pycriu: Fix self-dump failure with explicit PID

When `opts.pid` is explicitly set to `os.getpid()`, `pycriu` fails to daemonize the `criu` process. This causes `criu` to run as a child of the dumped process, leading to the error "The criu itself is within dumped tree". This can be fixed by modifying `_send_req_and_recv_resp` to check if the target PID matches the current process PID. If so, it enables daemon mode, ensuring `criu` is detached and the dump succeeds. Signed-off-by: unichronic <ishuvam.pal@gmail.com>
cr-restore/shstk: Make arch_shstk_unlock use correct pid
2026-01-23 10:16:41 +00:00 · 2026-01-21 00:25:29 +00:00 · 2026-01-20 00:08:19 +00:00 · 2026-01-12 19:07:39 -08:00 · 2026-01-12 19:06:43 -08:00 · 2026-01-12 18:49:12 -08:00
636 changed files with 27204 additions and 4518 deletions
--- a/.circleci/config.yml
+++ b/.circleci/config.yml
@ -2,7 +2,7 @@ version: 2.1
 jobs:
  test-local-gcc:
    machine:
-      image: ubuntu-2004:202010-01
+      image: default
    working_directory: ~/criu
    steps:
      - checkout
@ -11,7 +11,7 @@ jobs:
          command: sudo -E make -C scripts/ci local
  test-local-clang:
    machine:
-      image: ubuntu-2004:202010-01
+      image: default
    working_directory: ~/criu
    steps:
      - checkout
--- a/.cirrus.yml
+++ b/.cirrus.yml
@ -13,9 +13,8 @@ task:
    nested_virtualization: true

  setup_script: |
-    scripts/ci/apt-install make gcc pkg-config git perl-modules iproute2 kmod wget cpu-checker
+    contrib/apt-install make gcc pkg-config git perl-modules iproute2 kmod wget cpu-checker
    sudo kvm-ok
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
  build_script: |
    make -C scripts/ci vagrant-fedora-no-vdso

@ -33,10 +32,12 @@ task:
    memory: 8G

  setup_script: |
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
    dnf config-manager --set-enabled crb # Same as CentOS 8 powertools
    dnf -y install epel-release epel-next-release
-    dnf -y install --allowerasing asciidoc gcc git gnutls-devel libaio-devel libasan libcap-devel libnet-devel libnl3-devel libbsd-devel libselinux-devel make protobuf-c-devel protobuf-devel python-devel python-PyYAML python-future python-protobuf python-junit_xml python3-importlib-metadata python-flake8 xmlto
+    contrib/dependencies/dnf-packages.sh
+    # The image has a too old version of nettle which does not work with gnutls.
+    # Just upgrade to the latest to make the error go away.
+    dnf -y upgrade nettle nettle-devel
    systemctl stop sssd
    # Even with selinux in permissive mode the selinux tests will be executed.
    # The Cirrus CI user runs as a service from selinux point of view and is
@ -62,9 +63,8 @@ task:
    nested_virtualization: true

  setup_script: |
-    scripts/ci/apt-install make gcc pkg-config git perl-modules iproute2 kmod wget cpu-checker
+    contrib/apt-install make gcc pkg-config git perl-modules iproute2 kmod wget cpu-checker
    sudo kvm-ok
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
  build_script: |
    make -C scripts/ci vagrant-fedora-rawhide

@ -83,99 +83,11 @@ task:
    nested_virtualization: true

  setup_script: |
-    scripts/ci/apt-install make gcc pkg-config git perl-modules iproute2 kmod wget cpu-checker
+    contrib/apt-install make gcc pkg-config git perl-modules iproute2 kmod wget cpu-checker
    sudo kvm-ok
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
  build_script: |
    make -C scripts/ci vagrant-fedora-non-root

-task:
-  name: CentOS Stream 8 based test
-  environment:
-    HOME: "/root"
-    CIRRUS_WORKING_DIR: "/tmp/criu"
-
-  compute_engine_instance:
-    image_project: centos-cloud
-    image: family/centos-stream-8
-    platform: linux
-    cpu: 4
-    memory: 8G
-
-  setup_script: |
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
-    # Do not fail if latest epel repository definition is already installed
-    yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm || :
-    yum install -y dnf-plugins-core
-    yum config-manager --set-enabled powertools
-    yum install -y --allowerasing asciidoc gcc git gnutls-devel libaio-devel libasan libcap-devel libnet-devel libnl3-devel libbsd-devel libselinux-devel make protobuf-c-devel protobuf-devel python3-devel python3-flake8 python3-PyYAML python3-future python3-protobuf python3-importlib-metadata python3-junit_xml xmlto
-    alternatives --set python /usr/bin/python3
-    systemctl stop sssd
-    # Even with selinux in permissive mode the selinux tests will be executed
-    # The Cirrus CI user runs as a service from selinux point of view and is
-    # much more restricted than a normal shell (system_u:system_r:unconfined_service_t:s0)
-    # The test case above (vagrant-fedora-no-vdso) should run selinux tests in enforcing mode
-    setenforce 0
-
-  build_script: |
-    make -C scripts/ci local SKIP_CI_PREP=1 CC=gcc CD_TO_TOP=1 ZDTM_OPTS="-x zdtm/static/socket-raw"
-
-task:
-  name: CentOS 7 based test
-  environment:
-    HOME: "/root"
-    CIRRUS_WORKING_DIR: "/tmp/criu"
-
-  compute_engine_instance:
-    image_project: centos-cloud
-    image: family/centos-7
-    platform: linux
-    cpu: 4
-    memory: 8G
-
-  setup_script: |
-    # EPEL is needed for python2-future, python2-junit_xml, python-flake8 and libbsd-devel.
-    # Do not fail if latest epel repository definition is already installed
-    yum install -y https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm || :
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
-    yum install -y findutils gcc git gnutls-devel iproute iptables libaio-devel libasan libcap-devel libnet-devel libnl3-devel libbsd-devel make procps-ng protobuf-c-devel protobuf-devel protobuf-python python python-flake8 python-ipaddress python2-future python2-junit_xml python-yaml python-six sudo tar which e2fsprogs python2-pip rubygem-asciidoctor libselinux-devel
-    # Even with selinux in permissive mode the selinux tests will be executed
-    # The Cirrus CI user runs as a service from selinux point of view and is
-    # much more restricted than a normal shell (system_u:system_r:unconfined_service_t:s0)
-    # The test case above (vagrant-fedora-no-vdso) should run selinux tests in enforcing mode
-    setenforce 0
-    # Enable user namespaces on CentOS 7
-    echo 10000 > /proc/sys/user/max_user_namespaces
-    # Adapt sudoers to our needs
-    echo 'root ALL=(ALL:ALL) ALL' | EDITOR='tee -a' visudo
-
-  build_script: |
-    make -C scripts/ci local SKIP_CI_PREP=1 CC=gcc CD_TO_TOP=1 ZDTM_IGNORE_TAINT=1 ZDTM_OPTS="-x zdtm/static/socket-raw -x zdtm/static/child_subreaper_existing_child -x zdtm/static/fifo_upon_unix_socket01 -x zdtm/static/overmount_sock -x zdtm/static/tempfs_overmounted"
-
-task:
-  name: aarch64 build GCC (native)
-  arm_container:
-    image: docker.io/library/ubuntu:jammy
-    cpu: 4
-    memory: 4G
-  script: uname -a
-  build_script: |
-    scripts/ci/apt-install make
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
-    make -C scripts/ci local
-
-task:
-  name: aarch64 build CLANG (native)
-  arm_container:
-    image: docker.io/library/ubuntu:jammy
-    cpu: 4
-    memory: 4G
-  script: uname -a
-  build_script: |
-    scripts/ci/apt-install make
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
-    make -C scripts/ci local CLANG=1
-
 task:
  name: aarch64 Fedora Rawhide
  arm_container:
@ -185,6 +97,5 @@ task:
  script: uname -a
  build_script: |
    scripts/ci/prepare-for-fedora-rawhide.sh
-    ln -sf /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto
    make -C scripts/ci/ local CC=gcc SKIP_CI_PREP=1 SKIP_CI_TEST=1 CD_TO_TOP=1
    make -C test/zdtm -j 4
--- a/.clang-format
+++ b/.clang-format
@ -53,7 +53,7 @@ BreakConstructorInitializersBeforeComma: false
 BreakConstructorInitializers: BeforeComma # Unknown to clang-format-4.0
 BreakAfterJavaFieldAnnotations: false
 BreakStringLiterals: false
-ColumnLimit: 120
+ColumnLimit: 0
 CommentPragmas: '^ IWYU pragma:'
 CompactNamespaces: false # Unknown to clang-format-4.0
 ConstructorInitializerAllOnOneLineOrOnePerLine: false
--- a/.codespellrc
+++ b/.codespellrc
@ -1,3 +1,3 @@
 [codespell]
-skip = ./.git,./test/pki
-ignore-words-list = creat,fpr,fle,ue,bord,parms,nd,te,testng
+skip = ./.git,./test/pki,./tags,./plugins/amdgpu/amdgpu_drm.h,./plugins/amdgpu/drm.h,./plugins/amdgpu/drm_mode.h
+ignore-words-list = creat,fpr,fle,ue,bord,parms,nd,te,testng,inh,wronly,renderd,bui,clen,sems
--- a/.github/workflows/aarch64-test.yaml
+++ b/.github/workflows/aarch64-test.yaml
@ -0,0 +1,34 @@
+name: aarch64 test
+
+on: [push, pull_request]
+
+# Cancel any preceding run on the pull request.
+concurrency:
+  group: aarch64-test-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/criu-dev' }}
+
+jobs:
+  build:
+    strategy:
+      matrix:
+        os: [ubuntu-24.04-arm, ubuntu-22.04-arm]
+        target: [GCC=1, CLANG=1]
+
+    runs-on: ${{ matrix.os }}
+
+    steps:
+    - uses: actions/checkout@v4
+    - name: Run Tests ${{ matrix.target }} on ${{ matrix.os }}
+      # Following tests are failing on the VMs:
+      #  ./change_mnt_context --pidfile=change_mnt_context.pid --outfile=change_mnt_context.out
+      #   45: ERR: change_mnt_context.c:23: mount (errno = 22 (Invalid argument))
+      #
+      # In combination with '--remote-lazy-pages' following error occurs:
+      #  138: FAIL: maps05.c:84: Data corrupted at page 1639 (errno = 11 (Resource temporarily unavailable))
+      run: |
+        # The 'sched_policy00' needs the following:
+        sudo sysctl -w kernel.sched_rt_runtime_us=-1
+        # etc/hosts entry is needed for netns_lock_iptables
+        echo "127.0.0.1   localhost" | sudo tee -a /etc/hosts
+        sudo -E make -C scripts/ci local ${{ matrix.target }} RUN_TESTS=1 \
+          ZDTM_OPTS="-x zdtm/static/change_mnt_context -x zdtm/static/maps05"
--- a/.github/workflows/alpine-test.yml
+++ b/.github/workflows/alpine-test.yml
@ -9,12 +9,13 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
    strategy:
      matrix:
+        os: [ubuntu-22.04, ubuntu-22.04-arm]
        target: [GCC=1, CLANG=1]
+    runs-on: ${{ matrix.os }}

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Alpine ${{ matrix.target }} Test
      run: sudo -E make -C scripts/ci alpine ${{ matrix.target }}
--- a/.github/workflows/archlinux-test.yml
+++ b/.github/workflows/archlinux-test.yml
@ -9,8 +9,8 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Arch Linux Test
      run: sudo -E make -C scripts/ci archlinux
--- a/.github/workflows/check-commits.yml
+++ b/.github/workflows/check-commits.yml
@ -0,0 +1,30 @@
+name: Verify self-contained commits
+
+on: pull_request
+
+# Cancel any preceding run on the pull request
+concurrency:
+  group: commit-test-${{ github.event.pull_request.number }}
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    # Check if pull request does not have label "not-selfcontained-ok"
+    if: "!contains(github.event.pull_request.labels.*.name, 'not-selfcontained-ok')"
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        # Needed to rebase against the base branch
+        fetch-depth: 0
+        # Checkout pull request HEAD commit instead of merge commit
+        ref: ${{ github.event.pull_request.head.sha }}
+    - name: Install dependencies
+      run: sudo contrib/apt-install libprotobuf-dev libprotobuf-c-dev protobuf-c-compiler protobuf-compiler python3-protobuf libnl-3-dev libnet-dev libcap-dev uuid-dev
+    - name: Configure git user details
+      run: |
+        git config --global user.email "checkpoint-restore@users.noreply.github.com"
+        git config --global user.name "checkpoint-restore"
+    - name: Configure base branch without switching current branch
+      run: git fetch origin ${{ github.base_ref }}:${{ github.base_ref }}
+    - name: Build each commit
+      run: git rebase ${{ github.base_ref }} -x "make -C scripts/ci check-commit"
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@ -29,22 +29,22 @@ jobs:

    steps:
      - name: Checkout
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4

      - name: Install Packages (cpp)
        if: ${{ matrix.language == 'cpp' }}
        run: |
-          sudo scripts/ci/apt-install protobuf-c-compiler libprotobuf-c-dev libprotobuf-dev build-essential libprotobuf-dev libprotobuf-c-dev protobuf-c-compiler protobuf-compiler python3-protobuf libnet-dev pkg-config libnl-3-dev libbsd0 libbsd-dev iproute2 libcap-dev libaio-dev libbsd-dev python3-yaml libnl-route-3-dev gnutls-dev
+          sudo contrib/apt-install protobuf-c-compiler libprotobuf-c-dev libprotobuf-dev build-essential libprotobuf-dev libprotobuf-c-dev protobuf-c-compiler protobuf-compiler python3-protobuf libnet-dev pkg-config libnl-3-dev libbsd0 libbsd-dev iproute2 libcap-dev libaio-dev libbsd-dev python3-yaml libnl-route-3-dev gnutls-dev
      - name: Initialize CodeQL
-        uses: github/codeql-action/init@v2
+        uses: github/codeql-action/init@v3
        with:
          languages: ${{ matrix.language }}
          queries: +security-and-quality

      - name: Autobuild
-        uses: github/codeql-action/autobuild@v2
+        uses: github/codeql-action/autobuild@v3

      - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v2
+        uses: github/codeql-action/analyze@v3
        with:
          category: "/language:${{ matrix.language }}"
--- a/.github/workflows/compat-test.yml
+++ b/.github/workflows/compat-test.yml
@ -9,13 +9,13 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    strategy:
      matrix:
        target: [GCC, CLANG]


    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Compat Tests (${{ matrix.target }})
      run: sudo -E make -C scripts/ci local COMPAT_TEST=y ${{ matrix.target }}=1
--- a/.github/workflows/cross-compile-daily.yml
+++ b/.github/workflows/cross-compile-daily.yml
@ -10,11 +10,11 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        target: [armv7-stable-cross, aarch64-stable-cross, ppc64-stable-cross, mips64el-stable-cross]
+        target: [armv7-stable-cross, aarch64-stable-cross, ppc64-stable-cross, mips64el-stable-cross, riscv64-stable-cross]
        branches: [criu-dev, master]

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
      with:
        ref: ${{ matrix.branches }}
    - name: Run Cross Compilation Targets
--- a/.github/workflows/cross-compile.yml
+++ b/.github/workflows/cross-compile.yml
@ -21,6 +21,7 @@ jobs:
          aarch64-stable-cross,
          ppc64-stable-cross,
          mips64el-stable-cross,
+          riscv64-stable-cross,
        ]
        include:
          - experimental: true
@ -33,7 +34,7 @@ jobs:
            target: mips64el-unstable-cross

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Cross Compilation Targets
      run: >
        sudo make -C scripts/ci ${{ matrix.target }}
--- a/.github/workflows/docker-test.yml
+++ b/.github/workflows/docker-test.yml
@ -12,8 +12,8 @@ jobs:
    runs-on: ${{ matrix.os }}
    strategy:
      matrix:
-        os: [ubuntu-20.04]
+        os: [ubuntu-22.04]
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Docker Test (${{ matrix.os }})
      run: sudo make -C scripts/ci docker-test
--- a/.github/workflows/fedora-asan-test.yml
+++ b/.github/workflows/fedora-asan-test.yml
@ -9,9 +9,9 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Fedora ASAN Test
      run: sudo -E make -C scripts/ci fedora-asan
--- a/.github/workflows/fedora-rawhide-test.yml
+++ b/.github/workflows/fedora-rawhide-test.yml
@ -9,10 +9,10 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Fedora Rawhide Test
      # We need to pass environment variables from the CI environment to
      # distinguish between CI environments. However, we need to make sure that
--- a/.github/workflows/gcov-test.yml
+++ b/.github/workflows/gcov-test.yml
@ -9,10 +9,10 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Coverage Tests
      run: sudo -E make -C scripts/ci local GCOV=1
    - name: Run gcov
--- a/.github/workflows/java-test.yml
+++ b/.github/workflows/java-test.yml
@ -9,8 +9,8 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Java Test
      run: sudo make -C scripts/ci java-test
--- a/.github/workflows/lint.yml
+++ b/.github/workflows/lint.yml
@ -14,9 +14,9 @@ jobs:
      image: registry.fedoraproject.org/fedora:latest
    steps:
    - name: Install tools
-      run: sudo dnf -y install git make python3-flake8 xz clang-tools-extra which codespell git-clang-format ShellCheck
+      run: sudo dnf -y install git make ruff xz clang-tools-extra codespell git-clang-format ShellCheck

-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4

    - name: Set git safe directory
      # https://github.com/actions/checkout/issues/760
@ -26,15 +26,15 @@ jobs:
      run: make lint

    - name: Run make indent
-      run: >
+      continue-on-error: true
+      run: |
        if [ -z "${{github.base_ref}}" ]; then
-          git fetch --deepen=1 &&
-          if ! make indent OPTS=--diff; then
-            exit 1
-          fi
+          git fetch --deepen=1
+          make indent
        else
-          git fetch origin ${{github.base_ref}} &&
-          if ! make indent OPTS=--diff BASE=origin/${{github.base_ref}}; then
-            exit 1
-          fi
+          git fetch origin ${{github.base_ref}}
+          make indent BASE=origin/${{github.base_ref}}
        fi
+    - name: Raise in-line make indent warnings
+      run: |
+        git diff | ./scripts/github-indent-warnings.py
--- a/.github/workflows/loongarch64-qemu-test.yml
+++ b/.github/workflows/loongarch64-qemu-test.yml
@ -0,0 +1,15 @@
+name: LoongArch64 Qemu Test
+
+on: [push, pull_request]
+
+# Cancel any preceding run on the pull request.
+concurrency:
+  group: loongarch64-qemu-test-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/criu-dev' }}
+
+jobs:
+  build:
+    runs-on: ubuntu-22.04
+    steps:
+      - uses: actions/checkout@v4
+      - run: sudo make -C scripts/ci loongarch64-qemu-test
--- a/.github/workflows/manage-labels.yml
+++ b/.github/workflows/manage-labels.yml
@ -0,0 +1,14 @@
+name: Remove labels
+on: [issue_comment, pull_request_review_comment]
+jobs:
+  remove-labels-on-comments:
+    name: Remove labels on comments
+    if: github.event_name == 'issue_comment'
+    runs-on: ubuntu-latest
+    steps:
+      - uses: mondeja/remove-labels-gh-action@v1
+        with:
+          token: ${{ secrets.GITHUB_TOKEN }}
+          labels: |
+            changes requested
+            awaiting reply
--- a/.github/workflows/nftables-test.yml
+++ b/.github/workflows/nftables-test.yml
@ -0,0 +1,24 @@
+name: Nftables bases testing
+
+on: [push, pull_request]
+
+# Cancel any preceding run on the pull request.
+concurrency:
+  group: nftables-test-${{ github.event.pull_request.number || github.ref }}
+  cancel-in-progress: ${{ github.ref != 'refs/heads/criu-dev' }}
+
+jobs:
+  build:
+    runs-on: ubuntu-24.04
+    steps:
+    - uses: actions/checkout@v4
+    - name: Remove iptables
+      run: sudo apt remove -y iptables
+    - name: Install libnftables-dev
+      run: sudo contrib/apt-install libnftables-dev
+    - name: chmod 755 /home/runner
+      # CRIU's tests are sometimes running as some random user and need
+      # to be able to access the test files.
+      run: sudo chmod 755 /home/runner
+    - name: Build with nftables network locking backend
+      run: sudo make -C scripts/ci local COMPILE_FLAGS="NETWORK_LOCK_DEFAULT=NETWORK_LOCK_NFTABLES"
--- a/.github/workflows/podman-test.yml
+++ b/.github/workflows/podman-test.yml
@ -9,8 +9,8 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run Podman Test
      run: sudo make -C scripts/ci podman-test
--- a/.github/workflows/stream-test.yml
+++ b/.github/workflows/stream-test.yml
@ -9,9 +9,9 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04

