It is already present in rpc, so lets add it to libcriu too.
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It is already present in CLI and RPC, so libcriu should reflect it too.
travis-ci: success for lib: add inherit_fd
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Unfortunately, newer versions of protobuf check that the file suffix ends
in _pb2.py:
sudo ./zdtm.py run -t zdtm/static/apparmor_stacking
Traceback (most recent call last):
File "./zdtm.py", line 23, in <module>
import criu as crpc
File "/home/ubuntu/criu/test/criu.py", line 12, in <module>
import rpc
File "/home/ubuntu/criu/test/rpc.py", line 36, in <module>
type=None),
File "/usr/lib/python2.7/dist-packages/google/protobuf/descriptor.py", line 652, in __new__
_message.Message._CheckCalledFromGeneratedFile()
TypeError: Descriptors should not be created directly, but only retrieved from their parent.
v2: fix up the clean target, and remove some comments that were about the
old rename
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Laurent Dufour <ldufour@linux.vnet.ibm.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
1. As __nmk_dir already ends with a slash, there's no need
for an extra one.
2. No need to include macro.mk into criu/Makefile -- nothing it defines
is used from there.
Cc: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
C standard specifies that the first enum element is 0 and the next ones
are +1 to a previous element (C90, "3.5.2.2 Enumeration
specifiers").
Therefore, there is no need to explicitly specify element values.
The explicit initializers were added in the first commit introducing
this enum (commit 46e8aee).
While at it, let's also add a comma after the last element, for any
future patch adding more elements to look better.
No functional change.
Cc: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Acked-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
It seems that the different libc (musl) which Alpine Linux uses produces
different errors than the usual glibc. This patch fixes most include
errors. Two errors are not yet resolved on Alpine Linux's libc (musl):
* proc_parse.c: In function 'parse_posix_timers':
proc_parse.c:2125:34: error: 'SIGEV_THREAD_ID' undeclared (first use in this function)
timer->spt.it_sigev_notify = SIGEV_THREAD_ID;
proc_parse.c:2125:34: note: each undeclared identifier is reported only once for each function it appears in
Seems difficult to fix as including <linux/signal.h>, which provides
this #define, generates more different error messages related to
time.h and linux/time.h collisions. It is not yet clear if additional
guards would help in the header files.
* fsnotify.c: In function 'open_by_handle':
fsnotify.c:107:9: error: implicit declaration of function 'open_by_handle_at' [-Werror=implicit-function-declaration]
return open_by_handle_at(fd, arg, O_PATH);
The function open_by_handle_at() is not provided by Alpine Linux's
libc (musl).
This patch resolves the following errors/warnings and has been tested on
RHEL7(x86_64/powerpc64le) and Fedora 24:
cr-service.c: In function 'cr_service':
cr-service.c:1082:26: error: passing argument 2 of 'accept' from incompatible pointer type [-Werror=incompatible-pointer-types]
sk = accept(server_fd, &client_addr, &client_addr_len);
^
In file included from /usr/include/fortify/sys/socket.h:20:0,
from cr-service.c:11:
/usr/include/sys/socket.h:301:5: note: expected 'struct sockaddr * restrict' but argument is of type 'struct sockaddr_un *'
int accept (int, struct sockaddr *__restrict, socklen_t *__restrict);
^
cc1: all warnings being treated as errors
files.c: In function 'open_transport_fd':
files.c:845:19: error: passing argument 2 of 'bind' from incompatible pointer type [-Werror=incompatible-pointer-types]
ret = bind(sock, &saddr, sun_len);
^
In file included from /usr/include/fortify/sys/socket.h:20:0,
from files.c:12:
/usr/include/sys/socket.h:298:5: note: expected 'const struct sockaddr *' but argument is of type 'struct sockaddr_un *'
int bind (int, const struct sockaddr *, socklen_t);
^
cc1: all warnings being treated as errors
In file included from fsnotify.c:18:0:
/usr/include/sys/poll.h:1:2: error: #warning redirecting incorrect #include <sys/poll.h> to <poll.h> [-Werror=cpp]
#warning redirecting incorrect #include <sys/poll.h> to <poll.h>
^
cc1: all warnings being treated as errors
In file included from /root/criu/criu/include/timerfd.h:7:0,
from /root/criu/criu/include/restorer.h:18,
from arch/x86/crtools.c:16:
/root/criu/criu/include/files.h:43:14: error: field 'stat' has incomplete type
struct stat stat;
In file included from arch/x86/vdso-pie.c:6:0:
/root/criu/criu/include/syscall.h:22:66: error: unknown type name 'loff_t'
extern long sys_pread (unsigned int fd, char *buf, size_t count, loff_t pos) ;
