Commit graph

11306 commits

Author SHA1 Message Date
Radostin Stoyanov
8adefc90d2 lib/pycriu: generate version.py
The version of CRIU is specified in the Makefile.versions file.
This patch generates '__varion__' value for the pycriu module.
This value can be used by crit to implement `--version`.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
2023-10-22 13:29:25 -07:00
Younes Manton
59fcfa80d8 compel: Add support for ppc64le scv syscalls
Power ISA 3.0 added a new syscall instruction. Kernel 5.9 added
corresponding support.

Add CRIU support to recognize the new instruction and kernel ABI changes
to properly dump and restore threads executing in syscalls. Without this
change threads executing in syscalls using the scv instruction will not
be restored to re-execute the syscall, they will be restored to execute
the following instruction and will return unexpected error codes
(ERESTARTSYS, etc) to user code.

Signed-off-by: Younes Manton <ymanton@ca.ibm.com>
2023-10-22 13:29:25 -07:00
David Francis
d06c9b5cda criu/plugin: Add environment variable to cap size of buffers.
The amdgpu plugin would create a memory buffer at the size
of the largest VRAM bo (buffer object). On some systems, VRAM
size exceeds RAM size, so the largest bo might be larger than
the available memory.

Add an environment variable KFD_MAX_BUFFER_SIZE, which caps the
size of this buffer. By default, it is set to 0, and has no
effect. When active, any bo larger than its value will be
saved to/restored from file in multiple passes.

Signed-off-by: David Francis <David.Francis@amd.com>
2023-10-22 13:29:25 -07:00
Michal Clapinski
8caf460b9c zdtm: test MEMBARRIER_CMD_GLOBAL_EXPEDITED migration
Check membarrier registration both ways:
1. By issuing membarrier commands and checking if they succeed.
2. By issuing MEMBARRIER_CMD_GET_REGISTRATIONS.

The first way is needed for older kernels. The second way is needed to test
MEMBARRIER_CMD_GLOBAL_EXPEDITED.

Signed-off-by: Michal Clapinski <mclapinski@google.com>
2023-10-22 13:29:25 -07:00
Michal Clapinski
2ba8727822 dump: use MEMBARRIER_CMD_GET_REGISTRATIONS when available
MEMBARRIER_CMD_GET_REGISTRATIONS can tell us whether or not the process used
MEMBARRIER_CMD_REGISTER_GLOBAL_EXPEDITED unlike the old probing method.

Falls back to the old method when MEMBARRIER_CMD_GET_REGISTRATIONS is
unavailable.

Signed-off-by: Michal Clapinski <mclapinski@google.com>
2023-10-22 13:29:25 -07:00
Radostin Stoyanov
32241b00de vagrant: run tests with fedora 38
Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
2023-10-22 13:29:25 -07:00
Radostin Stoyanov
862cb5c1cb vagrant: update to version 2.3.7
This patch also updated the download URL format

from
    https://releases.hashicorp.com/vagrant/2.3.7/vagrant_2.3.7_x86_64.deb

to
    https://releases.hashicorp.com/vagrant/2.3.7/vagrant_2.3.7-1_amd64.deb

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
2023-10-22 13:29:25 -07:00
Pavel Tikhomirov
d2a0d1fa64 lint: don't fail workflow on indent fail
There are multiple cases where good human readable code block is
converted to an unreadable mess by clang-format, so we don't want to
rely on clang-format completely. Also there is no way, as far as I can
see, to make clang-format only fix what we want it to fix without
breaking something.

So let's just display hints inline where clang-format is unhappy. When
reviewer sees such a warning it's a good sign that something is broken
in coding-style around this warning.

We add special script which parses diff generated by indent and
generates warning for each hunk.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
2023-10-22 13:29:25 -07:00
Pavel Tikhomirov
08f286ed96 CONTRIBUTING.md: improve coding-style related sections
This is highlight that code readability is the real goal of all the
coding-style rules. We should not do coding-style just for coding-style,
e.g. when clang-format suggests crazy formating we should not follow it
if we feel it is bad.

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
2023-10-22 13:29:25 -07:00
Pavel Tikhomirov
38bf7f42e5 CONTRIBUTING.md: don't mention ctags
Ctags is mentioned in the beginning of the "Edit the source code" which
is really confusing: Do you need ctags to edit CRIU code? - No. It is
just one helpful tool to browse the code, and we do not want to enforce
it. So, what is it doing in contribution guide? People who really need
it should be able to find it in Makefile or just write oneliner of their
own to collect tags...

Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
b7a8bb0889 zdtm: test execveat(memfd)
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
c9b2633ca3 memfd: return original memfd fd for execveat()
If there is only a single RW opened fd for a memfd, it can be used
to pass it to execveat() with AT_EMPTY_PATH to have its contents
executed.  This currently works only for the original fd from
memfd_create().  For now we ignore processes that reopen the memfd's
rw and expect a particular executability trait of it.  (Note: for
security purposes recent kernels have SEAL_EXEC to make memfds
non-executable.)