    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run CRIU Image Streamer Test
      run: sudo -E make -C scripts/ci local STREAM_TEST=1
--- a/.github/workflows/x86-64-clang-test.yml
+++ b/.github/workflows/x86-64-clang-test.yml
@ -9,8 +9,8 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run X86_64 CLANG Test
      run: sudo make -C scripts/ci x86_64 CLANG=1
--- a/.github/workflows/x86-64-gcc-test.yml
+++ b/.github/workflows/x86-64-gcc-test.yml
@ -9,8 +9,8 @@ concurrency:

 jobs:
  build:
-    runs-on: ubuntu-20.04
+    runs-on: ubuntu-22.04
    steps:
-    - uses: actions/checkout@v2
+    - uses: actions/checkout@v4
    - name: Run X86_64 GCC Test
      run: sudo make -C scripts/ci x86_64
--- a/.gitignore
+++ b/.gitignore
@ -20,18 +20,9 @@ compel/compel
 compel/compel-host-bin
 images/*.c
 images/*.h
-images/google/protobuf/*.c
-images/google/protobuf/*.h
 .gitid
 criu/criu
 criu/unittest/unittest
-crit/crit
-criu/arch/*/sys-exec-tbl*.c
-# x86 syscalls-table is not generated
-!criu/arch/x86/sys-exec-tbl.c
-criu/arch/*/syscalls*.S
-criu/include/syscall-codes*.h
-criu/include/syscall*.h
 criu/include/version.h
 criu/pie/restorer-blob.h
 criu/pie/parasite-blob.h
--- a/.lgtm.yml
+++ b/.lgtm.yml
@ -22,10 +22,4 @@ extraction:
      - "libbsd-dev"
      - "python3-yaml"
      - "libnl-route-3-dev"
-      - "python-future"
      - "gnutls-dev"
-    configure:
-      command:
-      - "ls -laR images/google"
-      - "ln -s /usr/include/google/protobuf/descriptor.proto images/google/protobuf/descriptor.proto"
-      - "ls -laR images/google"
--- a/.travis.yml
+++ b/.travis.yml
@ -1,35 +0,0 @@
-language: c
-os: linux
-dist: bionic
-services:
-  - docker
-jobs:
-  include:
-    - os: linux
-      arch: ppc64le
-      env: TR_ARCH=local
-      dist: bionic
-    - os: linux
-      arch: ppc64le
-      env: TR_ARCH=local CLANG=1
-      dist: bionic
-    - os: linux
-      arch: s390x
-      env: TR_ARCH=local
-      dist: bionic
-    - os: linux
-      arch: arm64-graviton2
-      env: TR_ARCH=local RUN_TESTS=1
-      dist: focal
-      group: edge
-      virt: vm
-    - os: linux
-      arch: arm64-graviton2
-      env: TR_ARCH=local CLANG=1 RUN_TESTS=1
-      group: edge
-      virt: vm
-      dist: bionic
-script:
-  - sudo make -C scripts/ci $TR_ARCH
-after_success:
-  - make -C scripts/ci after_success
--- a/CLAUDE.md
+++ b/CLAUDE.md
@ -0,0 +1 @@
+GEMINI.md
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@ -8,8 +8,8 @@ Here are some useful hints to get involved.
 * We have both -- [very simple](https://github.com/checkpoint-restore/criu/issues?q=is%3Aissue+is%3Aopen+label%3Aenhancement) and [more sophisticated](https://github.com/checkpoint-restore/criu/issues?q=is%3Aissue+is%3Aopen+label%3A%22new+feature%22) coding tasks;
 * CRIU does need [extensive testing](https://github.com/checkpoint-restore/criu/issues?q=is%3Aissue+is%3Aopen+label%3Atesting);
 * Documentation is always hard, we have [some information](https://criu.org/Category:Empty_articles) that is to be extracted from people's heads into wiki pages as well as [some texts](https://criu.org/Category:Editor_help_needed) that all need to be converted into useful articles;
-* Feedback is expected on the GitHub issues page and on the [mailing list](https://lists.openvz.org/mailman/listinfo/criu);
-* We accept GitHub pull requests and this is the preferred way to contribute to CRIU. If you prefer to send patches by email, you are welcome to send them to [CRIU development mailing list](https://lists.openvz.org/mailman/listinfo/criu).
+* Feedback is expected on the GitHub issues page and on the [mailing list](https://lore.kernel.org/criu);
+* We accept GitHub pull requests and this is the preferred way to contribute to CRIU. If you prefer to send patches by email, you are welcome to send them to [CRIU development mailing list](https://lore.kernel.org/criu).
 Below we describe in more detail recommend practices for CRIU development.
 * Spread the word about CRIU in [social networks](http://criu.org/Contacts);
 * If you're giving a talk about CRIU -- let us know, we'll mention it on the [wiki main page](https://criu.org/News/events);
@ -27,44 +27,67 @@ The repository may contain multiple branches. Development happens in the **criu-
 To clone CRIU repo and switch to the proper branch, run:

 ```
-        git clone https://github.com/checkpoint-restore/criu criu
-        cd criu
-        git checkout criu-dev
+git clone https://github.com/checkpoint-restore/criu criu
+cd criu
+git checkout criu-dev
 ```

-### Compile
+### Building from source

-First, you need to install compile-time dependencies. Check [Installation dependencies](https://criu.org/Installation#Dependencies) for more info.
+Follow these steps to compile CRIU from source code.

-To compile CRIU, run:
+#### Installing build dependencies
+
+First, you need to install the required build dependencies. We provide scripts to simplify this process for several Linux distributions in [contrib/dependencies](contrib/dependencies). For a complete list of dependencies, please refer to the [installation guide](https://criu.org/Installation).
+
+##### On Ubuntu/Debian-based systems:

 ```
-        make
+./contrib/dependencies/apt-packages.sh
+```
+
+##### On Fedora/CentOS-based systems:
+
+```
+./contrib/dependencies/dnf-packages.sh
+```
+
+##### Using Nix:
+
+```
+nix develop
+```
+
+#### Compiling CRIU
+
+Once the dependencies are installed, you can compile CRIU by running the `make` command from the root of the source directory:
+
+```
+make
 ```

 This should create the `./criu/criu` executable.

 ## Edit the source code

-If you use ctags, you can generate the ctags file by running
-
-```
-        make tags
-```
-
 When you change the source code, please keep in mind the following code conventions:

+* code is written to be read, so the code readability is the most important thing you need to have in mind when preparing patches
 * we prefer tabs and indentations to be 8 characters width
-* CRIU mostly follows [Linux kernel coding style](https://www.kernel.org/doc/Documentation/process/coding-style.rst), but we are less strict than the kernel community.
+* we prefer line length of 80 characters or less, more is allowed if it helps with code readability
+* CRIU mostly follows [Linux kernel coding style](https://www.kernel.org/doc/Documentation/process/coding-style.rst), but we are less strict than the kernel community

-Other conventions can be learned from the source code itself. In short, make sure your new code
-looks similar to what is already there.
+Other conventions can be learned from the source code itself. In short, make sure your new code looks similar to what is already there.

-The following command can be used to automatically run a code linter for Python files (flake8), Shell scripts (shellcheck),
+## Automatic tools to fix coding-style
+
+Important: These tools are there to advise you, but should not be considered as a "source of truth", as tools also make nasty mistakes from time to time which can completely break code readability.
+
+The following command can be used to automatically run a code linter for Python files (ruff), Shell scripts (shellcheck),
 text spelling (codespell), and a number of CRIU-specific checks (usage of print macros and EOL whitespace for C files).

 ```
-         make lint
+make lint
 ```

 In addition, we have adopted a [clang-format configuration file](https://www.kernel.org/doc/Documentation/process/clang-format.rst)
@ -74,7 +97,7 @@ results in decreased readability, we may choose to ignore these errors.
 Run the following command to check if your changes are compliant with the clang-format rules:

 ```
-         make indent
+make indent
 ```

 This command is built upon the `git-clang-format` tool and supports two options `BASE` and `OPTS`. The `BASE` option allows you to
@ -84,27 +107,57 @@ can use `BASE=origin/criu-dev`. The `OPTS` option can be used to pass additional
 to check the last *N* commits for formatting errors, without applying the changes to the codebase you can use the following command.

 ```
-         make indent OPTS=--diff BASE=HEAD~N
+make indent OPTS=--diff BASE=HEAD~N
 ```

 Note that for pull requests, the "Run code linter" workflow runs these checks for all commits. If a clang-format error is detected
 we need to review the suggested changes and decide if they should be fixed before merging.

+Here are some bad examples of clang-format-ing:
+
+* if clang-format tries to force 120 characters and breaks readability - it is wrong:
+
+```
+@@ -58,8 +59,7 @@ static int register_membarriers(void)
+         }
+
+         if (!all_ok) {
+-                fail("can't register membarrier()s - tried %#x, kernel %#x",
+-                     barriers_registered, barriers_supported);
+                fail("can't register membarrier()s - tried %#x, kernel %#x", barriers_registered, barriers_supported);
+                 return -1;
+         }
+```
+
+* if clang-format breaks your beautiful readability friendly alignment in structures, comments or defines - it is wrong:
+
+```
+--- a/test/zdtm/static/membarrier.c
+++ b/test/zdtm/static/membarrier.c
+@@ -27,9 +27,10 @@ static const struct {
+        int register_cmd;
+        int execute_cmd;
+ } membarrier_cmds[] = {
+-       { "",           MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED,           MEMBARRIER_CMD_PRIVATE_EXPEDITED },
+-       { "_SYNC_CORE", MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_SYNC_CORE, MEMBARRIER_CMD_PRIVATE_EXPEDITED_SYNC_CORE },
+-       { "_RSEQ",      MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_RSEQ,      MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ },
+       { "", MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED, MEMBARRIER_CMD_PRIVATE_EXPEDITED },
+       { "_SYNC_CORE", MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_SYNC_CORE,
+         MEMBARRIER_CMD_PRIVATE_EXPEDITED_SYNC_CORE },
+       { "_RSEQ", MEMBARRIER_CMD_REGISTER_PRIVATE_EXPEDITED_RSEQ, MEMBARRIER_CMD_PRIVATE_EXPEDITED_RSEQ },
+ };
+```
+
 ## Test your changes

 CRIU comes with an extensive test suite. To check whether your changes introduce any regressions, run

 ```
-         make test
+make test
 ```

 The command runs [ZDTM Test Suite](https://criu.org/ZDTM_Test_Suite). Check for any error messages produced by it.

-In case you'd rather have someone else run the tests, you can use travis-ci for your
-own GitHub fork of CRIU. It will check the compilation for various supported platforms,
-as well as run most of the tests from the suite. See https://travis-ci.org/checkpoint-restore/criu
-for more details.
-
 ## Describe your changes

 Describe your problem.  Whether your change is a one-line bug fix or
@ -132,21 +185,21 @@ If your change fixes a bug in a specific commit, e.g. you found an issue using
 the SHA-1 ID, and the one line summary. For example:

 ```
-	Fixes: 9433b7b9db3e ("make: use cflags/ldflags for config.h detection mechanism")
+Fixes: 9433b7b9db3e ("make: use cflags/ldflags for config.h detection mechanism")
 ```

 The following `git config` settings can be used to add a pretty format for
 outputting the above style in the `git log` or `git show` commands:

 ```
-	[pretty]
-		fixes = Fixes: %h (\"%s\")
+[pretty]
+    fixes = Fixes: %h (\"%s\")
 ```

 If your change address an issue listed in GitHub, please use `Fixes:` tag with the number of the issue. For instance:

 ```
-	Fixes: #339
+Fixes: #339
 ```

 The `Fixes:` tags should be put at the end of the detailed description.
@ -229,7 +282,7 @@ can certify the below:
 then you just add a line saying

 ```
-        Signed-off-by: Random J Developer <random at developer.example.org>
+Signed-off-by: Random J Developer <random at developer.example.org>
 ```

 using your real name (please, no pseudonyms or anonymous contributions if
@ -241,14 +294,14 @@ commit message. To append such line to a commit you already made, use

 ```
 From: Random J Developer <random at developer.example.org>
- Subject: [PATCH] component: Short patch description
+Subject: [PATCH] component: Short patch description

- Long patch description (could be skipped if patch
- is trivial enough)
+Long patch description (could be skipped if patch
+is trivial enough)

- Signed-off-by: Random J Developer <random at developer.example.org>
- ---
- Patch body here
+Signed-off-by: Random J Developer <random at developer.example.org>
+---
+Patch body here
 ```

 ## Submit your work upstream
@ -282,8 +335,8 @@ contains the following:
  revisions should be listed. For example:

 ```
-	v3: rebase on the current criu-dev
-	v2: add commit to foo() and update bar() coding style
+v3: rebase on the current criu-dev
+v2: add commit to foo() and update bar() coding style
 ```

 If there are only minor updates to the commits in a pull request, it is
@ -301,7 +354,7 @@ Historically, CRIU worked with mailing lists and patches so if you still prefer
 To create a patch, run

 ```
-    git format-patch --signoff origin/criu-dev
+git format-patch --signoff origin/criu-dev
 ```

 You might need to read GIT documentation on how to prepare patches
@ -312,8 +365,8 @@ at all.
 We recommend to post patches using `git send-email`

 ```
-  git send-email --cover-letter --no-chain-reply-to --annotate \
-                 --confirm=always --to=criu@openvz.org criu-dev
+git send-email --cover-letter --no-chain-reply-to --annotate \
+               --confirm=always --to=criu@lists.linux.dev criu-dev
 ```

 Note that the `git send-email` subcommand may not be in
@ -325,14 +378,14 @@ If this is your first time using git send-email, you might need to
 configure it to point it to your SMTP server with something like:

 ```
-    git config --global sendemail.smtpServer stmp.example.net
+git config --global sendemail.smtpServer stmp.example.net
 ```

-If you get tired of typing `--to=criu@openvz.org` all the time,
+If you get tired of typing `--to=criu@lists.linux.dev` all the time,
 you can configure that to be automatically handled as well:

 ```
-    git config sendemail.to criu@openvz.org
+git config sendemail.to criu@lists.linux.dev
 ```

 If a developer is sending another version of the patch (e.g. to address
@ -345,7 +398,7 @@ version if needed though).

 ### Mail patches

-The patches should be sent to CRIU development mailing list, `criu AT openvz.org`. Note that you need to be subscribed first in order to post. The list web interface is available at https://openvz.org/mailman/listinfo/criu; you can also use standard mailman aliases to work with it.
+The patches should be sent to CRIU development mailing list, `criu AT lists.linux.dev`. Note that you need to be subscribed first in order to post. The list web interface is available at https://lore.kernel.org/criu; you can also use standard mailman aliases to work with it.

 Please make sure the email client you're using doesn't screw your patch (line wrapping and so on).

@ -362,5 +415,3 @@ sometimes a patch may fly around a week before it gets reviewed.
 Wiki article: [Continuous integration](https://criu.org/Continuous_integration)

 CRIU tests are run for each series sent to the mailing list. If you get a message from our patchwork that patches failed to pass the tests, you have to investigate what is wrong.
-
-We also recommend you to [enable Travis CI for your repo](https://criu.org/Continuous_integration#Enable_Travis_CI_for_your_repo) to check patches in your git branch, before sending them to the mailing list.
--- a/Documentation/Makefile
+++ b/Documentation/Makefile
@ -12,11 +12,9 @@ endif

 FOOTER		:= footer.txt
 SRC1		+= crit.txt
-ifeq ($(PYTHON),python3)
 SRC1		+= criu-ns.txt
-endif
 SRC1		+= compel.txt
-SRC1            += amdgpu_plugin.txt
+SRC1		+= criu-amdgpu-plugin.txt
 SRC8		+= criu.txt
 SRC		:= $(SRC1) $(SRC8)
 XMLS		:= $(patsubst %.txt,%.xml,$(SRC))
--- a/Documentation/criu-amdgpu-plugin.txt
+++ b/Documentation/criu-amdgpu-plugin.txt
@ -3,7 +3,7 @@ ROCM Support(1)

 NAME
 ----
-amdgpu_plugin - A plugin extension to CRIU to support checkpoint/restore in
+criu-amdgpu-plugin - A plugin extension to CRIU to support checkpoint/restore in
 userspace for AMD GPUs.


@ -15,6 +15,7 @@ Checkpoint / Restore inside a docker container
 Pytorch
 Tensorflow
 Using CRIU Image Streamer
+Parallel Restore

 DESCRIPTION
 -----------
@ -22,19 +23,15 @@ Though *criu* is a great tool for checkpointing and restoring running
 applications, it has certain limitations such as it cannot handle
 applications that have device files open. In order to support *ROCm* based
 workloads with *criu* we need to augment criu's core functionality with a
-plugin based extension mechanism. *amdgpu_plugin* provides the necessary support
+plugin based extension mechanism. *criu-amdgpu-plugin* provides the necessary support
 to criu to allow Checkpoint / Restore with ROCm.


 Dependencies
-~~~~~~~~~~~~~~
+------------
 *amdkfd support*::
    In order to snapshot the *VRAM* and other *GPU* device states, we require
-    an updated version of amdkfd(amdgpu) driver. The kernel patches are under
-    review currently.
-
-*criu 3.16*::
-    This work is rebased on latest criu release available at this time.
+    an updated version of amdkfd(amdgpu) driver.

 OPTIONS
 -------
@ -97,6 +94,15 @@ executing criu command.
    E.g:
    KFD_CAPABILITY_CHECK=1

+*KFD_MAX_BUFFER_SIZE*::
+    On some systems, VRAM sizes may exceed RAM sizes, and so buffers for dumping
+    and restoring VRAM may be unable to fit. Set to a nonzero value (in bytes)
+    to set a limit on the plugin's memory usage.
+    Default:0 (Disabled)
+
+    E.g:
+    KFD_MAX_BUFFER_SIZE="2G"
+

 AUTHOR
 ------
--- a/Documentation/criu.txt
+++ b/Documentation/criu.txt
@ -155,6 +155,11 @@ not compatible with *--external* *dev*.
            notification message contains a file descriptor for
            the master pty

+        *query-ext-files*:::
+            called after the process tree is stopped and network is locked.
+            This hook is used only in the RPC mode. The notification reply
+            contains file ids to be added to external file list (may be empty).
+
 *--unprivileged*::
    This option tells *criu* to accept the limitations when running
    as non-root. Running as non-root requires *criu* at least to have
@ -457,6 +462,33 @@ The 'mode' may be one of the following:

    *nftables*::: Use nftables rules to drop the packets.