^
/root/criu/criu/include/syscall.h:83:31: error: unknown type name 'clockid_t'
extern long sys_timer_create (clockid_t which_clock, struct sigevent *timer_event_spec, kernel_timer_t *created_timer_id
^
/root/criu/criu/include/syscall.h:88:38: error: unknown type name 'clockid_t'
extern long sys_clock_gettime (const clockid_t which_clock, const struct timespec *tp) ;
^
In file included from netfilter.c:5:0:
/usr/include/wait.h:1:2: error: #warning redirecting incorrect #include <wait.h> to <sys/wait.h> [-Werror=cpp]
#warning redirecting incorrect #include <wait.h> to <sys/wait.h>
^
cc1: all warnings being treated as errors
pie/restorer.c: In function '__export_restore_task':
pie/restorer.c:1276:23: error: 'LOCK_EX' undeclared (first use in this function)
ret = sys_flock(fd, LOCK_EX);
^
pie/restorer.c:1276:23: note: each undeclared identifier is reported only once for each function it appears in
pie/restorer.c:1310:23: error: 'LOCK_UN' undeclared (first use in this function)
ret = sys_flock(fd, LOCK_UN);
^
sk-unix.c: In function 'open_unixsk_standalone':
sk-unix.c:1169:19: error: passing argument 2 of 'connect' from incompatible pointer type [-Werror=incompatible-pointer-types]
if (connect(sk, &addr, sizeof(addr.sun_family))) {
^
In file included from /usr/include/fortify/sys/socket.h:20:0,
from sk-unix.c:1:
/usr/include/sys/socket.h:299:5: note: expected 'const struct sockaddr *' but argument is of type 'struct sockaddr_un *'
int connect (int, const struct sockaddr *, socklen_t);
^
cc1: all warnings being treated as errors
c/criu.c: In function 'criu_local_set_parent_images':
c/criu.c:169:26: error: implicit declaration of function 'strdup' [-Werror=implicit-function-declaration]
opts->rpc->parent_img = strdup(path);
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Andrew Vagin <avagin@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This entry will be used to carry all the autofs parameters, required to
restore mount point.
Signed-off-by: Stanislav Kinsburskiy <skinsbursky@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
For the previously added option to skip in-flight connections this adds
that option to the RPC interface. The skip in-flight connections is also
described in criu.txt.
Signed-off-by: Adrian Reber <areber@redhat.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Needed for container migration, where arguments are
set via p.haul as rpc request.
Signed-off-by: Nikita Spiridonov <nspiridonov@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Seems @rpc-> part has been sneaked out (forgot to
push into index), as result it built fine locally,
but not when applied from the patch.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
For handling --cgroup-props, --cgroup-props-file and
--cgroup-dump-controller from RPC interface.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
In some images there can be quite a long "payload" -- some
raw data that is represented by base64 encoding. If we want
to explore huge images reading tons of base64 symbols can
be quite time consuming :) E.g. I a 1.5 gigs image with sysv
shmem was sent to me some time ago for investigation %)
So here is the --nopl argument for show action (decode should
produce encode-able image, so payload there is needed) that
just shows the amount of bytes in payload (if any).
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Updated version attached.
>From 6c0e1522e01e01aa89861862fbdf039a0892b89b Mon Sep 17 00:00:00 2001
From: Cyrill Gorcunov <gorcunov@openvz.org>
Date: Tue, 12 Apr 2016 20:00:24 +0300
Subject: [PATCH 1/2] tty: Write unread pty buffers on post dump stage
When unread data present on peers we currently simply ignore it but
actually we can try to fetch it in non(that)destructive way.
For this sake at the end of dump procedure (because fetching
queued data may go wrong and we will have to write it back,
which is heavy, and we need all ttys under our hands)
we walk over all collected TTYs and link PTYs peers which
indices are matching. Note to not overload tty_dump_info we
reuse @list member for new @all_ptys list.
Once link established we literally read queued data and flush
it into new tty-data.img. If something go wrong at this moment,
we stop reading queued data but walk back over already queued
ones and write them back to restore former state. Same applies
if the dump has been requested to leave task alive.
On restore we link peers back and write queued data once
peer back to live.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
--record option allows us to keep track of files that are being
installed by writing them to specified file. We can than use that
file to do proper cleanup on uninstall.
v2, drop -r, as we shouldn't really care about dirs, because
setup.py doesn't report them to us.
