We only use the last pid from the list in NSpid entry (from
/proc/<pid>/fdinfo/<pidfd>) while restoring pidfds.
The last pid refers to the pid of the process in the most deeply nested
pid namespace. Since CRIU does not currently support nested pid
namespaces, this entry is the one we want.
After Linux 6.9, inode numbers can be used to compare pidfds. pidfds
referring to the same process will have the same inode numbers. We use
inode numbers to restore pidfds that point to dead processes.
Signed-off-by: Bhavik Sachdev <b.sachdev1904@gmail.com>
This changes the license of all files in the images/ directory from
GPLv2 to the Expat license (so-called MIT).
According to git the files have been authored by:
Abhishek Dubey
Adrian Reber
Alexander Mikhalitsyn
Alice Frosi
Andrei Vagin (Andrew Vagin, Andrey Vagin)
Cyrill Gorcunov
Dengguangxing
Dmitry Safonov
Guoyun Sun
Kirill Tkhai
Kir Kolyshkin
Laurent Dufour
Michael Holzheu
Michał Cłapiński
Mike Rapoport
Nicolas Viennot
Nikita Spiridonov
Pavel Emelianov (Pavel Emelyanov)
Pavel Tikhomirov
Radostin Stoyanov
rbruno@gsd.inesc-id.pt
Sebastian Pipping
Stanislav Kinsburskiy
Tycho Andersen
Valeriy Vdovin
The Expat license (so-called MIT) can be found here:
https://opensource.org/licenses/MIT
According to that link the correct SPDX short identifier is 'MIT'.
https://spdx.org/licenses/MIT.html
Signed-off-by: Adrian Reber <areber@redhat.com>
This commit adds protobuf definitions needed to checkpoint and
restore BPF map files along with the data they contain
Source files added:
* bpfmap-file.proto - Stores the meta-data about BPF maps
* bpfmap-data.proto - Stores the data (key-value pairs) contained
in BPF maps
Source files modified:
* fdinfo.proto - Added BPF map as a new kind of file descriptor.
'message file_entry' can now hold information about BPF map file
descriptors
* Makefile - Now generates build artifacts for bpfmap-file.proto
and bpfmap-data.proto
Signed-off-by: Abhishek Vijeev <abhishek.vijeev@gmail.com>
See "man memfd_create" for more information of what memfd is.
This adds support for memfd open files, that are not not memory mapped.
* We add a new kind of file: MEMFD.
* We add two image types MEMFD_FILE, and MEMFD_INODE.
MEMFD_FILE contains usual file information (e.g., position).
MEMFD_INODE contains the memfd name, and a shmid identifier
referring to the content.
* We reuse the shmem facilities for dumping memfd content as it
would be easier to support incremental checkpoints in the future.
Signed-off-by: Nicolas Viennot <Nicolas.Viennot@twosigma.com>
Restoring a SELinux process also requires to correctly label sockets.
During checkpointing fgetxattr() is used to retrieve the
"security.selinux" xattr and during restore setsockcreatecon() is used
before a socket is created.
Previous commits are already restoring the sockcreate SELinux setting if
set by the process.
Signed-off-by: Adrian Reber <areber@redhat.com>
There are two problems. The first is CTL_TTY_OFF occupies
one of the biggest available fds in the system. It's a number
near service_fd_rlim_cur. Next patches want to allocate
service fds lower, than service_fd_rlim_cur, and they want
to know max used fd from file fles after the image reading.
But since one of fds is already set very big (CTL_TTY_OFF)
on a stage of collection fles, the only availabe service
fds are near service_fd_rlim_cur. It's vicious circle,
and the only way is to change ctl tty fd allocation way.
The second problem is ctl tty is ugly out of generic file
engine fixup (see open_fd()). This is made because ctl tty
is the only slave fle, which needs additional actions
(see tty_restore_ctl_terminal()). Another file types just
receive their slave fle, and do not do anything else.
This patch moves ctl tty to generic engine and solves all
the above problems. To do that, we implement new CTL_TTY
file type, which open method waits till slave tty is received
and then calls tty_restore_ctl_terminal() for that. It fits
to generic engine well, and allocates fd via find_unused_fd(),
and do not polute file table by big fd numbers.
Next patch will kill currently unneed CTL_TTY leftovers
and will remove CTL_TTY_OFF service fd from criu.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
Add a fake fd type for autofs. This allows functions
like find_file_desc() work as expected, without
having two different file_desc with the same type
and same id.
Also, later, it will allow to delete autofs_create_fle()
and to use generic helper.
Signed-off-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
There are two goals of this merge. First is to reduce the amount
of image files we generate and scan on restore. The latter is
more importaint, as even if we have no weird stuff like signalfd,
we still try to open this file. So after the merge we try to
open ~15 image files (out of ~30) less %) which is nice.
The 2nd goal is to simplify the C/R support for SCM messages.
This becomes possible with the fact, that all files we have can
be distinguished by their ID only, w/o type. This, in turn,
makes image layout for SCMs much simpler.
Reviewed-by: Kirill Tkhai <ktkhai@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Signed-off-by: Andrei Vagin <avagin@virtuozzo.com>
But keep @protobuf as a symlink: we have
this path encoded in sources. Gonna be
removed with time.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