+    *skip*::: Don't lock the network. If *--tcp-close* is not used, the network
+    must be locked externally to allow CRIU to dump TCP connections.
+
+*--allow-uprobes*::
+    Allow dumping when uprobes vma is present. When used on dump, this option is
+    required on restore as well.
+
+    A uprobes vma is automatically created by the kernel once a uprobe is
+    triggered. This mapping is not removed even once the uprobe is deleted. So,
+    even if a process once had uprobes attached to it, and they're removed by
+    the time the process is dumped, this option is still required because criu
+    has no way of knowing whether there are active uprobes or not.
+
+    When using this option on restore, make sure the uprobes (if any) active on
+    the dumped processes are still active. Otherwise, when execution reaches
+    a uprobe'd location in any of the restored processes, that process will be
+    sent a SIGTRAP.
+
+    As an example, say a uprobe is set at function foo in the executable of the
+    process p_bar. Whenever execution in p_bar reaches function foo, the uprobe
+    is triggered. If the uprobe has been triggered at least once, then the kernel
+    will have created the uprobes vma. To dump p_bar, this option is
+    necessary. After dumping, say the uprobe is deleted. Now, on restoring with
+    this option, once execution reaches function foo, SIGTRAP will be sent to
+    the restored p_bar. Unless it has a signal handler installed for SIGTRAP,
+    it will be terminated and core dumped.
+
 *restore*
 ~~~~~~~~~
 Restores previously checkpointed processes.
@ -470,8 +502,8 @@ Restores previously checkpointed processes.
 The 'resource' argument can be one of the following:
 +
    - **tty[**__rdev__**:**__dev__**]**
-    - **pipe[**__inode__**]**
-    - **socket[**__inode__*]*
+    - **pipe:[**__inode__**]**
+    - **socket:[**__inode__*]*
    - **file[**__mnt_id__**:**__inode__**]**
    - 'path/to/file'

@ -684,6 +716,10 @@ The 'mode' may be one of the following:
 *--skip-file-rwx-check*::
    Skip checking file permissions (r/w/x for u/g/o) on restore.

+*--allow-uprobes*::
+    Required when dumped with this option. Refer to this option in the section
+    on dumping for more details.
+
 *check*
 ~~~~~~~
 Checks whether the kernel supports the features needed by *criu* to
--- a/Documentation/logo.svg
+++ b/Documentation/logo.svg
@ -0,0 +1,136 @@
+<?xml version="1.0" encoding="utf-8"?>
+<!-- Generator: Adobe Illustrator 16.0.1, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
+<!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
+<svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
+	 width="560px" height="560px" viewBox="0 0 560 560" enable-background="new 0 0 560 560" xml:space="preserve">
+<path opacity="0.3" fill="#990000" d="M315.137,360.271c-18.771-7.159-41.548-8.85-68.479-8.85c-16.661,0-46.255,2.939-74.654,3.38
+	c11.209-4.884,20.734-10.265,24.842-16.87c14.531-23.346,17.645-65.893,17.645-65.893l-20.758,3.114c0,0-2.591,35.8-16.085,47.733
+	c-5.35,4.736-15.96,7.834-27.916,10.856c2.447-26.071,29.477-57.552,29.477-57.552l-14.874-3.966l-5.88-7.448
+	c0,0-3.011,1.761-7.588,5.315c-18.298,4.208-75.946,20.443-75.946,57.983c0,15.292,5.77,26.308,14.768,34.244
+	c-22.858,26.966-20.755,61.618-20.755,61.618s-8.945,16.61-8.021,31.254c2.083,32.973,34.931,25.097,44.313,26.374
+	c9.644,1.313,34.313-4.18,34.313-4.18s-16.276-2.639-15.329-18.562c0.5-8.369-0.947-27.628-21.404-37.307
+	c-1.13-10.066,2.111-18.309,6.379-28.015c18.452,45.263,92.601,53.97,92.601,53.97c0.393-0.097-10.269,20.047,0.221,35.632
+	c4.652,6.915,18.284,10.019,22.436,19.356c4.151,9.341,2.199,30.354,2.199,30.354s21.267-16.864,27.239-30.18
+	c3.334-7.432,25.989,0.926,25.989-34.047c0-14.077-12.26-26.841-13.675-29.815c-20.858-20.334-5.427-4.743,2.677-8.236
+	c12.758-5.499,35.412,11.657,35.412,11.657s-10.402-20.119-11.437-31.013c-0.795-8.335-4.537-16.816-16.624-30.042
+	c7.166-0.752,20.362,2.327,20.362,2.327s-5.202,11.251-0.879,25.515c3.588,11.84,7.193,7.193,14.736,14.737
+	c6.599,6.598,3.146,26.284,3.146,26.284s4.674-4.513,18.081-18.235c9.072-9.29,23.645-16.717,23.645-47.86
+	C355.312,365.969,334.97,360.979,315.137,360.271z M134.108,285.901c-11.5,13.048-23.667,32.329-28.23,58.293
+	c-4.821-3.519-7.613-8.1-7.613-14.043C98.265,309.699,117.078,295.016,134.108,285.901z"/>
+<path fill="#990000" d="M382.184,115.435c3.654,1.208,7.327,2.37,10.968,3.444c14.16,4.183,26.745-9.798,26.745-9.798
+	s-8.785-2.243-17.857-3.497c12.173-2.653,21.085-18.66,21.085-18.66s-17.366,4.819-27.224,5.087
+	c-2.042,0.057-4.107,0.118-6.189,0.186c2.464-0.37,4.925-0.847,7.361-1.485c14.201-3.714,21.505-23.382,21.505-23.382
+	s-15.411,6.743-24.951,9.239c-2.694,0.703-5.438,1.437-8.197,2.185c3.038-1.071,6.008-2.306,8.815-3.82
+	c12.922-6.965,12.241-29.347,12.241-29.347s-10.162,11.926-18.844,16.605c-3.557,1.916-7.199,3.904-10.846,5.911
+	c3.798-2.277,7.45-4.743,10.596-7.569c10.918-9.814,7.722-29.605,7.722-29.605s-9.801,12.54-17.135,19.131
+	c-8.939,8.037-18.775,14.104-27.014,21.81c-6.427,6.011-25.14,35.236-36.812,46.283c-11.671,11.047-18.301,12.476-19.159,14.388
+	c-0.863,1.913,1.006,30.46-14.078,39.145c-16.476-21.583-50.565-44.007-53.101-72.033c-2.079-22.959,5.209-34.055,19.149-35.316
+	c14.994-1.359,15.998,24.507,15.998,24.507s-1.379,1.064-1.708,6.391c-0.097,0.629-0.145,1.272-0.083,1.934
+	c0.004,0.031,0.008,0.06,0.011,0.091c-0.014,1.674,0.065,3.664,0.278,6.039c1.131,12.474,4.53,14.574,4.53,14.574l2.075-0.722
+	c0,0-2.24-4.079-2.554-7.529c-0.172-1.917-0.187-3.556-0.079-4.977c0.45,0.067,0.949,0.081,1.506,0.031
+	c4.398-0.399,6.049-4.141,5.65-8.539c-0.042-0.45-0.069-0.885-0.094-1.316c2.485-26.032-1.756-29.637,4.788-41.391
+	c9.032-16.218,17.279-16.015,17.279-16.015l1.402-8.155c0,0-6.817,2.462-14.819,13.652c-8.833,12.354-8.983,26.229-9.066,47.958
+	c-0.188-0.761-0.502-1.37-1.017-1.784c-2.457-11.192-9.087-32.13-24.112-30.77c-16.72,1.514-29.419,14.974-26.773,44.171
+	c3.609,39.832,26.186,52.701,29.829,80.84c-13.47-2.349-23.883-10.656-30.866-20.282c-7.803-10.749-7.297-22.949-8.324-24.779
+	c-1.027-1.829-7.761-2.662-20.367-12.627c-12.605-9.965-33.845-37.41-40.78-42.824c-8.895-6.942-19.229-12.111-28.848-19.32
+	c-7.892-5.915-18.769-17.531-18.769-17.531s-1.419,19.995,10.323,28.8c3.386,2.536,7.246,4.665,11.229,6.597
+	c-3.808-1.674-7.616-3.33-11.327-4.925c-9.062-3.887-20.246-14.861-20.246-14.861s1.31,22.353,14.803,28.143
+	c2.931,1.257,6,2.223,9.12,3.019c-2.818-0.5-5.615-0.985-8.357-1.447c-9.728-1.636-25.677-6.981-25.677-6.981
+	s9.025,18.94,23.5,21.376c2.485,0.417,4.975,0.674,7.466,0.822c-2.08,0.118-4.148,0.242-6.183,0.368
+	c-9.843,0.61-27.566-2.645-27.566-2.645S85.667,120.333,110,120c-8.922,2.057-25.678,6.008-25.678,6.008s13.778,12.806,27.508,7.38
+	c3.533-1.394,7.087-2.876,10.62-4.404c-3.726,1.804-7.424,3.581-11.005,5.273c-8.963,4.243-19.428,10.176-19.428,10.176
+	s15.069,9.759,27.305,1.497c0.558-0.378,3.121-1.76,3.678-2.143c-7.904,5.808-19.754,14.937-19.754,14.937
+	s15.802,6.027,27.092-3.354c4.663-3.875,8.104-7.185,12.238-11.618c-3.773,4.55-6.699,8.018-10.634,12.106
+	c-6.839,7.104-13.06,19.791-13.06,19.791s15.597,0.39,24.359-11.388c4.488-6.035,7.482-11.633,10.974-18.191
+	c-3.113,6.479-5.468,11.95-8.911,17.788c-5.018,8.49-7.574,22.624-7.574,22.624s15.342-3.655,21.07-17.17
+	c2.231-5.266,2.107-9.783,3.694-15.291c-1.257,5.272-0.666,9.475-2.24,14.319c-3.045,9.379,0.011,25.554,0.011,25.554
+	s9.713-5.855,10.359-20.52c0.006-0.153,0.5-8.47,0.5-8.625L171,171.496c0,9.917,6.295,23.276,6.295,23.276
+	s11.459-10.649,9.369-25.266c-0.188-1.31-0.1-2.627-0.305-3.947c0.408,1.507,0.998,3.016,1.493,4.524
+	c3.075,9.429,3.5,15.957,3.5,15.957s6.483,1.251,8.73-1.594c0.764,5.625-0.843,10.2-0.843,10.2s5.471-1.1,8.893-3.756
+	c0.705,5.331,0.155,8.789,0.155,8.789s5.106-1.603,8.419-4.323c0.611,4.642,1.764,7.542,1.764,7.542s6.398-0.88,9.021-5.393
+	c0.199,0.038,0.395,0.079,0.59,0.117c2.269,4.875,1.438,8.517,1.438,8.517s7.492-2.14,9.492-6.14c0.003,0,0.007,0,0.01,0
+	c1.798,4,2.727,6.102,2.727,6.102s4.853-2.349,7.093-6.064c0.189,0.009,0.364-0.093,0.547-0.086
+	c-4.702,19.629-23.62,29.658-42.207,42.764c-1.392,0.981-2.712,1.925-3.97,2.884c-2.891,1.512-6.788,3.495-11.311,5.724
+	c-9.829,3.363-23.7,6.057-41.038,4.084c-9.798-1.115-21.037,10.02-21.037,10.02s6.87,4.843,16.565,5.028
+	c-8.819,3.621-17.438,12.632-17.438,12.632s0.045,0.019,0.069,0.029c-27.096,11.688-51.621,29.917-47.651,57.105
+	c2.375,16.27,14.692,25.475,31.704,30.254c-17.81,14.742-32.921,36.129-30.707,60.59c0.134,1.487,0.309,2.916,0.508,4.311
+	c-2.209,5.6-3.288,17.842-2.674,24.886c0.949,10.838,13.686,8.662,18.219,6.729c14.139,12.202,32.258,10.252,32.258,10.252
+	s-17.301,1.211-30.306-11.156c5.551-2.659,6.424-3.925,6.788-11.579c0.36-7.61-9.104-20.759-20.57-21.966
+	c-1.25-20.07,9.861-43.32,30.603-60.203c0.02,0.249,0.023,0.491,0.048,0.742c4.248,46.957,30.584,54.634,81.148,63.26
+	c12.603,2.15,22.04,5.821,29.042,10.457c-3.844,5.388-5.706,21.559-2.895,32.325c3.045,11.655,12.647,14.53,19.429,14.955
+	c-3.304,16.035-11.235,29.024-11.235,29.024s10.015-11.628,15.04-29.016c0.48-0.031,0.928-0.069,1.319-0.114
+	c10.922-1.262,16.17-11.338,14.743-23.071c-1.195-9.826-13.974-24.54-28.598-25.992c-33.117-21.52-109.104-9.05-113.877-61.769
+	c-0.341-3.746-0.517-7.367-0.571-10.888c5.709,1.111,11.782,1.844,18.104,2.244c14.111,28.517,62.158,22.269,95.818,20.694
+	c1.764,3.09,7.043,7.064,13.929,9.779c11.751,4.633,14.889,3.742,18.869,1.502c1.484-0.835,2.828-1.92,3.979-3.155
+	c10.822,10.456,25.37,30.251,25.37,30.251s-12.29-22.284-22.733-33.97c2.601-4.923,2.433-10.619-2.559-13.297
+	c-6.956-3.732-31.321,1.581-36.316,4.981c-30.811,1.668-71.853,6.551-89.576-16.474c41.005,1.192,88.786-9.133,102.385-10.365
+	c21.726-1.966,47.319,1.367,64.887,8.228c-0.783,5.681,1.867,18.47,4.641,25.318c3.316,8.197,11.561,5.887,16.562,3.028
+	c-0.588,13.3-4.495,22.638-4.495,22.638s7.86-14.125,9.117-26.183c4.354-4.041,4.774-5.562,2.904-12.887
+	c-1.849-7.24-14.317-16.821-25.47-15.096c-21.855-8.906-54.594-11.087-75.74-9.175c-18.253,1.653-61.404,10.802-97.611,10.237
+	c-1.895-3.338-3.402-7.122-4.412-11.479c5.113-2.364,10.551-4.388,16.307-5.975c30.999-8.551,40.97-29.258,42.943-48.579
+	c1.127,1.303,1.938,2.069,1.938,2.069s7.087-12.679,5.522-27.275c-0.264-2.469-0.429-4.737-0.553-6.911
+	c2.499,6.741,7.778,13.001,7.778,13.001s16.438-20.208,5.846-27.268c-11.583-7.714-6.836-13.283-4.31-15.299
+	c3.354-1.984,6.973-3.94,10.859-5.817c26.561-12.817,59.903-20.002,64.443-40.039c0.265-1.172,0.388-2.34,0.443-3.507
+	c3.701,2.396,9.165,2.053,9.165,2.053s-0.367-2.88-0.601-7.556c3.747,2.081,8.874,1.758,8.874,1.758s-0.986-2.319-1.255-7.689
+	c3.846,1.998,8.434,2.278,8.434,2.278s-0.725-2.246-1.24-5.573c3.788,0.719,8.84,0.419,8.84,0.419s-3.543-7.302-1.316-16.965
+	c0.357-1.547,0.666-3.09,0.938-4.626c-0.087,1.332-0.169,2.662-0.238,3.985c-0.783,14.742,10.85,24.47,10.85,24.47
+	S337,172.178,337,162.303c0-0.021,0-0.042,0-0.061c0,0.153-0.804,0.309-0.782,0.46c1.951,14.548,13.499,20.839,13.499,20.839
+	s2.388-16.471-1.478-25.542c-1.998-4.686-3.966-9.742-5.688-14.881c2.068,5.344,4.374,10.673,7.067,15.72
+	c6.909,12.952,20.498,15.406,20.498,15.406s-1.832-14.029-7.581-22.041c-3.952-5.505-7.874-11.654-11.551-17.83
+	c4.059,6.22,8.622,12.438,13.631,18.048c9.774,10.953,25.27,9.178,25.27,9.178s-7.323-12.085-14.767-18.552
+	c-4.283-3.722-8.589-7.824-12.754-12.019c4.513,4.047,9.319,7.944,14.31,11.39c12.077,8.341,27.281,0.931,27.281,0.931
+	s-10.533-7.219-18.926-12.302c0.595,0.332,1.186,0.662,1.777,0.988c12.922,7.14,28.146-3.013,28.146-3.013
+	s-12.036-5.887-21.343-9.313C389.896,118.341,386.055,116.903,382.184,115.435z M116.917,367.418
+	c-0.172,0.131-0.344,0.268-0.516,0.398c-17.301-3.899-29.646-12.415-31.124-28.752c-2.244-24.777,21.669-42.631,47.562-54.59
+	c3.553,1,9.203,1.919,15.541,0.503c-4.694,4.817-7.998,9.859-7.998,9.859s2.076,0.564,5.3,0.733
+	C133.582,308.673,115.917,333.715,116.917,367.418z M146.295,295.598c1.834,0.062,3.979-0.014,6.326-0.386
+	c-0.141,0.365-0.274,0.72-0.401,1.069c-10.511,14.57-18.745,34.363-17.404,59.912c-4.522,2.267-9.248,5.074-13.939,8.343
+	C122.237,330.3,136.218,307.613,146.295,295.598z M121.776,368.86c4.131-2.979,8.589-5.697,13.361-8.115
+	c0.358,3.527,1.032,6.741,2.025,9.634C131.805,370.131,126.629,369.657,121.776,368.86z M150.478,350.278
+	c-3.791,0.864-8.16,2.403-12.812,4.546c-0.062-0.425-0.168-0.803-0.224-1.236c-2.557-19.875,3.873-37.276,13.005-51.347
+	c0,0.005-0.007,0.032-0.007,0.032s13.533-3.395,23.088-14.017c-1.715,7.205,0.158,14.79,0.158,14.79s9.774-5.185,16.654-15.216
+	c-0.131,5.548,2.84,10.803,5.451,14.331C193.303,321.731,182.711,342.934,150.478,350.278z M259.516,275.357
+	c0.846-4.127,1.649-8.135,2.42-12.012c2.199-4.002,5.203-6.524,9.011-7.55c3.808-1.04,7.78-1.559,11.919-1.559l1.739-17.042
+	c-5.942,0.378-11.657,1.419-17.144,3.105c-5.492,1.672-10.946,3.611-16.369,5.8c-4.526,4.131-7.915,8.875-10.169,14.237
+	c-2.262,5.359-3.755,11.051-4.655,17.055c-0.906,6.007-1.268,12.17-1.268,18.489v18.209c0,3.23,0.201,6.368,0.779,9.393
+	c0.584,3.045,1.728,5.66,3.543,7.85c3.614,2.588,7.203,3.85,10.822,3.771c3.619-0.066,7.224-0.712,10.842-1.925
+	c3.611-1.23,7.162-2.757,10.647-4.558c3.484-1.811,6.904-3.293,10.266-4.457l7.159-14.521c-2.066,0.505-4.2,1.23-6.394,2.127
+	c-2.199,0.9-4.453,1.643-6.777,2.224c-2.322,0.585-4.649,0.773-6.977,0.585c-2.322-0.189-4.649-1.2-6.976-2.994
+	c-2.063-3.626-3.355-7.475-3.87-11.541c-0.519-4.065-0.612-8.165-0.289-12.296C258.1,283.619,258.674,279.488,259.516,275.357z
+	 M367.6,320.582c-0.196-3.025-1.001-5.908-2.42-8.623c-1.031-3.608-2.649-6.588-4.846-8.905c-2.193-2.333-4.682-4.162-7.458-5.516
+	c-2.773-1.358-5.712-2.364-8.812-3.014c-3.098-0.643-6.004-1.056-8.717-1.259c-2.711-0.188-5.101-0.285-7.166-0.285
+	s-3.419-0.062-4.064-0.189c0.25-1.037,0.449-2.302,0.574-3.783c0.133-1.481,0.322-2.866,0.584-4.162
+	c0.258-1.419,0.512-2.977,0.773-4.65c6.326,0,12.073-0.581,17.242-1.749c5.165-1.148,9.688-3.059,13.558-5.705
+	c3.876-2.646,7.135-6.131,9.781-10.469c2.649-4.318,4.558-9.583,5.715-15.776c-5.684,0-11.596,0.029-17.727,0.093
+	s-12.328,0.158-18.593,0.284c-6.266,0.143-12.431,0.332-18.5,0.583c-6.066,0.27-11.812,0.584-17.236,0.979
+	c0.128,0,0.221,1.387,0.293,4.161c0.062,2.775,0.062,6.465,0,11.035c-0.072,4.588-0.2,9.788-0.386,15.589
+	c-0.199,5.819-0.49,11.73-0.875,17.734c-0.386,6.007-0.878,11.901-1.451,17.72c-0.584,5.815-1.262,10.908-2.035,15.304
+	c5.552-0.268,11.432-0.488,17.624-0.677c2.162-0.065,4.33-0.127,6.503-0.176l1.247-5.547c0.385-2.192,0.708-4.776,0.969-7.739
+	c0.259-2.979,0.513-5.754,0.773-8.338c0.259-3.093,0.386-6.196,0.386-9.286c0.646-0.127,1.677-0.206,3.103-0.206
+	c1.547,0,3.225,0.269,5.039,0.773c1.804,0.519,3.68,1.292,5.612,2.334c1.938,1.041,3.615,2.522,5.034,4.46
+	c1.42,1.925,2.45,4.352,3.104,7.252c0.638,2.914,0.638,6.495,0,10.75l0.631,5.39c1.609,0.033,3.207,0.079,4.796,0.144
+	c6.068,0.189,11.812,0.471,17.234,0.866C367.891,326.747,367.795,323.609,367.6,320.582z M327.506,263.345
+	c0.707-4.397,1.323-8.133,1.835-11.238c1.168-0.521,2.522-0.835,4.069-0.962c1.549-0.125,3.103-0.205,4.65-0.205
+	c1.677,0,3.291,0.031,4.845,0.112c1.547,0.062,2.901,0.093,4.069,0.093c0,1.151-0.041,2.586-0.103,4.256
+	c-0.066,1.688-0.189,3.42-0.389,5.232c-0.189,1.815-0.512,3.578-0.97,5.331c-0.446,1.732-1.127,3.182-2.034,4.347
+	c-0.896,0.918-2.128,1.657-3.681,2.224c-1.543,0.584-3.159,1.042-4.84,1.357c-1.677,0.33-3.291,0.55-4.838,0.677
+	c-1.555,0.141-2.78,0.207-3.682,0.207C326.439,271.542,326.798,267.727,327.506,263.345z M393.035,246.385
+	c-2.517,0.33-4.84,0.584-6.97,0.773c-2.135,0.205-3.781,0.172-4.939-0.096l3.678,2.711c0.899,5.423,1.356,11.051,1.356,16.851
+	c0,5.818-0.195,11.695-0.584,17.642c-0.385,5.941-0.872,11.805-1.45,17.624c-0.581,5.801-1,11.427-1.261,16.85
+	c-0.907,4.522-1.519,9.238-1.835,14.139c-0.331,4.901-0.843,9.713-1.554,14.425c-0.708,4.712-1.812,9.3-3.297,13.761
+	c-1.48,4.443-3.773,8.481-6.869,12.107l-2.908,1.543c0.513,0.52,1.323,0.993,2.42,1.45c1.093,0.457,1.842,0.678,2.23,0.678
+	c2.708-3.23,4.712-6.558,6.004-9.978c1.286-3.419,2.64-6.746,4.069-9.963c1.544-2.711,2.969-5.626,4.261-8.716
+	c1.286-3.107,2.774-6.008,4.455-8.719c1.671-2.708,3.681-5.045,6.008-6.984c2.322-1.938,5.285-3.15,8.903-3.67
+	c0.386-6.319,0.836-13.114,1.354-20.335c0.517-7.235,1.001-14.534,1.451-21.896c0.457-7.361,0.846-14.596,1.168-21.689
+	c0.323-7.111,0.482-13.684,0.482-19.769c-2.713,0-5.458,0.143-8.229,0.394C398.196,245.785,395.553,246.07,393.035,246.385z
+	 M483.002,245c0,4-0.061,5.618-0.188,7.038c-0.135,1.419-0.323,3.525-0.581,5.259c-0.261,1.751-0.584,4.166-0.972,6.752
+	c-0.386,2.584-0.843,6.388-1.354,11.165c-0.519,4.791-1.135,11.551-1.839,19.167c-0.715,7.612-1.519,18.619-2.427,29.619h-32.15
+	c0-15,1.065-26.686,3.192-39.535c2.138-12.847,4.101-25.911,5.911-38.695c-5.034,0.52-9.85,1.042-14.427,1.812
+	c-4.589,0.773-9.136,0.898-13.662,0.52c-0.513,13.682-1.543,27.507-3.097,41.521c-1.553,13.998-3.23,27.586-5.038,40.749
+	c4.52,0,9.396-0.166,14.631-0.496c5.224-0.316,10.292-0.479,15.2-0.479c0.649,1.152,1.285,2.776,1.942,4.838
+	c0.638,2.065,1.22,4.318,1.738,6.779c0.517,2.457,0.997,5.027,1.454,7.753c0.447,2.715,0.873,5.424,1.258,8.135
+	c0.9,6.32,1.681,13.102,2.327,20.336c2.192-6.196,4.454-12.28,6.777-18.209c1.938-5.045,4.004-10.262,6.196-15.699
+	c2.199-5.423,4.327-10.073,6.393-13.936c2.323,0.254,4.649,0.316,6.974,0.188c2.326-0.124,4.681-0.25,7.071-0.392
+	c2.386-0.127,4.775-0.127,7.163,0c2.389,0.142,4.681,0.52,6.88,1.165c-0.257-6.716-0.164-13.619,0.293-20.728
+	c0.449-7.093,1.096-14.204,1.932-21.297c0.841-7.111,1.707-15.14,2.615-22.062c0.907-6.901,1.742-13.27,2.522-21.27H483.002z"/>
+</svg>
--- a/GEMINI.md
+++ b/GEMINI.md
@ -0,0 +1,136 @@
+# CRIU (Checkpoint/Restore In User-space)
+
+CRIU is a tool for saving the state of a running application to a set of files
+(checkpointing) and restoring it back to a live state. It is primarily used for
+live migration of containers, in-place updates, and fast application startup.
+
+It is implemented as a command-line tool called `criu`. The two primary commands
+are `dump` and `restore`.
+
+- `dump`: Saves a process tree and all its related resources (file
+  descriptors, IPC, sockets, namespaces, etc.) into a collection of image
+  files.
+- `restore`: Restores processes from image files to the same state they were
+  in before the dump.
+
+## Quick Start
+
+To get a feel for `criu`, you can try checkpointing and restoring a simple
+process.
+
+1.  **Run a simple process:**
+    Open a terminal and run a command that will run for a while. Find its PID.
+    ```bash
+    sleep 1000 &
+    [1] 12345
+    ```
+
+2.  **Dump the process:**
+    As root, use `criu dump` with the process ID (`-t`) and a directory for the
+    image files (`-D`).
+    ```bash
+    sudo criu dump -t 12345 -D /tmp/sleep_images -v4 --shell-job
+    ```
+    The `sleep` process will no longer be running.
+
+3.  **Restore the process:**
+    Use `criu restore` to bring the process back to life from the images.
+    ```bash
+    sudo criu restore -D /tmp/sleep_images -v4 --shell-job
+    ```
+    The `sleep` process will be running again as if nothing happened.
+
+# For Developers and Contributors
+
+This section contains more technical details about CRIU's internals and
+development process.
+
+## Dump Process
+
+On dump, CRIU uses available kernel interfaces to collect information about
+processes. For properties that can only be retrieved from within the process
+itself, CRIU injects a binary blob (called a "parasite") into the process's
+address space and executes it in the context of one of the process's threads.
+This injection is handled by a subproject called **Compel**.
+
+## Restore Process
+
+On restore, CRIU reads the image files to reconstruct the processes. The goal is
+to restore them to the exact state they were in before the dump. The restore
+process is divided into several stages (defined as `CR_STATE_*` in
+`./criu/include/restorer.h`).
+
+The main `criu` process acts as a coordinator. It first restores resources with
+inter-process dependencies (file descriptors, sockets, shared memory,
+namespaces, etc.). It then forks the process tree and sets up namespaces.
+Finally, it restores process-specific resources like file descriptors and memory
+mappings.
+
+A key step involves a small, self-contained binary called the "restorer". All
+restored processes switch to executing this code, which unmaps the CRIU-specific
+memory and restores the application's original memory mappings. On the final
+step, the restorer calls `sigreturn` on a prepared signal frame to resume the
+process with the state it had at the moment of the dump.
+
+## Compel
+
+Compel is a subproject responsible for generating the binary blobs used for the
+parasite code (for dumping) and the restorer code (for restoring). It provides a
+library for injecting and executing this code within the target process's
+address space. It is a separate project because the logic for generating and
+injecting Position-Independent Executable (PIE) code is complex and
+self-contained.
+
+## Coding Style
+
+The C code in the CRIU project follows the
+[Linux Kernel Coding Style](https://www.kernel.org/doc/html/latest/process/coding-style.html).
+Here are some of the main points:
+
+-   **Indentation**: Use tabs, which are set to 8 characters.
+-   **Line Length**: The preferred line limit is 80 characters, but it can be
+    extended to 120 if it improves code readability.
+-   **Braces**:
+    -   The opening brace for a function goes on a new line.
+    -   The opening brace for a block (like `if`, `for`, `while`, `switch`) goes
+        on the same line.
+-   **Spaces**: Use spaces around operators (`+`, `-`, `*`, `/`, `%`, `<`, `>`,
+    `=`, etc.).
+-   **Naming**: Use descriptive names for functions and variables.
+-   **Comments**: Use C-style comments (`/* ... */`). For multi-line comments,
+    the preferred format is:
+    ```c
+    /*
+     * This is a multi-line
+     * comment.
+     */
+    ```
+
+## Code Layout
+
+The code is organized into the following directories:
+
+-   `./compel`: The Compel sub-project.
+-   `./criu`: The main `criu` tool source code.
+-   `./images`: Protobuf descriptions for the image files.
+-   `./test`: All tests.
+-   `./test/zdtm`: The Zero-Downtime Migration (ZDTM) test suite.
+-   `./test/zdtm.py`: The executor script for ZDTM tests.
+-   `./scripts`: Helper scripts.
+-   `./scripts/build`: Docker image files used for CI and cross-compilation
+    checks.
+-   `./crit`: A tool to inspect and manipulate CRIU image files.
+-   `./soccr`: A library for TCP socket checkpoint/restore.
+
+## Tests
+
+The main test suite is ZDTM. Here is an example of how to run a single test:
+
+```bash
+sudo ./test/zdtm.py run -t zdtm/static/env00
+```
+
+Each ZDTM test has three stages: preparation, C/R, and results checks. During
+the test, a process calls `test_daemon()` to signal it is ready for C/R, then
+calls `test_waitsig()` to wait for the C/R stage to complete. After being
+restored, the test checks that all its resources are still in a valid state.
--- a/INSTALL.md
+++ b/INSTALL.md
@ -1,11 +1,31 @@
+## Building CRIU from source code
+
+First, you need to install compile-time dependencies. Check [Installation dependencies](https://criu.org/Installation#Dependencies) for more info.
+
+To compile CRIU, run:
+```
+make
+```
+This should create the `./criu/criu` executable.
+
+To change the default behaviour of CRIU, the following variables can be passed
+to the make command:
+
+ * **NETWORK_LOCK_DEFAULT**, can be set to one of the following
+   values: `NETWORK_LOCK_IPTABLES`, `NETWORK_LOCK_NFTABLES`,
+   `NETWORK_LOCK_SKIP`. CRIU defaults to `NETWORK_LOCK_IPTABLES`
+   if nothing is specified. If another network locking backend is
+   needed, `make` can be called like this:
+   `make NETWORK_LOCK_DEFAULT=NETWORK_LOCK_NFTABLES`
+
 ## Installing CRIU from source code