Signed-off-by: Ruslan Kuprieiev <kupruser@gmail.com>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
While most are handled from the scratch there is a significant
problem with python setup. So I added some preliminaty solution,
probably someohe with good knowledge of how setup.py works
improve it later.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Reviewed-by: Dmitry Safonov <dsafonov@virtuozzo.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
.gitid, and some of the build directories from setup.py need to be cleaned
on 'clean'.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
This reverts commit a98014f306.
As per Saied Kazemi, actually dump works without seccomp support
from the kernel on non-seccomped tasks. The only problem was with
criu check, but this would be addressed separately.
Reverting the commit not to burden the API with (yet) unneeded stuff.
Conflicts:
lib/c/criu.h
As was intended from the scratch.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Acked-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
- drop unneeded @built-in.o rule
- use proper @CRIU_SO for -soname option
- add dep on version change
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Sometimes we may want to use CRIU on older kernels which don't support
dumping seccomp state where we don't actually care about the seccomp state.
Of course this is unsafe, but it does allow for c/r of things using
seccomp on these older kernels in some cases. When the task is in
SECCOMP_MODE_STRICT or SECCOMP_MODE_FILTER with filters that block the
syscalls criu's parasite code needs, the dump will still fail.
Note that we disable seccomp by simply feigning that we are in mode 0. This
is a little hacky, but avoids distributing ifs throughout the code and
keeps them in this one place.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
CC: Saied Kazemi <saied@google.com>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Both CRIU library and CRIT python data are moved into
lib/c and lib/py.
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@virtuozzo.com>
Better to obtain error if there is no free memory
than smashing the stack.
A rule of thumb for alloca() based functions is to
use them with predefined small sizes (such as we
do in swapping builtin sizes for parasite engine).
Signed-off-by: Cyrill Gorcunov <gorcunov@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Not sure if it is okay, but this patch breaks backward compatibility,
as we now discourage people from using criu as a system service by default.
But it is better to be done rather sooner than later, considering criu service
is not widely used.
On a patch side, we just need to daemonize swrk if self-dump is requested.
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
It's better to
1. Use strlcpy() instead of strncpy() as otherwise we might end up
with a not NULL-terminated string, which opens a portal to hell.
There are a few places reported by Coverity for this, such as:
- in criu_connect(), Coverity CID 51591;
- in proc_pid_parse(), Coverity CID 51590;
- in move_veth_to_bridge(), Coverity CID 51593;
- etc.
2. Use strlcpy() instead of strcpy() to avoid buffer overruns.
Some of these are also reported by Coverity, for example
the one in dump_filemap(), Coverity CID 51630.
Signed-off-by: Kir Kolyshkin <kir@openvz.org>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This option allows users to specify their own irmap paths to scan in the event
that they don't have a path in one of the hard coded hints.
Signed-off-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Signed-off-by: Hui Kang <hkang.sunysb@gmail.com>
Looks-good-to: Ruslan Kuprieiev <kupruser@gmail.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Users shouldn't use it directly anyway, they should
use criu_set* fucntions for that.
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
In this mode libcriu will execute criu binary in swrk
mode, so users are not always obliged to run criu service
daemon.
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
* Added functionality for dumping unnamed unix sockets.
When we call CRIU with dump option, for unnamed socket we
should pass it inode into --ext-unix-sk. Details about this problem
described in http://criu.org/External_UNIX_socket#What_to_do_with_socketpair.28.29-s.3F.
Usage example:
criu dump -D images -o dump.log -v4 --ext-unix-sk=4529709 -t 13506
* fix typo error in log output
Signed-off-by: Artem Kuzmitskiy <artem.kuzmitskiy@lge.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
This patch adds capability to using libcriu from C++ code.
Signed-off-by: Artem Kuzmitskiy <artem.kuzmitskiy@lge.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Currently, libcriu is connecting to CRIU service
by itself, just asking user for a path to socket.
But in some cases users need to provide fd instead
path. For example, sometimes task has no access to
criu socket because of strict security mesures, but
is able to inherit fd from a parent that has access
to criu socket.
v2, use union for addr and fd
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
criu_opts contains rpc options and notify callback,
so we can keep all options in just one structure.
This will allow us to easily extend libcriu functionality
and yet keep all options in one place.
We're also not hiding rpc opts structure anymore, so
it is pretty clear where power-user should put his own
CriuOpts instance if he would like to do that.
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
Having ability to have your own options structure is quite nice
and allows much more flexible use of libcriu in cases when you
want to have a bunch of instances of options structures.
This patch also allows users to use raw CriuOpts structure
modified in any suitable way, whether by libcriu's criu_local_set
methods or by using protobuf-c directly.
It is also worth noting, that backward-compatibility in API and ABI
is preserved.
Signed-off-by: Ruslan Kuprieiev <rkuprieiev@cloudlinux.com>
Acked-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