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
4805654370 kerndat: check_pagemap: close(fd) on error path
Plug a fd leak when returning error from check_pagemap().
(Cosmetic, as the process will exit soon anyway.)

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
d5284313f5 kerndat: Make errors from clone3() check more precise.
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
badf8060c6 proc_parse: Log smaps entry while dumping VMA.
Help debugging problems with restoring custom VMAs.

From: Michał Cłapiński <mclapinski@google.com>
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Radostin Stoyanov
1800018bc1 test/other: add test for action-script
This commit is introducing a test for the action-script functionality
of CRIU to verify that pre-dump, post-dump, pre-restore, pre-resume,
post-restore, post-resume hooks are executed during dump/restore.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
2023-10-22 13:29:25 -07:00
Michał Mirosław
ea05b06ac2 proc_parse: remove trivial goto from vma_get_mapfile_user()
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
f7d7dc9c08 compel/infect: include the relevant pid in "no-breakpoints restore" debug message
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
b56a9cef32 kerndat: Make pagemap check more robust against swapped out pages.
Fix test of whether the kernel exposes page frame numbers to cope with the
possibility that the top of the stack is swapped out, which was happening
in about one 1 out of 3 million runs.  This lead to a later failure when
trying to read the PFN of the zero page, after which criu would exit with
no error message.

Original-From: Ambrose Feinstein <ambrose@google.com>
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Andrei Vagin
86ad52bc2d ci/loongarch64: compile tests before running zdtm.py
Otherwise tests fail by timeout.

Signed-off-by: Andrei Vagin <avagin@gmail.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
0085f992cb memfd: don't set fd attributes not needed for vma mapping
There is only one user of memfd_open() outside of memfd.c: open_filemap().
It is restoring a file-backed mapping and doesn't need nor expect to
update F_SETOWN nor the fd's position.  Check the inherited_fd() handling
in the callers to simplify the code.

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Andrei Vagin
8c17535f3f loongarch64: fix syscall_64.tbl
The 288d6a61e2 change broke all the syscall numbers.

Reported-by: Michał Mirosław <emmir@google.com>
Fixes: (288d6a61e2 "loongarch64: reformat syscall_64.tbl for 8-wide tabs")
Signed-off-by: Andrei Vagin <avagin@gmail.com>
2023-10-22 13:29:25 -07:00
Andrei Vagin
6ea60d6ef7 github: auto-remove changes requested and awaiting reply labels
Labels are removed when new comments are posted.

Signed-off-by: Andrei Vagin <avagin@gmail.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
620e8c0a61 Put a cap on the size of single preadv in restore operation.
While each preadv() is followed by a fallocate() that removes the data
range from image files on tmpfs, temporarily (between preadv() and
fallocate()) the same data is in two places; this increases the memory
overhead of restore operation by the size of a single preadv.
Uncapped preadv() would read up to 2 GiB of data, thus we limit that to
a smaller block size (128 MiB).

Based-on-work-by: Paweł Stradomski <pstradomski@google.com>
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
2547ac8ac1 zdtm: membarrier: test migration of membarrier() registration
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
e07155e194 dump+restore: Implement membarrier() registration c/r.
Note: Silently drops MEMBARRIER_CMD_REGISTER_GLOBAL_EXPEDITED as it's
not currently detectable. This is still better than silently dropping
all membarrier() registrations.

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Andrei Vagin
5b790aa181 loongarch64: reformat syscall_64.tbl for 8-wide tabs
Signed-off-by: Andrei Vagin <avagin@gmail.com>
2023-10-22 13:29:25 -07:00
Radostin Stoyanov
d1096e3b31 lib/py: add VMA_AREA_MEMFD constant
The VMA_AREA_MEMFD constant was introduced with commit

29a1a88bce
memfd: add memory mapping support

This patch extends the status map used in CRIT and coredump with the
value of this constant to recognize it.

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
2023-10-22 13:29:25 -07:00
Andrei Vagin
d3b955e578 ci/docker: install all required packages
This change fixes the issue:
```
The following packages have unmet dependencies:
 docker-ce : Depends: containerd.io (>= 1.6.4)
E: Unable to correct problems, you have held broken packages.
```

Signed-off-by: Andrei Vagin <avagin@google.com>
2023-10-22 13:29:25 -07:00
Andrei Vagin
9477354def scripts/apt: don't hide apt output
It is required to investigate issues.