 Once CRIU is built one can easily setup the complete CRIU package
 (which includes executable itself, CRIT tool, libraries, manual
 and etc) simply typing
-
-    make install
-
+```
+make install
+```
 this command accepts the following variables:

 * **DESTDIR**, to specify global root where all components will be placed under (empty by default);
@ -16,17 +36,17 @@ this command accepts the following variables:
 * **LIBDIR**, to specify directory where to put libraries (guess the correct path  by default).

 Thus one can type
-
-    make DESTDIR=/some/new/place install
-
+```
+make DESTDIR=/some/new/place install
+```
 and get everything installed under `/some/new/place`.

 ## Uninstalling CRIU

 To clean up previously installed CRIU instance one can type
-
-    make uninstall
-
+```
+make uninstall
+```
 and everything should be removed. Note though that if some variable (**DESTDIR**, **BINDIR**
 and such) has been used during installation procedure, the same *must* be passed with
 uninstall action.
--- a/125
+++ b/125
@ -19,7 +19,7 @@ endif

 #
 # Supported Architectures
-ifneq ($(filter-out x86 arm aarch64 ppc64 s390 mips,$(ARCH)),)
+ifneq ($(filter-out x86 arm aarch64 ppc64 s390 mips loongarch64 riscv64,$(ARCH)),)
        $(error "The architecture $(ARCH) isn't supported")
 endif

@ -35,18 +35,18 @@ ifeq ($(ARCH),arm)
        ARMV		:= $(shell echo $(SUBARCH) | sed -nr 's/armv([[:digit:]]).*/\1/p; t; i7')

        ifeq ($(ARMV),6)
-                USERCFLAGS += -march=armv6
+                ARCHCFLAGS += -march=armv6
        endif

        ifeq ($(ARMV),7)
-                USERCFLAGS += -march=armv7-a+fp
+                ARCHCFLAGS += -march=armv7-a+fp
        endif

        ifeq ($(ARMV),8)
-                # Running 'setarch linux32 uname -m' returns armv8l on travis aarch64.
+                # Running 'setarch linux32 uname -m' returns armv8l on aarch64.
                # This tells CRIU to handle armv8l just as armv7hf. Right now this is
                # only used for compile testing. No further verification of armv8l exists.
-                USERCFLAGS += -march=armv7-a
+                ARCHCFLAGS += -march=armv7-a
                ARMV := 7
        endif

@ -64,6 +64,8 @@ endif

 ifeq ($(ARCH),aarch64)
        DEFINES		:= -DCONFIG_AARCH64
+        CC_MBRANCH_PROT := $(shell $(CC) -c -x c /dev/null -mbranch-protection=none -o /dev/null >/dev/null 2>&1 && echo "-mbranch-protection=none")
+        CFLAGS_PIE	:= $(CC_MBRANCH_PROT)
 endif

 ifeq ($(ARCH),ppc64)
@ -80,6 +82,14 @@ ifeq ($(ARCH),mips)
        DEFINES		:= -DCONFIG_MIPS
 endif

+ifeq ($(ARCH),loongarch64)
+        DEFINES		:= -DCONFIG_LOONGARCH64
+endif
+
+ifeq ($(ARCH),riscv64)
+        DEFINES		:= -DCONFIG_RISCV64
+endif
+
 #
 # CFLAGS_PIE:
 #
@ -102,6 +112,7 @@ export PROTOUFIX DEFINES
 #
 # Independent options for all tools.
 DEFINES			+= -D_FILE_OFFSET_BITS=64
+DEFINES			+= -D_LARGEFILE64_SOURCE
 DEFINES			+= -D_GNU_SOURCE

 WARNINGS		:= -Wall -Wformat-security -Wdeclaration-after-statement -Wstrict-prototypes
@ -122,11 +133,19 @@ ifeq ($(ARCH),mips)
 WARNINGS		:= -rdynamic
 endif

+ifeq ($(ARCH),loongarch64)
+WARNINGS		+= -Wno-implicit-function-declaration
+endif
+
 ifneq ($(GCOV),)
        LDFLAGS         += -lgcov
        CFLAGS          += $(CFLAGS-GCOV)
 endif

+ifneq ($(NETWORK_LOCK_DEFAULT),)
+	CFLAGS		+= -DNETWORK_LOCK_DEFAULT=$(NETWORK_LOCK_DEFAULT)
+endif
+
 ifeq ($(ASAN),1)
 	CFLAGS-ASAN	:= -fsanitize=address
 	export		CFLAGS-ASAN
@ -151,12 +170,12 @@ export GMON GMONLDOPT
 endif

 AFLAGS			+= -D__ASSEMBLY__
-CFLAGS			+= $(USERCFLAGS) $(WARNINGS) $(DEFINES) -iquote include/
+CFLAGS			+= $(USERCFLAGS) $(ARCHCFLAGS) $(WARNINGS) $(DEFINES) -iquote include/
 HOSTCFLAGS		+= $(WARNINGS) $(DEFINES) -iquote include/
 export AFLAGS CFLAGS USERCLFAGS HOSTCFLAGS

 # Default target
-all: criu lib crit
+all: criu lib crit cuda_plugin
 .PHONY: all

 #
@ -259,26 +278,19 @@ criu: $(criu-deps)
 	$(Q) $(MAKE) $(build)=criu all
 .PHONY: criu

-crit/Makefile: ;
-crit/%: criu .FORCE
-	$(Q) $(MAKE) $(build)=crit $@
-crit: criu
-	$(Q) $(MAKE) $(build)=crit all
-.PHONY: crit
-
 unittest: $(criu-deps)
 	$(Q) $(MAKE) $(build)=criu unittest
 .PHONY: unittest


 #
-# Libraries next once crit it ready
+# Libraries next once criu is ready
 # (we might generate headers and such
 # when building criu itself).
 lib/Makefile: ;
-lib/%: crit .FORCE
+lib/%: criu .FORCE
 	$(Q) $(MAKE) $(build)=lib $@
-lib: crit
+lib: criu
 	$(Q) $(MAKE) $(build)=lib all
 .PHONY: lib

@ -287,25 +299,28 @@ clean mrproper:
 	$(Q) $(MAKE) $(build)=criu $@
 	$(Q) $(MAKE) $(build)=soccr $@
 	$(Q) $(MAKE) $(build)=lib $@
+	$(Q) $(MAKE) $(build)=crit $@
 	$(Q) $(MAKE) $(build)=compel $@
 	$(Q) $(MAKE) $(build)=compel/plugins $@
-	$(Q) $(MAKE) $(build)=lib $@
-	$(Q) $(MAKE) $(build)=crit $@
 .PHONY: clean mrproper

 clean-amdgpu_plugin:
 	$(Q) $(MAKE) -C plugins/amdgpu clean
 .PHONY: clean-amdgpu_plugin

+clean-cuda_plugin:
+	$(Q) $(MAKE) -C plugins/cuda clean
+.PHONY: clean-cuda_plugin
+
 clean-top:
 	$(Q) $(MAKE) -C Documentation clean
 	$(Q) $(MAKE) $(build)=test/compel clean
 	$(Q) $(RM) .gitid
 .PHONY: clean-top

-clean: clean-top clean-amdgpu_plugin
+clean: clean-top clean-amdgpu_plugin clean-cuda_plugin

-mrproper-top: clean-top clean-amdgpu_plugin
+mrproper-top: clean-top clean-amdgpu_plugin clean-cuda_plugin
 	$(Q) $(RM) $(CONFIG_HEADER)
 	$(Q) $(RM) $(VERSION_HEADER)
 	$(Q) $(RM) $(COMPEL_VERSION_HEADER)
@ -337,6 +352,14 @@ amdgpu_plugin: criu
 	$(Q) $(MAKE) -C plugins/amdgpu all
 .PHONY: amdgpu_plugin

+cuda_plugin: criu
+	$(Q) $(MAKE) -C plugins/cuda all
+.PHONY: cuda_plugin
+
+crit: lib
+	$(Q) $(MAKE) -C crit
+.PHONY: crit
+
 #
 # Generating tar requires tag matched CRIU_VERSION.
 # If not found then simply use GIT's describe with
@ -402,6 +425,7 @@ help:
 	@echo '    Targets:'
 	@echo '      all             - Build all [*] targets'
 	@echo '    * criu            - Build criu'
+	@echo '    * crit            - Build crit'
 	@echo '      zdtm            - Build zdtm test-suite'
 	@echo '      docs            - Build documentation'
 	@echo '      install         - Install CRIU (see INSTALL.md)'
@ -418,40 +442,57 @@ help:
 	@echo '      lint            - Run code linters'
 	@echo '      indent          - Indent C code'
 	@echo '      amdgpu_plugin   - Make AMD GPU plugin'
+	@echo '      cuda_plugin     - Make NVIDIA CUDA plugin'
 .PHONY: help

-lint:
-	flake8 --version
-	flake8 --config=scripts/flake8.cfg test/zdtm.py
-	flake8 --config=scripts/flake8.cfg test/inhfd/*.py
-	flake8 --config=scripts/flake8.cfg test/others/rpc/config_file.py
-	flake8 --config=scripts/flake8.cfg lib/py/images/pb2dict.py
-	flake8 --config=scripts/flake8.cfg lib/py/images/images.py
-	flake8 --config=scripts/flake8.cfg scripts/criu-ns
-	flake8 --config=scripts/flake8.cfg crit/setup.py
-	flake8 --config=scripts/flake8.cfg scripts/uninstall_module.py
-	flake8 --config=scripts/flake8.cfg coredump/
+ruff:
+	@ruff --version
+	ruff check ${RUFF_FLAGS} --config=scripts/ruff.toml \
+		test/zdtm.py \
+		test/inhfd/*.py \
+		test/others/rpc/config_file.py \
+		test/others/action-script/check_actions.py \
+		test/others/pycriu/*.py \
+		lib/pycriu/criu.py \
+		lib/pycriu/__init__.py \
+		lib/pycriu/images/pb2dict.py \
+		lib/pycriu/images/images.py \
+		scripts/criu-ns \
+		test/others/criu-ns/run.py \
+		crit/*.py \
+		crit/crit/*.py \
+		scripts/uninstall_module.py \
+		coredump/ coredump/coredump \
+		scripts/github-indent-warnings.py
+
+shellcheck:
 	shellcheck --version
 	shellcheck scripts/*.sh
-	shellcheck scripts/ci/*.sh scripts/ci/apt-install
+	shellcheck scripts/ci/*.sh
+	shellcheck contrib/apt-install contrib/dependencies/*.sh
 	shellcheck -x test/others/crit/*.sh
 	shellcheck -x test/others/libcriu/*.sh
 	shellcheck -x test/others/crit/*.sh test/others/criu-coredump/*.sh
 	shellcheck -x test/others/config-file/*.sh
-	codespell -S tags
-	# Do not append \n to pr_perror or fail
-	! git --no-pager grep -E '^\s*\<(pr_perror|fail)\>.*\\n"'
-	# Do not use %m with pr_perror or fail
-	! git --no-pager grep -E '^\s*\<(pr_(err|perror|warn|debug|info|msg)|fail)\>.*%m'
-	# Do not use errno with pr_perror or fail
-	! git --no-pager grep -E '^\s*\<(pr_perror|fail)\>\(".*".*errno'
+	shellcheck -x test/others/action-script/*.sh
+
+codespell:
+	codespell
+
+lint: ruff shellcheck codespell
+	# Do not append \n to pr_perror, pr_pwarn or fail
+	! git --no-pager grep -E '^\s*\<(pr_perror|pr_pwarn|fail)\>.*\\n"'
+	# Do not use %m with pr_* or fail
+	! git --no-pager grep -E '^\s*\<(pr_(err|perror|warn|pwarn|debug|info|msg)|fail)\>.*%m'
+	# Do not use errno with pr_perror, pr_pwarn or fail
+	! git --no-pager grep -E '^\s*\<(pr_perror|pr_pwarn|fail)\>\(".*".*errno'
 	# End pr_(err|warn|msg|info|debug) with \n
 	! git --no-pager grep -En '^\s*\<pr_(err|warn|msg|info|debug)\>.*);$$' | grep -v '\\n'
 	# No EOL whitespace for C files
 	! git --no-pager grep -E '\s+$$' \*.c \*.h
-.PHONY: lint
+.PHONY: lint ruff shellcheck codespell

-codecov: SHELL := $(shell which bash)
+codecov: SHELL := $(shell command -v bash)
 codecov:
 	curl -Os https://uploader.codecov.io/latest/linux/codecov
 	chmod +x codecov
--- a/Makefile.compel
+++ b/Makefile.compel
@ -50,8 +50,8 @@ compel/plugins/%: $(compel-deps) .FORCE

 #
 # GNU make 4.x supports targets matching via wide
-# match targeting, where GNU make 3.x series (used on
-# Travis) is not, so we have to write them here explicitly.
+# match targeting, where GNU make 3.x series is not,
+# so we have to write them here explicitly.
 compel/plugins/std.lib.a: $(compel-deps) .FORCE
 	$(Q) $(MAKE) $(build)=compel/plugins $@

