It is quiet a common case to move the process from one pidns to another
existing pidns with criu (only restriction is pids should not
intersect). Let's check it works.
v2: - use pipe-s to synchronize processes
- run the test in a pid namespace to avoid pid conflicts in the host
pid namespace
- grep errors in restore.log
- add some more comments
v3: use 1000 for ns_last_pid so that test works on systems with low
pid_max; remove excess ';'s.
Co-Developed-by: Andrei Vagin <avagin@gmail.com>
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
There is a small typo in test/zdtm/static/socket_aio.c, test/zdtm/static/socket_listen.c, test/zdtm/static/socket_listen4v6.c, test/zdtm/static/socket_listen6.c, test/zdtm/static/socket_udp-corked.c, test/zdtm/static/socket_udp.c, test/zdtm/static/socket_udplite.c.
Should read `client` rather than `clietn`.
Signed-off-by: Tim Gates <tim.gates@iress.com>
We see strange cases there page-server or lazy-pages are exiting with
non-zero but print no errors, probably the tail of the log can help us
to understand what happened.
There are some other uses of grep_errors but let's only change cases
where we explicitly through an exeption on bad ret. For others I'm not
sure if we need extra output, e.g. for validly failing fault injections.
To debug #1280
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Using travis-ci.com instead of travis-ci.org offers access to bare metal
aarch64 based systems and thus enabling us to run the full CRIU CI test
suite.
Switch arm64 based tests to arm64-graviton2 for tests.
This is the first non x86_64 architecture running tests and not just
compile in Travis.
Signed-off-by: Adrian Reber <areber@redhat.com>
This commit achieves the following:
a) Refactors ZDTM tests bpf_array.c and bpf_hash.c to make use of the
BPF ZDTM library functions. In addition, these tests now verify whether
information obtained from both procfs and BPF_OBJ_GET_INFO_BY_FD are
the same before and after c/r.
b) Updates ZDTM tests bpf_array.c and bpf_hash.c to include a BPF map's
name and also to freeze maps
Source files modified:
* zdtm/static/bpf_array.c
* zdtm/static/bpf_hash.c
Source files added:
* zdtm/static/bpf_array.desc
* zdtm/static/bpf_hash.desc
Note: ${test_name}.desc files have the 'suid' flag set because
BPF_MAP_FREEZE requires the global (root-userns) CAP_SYS_ADMIN or
CAP_BPF. Hence, only test flavors 'h' and 'ns' are executed ('uns'
is skipped) because BPF_MAP_FREEZE can't be used from non-root user
namespaces.
Signed-off-by: Abhishek Vijeev <abhishek.vijeev@gmail.com>
This commit adds BPF helper functions needed by tests in a new library.
It defines new functions that allow verifying BPF map meta-data from
the procfs as well as using the bpf() system call with
BPF_OBJ_GET_INFO_BY_FD. It is necessary to verify from procfs and using
BPF_OBJ_GET_INFO_BY_FD because the information available from both
these places is disjoint (for example, checking whether a map is frozen
cannot be performed with BPF_OBJ_GET_INFO_BY_FD).
Source files modified:
* test/zdtm/lib/Makefile - Generating build artifacts
Source files added:
* test/zdtm/lib/bpfmap_zdtm.c - Provides definitions for 3 new
functions:
(a) parse_bpfmap_fdinfo() - Parses information about the BPF map
from procfs
(b) cmp_bpf_map_info() - Compares the attributes of a BPF map file
obtained from BPF_OBJ_GET_INFO_BY_FD. This function is typically
used to verify that the attributes of a BPF map remain the same
before checkpoint and after restore
(c) cmp_bpfmap_fdinfo() - Compares the attributes of a BPF map file
obtained from procfs. This function is typically used to verify
that the attributes of a BPF map remain the same before checkpoint
and after restore
* test/zdtm/lib/bpfmap_zdtm.h - Structure and function declarations.
Declares struct bpfmap_fdinfo_obj, which stores information about BPF
maps parsed from procfs
Signed-off-by: Abhishek Vijeev <abhishek.vijeev@gmail.com>
In this case, states of established tcp connections will not be dumped
and they will not be blocked. This will be useful in case of snapshots,
when we don't need to restore tcp connections.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
This patch enables checkpoint/restore of the SO_OOBINLINE socket option.