Signed-off-by: Andrei Vagin <avagin@google.com>
2023-10-22 13:29:25 -07:00
Radostin Stoyanov
a4b49c46fe amdgpu_plugin: remove duplicated log prefix
The log prefix "amdgpu_plugin:" is defined with `LOG_PREFIX` in
`amdgpu_plugin.c`.  However, the prefix is also included in each
log message. As a result it appears duplicated in the log messages:

(00.044324) amdgpu_plugin: amdgpu_plugin: devices:1 bos:58 objects:148 priv_data:45696
(00.045376) amdgpu_plugin: amdgpu_plugin: Thread[0x5589] started
(00.167172) amdgpu_plugin: amdgpu_plugin: img_path = amdgpu-kfd-62.img
(00.083739) amdgpu_plugin: amdgpu_plugin : amdgpu_plugin_dump_file() called for fd = 235

Signed-off-by: Radostin Stoyanov <rstoyanov@fedoraproject.org>
2023-10-22 13:29:25 -07:00
Michał Mirosław
69200bec76 irmap: scan user-provided paths in order
Make the scan use the order of paths that came from the user.

Fixes: 4f2e4ab3be ("irmap: add --irmap-scan-path option"; 2015-09-16)
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
2a131167bb page-xfer: Pull tcp_cork,nodelay().
Move tcp_cork() and tcp_nodelay() to the only user: page-xfer.c. While
at it, fix error messages (as they do not refer to restoring the sockopt
values) and demote them as they are not fatal to the page transfer.

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Haorong Lu
6ed50ea49d apparmor: fix incorrect usage of sizeof on char ptr
In criu/apparmor.c: write_aa_policy(), the arg path is passed as a char
pointer. The original code used sizeof(path) to get the size of it,
which is incorrect as it always return the size of the char pointer
(typically 8 or 4), not the actual capacity of the char array.

Given that this function is only invoked with path declared as `char
path[PATH_MAX]`, replacing sizeof(path) with PATH_MAX should correctly
represent the maximum size of it.

Fixes: 8723e3f ("check: add a feature test for apparmor_stacking")

Signed-off-by: Haorong Lu <ancientmodern4@gmail.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
3628589b51 zdtm/memfd00: test memfd file mode
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
dfa5410951 memfd: dump and restore permissions.
memfd is created by default with +x permissions set. This can be changed
by a process using fchmod() and expected to prevent using this fd for
exec(). Migrate the permissions.

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
ac1219f4ee sk-inet: Extend 'TCP repair off' failure log.
Include the file descriptor and error code in the debug message to make
it more useful.

Fixes: e7ba90955c (2016-03-14 "cr-check: Inspect errno on syscall failures")
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
25d0330809 restore: Skip dropping BSET capability if irrelevant.
prctl(NO_NEW_PRIVS) when set prevents child processes gaining
capabilities not in permitted set. In this case, inability to
clear capability from BSET that is not in the permitted set is
harmless.

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
fe4be19de4 prctl: test prctl(NO_NEW_PRIVS) setting
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
a605cc9f36 prctl: Migrate prctl(NO_NEW_PRIVS) setting.
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
7df3f65957 restore: Fix capability migration requirements between different kernels.
When restoring on a kernel that has different number of supported
capabilities than checkpoint one, check that the extra caps are unset.

There are two directions to consider:

1) dump.cap_last_cap > restore.cap_last_cap
	- restoring might reduce the processes' capabilities if restored
	  kernel doesn't support checkpointed caps. Warn.

2) dump.cap_last_cap < restore.cap_last_cap
	- restoring will fill the extra caps with zeroes. No changes.

Note: `last_cap` might change without affecting `n_words`.

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
7ab02639f6 restore: Skip setgroups() when already correct.
Skip calling setgroups() when the list of auxiliary groups already has
the values we want.  This allows restoring into an unprivileged user
namespace where setgroups() is disabled.

From: Ambrose Feinstein <ambrose@google.com>
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
4998b724ef restore: Avoid need for CAP_SETPCAP if not changing uids.
When CRIU is run with the task's credentials on restore, don't set uids
and gids. This avoids the need to modify the SECURE_NO_SETUID_FIXUP flag
which requires CAP_SETPCAP.

From: Andy Tucker <agtucker@google.com>
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
99188cfbe3 tty: Avoid EPERM for no-op chown().
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
113957270b memfd: Avoid EPERM for no-op chown().
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
96fa42b79d cgroup: Replace restore_perms() with cr_fchperm().
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
b074f92f99 files-reg: Avoid EPERM in ghost_apply_metadata() for no-op changes.
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
f985d9f44b sk-unix: Avoid restore_file_perms() EPERM error for no-op changes.
Note: This removes the difference in calling convention of
restore_file_perms() returning -errno that was the only call that did
this in the caller.

From: Radosław Burny <rburny@google.com>
Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
Michał Mirosław
21560270dd util: Implement fchown() and fchmod() wrappers.
Add generic wrappers for fchown() and fchmod() that skip the calls if
no changes are needed. This will allow to unify places where we can
avoid errors when no-op requests are not permitted.

Signed-off-by: Michał Mirosław <emmir@google.com>
2023-10-22 13:29:25 -07:00
znley
e25a243b28 ci: add workflow for loongarch64
Signed-off-by: znley <shanjiantao@loongson.cn>
2023-10-22 13:29:25 -07:00