--- a/Makefile.config
+++ b/Makefile.config
@ -2,12 +2,15 @@ include $(__nmk_dir)utils.mk
 include $(__nmk_dir)msg.mk
 include scripts/feature-tests.mak

+# This is a kludge for $(info ...) to not eat spaces.
+S :=
+
 ifeq ($(call try-cc,$(FEATURE_TEST_LIBBSD_DEV),-lbsd),true)
        LIBS_FEATURES	+= -lbsd
        FEATURE_DEFINES	+= -DCONFIG_HAS_LIBBSD
 else
-        $(info Note: Building without setproctitle() and strlcpy() support.)
-        $(info $(info)      To enable these features, please install libbsd-devel (RPM) / libbsd-dev (DEB).)
+        $(info Note: Building without setproctitle() support.)
+        $(info $S      Install libbsd-devel (RPM) / libbsd-dev (DEB) to fix.)
 endif

 ifeq ($(call pkg-config-check,libselinux),y)
@ -23,10 +26,10 @@ endif

 ifeq ($(call pkg-config-check,libdrm),y)
        export CONFIG_AMDGPU := y
-        $(info Note: Building criu with amdgpu_plugin.)
+        $(info Note: Building with amdgpu_plugin.)
 else
-        $(info Note: Building criu without amdgpu_plugin.)
-        $(info Note: libdrm and libdrm_amdgpu are required to build amdgpu_plugin.)
+        $(info Note: Building without amdgpu_plugin.)
+        $(info $S      Install libdrm-devel (RPM) or libdrm-dev (DEB) to fix.)
 endif

 ifeq ($(NO_GNUTLS)x$(call pkg-config-check,gnutls),xy)
@ -34,7 +37,8 @@ ifeq ($(NO_GNUTLS)x$(call pkg-config-check,gnutls),xy)
        export CONFIG_GNUTLS := y
        FEATURE_DEFINES	+= -DCONFIG_GNUTLS
 else
-        $(info Note: Building without GnuTLS support)
+        $(info Note: Building without GnuTLS support.)
+        $(info $S      Install gnutls-devel (RPM) or gnutls-dev (DEB) to fix.)
 endif

 ifeq ($(call pkg-config-check,libnftables),y)
@ -46,16 +50,19 @@ ifeq ($(call pkg-config-check,libnftables),y)
                LIBS_FEATURES	+= $(LIB_NFTABLES)
                FEATURE_DEFINES	+= -DCONFIG_HAS_NFTABLES_LIB_API_1
        else
-                $(warning Warn: you have libnftables installed but it has incompatible API)
-                $(warning Warn: Building without nftables support)
+                $(info Warn: Building without nftables support (incompatible API version).)
        endif
 else
-        $(warning Warn: you have no libnftables installed)
-        $(warning Warn: Building without nftables support)
+        $(info Warn: Building without nftables support.)
+        $(info $S      Install nftables-devel (RPM) or libnftables-dev (DEB) to fix.)
 endif

 export LIBS += $(LIBS_FEATURES)

+ifneq ($(PLUGINDIR),)
+                FEATURE_DEFINES	+= -DCR_PLUGIN_DEFAULT="\"$(PLUGINDIR)\""
+endif
+
 CONFIG_FILE = .config

 $(CONFIG_FILE):
@ -67,25 +74,26 @@ ifeq ($(call try-asm,$(FEATURE_TEST_X86_COMPAT)),true)
        export CONFIG_COMPAT := y
        FEATURE_DEFINES	+= -DCONFIG_COMPAT
 else
-        $(info Note: Building without ia32 C/R, missed ia32 support in gcc)
-        $(info $(info)      That may be related to missing gcc-multilib in your)
-        $(info $(info)      distribution or you may have Debian with buggy toolchain)
-        $(info $(info)      (issue https://github.com/checkpoint-restore/criu/issues/315))
+        $(info Note: Building without ia32 C/R, missing ia32 support in gcc.)
+        $(info $S      It may be related to missing gcc-multilib in your)
+        $(info $S      distribution, or you may have Debian with buggy toolchain.)
+        $(info $S      See https://github.com/checkpoint-restore/criu/issues/315.)
 endif
 endif

 export DEFINES += $(FEATURE_DEFINES)
 export CFLAGS += $(FEATURE_DEFINES)

-FEATURES_LIST	:= TCP_REPAIR STRLCPY STRLCAT PTRACE_PEEKSIGINFO \
-	SETPROCTITLE_INIT MEMFD TCP_REPAIR_WINDOW MEMFD_CREATE \
+FEATURES_LIST	:= TCP_REPAIR PTRACE_PEEKSIGINFO \
+	SETPROCTITLE_INIT TCP_REPAIR_WINDOW MEMFD_CREATE \
 	OPENAT2 NO_LIBC_RSEQ_DEFS

 # $1 - config name
 define gen-feature-test
 ifeq ($$(call try-cc,$$(FEATURE_TEST_$(1)),$$(LIBS_FEATURES),$$(DEFINES)),true)
 	$(Q) echo '#define CONFIG_HAS_$(1)' >> $$@
-	$(Q) echo '' >> $$@
+else
+	$(Q) echo '// CONFIG_HAS_$(1) is not set' >> $$@
 endif
 endef

--- a/Makefile.install
+++ b/Makefile.install
@ -29,6 +29,33 @@ LIBDIR ?= $(PREFIX)/lib
 export PREFIX BINDIR SBINDIR MANDIR RUNDIR
 export LIBDIR INCLUDEDIR LIBEXECDIR PLUGINDIR

+# Detect externally managed Python environment (PEP 668).
+PYTHON_EXTERNALLY_MANAGED := $(shell $(PYTHON) -c 'import os, sysconfig; print(int(os.path.isfile(os.path.join(sysconfig.get_path("stdlib"), "EXTERNALLY-MANAGED"))))')
+PIP_BREAK_SYSTEM_PACKAGES ?= 0
+
+# If Python environment is externally managed and PIP_BREAK_SYSTEM_PACKAGES is not set, skip pip install.
+SKIP_PIP_INSTALL := 0
+ifeq ($(PYTHON_EXTERNALLY_MANAGED),1)
+ifeq ($(PIP_BREAK_SYSTEM_PACKAGES),0)
+
+SKIP_PIP_INSTALL := 1
+$(info Warn: Externally managed python environment)
+$(info Consider using PIP_BREAK_SYSTEM_PACKAGES=1)
+
+endif
+endif
+
+# Default flags for pip install:
+# --ignore-installed: Overwrite already installed pycriu/crit packages
+# --no-build-isolation: Use current Python environment to build pycriu/crit packages
+# --no-deps: Don't install any dependencies
+# --no-index: Don't use PyPI index to find packages
+# --progress-bar: Cleaner output
+# --upgrade: Treat the install as an upgrade when replacing the installed version
+PIPFLAGS ?= --ignore-installed --no-build-isolation --no-deps --no-index --progress-bar off --upgrade
+
+export SKIP_PIP_INSTALL PIPFLAGS
+
 install-man:
 	$(Q) $(MAKE) -C Documentation install
 .PHONY: install-man
@ -37,6 +64,10 @@ install-lib: lib
 	$(Q) $(MAKE) $(build)=lib install
 .PHONY: install-lib

+install-crit: lib
+	$(Q) $(MAKE) $(build)=crit install
+.PHONY: install-crit
+
 install-criu: criu
 	$(Q) $(MAKE) $(build)=criu install
 .PHONY: install-criu
@ -45,19 +76,25 @@ install-amdgpu_plugin: amdgpu_plugin
 	$(Q) $(MAKE) -C plugins/amdgpu install
 .PHONY: install-amdgpu_plugin

+install-cuda_plugin: cuda_plugin
+	$(Q) $(MAKE) -C plugins/cuda install
+.PHONY: install-cuda_plugin
+
 install-compel: $(compel-install-targets)
 	$(Q) $(MAKE) $(build)=compel install
 	$(Q) $(MAKE) $(build)=compel/plugins install
 .PHONY: install-compel

-install: install-man install-lib install-criu install-compel install-amdgpu_plugin ;
+install: install-man install-lib install-crit install-criu install-compel install-amdgpu_plugin install-cuda_plugin ;
 .PHONY: install

 uninstall:
 	$(Q) $(MAKE) -C Documentation $@
 	$(Q) $(MAKE) $(build)=lib $@
+	$(Q) $(MAKE) $(build)=crit $@
 	$(Q) $(MAKE) $(build)=criu $@
 	$(Q) $(MAKE) $(build)=compel $@
 	$(Q) $(MAKE) $(build)=compel/plugins $@
 	$(Q) $(MAKE) -C plugins/amdgpu $@
+	$(Q) $(MAKE) -C plugins/cuda $@
 .PHONY: uninstall
--- a/Makefile.versions
+++ b/Makefile.versions
@ -1,10 +1,10 @@
 #
 # CRIU version.
-CRIU_VERSION_MAJOR	:= 3
-CRIU_VERSION_MINOR	:= 18
+CRIU_VERSION_MAJOR	:= 4
+CRIU_VERSION_MINOR	:= 2
 CRIU_VERSION_SUBLEVEL	:=
 CRIU_VERSION_EXTRA	:=
-CRIU_VERSION_NAME	:= Silver Sandpiper
+CRIU_VERSION_NAME	:= CRIUTIBILITY
 CRIU_VERSION		:= $(CRIU_VERSION_MAJOR)$(if $(CRIU_VERSION_MINOR),.$(CRIU_VERSION_MINOR))$(if $(CRIU_VERSION_SUBLEVEL),.$(CRIU_VERSION_SUBLEVEL))$(if $(CRIU_VERSION_EXTRA),.$(CRIU_VERSION_EXTRA))

 export CRIU_VERSION_MAJOR CRIU_VERSION_MINOR CRIU_VERSION_SUBLEVEL
--- a/README.md
+++ b/README.md
@ -7,7 +7,7 @@
 [![CircleCI](https://circleci.com/gh/checkpoint-restore/criu.svg?style=svg)](
    https://circleci.com/gh/checkpoint-restore/criu)

-<p align="center"><img src="https://criu.org/w/images/1/1c/CRIU.svg" width="256px"/></p>
+<p align="center"><img src="Documentation/logo.svg" width="256px"/></p>

 ## CRIU -- A project to implement checkpoint/restore functionality for Linux

@ -35,10 +35,10 @@ Pages worth starting with are:
 - [Installation instructions](http://criu.org/Installation)
 - [A simple example of usage](http://criu.org/Simple_loop)
 - [Examples of more advanced usage](https://criu.org/Category:HOWTO)
- Troubleshooting can be hard, some help can be found [here](https://criu.org/When_C/R_fails), [here](https://criu.org/What_cannot_be_checkpointed) and [here](https://criu.org/FAQ)
+- Troubleshooting can be hard, some help can be found [here](https://criu.org/When_C/R_fails), [here](https://criu.org/What_cannot_be_checkpointed) and [here](https://criu.org/index.php?title=FAQ)

 ### Checkpoint and restore of simple loop process
-[<p align="center"><img src="https://asciinema.org/a/232445.png" width="572px" height="412px"/></p>](https://asciinema.org/a/232445)
+<p align="center"><a href="https://asciinema.org/a/232445"><img src="https://asciinema.org/a/232445.png" width="572px" height="412px"/></a></p>

 ## Advanced features

--- a/compel/.gitignore
+++ b/compel/.gitignore
@ -4,6 +4,9 @@ arch/arm/plugins/std/syscalls/syscalls.S
 arch/aarch64/plugins/std/syscalls/syscalls.S
 arch/s390/plugins/std/syscalls/syscalls.S
 arch/ppc64/plugins/std/syscalls/syscalls.S
+arch/mips/plugins/std/syscalls/syscalls-64.S
+arch/loongarch64/plugins/std/syscalls/syscalls-64.S
+arch/riscv64/plugins/std/syscalls/syscalls.S
 include/version.h
 plugins/include/uapi/std/asm/syscall-types.h
 plugins/include/uapi/std/syscall-64.h
--- a/compel/Makefile
+++ b/compel/Makefile
@ -32,8 +32,8 @@ ifeq ($(ARCH),x86)
 lib-y			+= arch/$(ARCH)/src/lib/thread_area.o
 endif

-# handle_elf() has no support of ELF relocations on ARM (yet?)
-ifneq ($(filter arm aarch64,$(ARCH)),)
+# handle_elf() has no support of ELF relocations on ARM and RISCV64 (yet?)
+ifneq ($(filter arm aarch64 loongarch64 riscv64,$(ARCH)),)
 CFLAGS			+= -DNO_RELOCS
 HOSTCFLAGS		+= -DNO_RELOCS
 endif
--- a/compel/arch/aarch64/src/lib/include/uapi/asm/gcs-types.h
+++ b/compel/arch/aarch64/src/lib/include/uapi/asm/gcs-types.h
@ -0,0 +1,47 @@
+#ifndef __UAPI_ASM_GCS_TYPES_H__
+#define __UAPI_ASM_GCS_TYPES_H__
+
+#ifndef NT_ARM_GCS
+#define NT_ARM_GCS 0x410 /* ARM GCS state */
+#endif
+
+/* Shadow Stack/Guarded Control Stack interface */
+#define PR_GET_SHADOW_STACK_STATUS	74
+#define PR_SET_SHADOW_STACK_STATUS	75
+#define PR_LOCK_SHADOW_STACK_STATUS	76
+
+/* When set PR_SHADOW_STACK_ENABLE flag allocates a Guarded Control Stack */
+#ifndef PR_SHADOW_STACK_ENABLE
+#define PR_SHADOW_STACK_ENABLE		(1UL << 0)
+#endif
+
+/* Allows explicit GCS stores (eg. using GCSSTR) */
+#ifndef PR_SHADOW_STACK_WRITE
+#define PR_SHADOW_STACK_WRITE		(1UL << 1)
+#endif
+
+/* Allows explicit GCS pushes (eg. using GCSPUSHM) */
+#ifndef PR_SHADOW_STACK_PUSH
+#define PR_SHADOW_STACK_PUSH		(1UL << 2)
+#endif
+
+#ifndef SHADOW_STACK_SET_TOKEN
+#define SHADOW_STACK_SET_TOKEN 0x1     /* Set up a restore token in the shadow stack */
+#endif
+
+#define PR_SHADOW_STACK_ALL_MODES \
+	PR_SHADOW_STACK_ENABLE | PR_SHADOW_STACK_WRITE | PR_SHADOW_STACK_PUSH
+
+/* copied from: arch/arm64/include/asm/sysreg.h */
+#define GCS_CAP_VALID_TOKEN 0x1
+#define GCS_CAP_ADDR_MASK 0xFFFFFFFFFFFFF000ULL
+#define GCS_CAP(x) ((((unsigned long)x) & GCS_CAP_ADDR_MASK) | GCS_CAP_VALID_TOKEN)
+#define GCS_SIGNAL_CAP(addr) (((unsigned long)addr) & GCS_CAP_ADDR_MASK)
+
+#include <asm/hwcap.h>
+
+#ifndef HWCAP_GCS
+#define HWCAP_GCS (1UL << 32)
+#endif
+
+#endif /* __UAPI_ASM_GCS_TYPES_H__ */
--- a/compel/arch/aarch64/src/lib/include/uapi/asm/infect-types.h
+++ b/compel/arch/aarch64/src/lib/include/uapi/asm/infect-types.h
@ -2,6 +2,7 @@
 #define UAPI_COMPEL_ASM_TYPES_H__

 #include <stdint.h>
+#include <stdbool.h>
 #include <signal.h>
 #include <sys/mman.h>
 #include <asm/ptrace.h>
@ -16,7 +17,24 @@
 */

 typedef struct user_pt_regs user_regs_struct_t;
-typedef struct user_fpsimd_state user_fpregs_struct_t;
+
+/*
+ * GCS (Guarded Control Stack)
+ *
+ * This mirrors the kernel definition but renamed to cr_user_gcs
+ * to avoid conflict with kernel headers (/usr/include/asm/ptrace.h).
+ */
+struct cr_user_gcs {
+	__u64 features_enabled;
+	__u64 features_locked;
+	__u64 gcspr_el0;
+};
+
+struct user_fpregs_struct {
+	struct user_fpsimd_state fpstate;
+	struct cr_user_gcs gcs;
+};
+typedef struct user_fpregs_struct user_fpregs_struct_t;

 #define __compel_arch_fetch_thread_area(tid, th) 0
 #define compel_arch_fetch_thread_area(tctl)	 0
@ -39,4 +57,12 @@ typedef struct user_fpsimd_state user_fpregs_struct_t;
 		__NR_##syscall; \
 	})

+extern bool __compel_host_supports_gcs(void);
+#define compel_host_supports_gcs __compel_host_supports_gcs
+
+struct parasite_ctl;
+extern int __parasite_setup_shstk(struct parasite_ctl *ctl,
+				  user_fpregs_struct_t *ext_regs);
+#define parasite_setup_shstk __parasite_setup_shstk
+
 #endif /* UAPI_COMPEL_ASM_TYPES_H__ */
--- a/compel/arch/aarch64/src/lib/include/uapi/asm/sigframe.h
+++ b/compel/arch/aarch64/src/lib/include/uapi/asm/sigframe.h
@ -1,24 +1,34 @@
 #ifndef UAPI_COMPEL_ASM_SIGFRAME_H__
 #define UAPI_COMPEL_ASM_SIGFRAME_H__

-#include <asm/sigcontext.h>
+#include <signal.h>
 #include <sys/ucontext.h>

 #include <stdint.h>
+#include <asm/types.h>

 /* Copied from the kernel header arch/arm64/include/uapi/asm/sigcontext.h */

 #define FPSIMD_MAGIC 0x46508001
+#define GCS_MAGIC    0x47435300

 typedef struct fpsimd_context fpu_state_t;

+struct gcs_context {
+	struct _aarch64_ctx head;
+	__u64 gcspr;
+	__u64 features_enabled;
+	__u64 reserved;
+};
+
 struct aux_context {
 	struct fpsimd_context fpsimd;
+	struct gcs_context gcs;
 	/* additional context to be added before "end" */
 	struct _aarch64_ctx end;
 };

-// XXX: the idetifier rt_sigcontext is expected to be struct by the CRIU code
+// XXX: the identifier rt_sigcontext is expected to be struct by the CRIU code
 #define rt_sigcontext sigcontext

 #include <compel/sigframe-common.h>
@ -62,6 +72,7 @@ struct cr_sigcontext {
 #define RT_SIGFRAME_AUX_CONTEXT(rt_sigframe) ((struct aux_context *)&(RT_SIGFRAME_SIGCONTEXT(rt_sigframe)->__reserved))
 #define RT_SIGFRAME_FPU(rt_sigframe)	     (&RT_SIGFRAME_AUX_CONTEXT(rt_sigframe)->fpsimd)
 #define RT_SIGFRAME_OFFSET(rt_sigframe)	     0
+#define RT_SIGFRAME_GCS(rt_sigframe)	     (&RT_SIGFRAME_AUX_CONTEXT(rt_sigframe)->gcs)

 #define rt_sigframe_erase_sigset(sigframe)	memset(&sigframe->uc.uc_sigmask, 0, sizeof(k_rtsigset_t))
 #define rt_sigframe_copy_sigset(sigframe, from) memcpy(&sigframe->uc.uc_sigmask, from, sizeof(k_rtsigset_t))
--- a/compel/arch/aarch64/src/lib/infect.c
+++ b/compel/arch/aarch64/src/lib/infect.c
@ -2,8 +2,8 @@
 #include <sys/ptrace.h>
 #include <sys/types.h>
 #include <sys/uio.h>
+#include <sys/auxv.h>
 #include <asm/ptrace.h>
-#include <linux/elf.h>

 #include <compel/plugins/std/syscall-codes.h>
 #include "common/page.h"
@ -13,6 +13,8 @@
 #include "infect.h"
 #include "infect-priv.h"
 #include "asm/breakpoints.h"
+#include "asm/gcs-types.h"
+#include <linux/prctl.h>

 unsigned __page_size = 0;
 unsigned __page_shift = 0;
@ -33,24 +35,54 @@ static inline void __always_unused __check_code_syscall(void)
 	BUILD_BUG_ON(!is_log2(sizeof(code_syscall)));
 }

+bool __compel_host_supports_gcs(void)
+{
+	unsigned long hwcap = getauxval(AT_HWCAP);
+	return (hwcap & HWCAP_GCS) != 0;
+}
+
+static bool __compel_gcs_enabled(struct cr_user_gcs *gcs)
+{
+	if (!compel_host_supports_gcs())
+		return false;
+
+	return gcs && (gcs->features_enabled & PR_SHADOW_STACK_ENABLE) != 0;
+}
+
 int sigreturn_prep_regs_plain(struct rt_sigframe *sigframe, user_regs_struct_t *regs, user_fpregs_struct_t *fpregs)
 {
 	struct fpsimd_context *fpsimd = RT_SIGFRAME_FPU(sigframe);
+	struct gcs_context *gcs = RT_SIGFRAME_GCS(sigframe);

 	memcpy(sigframe->uc.uc_mcontext.regs, regs->regs, sizeof(regs->regs));