When the SO_OOBINLINE option is used, out-of-band data is placed in the
normal input queue as it is received. This permits it to be read using
read or recv without specifying the MSG_OOB flag.
Signed-off-by: Radostin Stoyanov <rstoyanov1@gmail.com>
Make two mounts, binds of the same file system, the first has root "/"
and the second has a cut root "/auxiliary". This insures that on restore
criu will mount the first mount first and latter bind the second from
it. After set the first mount unbindable to check if restoring these
flag does not interfere with restoring mounts.
Before the fix in these series we had the error:
(00.031286) 1: mnt: Mounting tmpfs @/tmp/.criu.mntns.wGroPU/12-0000000000/zdtm/static/unbindable.test/bind_of_unbindable (0)
(00.031298) 1: mnt: Bind /tmp/.criu.mntns.wGroPU/12-0000000000/zdtm/static/unbindable.test/unbindable/auxiliary to /tmp/.criu.mntns.wGroPU/12-0000000000/zdtm/static/unbindable.test/bind_of_unbindable
(00.031329) 1: Error (criu/mount.c:2298): mnt: Can't mount at /tmp/.criu.mntns.wGroPU/12-0000000000/zdtm/static/unbindable.test/bind_of_unbindable: Invalid argument
https://bugs.openvz.org/browse/OVZ-7116
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
This adds three epoll targets on tfd 702 and then adds two epoll targets
on tfd 701. This test is for off calculation in dump_one_eventpoll, the
reverse order makes qsort to actually work.
v2: update test_doc with longer explanation, remove unused DUPFDNO
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
This commit adds ZDTM tests for c/r of processes with BPF maps as open
files
Source files added:
* zdtm/static/bpf_hash.c - Tests for c/r of the data and meta-data of
BPF map type BPF_MAP_TYPE_HASH
* zdtm/static/bpf_array.c - Tests for c/r of the data and meta-data
of BPF map type BPF_MAP_TYPE_ARRAY
Source files modified:
* zdtm/static/Makefile - Generating build artifacts for BPF tests
Signed-off-by: Abhishek Vijeev <abhishek.vijeev@gmail.com>
I pushed the wrong branch to the pidns PR
https://github.com/checkpoint-restore/criu/pull/1056
which resulted in the wrong patches getting merged.
This is the actual result from the review.
Signed-off-by: Adrian Reber <areber@redhat.com>
Adapt netns_ext tests to also work with pid namespaces and move it from
test/others/netns_ext/ to test/others/ns_ext/.
Also enable ns_ext tests in Travis runs.
Signed-off-by: Adrian Reber <areber@redhat.com>
Create a session leader and it's child - session member, make leader
zombie. To restore this criu will need to create a helper task a child
of our zombie so that member can inherit session. Before fixes in this
patchset we segfault on empty ids and fail to restore cgroups because of
empty cg_set
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
We permanently have issues like this:
./test/jenkins/criu-iter.sh: 3: source: not found
It looks like a good idea to use one shell to run our jenkins scripts.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
One can pass --stream to zdtm.py for testing criu with image streaming.
criu-image-streamer should be installed in ../criu-image-streamer
relative to the criu project directory. But any path will do providing
that criu-image-streamer can be found in the PATH env.
Added a few tests to run on travis-ci to make sure streaming works.
We run test that are likely to fail. However, it would be good to once
in a while run all tests with `--stream -a`.
Signed-off-by: Nicolas Viennot <Nicolas.Viennot@twosigma.com>
The newest version of flake reports errors that variable names like 'l'
should not be used, because they are hard to read.
This changes 'l' to 'line' to make flake8 happy.
Signed-off-by: Adrian Reber <areber@redhat.com>
When using zdtm.py with --tls it started to fail as the certificates
seem to have expired. Following commands have been used to re-generate
the certificate:
# Generate CA key and certificate
echo -ne "ca\ncert_signing_key" > temp
certtool --generate-privkey > cakey.pem
certtool --generate-self-signed \
--template temp \
--load-privkey cakey.pem \
--outfile cacert.pem
# Generate server key and certificate
echo -ne "cn=$HOSTNAME\nencryption_key\nsigning_key" > temp
certtool --generate-privkey > key.pem
certtool --generate-certificate \
--template temp \
--load-privkey key.pem \
--load-ca-certificate cacert.pem \
--load-ca-privkey cakey.pem \
--outfile cert.pem
rm temp cakey.pem
Without this tests will fail in Travis.
