm test to test checkpoint/restore a memfd_secret fd
    containing process.
    
    Signed-off-by: Dhanuka Warusadura <csx@tuta.io>
    warusadura committed Dec 16, 2023
    Configuration menu
    Copy the full SHA
    b20cf07 View commit details
    Browse the repository at this point in the history