+	pr_debug("sigreturn_prep_regs_plain: sp %lx pc %lx\n", (long)regs->sp, (long)regs->pc);
+
 	sigframe->uc.uc_mcontext.sp = regs->sp;
 	sigframe->uc.uc_mcontext.pc = regs->pc;
 	sigframe->uc.uc_mcontext.pstate = regs->pstate;

-	memcpy(fpsimd->vregs, fpregs->vregs, 32 * sizeof(__uint128_t));
+	memcpy(fpsimd->vregs, fpregs->fpstate.vregs, 32 * sizeof(__uint128_t));

-	fpsimd->fpsr = fpregs->fpsr;
-	fpsimd->fpcr = fpregs->fpcr;
+	fpsimd->fpsr = fpregs->fpstate.fpsr;
+	fpsimd->fpcr = fpregs->fpstate.fpcr;

 	fpsimd->head.magic = FPSIMD_MAGIC;
 	fpsimd->head.size = sizeof(*fpsimd);

+	if (__compel_gcs_enabled(&fpregs->gcs)) {
+		gcs->head.magic = GCS_MAGIC;
+		gcs->head.size = sizeof(*gcs);
+		gcs->reserved = 0;
+		gcs->gcspr = fpregs->gcs.gcspr_el0 - 8;
+		gcs->features_enabled = fpregs->gcs.features_enabled;
+
+		pr_debug("sigframe gcspr=%llx features_enabled=%llx\n", fpregs->gcs.gcspr_el0 - 8, fpregs->gcs.features_enabled);
+	} else {
+		pr_debug("sigframe gcspr=[disabled]\n");
+		memset(gcs, 0, sizeof(*gcs));
+	}
+
 	return 0;
 }

@ -62,7 +94,6 @@ int sigreturn_prep_fpu_frame_plain(struct rt_sigframe *sigframe, struct rt_sigfr
 int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *ext_regs, save_regs_t save,
 			 void *arg, __maybe_unused unsigned long flags)
 {
-	user_fpregs_struct_t tmp, *fpsimd = ext_regs ? ext_regs : &tmp;
 	struct iovec iov;
 	int ret;

@ -75,14 +106,28 @@ int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct
 		goto err;
 	}

-	iov.iov_base = fpsimd;
-	iov.iov_len = sizeof(*fpsimd);
+	iov.iov_base = &ext_regs->fpstate;
+	iov.iov_len = sizeof(ext_regs->fpstate);
 	if ((ret = ptrace(PTRACE_GETREGSET, pid, NT_PRFPREG, &iov))) {
 		pr_perror("Failed to obtain FPU registers for %d", pid);
 		goto err;
 	}

-	ret = save(arg, regs, fpsimd);
+	memset(&ext_regs->gcs, 0, sizeof(ext_regs->gcs));
+
+	iov.iov_base = &ext_regs->gcs;
+	iov.iov_len = sizeof(ext_regs->gcs);
+	if (ptrace(PTRACE_GETREGSET, pid, NT_ARM_GCS, &iov) == 0) {
+		pr_info("gcs: GCSPR_EL0 for %d: 0x%llx, features: 0x%llx\n",
+			pid, ext_regs->gcs.gcspr_el0, ext_regs->gcs.features_enabled);
+
+		if (!__compel_gcs_enabled(&ext_regs->gcs))
+			pr_info("gcs: GCS is NOT enabled\n");
+	} else {
+		pr_info("gcs: GCS state not available for %d\n", pid);
+	}
+
+	ret = save(pid, arg, regs, ext_regs);
 err:
 	return ret;
 }
@ -91,14 +136,44 @@ int compel_set_task_ext_regs(pid_t pid, user_fpregs_struct_t *ext_regs)
 {
 	struct iovec iov;

+	struct cr_user_gcs gcs;
+	struct iovec gcs_iov = { .iov_base = &gcs, .iov_len = sizeof(gcs) };
+
 	pr_info("Restoring GP/FPU registers for %d\n", pid);

-	iov.iov_base = ext_regs;
-	iov.iov_len = sizeof(*ext_regs);
+	iov.iov_base = &ext_regs->fpstate;
+	iov.iov_len = sizeof(ext_regs->fpstate);
 	if (ptrace(PTRACE_SETREGSET, pid, NT_PRFPREG, &iov)) {
 		pr_perror("Failed to set FPU registers for %d", pid);
 		return -1;
 	}
+
+	if (ptrace(PTRACE_GETREGSET, pid, NT_ARM_GCS, &gcs_iov) < 0) {
+		pr_warn("gcs: Failed to get GCS for %d\n", pid);
+	} else {
+		ext_regs->gcs = gcs;
+		compel_set_task_gcs_regs(pid, ext_regs);
+	}
+
+	return 0;
+}
+
+int compel_set_task_gcs_regs(pid_t pid, user_fpregs_struct_t *ext_regs)
+{
+	struct iovec iov;
+
+	pr_info("gcs: restoring GCS registers for %d\n", pid);
+	pr_info("gcs: restoring GCS: gcspr=%llx features=%llx\n",
+		ext_regs->gcs.gcspr_el0, ext_regs->gcs.features_enabled);
+
+	iov.iov_base = &ext_regs->gcs;
+	iov.iov_len = sizeof(ext_regs->gcs);
+
+	if (ptrace(PTRACE_SETREGSET, pid, NT_ARM_GCS, &iov)) {
+		pr_perror("gcs: Failed to set GCS registers for %d", pid);
+		return -1;
+	}
+
 	return 0;
 }

@ -287,3 +362,68 @@ int ptrace_flush_breakpoints(pid_t pid)

 	return 0;
 }
+
+int inject_gcs_cap_token(struct parasite_ctl *ctl, pid_t pid, struct cr_user_gcs *gcs)
+{
+	struct iovec gcs_iov = { .iov_base = gcs, .iov_len = sizeof(*gcs) };
+
+	uint64_t token_addr = gcs->gcspr_el0 - 8;
+	uint64_t sigtramp_addr = gcs->gcspr_el0 - 16;
+
+	uint64_t cap_token = ALIGN_DOWN(GCS_SIGNAL_CAP(token_addr), 8);
+	unsigned long restorer_addr;
+
+	pr_info("gcs: (setup) CAP token: 0x%lx at addr: 0x%lx\n", cap_token, token_addr);
+
+	/* Inject capability token at gcspr_el0 - 8 */
+	if (ptrace(PTRACE_POKEDATA, pid, (void *)token_addr, cap_token)) {
+		pr_perror("gcs: (setup) Inject GCS cap token failed");
+		return -1;
+	}
+
+	/* Inject restorer trampoline address (gcspr_el0 - 16) */
+	restorer_addr = ctl->parasite_ip;
+	if (ptrace(PTRACE_POKEDATA, pid, (void *)sigtramp_addr, restorer_addr)) {
+		pr_perror("gcs: (setup) Inject GCS restorer failed");
+		return -1;
+	}
+
+	/* Update GCSPR_EL0 */
+	gcs->gcspr_el0 = token_addr;
+	if (ptrace(PTRACE_SETREGSET, pid, NT_ARM_GCS, &gcs_iov)) {
+		pr_perror("gcs: PTRACE_SETREGS FAILED");
+		return -1;
+	}
+
+	pr_debug("gcs: parasite_ip=%#lx sp=%#llx gcspr_el0=%#llx\n",
+		 ctl->parasite_ip, ctl->orig.regs.sp, gcs->gcspr_el0);
+
+	return 0;
+}
+
+int parasite_setup_shstk(struct parasite_ctl *ctl, user_fpregs_struct_t *ext_regs)
+{
+	struct cr_user_gcs gcs;
+	struct iovec gcs_iov = { .iov_base = &gcs, .iov_len = sizeof(gcs) };
+	pid_t pid = ctl->rpid;
+
+	if(!__compel_host_supports_gcs())
+		return 0;
+
+	if (ptrace(PTRACE_GETREGSET, pid, NT_ARM_GCS, &gcs_iov) != 0) {
+		pr_perror("GCS state not available for %d", pid);
+		return -1;
+	}
+
+	if (!__compel_gcs_enabled(&gcs))
+		return 0;
+
+	if (inject_gcs_cap_token(ctl, pid, &gcs)) {
+		pr_perror("Failed to inject GCS cap token for %d", pid);
+		return -1;
+	}
+
+	pr_info("gcs: GCS enabled for %d\n", pid);
+
+	return 0;
+}
--- a/compel/arch/arm/plugins/std/syscalls/syscall.def
+++ b/compel/arch/arm/plugins/std/syscalls/syscall.def
@ -39,7 +39,7 @@ recvfrom			207	292	(int sockfd, void *ubuf, size_t size, unsigned int flags, str
 sendmsg				211	296	(int sockfd, const struct msghdr *msg, int flags)
 recvmsg				212	297	(int sockfd, struct msghdr *msg, int flags)
 shutdown			210	293	(int sockfd, int how)
-bind				235	282	(int sockfd, const struct sockaddr *addr, int addrlen)
+bind				200	282	(int sockfd, const struct sockaddr *addr, int addrlen)
 setsockopt			208	294	(int sockfd, int level, int optname, const void *optval, socklen_t optlen)
 getsockopt			209	295	(int sockfd, int level, int optname, const void *optval, socklen_t *optlen)
 clone				220	120	(unsigned long flags, void *child_stack, void *parent_tid, unsigned long newtls, void *child_tid)
@ -85,7 +85,7 @@ timer_settime			110	258	(kernel_timer_t timer_id, int flags, const struct itimer
 timer_gettime			108	259	(int timer_id, const struct itimerspec *setting)
 timer_getoverrun		109	260	(int timer_id)
 timer_delete			111	261	(kernel_timer_t timer_id)
-clock_gettime			113	263	(const clockid_t which_clock, const struct timespec *tp)
+clock_gettime			113	263	(clockid_t which_clock, struct timespec *tp)
 exit_group			94	248	(int error_code)
 set_robust_list			99	338	(struct robust_list_head *head, size_t len)
 get_robust_list			100	339	(int pid, struct robust_list_head **head_ptr, size_t *len_ptr)
@ -118,7 +118,10 @@ fsopen				430	430	(char *fsname, unsigned int flags)
 fsconfig			431	431	(int fd, unsigned int cmd, const char *key, const char *value, int aux)
 fsmount				432	432	(int fd, unsigned int flags, unsigned int attr_flags)
 clone3				435	435	(struct clone_args *uargs, size_t size)
+close_range			436	436	(unsigned int fd, unsigned int max_fd, unsigned int flags)
 pidfd_open			434	434	(pid_t pid, unsigned int flags)
 openat2				437	437	(int dirfd, char *pathname, struct open_how *how, size_t size)
 pidfd_getfd			438	438	(int pidfd, int targetfd, unsigned int flags)
 rseq				293	398	(void *rseq, uint32_t rseq_len, int flags, uint32_t sig)
+membarrier 			283	389	(int cmd, unsigned int flags, int cpu_id)
+map_shadow_stack		453	!	(unsigned long addr, unsigned long size, unsigned int flags)
--- a/compel/arch/arm/src/lib/infect.c
+++ b/compel/arch/arm/src/lib/infect.c
@ -65,10 +65,9 @@ int sigreturn_prep_fpu_frame_plain(struct rt_sigframe *sigframe, struct rt_sigfr
 }

 #define PTRACE_GETVFPREGS 27
-int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *ext_regs, save_regs_t save,
+int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *vfp, save_regs_t save,
 			 void *arg, __maybe_unused unsigned long flags)
 {
-	user_fpregs_struct_t tmp, *vfp = ext_regs ? ext_regs : &tmp;
 	int ret = -1;

 	pr_info("Dumping GP/FPU registers for %d\n", pid);
@ -95,7 +94,7 @@ int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct
 		}
 	}