Signed-off-by: Adrian Reber <areber@redhat.com>
We should follow Linux Kernel Codding Style:
... the closing brace is empty on a line of its own, except in the cases
where it is followed by a continuation of the same statement, ie ... an
else in an if-statement ...
https://www.kernel.org/doc/html/v4.10/process/coding-style.html#placing-braces-and-spaces
Automaticly fixing with:
:!git grep --files-with-matches "^\s*else[^{]*{" | xargs
:argadd <files>
:argdo :%s/}\s*\n\s*\(else[^{]*{\)/} \1/g | update
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
This test checks that monotonic and boottime don't jump after C/R.
In ns and uns flavors, the test is started in a separate time namespace
with big offsets, so if criu will restore a time namespace incorrectly
the test will detect the big delta of clocks values before and after C/R.
Signed-off-by: Andrei Vagin <avagin@gmail.com>
The helper function removes code duplication from tests that want to
initialize unix socket address to an absolute file path, derived from
current working directory of the test + relative filename of a resulting
socket. Because the former code used cwd = get_current_dir_name() as
part of absolute filename generation, the resulting filepath could later
cause failure of bind systcall due to unchecked permissions and
introduce confusing permission errors.
Signed-off-by: Valeriy Vdovin <valeriy.vdovin@virtuozzo.com>
Any filesystem syscall, that needs to navigate to inode by it's
absolute path performs successive lookup operations for each part of the
path. Lookup operation includes access rights check.
Usually but not always zdtm tests processes fall under 'other' access
category. Also, usually directories don't have 'x' bit set for other.
In case when bit 'x' is not set and user-ID and group-ID of a process
relate it to 'other', test's will not succeed in performing these
syscalls which are most of filesystem api, that has const char *path
as part of it arguments (open, openat, mkdir, bind, etc).
The observable behavior of that is that zdtm tests fail at file
creation ops on one system and pass on the other. The above is not
immediately clear to the developer by just looking at failed test's logs.
Investigation of that is also not quick for a developer due to the
complex structure of zdtm runtime where nested clones with
NAMESPACE flags take place alongside with bind-mounts.
As an additional note: 'get_current_dir_name' is documented as returning
EACCESS in case when some part of the path lacks read/list permissions.
But in fact it's not always so. Practice shows, that test processes can
get false success on this operation only to fail on later call to
something like mkdir/mknod/bind with a given path in arguments.
'get_cwd_check_perm' is a wrapper around 'get_current_dir_name'. It also
checks for permissions on the given filepath and logs the error. This
directs the developer towards the right investigation path or even
eliminates the need for investigation completely.
Signed-off-by: Valeriy Vdovin <valeriy.vdovin@virtuozzo.com>
We should ignore (not parse) images that has non-crtool format,
that images has no magic number (RAW_IMAGE_MAGIC equals 0).
nftables images has format compatible with `nft -f /proc/self/fd/0`
input format.
Reported-by: Mr Jenkins
Signed-off-by: Alexander Mikhalitsyn (Virtuozzo) <alexander@mihalicyn.com>
On these test without the patch ("fown: Don't fail on dumping files opened
wit O_PATH") we trigger these errors:
Error (criu/pie/parasite.c:340): fcntl(4, F_GETOWN_EX) -> -9
Error (criu/files.c:403): Can't get owner signum on 18: Bad file descriptor
Error (criu/files-reg.c:1887): Can't restore file pos: Bad file descriptor
Signed-off-by: Pavel Tikhomirov <ptikhomirov@virtuozzo.com>
Signed-off-by: Alexander Mikhalitsyn (Virtuozzo) <alexander@mihalicyn.com>
python 2.7 doesn't call the read system call if it's read file to the
end once. The next seek allows to workaround this problem.
inhfd/memfd.py hangs due to this issue.
Reported-by: Mr Jenkins
Signed-off-by: Andrei Vagin <avagin@gmail.com>