-	ret = save(arg, regs, vfp);
+	ret = save(pid, arg, regs, vfp);
 err:
 	return ret;
 }
--- a/compel/arch/loongarch64/plugins/include/asm/prologue.h
+++ b/compel/arch/loongarch64/plugins/include/asm/prologue.h
@ -0,0 +1,35 @@
+#ifndef __ASM_PROLOGUE_H__
+#define __ASM_PROLOGUE_H__
+
+#ifndef __ASSEMBLY__
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <errno.h>
+
+#define sys_recv(sockfd, ubuf, size, flags) sys_recvfrom(sockfd, ubuf, size, flags, NULL, NULL)
+
+typedef struct prologue_init_args {
+	struct sockaddr_un ctl_sock_addr;
+	unsigned int ctl_sock_addr_len;
+
+	unsigned int arg_s;
+	void *arg_p;
+
+	void *sigframe;
+} prologue_init_args_t;
+
+#endif /* __ASSEMBLY__ */
+
+/*
+ * Reserve enough space for sigframe.
+ *
+ * FIXME It is rather should be taken from sigframe header.
+ */
+#define PROLOGUE_SGFRAME_SIZE 4096
+
+#define PROLOGUE_INIT_ARGS_SIZE 1024
+
+#endif /* __ASM_PROLOGUE_H__ */
--- a/compel/arch/loongarch64/plugins/include/asm/syscall-types.h
+++ b/compel/arch/loongarch64/plugins/include/asm/syscall-types.h
@ -0,0 +1,30 @@
+#ifndef COMPEL_ARCH_SYSCALL_TYPES_H__
+#define COMPEL_ARCH_SYSCALL_TYPES_H__
+
+#include <common/asm/bitsperlong.h>
+/* Types for sigaction, sigprocmask syscalls */
+typedef void rt_signalfn_t(int, siginfo_t *, void *);
+typedef rt_signalfn_t *rt_sighandler_t;
+
+typedef void rt_restorefn_t(void);
+typedef rt_restorefn_t *rt_sigrestore_t;
+
+/* refer to arch/loongarch/include/uapi/asm/signal.h */
+#define _KNSIG	     64
+#define _NSIG_BPW    BITS_PER_LONG
+#define _KNSIG_WORDS (_KNSIG / _NSIG_BPW)
+
+typedef struct {
+	uint64_t sig[_KNSIG_WORDS];
+} k_rtsigset_t;
+
+typedef struct {
+	rt_sighandler_t rt_sa_handler;
+	unsigned long rt_sa_flags;
+	rt_sigrestore_t rt_sa_restorer;
+	k_rtsigset_t rt_sa_mask;
+} rt_sigaction_t;
+
+#define SA_RESTORER 0x04000000
+
+#endif /* COMPEL_ARCH_SYSCALL_TYPES_H__ */
--- a/compel/arch/loongarch64/plugins/include/features.h
+++ b/compel/arch/loongarch64/plugins/include/features.h
@ -0,0 +1,4 @@
+#ifndef __COMPEL_ARCH_FEATURES_H
+#define __COMPEL_ARCH_FEATURES_H
+
+#endif /* __COMPEL_ARCH_FEATURES_H */
--- a/compel/arch/loongarch64/plugins/std/parasite-head.S
+++ b/compel/arch/loongarch64/plugins/std/parasite-head.S
@ -0,0 +1,9 @@
+
+#include "common/asm/linkage.h"
+
+	.section .head.text, "ax"
+ENTRY(__export_parasite_head_start)
+	bl	parasite_service;
+	break 0;
+END(__export_parasite_head_start)
+
--- a/compel/arch/loongarch64/plugins/std/syscalls/Makefile.syscalls
+++ b/compel/arch/loongarch64/plugins/std/syscalls/Makefile.syscalls
@ -0,0 +1,117 @@
+std-lib-y		+= ./$(PLUGIN_ARCH_DIR)/std/syscalls-64.o
+sys-proto-types		:= $(obj)/include/uapi/std/syscall-types.h
+sys-proto-generic	:= $(obj)/include/uapi/std/syscall.h
+sys-codes-generic	:= $(obj)/include/uapi/std/syscall-codes.h
+sys-codes		 = $(obj)/include/uapi/std/syscall-codes-$(1).h
+sys-proto		 = $(obj)/include/uapi/std/syscall-$(1).h
+sys-def			 = $(PLUGIN_ARCH_DIR)/std/syscalls/syscall_$(1).tbl
+sys-asm			 = $(PLUGIN_ARCH_DIR)/std/syscalls-$(1).S
+sys-asm-common-name	 = std/syscalls/syscall-common-loongarch-$(1).S
+sys-asm-common		 = $(PLUGIN_ARCH_DIR)/$(sys-asm-common-name)
+sys-asm-types		:= $(obj)/include/uapi/std/asm/syscall-types.h
+sys-exec-tbl		 = $(PLUGIN_ARCH_DIR)/std/sys-exec-tbl-$(1).c
+
+sys-bits		:= 64
+
+AV			:= $$$$
+
+define gen-rule-sys-codes
+$(sys-codes): $(sys-def) $(sys-proto-types)
+	$(call msg-gen, $$@)
+	$(Q) echo "/* Autogenerated, don't edit */"					>  $$@
+	$(Q) echo "#ifndef ASM_SYSCALL_CODES_H_$(1)__"					>> $$@
+	$(Q) echo "#define ASM_SYSCALL_CODES_H_$(1)__"					>> $$@
+	$(Q) cat $$< | awk '/^__NR/{SYSN=$(AV)1;					\
+		sub("^__NR", "SYS", SYSN);						\
+		print "\n#ifndef ", $(AV)1;						\
+		print "#define", $(AV)1, $(AV)2;					\
+		print "#endif";								\
+		print "\n#ifndef ", SYSN;						\
+		print "#define ", SYSN, $(AV)1;						\
+		print "#endif";}'							>> $$@
+	$(Q) echo "#endif /* ASM_SYSCALL_CODES_H_$(1)__ */"				>> $$@
+endef
+
+define gen-rule-sys-proto
+$(sys-proto): $(sys-def) $(sys-proto-types)
+	$(call msg-gen, $$@)
+	$(Q) echo "/* Autogenerated, don't edit */"					>  $$@
+	$(Q) echo "#ifndef ASM_SYSCALL_PROTO_H_$(1)__"					>> $$@
+	$(Q) echo "#define ASM_SYSCALL_PROTO_H_$(1)__"					>> $$@
+	$(Q) echo '#include <compel/plugins/std/syscall-codes-$(1).h>'			>> $$@
+	$(Q) echo '#include <compel/plugins/std/syscall-types.h>'			>> $$@
+ifeq ($(1),32)
+	$(Q) echo '#include "asm/syscall32.h"'						>> $$@
+endif
+	$(Q) cat $$< | awk '/^__NR/{print "extern long", $(AV)3,			\
+			substr($(AV)0, index($(AV)0,$(AV)4)), ";"}'			>> $$@
+	$(Q) echo "#endif /* ASM_SYSCALL_PROTO_H_$(1)__ */"				>> $$@
+endef
+
+define gen-rule-sys-asm
+$(sys-asm): $(sys-def) $(sys-asm-common) $(sys-codes) $(sys-proto) $(sys-proto-types)
+	$(call msg-gen, $$@)
+	$(Q) echo "/* Autogenerated, don't edit */"					>  $$@
+	$(Q) echo '#include <compel/plugins/std/syscall-codes-$(1).h>'			>> $$@
+	$(Q) echo '#include "$(sys-asm-common-name)"'					>> $$@
+	$(Q) cat $$< | awk '/^__NR/{print "SYSCALL(", $(AV)3, ",", $(AV)2, ")"}'	>> $$@
+endef
+
+define gen-rule-sys-exec-tbl
+$(sys-exec-tbl): $(sys-def) $(sys-codes) $(sys-proto) $(sys-proto-generic) $(sys-proto-types)
+	$(call msg-gen, $$@)
+	$(Q) echo "/* Autogenerated, don't edit */"					>  $$@
+	$(Q) cat $$< | awk '/^__NR/{print						\
+		"SYSCALL(", substr($(AV)3, 5), ",", $(AV)2, ")"}'			>> $$@
+endef
+
+$(sys-codes-generic): $(sys-proto-types)
+	$(call msg-gen, $@)
+	$(Q) echo "/* Autogenerated, don't edit */"			>  $@
+	$(Q) echo "#ifndef __ASM_CR_SYSCALL_CODES_H__"			>> $@
+	$(Q) echo "#define __ASM_CR_SYSCALL_CODES_H__"			>> $@
+	$(Q) echo '#include <compel/plugins/std/syscall-codes-64.h>'	>> $@
+	$(Q) cat $< | awk '/^__NR/{NR32=$$1;				\
+		sub("^__NR", "__NR32", NR32);				\
+		print "\n#ifndef ", NR32;				\
+		print "#define ", NR32, $$2;				\
+		print "#endif";}'					>> $@
+	$(Q) echo "#endif /* __ASM_CR_SYSCALL_CODES_H__ */"		>> $@
+mrproper-y += $(sys-codes-generic)
+
+$(sys-proto-generic): $(strip $(call map,sys-proto,$(sys-bits))) $(sys-proto-types)
+	$(call msg-gen, $@)
+	$(Q) echo "/* Autogenerated, don't edit */"			>  $@
+	$(Q) echo "#ifndef __ASM_CR_SYSCALL_PROTO_H__"			>> $@
+	$(Q) echo "#define __ASM_CR_SYSCALL_PROTO_H__"			>> $@
+	$(Q) echo ""							>> $@
+	$(Q) echo '#include <compel/plugins/std/syscall-64.h>'		>> $@
+	$(Q) echo ""							>> $@
+	$(Q) echo "#endif /* __ASM_CR_SYSCALL_PROTO_H__ */"		>> $@
+mrproper-y += $(sys-proto-generic)
+
+define gen-rule-sys-exec-tbl
+$(sys-exec-tbl): $(sys-def) $(sys-codes) $(sys-proto) $(sys-proto-generic)
+	$(call msg-gen, $$@)
+	$(Q) echo "/* Autogenerated, don't edit */"			>  $$@
+	$(Q) cat $$< | awk '/^__NR/{print				\
+		"SYSCALL(", substr($(AV)3, 5), ",", $(AV)2, ")"}'	>> $$@
+endef
+
+$(eval $(call map,gen-rule-sys-codes,$(sys-bits)))
+$(eval $(call map,gen-rule-sys-proto,$(sys-bits)))
+$(eval $(call map,gen-rule-sys-asm,$(sys-bits)))
+$(eval $(call map,gen-rule-sys-exec-tbl,$(sys-bits)))
+
+$(sys-asm-types): $(PLUGIN_ARCH_DIR)/include/asm/syscall-types.h
+	$(call msg-gen, $@)
+	$(Q) ln -s ../../../../../../$(PLUGIN_ARCH_DIR)/include/asm/syscall-types.h $(sys-asm-types)
+
+std-headers-deps	+= $(call sys-codes,$(sys-bits))
+std-headers-deps	+= $(call sys-proto,$(sys-bits))
+std-headers-deps	+= $(call sys-asm,$(sys-bits))
+std-headers-deps	+= $(call sys-exec-tbl,$(sys-bits))
+std-headers-deps	+= $(sys-codes-generic)
+std-headers-deps	+= $(sys-proto-generic)
+std-headers-deps	+= $(sys-asm-types)
+mrproper-y		+= $(std-headers-deps)
--- a/compel/arch/loongarch64/plugins/std/syscalls/syscall-common-loongarch-64.S
+++ b/compel/arch/loongarch64/plugins/std/syscalls/syscall-common-loongarch-64.S
@ -0,0 +1,44 @@
+#include "common/asm/linkage.h"
+
+#define SYSCALL(name, opcode)		\
+ENTRY(name);					\
+	addi.d	$a7, $zero, opcode;	\
+	syscall 0;					\
+	jirl	$r0, $r1, 0;		\
+END(name)
+
+#ifndef AT_FDCWD
+#define AT_FDCWD	-100
+#endif
+
+#ifndef AT_REMOVEDIR
+#define AT_REMOVEDIR	0x200
+#endif
+
+ENTRY(sys_open)
+	or		$a3, $zero, $a2
+	or		$a2, $zero, $a1
+	or		$a1, $zero, $a0
+	addi.d	$a0, $zero, AT_FDCWD
+	b		sys_openat
+END(sys_open)
+
+ENTRY(sys_mkdir)
+	or		$a3, $zero, $a2
+	or		$a2, $zero, $a1
+	or		$a1, $zero, $a0
+	addi.d	$a0, $zero, AT_FDCWD
+	b		sys_mkdirat
+END(sys_mkdir)
+
+ENTRY(sys_rmdir)
+	addi.d	$a2, $zero, AT_REMOVEDIR
+	or		$a1, $zero, $a0
+	addi.d	$a0, $zero, AT_FDCWD
+	b		sys_unlinkat
+END(sys_rmdir)
+
+ENTRY(__cr_restore_rt)
+	addi.d	$a7, $zero, __NR_rt_sigreturn
+	syscall	0
+END(__cr_restore_rt)
--- a/compel/arch/loongarch64/plugins/std/syscalls/syscall_64.tbl
+++ b/compel/arch/loongarch64/plugins/std/syscalls/syscall_64.tbl
@ -0,0 +1,122 @@
+#
+# System calls table, please make sure the table consist only the syscalls
+# really used somewhere in project.
+# from kernel/linux-3.10.84/arch/mips/include/uapi/asm/unistd.h Linux 64-bit syscalls are in the range from 5000 to 5999.
+#
+# __NR_name			code		name			arguments
+# -------------------------------------------------------------------------------------------------------------------------------------------------------------
+__NR_io_setup			0	sys_io_setup		(unsigned nr_events, aio_context_t *ctx)
+__NR_io_submit			2	sys_io_submit		(aio_context_t ctx, long nr, struct iocb **iocbpp)
+__NR_io_getevents		4	sys_io_getevents	(aio_context_t ctx, long min_nr, long nr, struct io_event *evs, struct timespec *tmo)
+__NR_fcntl			25	sys_fcntl		(int fd, int type, long arg)
+__NR_ioctl			29	sys_ioctl		(unsigned int fd, unsigned int cmd, unsigned long arg)
+__NR_flock			32	sys_flock		(int fd, unsigned long cmd)
+__NR_mkdirat			34	sys_mkdirat             (int dfd, const char *pathname, int flag)
+__NR_unlinkat			35	sys_unlinkat            (int dfd, const char *pathname, int flag)
+__NR_umount2			39	sys_umount2		(char *name, int flags)
+__NR_mount			40	sys_mount		(char *dev_nmae, char *dir_name, char *type, unsigned long flags, void *data)
+__NR_fallocate			47	sys_fallocate		(int fd, int mode, loff_t offset, loff_t len)
+__NR_close			57	sys_close		(int fd)
+__NR_openat			56	sys_openat		(int dfd, const char *filename, int flags, int mode)
+__NR_lseek			62	sys_lseek		(int fd, unsigned long offset, unsigned long origin)
+__NR_read			63	sys_read		(int fd, void *buf, unsigned long count)
+__NR_write			64	sys_write		(int fd, const void *buf, unsigned long count)
+__NR_pread64			67	sys_pread		(unsigned int fd, char *buf, size_t count, loff_t pos)
+__NR_preadv			69	sys_preadv_raw		(int fd, struct iovec *iov, unsigned long nr, unsigned long pos_l, unsigned long pos_h)
+__NR_ppoll			73	sys_ppoll		(struct pollfd *fds, unsigned int nfds, const struct timespec *tmo, const sigset_t *sigmask, size_t sigsetsize)
+__NR_signalfd4			74	sys_signalfd		(int fd, k_rtsigset_t *mask, size_t sizemask, int flags)
+__NR_vmsplice			75	sys_vmsplice		(int fd, const struct iovec *iov, unsigned long nr_segs, unsigned int flags)
+__NR_readlinkat			78	sys_readlinkat		(int fd, const char *path, char *buf, int bufsize)
+__NR_timerfd_settime		86	sys_timerfd_settime	(int ufd, int flags, const struct itimerspec *utmr, struct itimerspec *otmr)
+__NR_capget			90	sys_capget		(struct cap_header *h, struct cap_data *d)
+__NR_capset			91	sys_capset		(struct cap_header *h, struct cap_data *d)
+__NR_personality		92	sys_personality		(unsigned int personality)
+__NR_exit			93	sys_exit		(unsigned long error_code)
+__NR_exit_group			94	sys_exit_group		(int error_code)
+__NR_waitid			95	sys_waitid		(int which, pid_t pid, struct siginfo *infop, int options, struct rusage *ru)
+__NR_set_tid_address		96	sys_set_tid_address	(int *tid_addr)
+__NR_futex			98	sys_futex		(uint32_t *uaddr, int op, uint32_t val, struct timespec *utime, uint32_t *uaddr2, uint32_t val3)
+__NR_set_robust_list		99	sys_set_robust_list	(struct robust_list_head *head, size_t len)
+__NR_get_robust_list		100	sys_get_robust_list	(int pid, struct robust_list_head **head_ptr, size_t *len_ptr)
+__NR_nanosleep			101	sys_nanosleep		(struct timespec *req, struct timespec *rem)
+__NR_getitimer			102	sys_getitimer		(int which, const struct itimerval *val)
+__NR_setitimer			103	sys_setitimer		(int which, const struct itimerval *val, struct itimerval *old)
+__NR_sys_timer_create		107	sys_timer_create	(clockid_t which_clock, struct sigevent *timer_event_spec, kernel_timer_t *created_timer_id)
+__NR_sys_timer_gettime		108	sys_timer_gettime	(int timer_id, const struct itimerspec *setting)
+__NR_sys_timer_getoverrun	109	sys_timer_getoverrun	(int timer_id)
+__NR_sys_timer_settime		110	sys_timer_settime	(kernel_timer_t timer_id, int flags, const struct itimerspec *new_setting, struct itimerspec *old_setting)
+__NR_sys_timer_delete		111	sys_timer_delete	(kernel_timer_t timer_id)
+__NR_clock_gettime		113	sys_clock_gettime	(clockid_t which_clock, struct timespec *tp)
+__NR_sched_setscheduler		119	sys_sched_setscheduler	(int pid, int policy, struct sched_param *p)
+__NR_restart_syscall		128	sys_restart_syscall	(void)
+__NR_kill			129	sys_kill		(long pid, int sig)
+__NR_sigaltstack		132	sys_sigaltstack		(const void *uss, void *uoss)
+__NR_rt_sigaction		134	sys_sigaction		(int signum, const rt_sigaction_t *act, rt_sigaction_t *oldact, size_t sigsetsize)
+__NR_rt_sigprocmask		135	sys_sigprocmask		(int how, k_rtsigset_t *set, k_rtsigset_t *old, size_t sigsetsize)
+__NR_rt_sigqueueinfo		138	sys_rt_sigqueueinfo	(pid_t pid, int sig, siginfo_t *info)
+__NR_rt_sigreturn		139	sys_rt_sigreturn	(void)
+__NR_setpriority		140	sys_setpriority		(int which, int who, int nice)
+__NR_setresuid			147	sys_setresuid		(int uid, int euid, int suid)
+__NR_getresuid			148	sys_getresuid		(int *uid, int *euid, int *suid)
+__NR_setresgid			149	sys_setresgid		(int gid, int egid, int sgid)
+__NR_getresgid			150	sys_getresgid		(int *gid, int *egid, int *sgid)
+__NR_getpgid			155	sys_getpgid		(pid_t pid)
+__NR_setfsuid			151	sys_setfsuid		(int fsuid)
+__NR_setfsgid			152	sys_setfsgid		(int fsgid)
+__NR_getsid			156	sys_getsid		(void)
+__NR_getgroups			158	sys_getgroups		(int gsize, unsigned int *groups)
+__NR_setgroups			159	sys_setgroups		(int gsize, unsigned int *groups)
+__NR_setrlimit			164	sys_setrlimit		(int resource, struct krlimit *rlim)
+__NR_umask			166	sys_umask		(int mask)
+__NR_prctl			167	sys_prctl		(int option, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5)
+__NR_gettimeofday		169	sys_gettimeofday	(struct timeval *tv, struct timezone *tz)
+__NR_getpid			172	sys_getpid		(void)
+__NR_ptrace			177	sys_ptrace		(long request, pid_t pid, void *addr, void *data)
+__NR_gettid			178	sys_gettid		(void)
+__NR_shmat			196	sys_shmat		(int shmid, void *shmaddr, int shmflag)
+__NR_socket			198	sys_socket		(int domain, int type, int protocol)
+__NR_bind			200	sys_bind		(int sockfd, const struct sockaddr *addr, int addrlen)
+__NR_connect			203	sys_connect		(int sockfd, struct sockaddr *addr, int addrlen)
+__NR_sendto			206	sys_sendto		(int sockfd, void *buff, size_t len, unsigned int flags, struct sockaddr *addr, int addr_len)
+__NR_recvfrom			207	sys_recvfrom		(int sockfd, void *ubuf, size_t size, unsigned int flags, struct sockaddr *addr, int *addr_len)
+__NR_setsockopt			208	sys_setsockopt		(int sockfd, int level, int optname, const void *optval, socklen_t optlen)
+__NR_getsockopt			209	sys_getsockopt		(int sockfd, int level, int optname, const void *optval, socklen_t *optlen)
+__NR_shutdown			210	sys_shutdown		(int sockfd, int how)
+__NR_sendmsg			211	sys_sendmsg		(int sockfd, const struct msghdr *msg, int flags)
+__NR_recvmsg			212	sys_recvmsg		(int sockfd, struct msghdr *msg, int flags)
+__NR_brk			214	sys_brk			(void *addr)
+__NR_munmap			215	sys_munmap		(void *addr, unsigned long len)
+__NR_mremap			216	sys_mremap		(unsigned long addr, unsigned long old_len, unsigned long new_len, unsigned long flags, unsigned long new_addr)
+__NR_clone			220	sys_clone		(unsigned long flags, void *child_stack, void *parent_tid, unsigned long newtls, void *child_tid)
+__NR_mmap			222	sys_mmap		(void *addr, unsigned long len, unsigned long prot, unsigned long flags, unsigned long fd, unsigned long offset)
+__NR_mprotect			226	sys_mprotect		(const void *addr, unsigned long len, unsigned long prot)
+__NR_mincore			232	sys_mincore		(void *addr, unsigned long size, unsigned char *vec)
+__NR_madvise			233	sys_madvise		(unsigned long start, size_t len, int behavior)
+__NR_rt_tgsigqueueinfo		240	sys_rt_tgsigqueueinfo	(pid_t tgid, pid_t pid, int sig, siginfo_t *info)
+__NR_wait4			260	sys_wait4		(int pid, int *status, int options, struct rusage *ru)
+__NR_fanotify_init		262	sys_fanotify_init	(unsigned int flags, unsigned int event_f_flags)
+__NR_fanotify_mark		263	sys_fanotify_mark	(int fanotify_fd, unsigned int flags, uint64_t mask, int dfd, const char *pathname)
+__NR_open_by_handle_at		265	sys_open_by_handle_at	(int mountdirfd, struct file_handle *handle, int flags)
+__NR_setns			268	sys_setns		(int fd, int nstype)
+__NR_kcmp			272	sys_kcmp		(pid_t pid1, pid_t pid2, int type, unsigned long idx1, unsigned long idx2)
+__NR_seccomp			277	sys_seccomp		(unsigned int op, unsigned int flags, const char *uargs)
+__NR_memfd_create		279	sys_memfd_create	(const char *name, unsigned int flags)
+__NR_userfaultfd		282	sys_userfaultfd		(int flags)
+__NR_membarrier			283	sys_membarrier		(int cmd, unsigned int flags, int cpu_id)
+__NR_rseq			293	sys_rseq		(void *rseq, uint32_t rseq_len, int flags, uint32_t sig)
+__NR_open_tree			428	sys_open_tree		(int dirfd, const char *pathname, unsigned int flags)
+__NR_move_mount			429	sys_move_mount		(int from_dfd, const char *from_pathname, int to_dfd, const char *to_pathname, int flags)
+__NR_fsopen			430	sys_fsopen		(char *fsname, unsigned int flags)
+__NR_fsconfig			431	sys_fsconfig		(int fd, unsigned int cmd, const char *key, const char *value, int aux)
+__NR_fsmount			432	sys_fsmount		(int fd, unsigned int flags, unsigned int attr_flags)
+__NR_pidfd_open			434	sys_pidfd_open		(pid_t pid, unsigned int flags)
+__NR_clone3			435	sys_clone3		(struct clone_args *uargs, size_t size)
+__NR_openat2			437	sys_openat2		(int dirfd, char *pathname, struct open_how *how, size_t size)
+__NR_pidfd_getfd		438	sys_pidfd_getfd		(int pidfd, int targetfd, unsigned int flags)
+#__NR_dup2			!	sys_dup2		(int oldfd, int newfd)
+#__NR_rmdir			!	sys_rmdir		(const char *name)
+#__NR_unlink			!	sys_unlink		(char *pathname)
+#__NR_cacheflush		!	sys_cacheflush		(char *addr, int nbytes, int cache)
+#__NR_set_thread_area		!	sys_set_thread_area	(unsigned long *addr)
+#__NR_mkdir			!	sys_mkdir		(const char *name, int mode)
+#__NR_open			!	sys_open		(const char *filename, unsigned long flags, unsigned long mode)
--- a/compel/arch/loongarch64/scripts/compel-pack.lds.S
+++ b/compel/arch/loongarch64/scripts/compel-pack.lds.S
@ -0,0 +1,32 @@
+OUTPUT_ARCH(loongarch)
+EXTERN(__export_parasite_head_start)
+
+SECTIONS
+{
+	.crblob 0x0 : {
+		*(.head.text)
+		ASSERT(DEFINED(__export_parasite_head_start),
+			"Symbol __export_parasite_head_start is missing");
+		*(.text*)
+		. = ALIGN(32);
+		*(.data*)
+		. = ALIGN(32);
+		*(.rodata*)
+		. = ALIGN(32);
+		*(.bss*)
+		. = ALIGN(32);
+		*(.got*)
+		. = ALIGN(32);
+		*(.toc*)
+		. = ALIGN(32);
+	} =0x00000000,
+
+	/DISCARD/ : {
+		*(.debug*)
+		*(.comment*)
+		*(.note*)
+		*(.group*)
+		*(.eh_frame*)
+		*(*)
+	}
+}
--- a/compel/arch/loongarch64/src/lib/cpu.c
+++ b/compel/arch/loongarch64/src/lib/cpu.c
@ -0,0 +1,41 @@
+#include <string.h>
+#include <stdbool.h>
+
+#include "compel-cpu.h"
+#include "common/bitops.h"
+#include "common/compiler.h"
+#include "log.h"
+
+#undef LOG_PREFIX
+#define LOG_PREFIX "cpu: "
+
+static compel_cpuinfo_t rt_info;
+static bool rt_info_done = false;
+
+void compel_set_cpu_cap(compel_cpuinfo_t *c, unsigned int feature)
+{
+}
+
+void compel_clear_cpu_cap(compel_cpuinfo_t *c, unsigned int feature)
+{
+}
+
+int compel_test_cpu_cap(compel_cpuinfo_t *c, unsigned int feature)
+{
+	return 0;
+}
+
+int compel_cpuid(compel_cpuinfo_t *c)
+{
+	return 0;
+}
+
+bool compel_cpu_has_feature(unsigned int feature)
+{
+	if (!rt_info_done) {
+		compel_cpuid(&rt_info);
+		rt_info_done = true;
+	}
+
+	return compel_test_cpu_cap(&rt_info, feature);
+}
--- a/compel/arch/loongarch64/src/lib/handle-elf-host.c
+++ b/compel/arch/loongarch64/src/lib/handle-elf-host.c
@ -0,0 +1,22 @@
+#include <string.h>
+#include <errno.h>
+
+#include "handle-elf.h"
+#include "piegen.h"
+#include "log.h"
+
+static const unsigned char __maybe_unused elf_ident_64_le[EI_NIDENT] = {
+	0x7f, 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, /* clang-format */
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+extern int __handle_elf(void *mem, size_t size);
+
+int handle_binary(void *mem, size_t size)
+{
+	if (memcmp(mem, elf_ident_64_le, sizeof(elf_ident_64_le)) == 0)
+		return __handle_elf(mem, size);
+
+	pr_err("Unsupported Elf format detected\n");
+	return -EINVAL;
+}
--- a/compel/arch/loongarch64/src/lib/handle-elf.c
+++ b/compel/arch/loongarch64/src/lib/handle-elf.c
@ -0,0 +1,22 @@
+#include <string.h>
+#include <errno.h>
+
+#include "handle-elf.h"
+#include "piegen.h"
+#include "log.h"
+
+static const unsigned char __maybe_unused elf_ident_64_le[EI_NIDENT] = {
+	0x7f, 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, /* clang-format */
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+extern int __handle_elf(void *mem, size_t size);
+
+int handle_binary(void *mem, size_t size)
+{
+	if (memcmp(mem, elf_ident_64_le, sizeof(elf_ident_64_le)) == 0)
+		return __handle_elf(mem, size);
+
+	pr_err("Unsupported Elf format detected\n");
+	return -EINVAL;
+}
--- a/compel/arch/loongarch64/src/lib/include/handle-elf.h
+++ b/compel/arch/loongarch64/src/lib/include/handle-elf.h
@ -0,0 +1,8 @@
+#ifndef COMPEL_HANDLE_ELF_H__
+#define COMPEL_HANDLE_ELF_H__
+
+#include "elf64-types.h"
+
+#define arch_is_machine_supported(e_machine) (e_machine == EM_LOONGARCH)
+
+#endif /* COMPEL_HANDLE_ELF_H__ */
--- a/compel/arch/loongarch64/src/lib/include/syscall.h
+++ b/compel/arch/loongarch64/src/lib/include/syscall.h
@ -0,0 +1,8 @@
+#ifndef __COMPEL_SYSCALL_H__
+#define __COMPEL_SYSCALL_H__
+
+#ifndef SIGSTKFLT
+#define SIGSTKFLT 16
+#endif
+
+#endif
--- a/compel/arch/loongarch64/src/lib/include/uapi/asm/breakpoints.h
+++ b/compel/arch/loongarch64/src/lib/include/uapi/asm/breakpoints.h
@ -0,0 +1,6 @@
+#ifndef __COMPEL_BREAKPOINTS_H__
+#define __COMPEL_BREAKPOINTS_H__
+#define ARCH_SI_TRAP TRAP_BRKPT
+extern int ptrace_set_breakpoint(pid_t pid, void *addr);
+extern int ptrace_flush_breakpoints(pid_t pid);
+#endif
--- a/compel/arch/loongarch64/src/lib/include/uapi/asm/cpu.h
+++ b/compel/arch/loongarch64/src/lib/include/uapi/asm/cpu.h
@ -0,0 +1,6 @@
+#ifndef __CR_ASM_CPU_H__
+#define __CR_ASM_CPU_H__
+
+typedef struct {
+} compel_cpuinfo_t;
+#endif /* __CR_ASM_CPU_H__ */
--- a/compel/arch/loongarch64/src/lib/include/uapi/asm/fpu.h
+++ b/compel/arch/loongarch64/src/lib/include/uapi/asm/fpu.h
@ -0,0 +1,4 @@
+#ifndef __CR_ASM_FPU_H__
+#define __CR_ASM_FPU_H__
+
+#endif /* __CR_ASM_FPU_H__ */
--- a/compel/arch/loongarch64/src/lib/include/uapi/asm/infect-types.h
+++ b/compel/arch/loongarch64/src/lib/include/uapi/asm/infect-types.h
@ -0,0 +1,67 @@
+#ifndef UAPI_COMPEL_ASM_TYPES_H__
+#define UAPI_COMPEL_ASM_TYPES_H__
+
+#include <stdint.h>
+
+#define SIGMAX	   64
+#define SIGMAX_OLD 31
+
+/*
+ * From the Linux kernel header arch/loongarch/include/uapi/asm/ptrace.h
+ *
+ * A thread LoongArch CPU context
+ *
+ * struct user_fp_state {
+ *     uint64_t    fpr[32];
+ *     uint64_t    fcc;
+ *     uint32_t    fcsr;
+ * };
+ *
+ * struct user_pt_regs {
+ *     unsigned long regs[32];
+ *     unsigned long csr_era;
+ *     unsigned long csr_badv;
+ *     unsigned long reserved[11];
+ * };
+ */
+
+struct user_gp_regs {
+	uint64_t regs[32];
+	uint64_t orig_a0;
+	uint64_t pc;
+	uint64_t csr_badv;
+	uint64_t reserved[10];
+} __attribute__((aligned(8)));
+
+struct user_fp_regs {
+	uint64_t regs[32];
+	uint64_t fcc;
+	uint32_t fcsr;
+};
+
+typedef struct user_gp_regs user_regs_struct_t;
+typedef struct user_fp_regs user_fpregs_struct_t;
+
+#define user_regs_native(regs) true
+
+#define __compel_arch_fetch_thread_area(tid, th) 0
+#define compel_arch_fetch_thread_area(tctl)	 0
+#define compel_arch_get_tls_task(ctl, tls)
+#define compel_arch_get_tls_thread(tctl, tls)
+
+#define REG_RES(r)	   ((uint64_t)(r).regs[4])
+#define REG_IP(r)	   ((uint64_t)(r).pc)
+#define REG_SP(r)	   ((uint64_t)(r).regs[3])
+#define REG_SYSCALL_NR(r)  ((uint64_t)(r).regs[11])
+#define SET_REG_IP(r, val) ((r).pc = (val))
+
+#define GPR_NUM 32
+#define FPR_NUM 32
+
+#define __NR(syscall, compat)   \
+	({                      \
+		(void)compat;   \
+		__NR_##syscall; \
+	})
+
+#endif /* UAPI_COMPEL_ASM_TYPES_H__ */
--- a/compel/arch/loongarch64/src/lib/include/uapi/asm/sigframe.h
+++ b/compel/arch/loongarch64/src/lib/include/uapi/asm/sigframe.h
@ -0,0 +1,86 @@
+#ifndef UAPI_COMPEL_ASM_SIGFRAME_H__
+#define UAPI_COMPEL_ASM_SIGFRAME_H__
+
+#include <stdint.h>
+#include <stdbool.h>
+#include <stdlib.h>
+
+#include <compel/asm/fpu.h>
+#include <compel/plugins/std/syscall-codes.h>
+
+#include <asm/types.h>
+
+#define rt_sigcontext sigcontext
+/* sigcontext defined in usr/include/uapi/asm/sigcontext.h*/
+#include <compel/sigframe-common.h>
+typedef __u32 u32;
+
+typedef struct sigcontext_t {
+	__u64 pc;
+	__u64 regs[32];
+	__u32 flags;
+	__u64 extcontext[0] __attribute__((__aligned__(16)));
+} sigcontext_t;
+
+typedef struct context_info_t {
+	__u32 magic;
+	__u32 size;
+	__u64 padding;
+} context_info_t;
+
+#define FPU_CTX_MAGIC 0x46505501
+#define FPU_CTX_ALIGN 8
+typedef struct fpu_context_t {
+	__u64 regs[32];
+	__u64 fcc;
+	__u64 fcsr;
+} fpu_context_t;
+
+typedef struct ucontext {
+	unsigned long uc_flags;
+	struct ucontext *uc_link;
+	stack_t uc_stack;
+	sigset_t uc_sigmask;
+	__u8 __unused[1024 / 8 - sizeof(sigset_t)];
+	sigcontext_t uc_mcontext;
+} ucontext;
+
+/* Copy from the kernel source arch/loongarch/kernel/signal.c */
+struct rt_sigframe {
+	rt_siginfo_t rs_info;
+	ucontext rs_uc;
+};
+
+#define RT_SIGFRAME_UC(rt_sigframe)	 (&(rt_sigframe->rs_uc))
+#define RT_SIGFRAME_SIGMASK(rt_sigframe) ((k_rtsigset_t *)&RT_SIGFRAME_UC(rt_sigframe)->uc_sigmask)
+#define RT_SIGFRAME_SIGCTX(rt_sigframe)	 (&(RT_SIGFRAME_UC(rt_sigframe)->uc_mcontext))
+#define RT_SIGFRAME_REGIP(rt_sigframe)	 ((long unsigned int)(RT_SIGFRAME_SIGCTX(rt_sigframe)->pc))
+#define RT_SIGFRAME_HAS_FPU(rt_sigframe) (1)
+
+#define RT_SIGFRAME_FPU(rt_sigframe)                                                                 \
+	({                                                                                           \
+		context_info_t *ctx = (context_info_t *)RT_SIGFRAME_SIGCTX(rt_sigframe)->extcontext; \
+		ctx->magic = FPU_CTX_MAGIC;                                                          \
+		ctx->size = sizeof(context_info_t) + sizeof(fpu_context_t);                          \
+		(fpu_context_t *)((char *)ctx + sizeof(context_info_t));                             \
+	})
+
+#define RT_SIGFRAME_OFFSET(rt_sigframe) 0
+
+/* clang-format off */
+#define ARCH_RT_SIGRETURN(new_sp, rt_sigframe)  \
+    asm volatile(                               \
+            "addi.d $sp, %0, 0 \n"              \
+            "addi.d $a7, $zero, "__stringify(__NR_rt_sigreturn)"    \n" \
+            "syscall   0"                       \
+            :                                   \
+            :"r"(new_sp)                        \
+            : "$a7", "memory")
+/* clang-format on */
+
+int sigreturn_prep_fpu_frame(struct rt_sigframe *sigframe, struct rt_sigframe *rsigframe);
+
+#define rt_sigframe_erase_sigset(sigframe)	memset(RT_SIGFRAME_SIGMASK(sigframe), 0, sizeof(k_rtsigset_t))
+#define rt_sigframe_copy_sigset(sigframe, from) memcpy(RT_SIGFRAME_SIGMASK(sigframe), from, sizeof(k_rtsigset_t))
+
+#endif /* UAPI_COMPEL_ASM_SIGFRAME_H__ */
--- a/compel/arch/loongarch64/src/lib/infect.c
+++ b/compel/arch/loongarch64/src/lib/infect.c
@ -0,0 +1,204 @@
+#include <sys/types.h>
+#include <sys/uio.h>
+#include <sys/auxv.h>
+#include <sys/mman.h>
+#include <errno.h>
+
+#include <compel/asm/fpu.h>
+#include <compel/cpu.h>
+#include "errno.h"
+#include <compel/plugins/std/syscall-codes.h>
+#include <compel/plugins/std/syscall.h>
+#include "common/err.h"
+#include "common/page.h"
+#include "asm/infect-types.h"
+#include "ptrace.h"
+#include "infect.h"
+#include "infect-priv.h"
+#include "log.h"
+#include "common/bug.h"
+
+/*
+ * Injected syscall instruction
+ * loongarch64 is Little Endian
+ */
+const char code_syscall[] = {
+	0x00, 0x00, 0x2b, 0x00, /* syscall    */
+	0x00, 0x00, 0x2a, 0x00	/*  break      */
+};
+
+int sigreturn_prep_regs_plain(struct rt_sigframe *sigframe, user_regs_struct_t *regs, user_fpregs_struct_t *fpregs)
+{
+	sigcontext_t *sc;
+	fpu_context_t *fpu;
+
+	sc = RT_SIGFRAME_SIGCTX(sigframe);
+	memcpy(sc->regs, regs->regs, sizeof(regs->regs));
+	sc->pc = regs->pc;
+
+	fpu = RT_SIGFRAME_FPU(sigframe);
+	memcpy(fpu->regs, fpregs->regs, sizeof(fpregs->regs));
+	fpu->fcc = fpregs->fcc;
+	fpu->fcsr = fpregs->fcsr;
+	return 0;
+}
+
+int sigreturn_prep_fpu_frame_plain(struct rt_sigframe *sigframe, struct rt_sigframe *rsigframe)
+{
+	return 0;
+}
+
+int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *ext_regs, save_regs_t save,
+			 void *arg, __maybe_unused unsigned long flags)
+{
+	user_fpregs_struct_t tmp, *fpregs = ext_regs ? ext_regs : &tmp;
+	struct iovec iov;
+	int ret;
+
+	pr_info("Dumping GP/FPU registers for %d\n", pid);
+
+	iov.iov_base = regs;
+	iov.iov_len = sizeof(user_regs_struct_t);
+	if ((ret = ptrace(PTRACE_GETREGSET, pid, NT_PRSTATUS, &iov))) {
+		pr_perror("Failed to obtain CPU registers for %d", pid);
+		goto err;
+	}
+
+	/*
+	 * Refer to Linux kernel arch/loongarch/kernel/signal.c
+	 */
+	if (regs->regs[0]) {
+		switch (regs->regs[4]) {
+		case -ERESTARTNOHAND:
+		case -ERESTARTSYS:
+		case -ERESTARTNOINTR:
+			regs->regs[4] = regs->orig_a0;
+			regs->pc -= 4;
+			break;
+		case -ERESTART_RESTARTBLOCK:
+			regs->regs[4] = regs->orig_a0;
+			regs->regs[11] = __NR_restart_syscall;
+			regs->pc -= 4;
+			break;
+		}
+		regs->regs[0] = 0; /* Don't deal with this again.  */
+	}
+
+	iov.iov_base = fpregs;
+	iov.iov_len = sizeof(user_fpregs_struct_t);
+	if ((ret = ptrace(PTRACE_GETREGSET, pid, NT_PRFPREG, &iov))) {
+		pr_perror("Failed to obtain FPU registers for %d", pid);
+		goto err;
+	}
+
+	ret = save(pid, arg, regs, fpregs);
+err:
+	return 0;
+}
+
+int compel_set_task_ext_regs(pid_t pid, user_fpregs_struct_t *ext_regs)
+{
+	struct iovec iov;
+
+	pr_info("Restoring GP/FPU registers for %d\n", pid);
+
+	iov.iov_base = ext_regs;
+	iov.iov_len = sizeof(*ext_regs);
+	if (ptrace(PTRACE_SETREGSET, pid, NT_PRFPREG, &iov)) {
+		pr_perror("Failed to set FPU registers for %d", pid);
+		return -1;
+	}
+	return 0;
+}
+
+/*
+ * Registers $4 ~ $11 represents arguments a0 ~ a7, especially a7 is
+ * used as syscall number.
+ */
+int compel_syscall(struct parasite_ctl *ctl, int nr, long *ret, unsigned long arg1, unsigned long arg2,
+		   unsigned long arg3, unsigned long arg4, unsigned long arg5, unsigned long arg6)
+{
+	int err;
+	user_regs_struct_t regs = ctl->orig.regs;
+
+	regs.regs[11] = (unsigned long)nr;
+	regs.regs[4] = arg1;
+	regs.regs[5] = arg2;
+	regs.regs[6] = arg3;
+	regs.regs[7] = arg4;
+	regs.regs[8] = arg5;
+	regs.regs[9] = arg6;
+	err = compel_execute_syscall(ctl, &regs, code_syscall);
+
+	*ret = regs.regs[4];
+
+	return err;
+}
+
+void *remote_mmap(struct parasite_ctl *ctl, void *addr, size_t length, int prot, int flags, int fd, off_t offset)
+{
+	long map;
+	int err;
+
+	err = compel_syscall(ctl, __NR_mmap, &map, (unsigned long)addr, length, prot, flags, fd, offset >> PAGE_SHIFT);
+
+	if (err < 0 || IS_ERR_VALUE(map)) {
+		pr_err("remote mmap() failed: %s\n", strerror(-map));
+		return NULL;
+	}
+
+	return (void *)map;
+}
+
+/*
+ * regs must be inited when calling this function from original context
+ */
+void parasite_setup_regs(unsigned long new_ip, void *stack, user_regs_struct_t *regs)
+{
+	regs->pc = new_ip;
+	if (stack)
+		regs->regs[4] = (unsigned long)stack;
+}
+
+bool arch_can_dump_task(struct parasite_ctl *ctl)
+{
+	return true;
+}
+
+int arch_fetch_sas(struct parasite_ctl *ctl, struct rt_sigframe *s)
+{
+	long ret;
+	int err;
+
+	err = compel_syscall(ctl, __NR_sigaltstack, &ret, 0, (unsigned long)&s->rs_uc.uc_stack, 0, 0, 0, 0);
+	return err ? err : ret;
+}
+
+/*
+ * TODO: add feature
+ */
+int ptrace_set_breakpoint(pid_t pid, void *addr)
+{
+	return 0;
+}
+
+int ptrace_flush_breakpoints(pid_t pid)
+{
+	return 0;
+}
+
+/*
+ * Refer to Linux kernel arch/loongarch/include/asm/processor.h
+ */
+#define TASK_SIZE32	(1UL) << 31
+#define TASK_SIZE64_MIN (1UL) << 40
+#define TASK_SIZE64_MAX (1UL) << 48
+
+unsigned long compel_task_size(void)
+{
+	unsigned long task_size;
+	for (task_size = TASK_SIZE64_MIN; task_size < TASK_SIZE64_MAX; task_size <<= 1)
+		if (munmap((void *)task_size, page_size()))
+			break;
+	return task_size;
+}
--- a/compel/arch/mips/plugins/std/syscalls/syscall_64.tbl
+++ b/compel/arch/mips/plugins/std/syscalls/syscall_64.tbl
@ -84,7 +84,7 @@ __NR_sys_timer_settime		5217		sys_timer_settime	(kernel_timer_t timer_id, int fl
 __NR_sys_timer_gettime		5218		sys_timer_gettime	(int timer_id, const struct itimerspec *setting)
 __NR_sys_timer_getoverrun	5219		sys_timer_getoverrun	(int timer_id)
 __NR_sys_timer_delete		5220		sys_timer_delete	(kernel_timer_t timer_id)
-__NR_clock_gettime		5222		sys_clock_gettime	(const clockid_t which_clock, const struct timespec *tp)
+__NR_clock_gettime		5222		sys_clock_gettime	(clockid_t which_clock, struct timespec *tp)
 __NR_exit_group			5205		sys_exit_group		(int error_code)
 __NR_set_thread_area		5242		sys_set_thread_area	(unsigned long *addr)
 __NR_openat			5247		sys_openat		(int dfd, const char *filename, int flags, int mode)
@ -115,7 +115,9 @@ __NR_fsopen			5430		sys_fsopen		(char *fsname, unsigned int flags)
 __NR_fsconfig			5431		sys_fsconfig		(int fd, unsigned int cmd, const char *key, const char *value, int aux)
 __NR_fsmount			5432		sys_fsmount		(int fd, unsigned int flags, unsigned int attr_flags)
 __NR_clone3			5435		sys_clone3		(struct clone_args *uargs, size_t size)
+__NR_close_range		5436		sys_close_range		(unsigned int fd, unsigned int max_fd, unsigned int flags)
 __NR_pidfd_open			5434		sys_pidfd_open		(pid_t pid, unsigned int flags)
 __NR_openat2			5437		sys_openat2		(int dirfd, char *pathname, struct open_how *how, size_t size)
 __NR_pidfd_getfd		5438		sys_pidfd_getfd		(int pidfd, int targetfd, unsigned int flags)
 __NR_rseq		        5327		sys_rseq		(void *rseq, uint32_t rseq_len, int flags, uint32_t sig)
+__NR_membarrier 		5318		sys_membarrier		(int cmd, unsigned int flags, int cpu_id)
--- a/compel/arch/mips/src/lib/handle-elf.c
+++ b/compel/arch/mips/src/lib/handle-elf.c
@ -5,18 +5,31 @@
 #include "piegen.h"
 #include "log.h"

-static const unsigned char __maybe_unused elf_ident_64_le[EI_NIDENT] = {
-	0x7f, 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, /* clang-format */
-	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-};
-
 extern int __handle_elf(void *mem, size_t size);

 int handle_binary(void *mem, size_t size)
 {
-	if (memcmp(mem, elf_ident_64_le, sizeof(elf_ident_64_le)) == 0)
-		return __handle_elf(mem, size);
+	Elf64_Ehdr *ehdr = (Elf64_Ehdr *)mem;

-	pr_err("Unsupported Elf format detected\n");
-	return -EINVAL;
+	/* check ELF magic */
+	if (ehdr->e_ident[EI_MAG0] != ELFMAG0 ||
+	    ehdr->e_ident[EI_MAG1] != ELFMAG1 ||
+	    ehdr->e_ident[EI_MAG2] != ELFMAG2 ||
+	    ehdr->e_ident[EI_MAG3] != ELFMAG3) {
+		pr_err("Invalid ELF magic\n");
+		return -EINVAL;
+	}
+
+	/* check ELF class and data encoding */
+	if (ehdr->e_ident[EI_CLASS] != ELFCLASS64 ||
+	    ehdr->e_ident[EI_DATA] != ELFDATA2LSB) {
+		pr_err("Unsupported ELF class or data encoding\n");
+		return -EINVAL;
+	}
+
+	if (ehdr->e_ident[EI_ABIVERSION] != 0) {
+		pr_warn("Unusual ABI version: %d\n", ehdr->e_ident[EI_ABIVERSION]);
+	}
+
+	return __handle_elf(mem, size);
 }
--- a/compel/arch/mips/src/lib/infect.c
+++ b/compel/arch/mips/src/lib/infect.c
@ -119,10 +119,9 @@ int sigreturn_prep_fpu_frame_plain(struct rt_sigframe *sigframe, struct rt_sigfr
 	return 0;
 }

-int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *ext_regs, save_regs_t save,
+int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *xs, save_regs_t save,
 			 void *arg, __maybe_unused unsigned long flags)
 {
-	user_fpregs_struct_t xsave = {}, *xs = ext_regs ? ext_regs : &xsave;
 	int ret = -1;

 	pr_info("Dumping GP/FPU registers for %d\n", pid);
@ -150,7 +149,7 @@ int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct
 		regs->regs[0] = 0;
 	}

-	ret = save(arg, regs, xs);
+	ret = save(pid, arg, regs, xs);
 	return ret;
 }

--- a/compel/arch/ppc64/plugins/std/syscalls/syscall-ppc64.tbl
+++ b/compel/arch/ppc64/plugins/std/syscalls/syscall-ppc64.tbl
@ -82,7 +82,7 @@ __NR_sys_timer_settime	241		sys_timer_settime	(kernel_timer_t timer_id, int flag
 __NR_sys_timer_gettime	242		sys_timer_gettime	(int timer_id, const struct itimerspec *setting)
 __NR_sys_timer_getoverrun	243		sys_timer_getoverrun	(int timer_id)
 __NR_sys_timer_delete	244		sys_timer_delete	(kernel_timer_t timer_id)
-__NR_clock_gettime	246		sys_clock_gettime	(const clockid_t which_clock, const struct timespec *tp)
+__NR_clock_gettime	246		sys_clock_gettime	(clockid_t which_clock, struct timespec *tp)
 __NR_exit_group		234		sys_exit_group		(int error_code)
 __NR_waitid		272		sys_waitid		(int which, pid_t pid, struct siginfo *infop, int options, struct rusage *ru)
 __NR_set_robust_list	300		sys_set_robust_list	(struct robust_list_head *head, size_t len)
@ -114,7 +114,9 @@ __NR_fsopen		430		sys_fsopen		(char *fsname, unsigned int flags)
 __NR_fsconfig		431		sys_fsconfig		(int fd, unsigned int cmd, const char *key, const char *value, int aux)
 __NR_fsmount		432		sys_fsmount		(int fd, unsigned int flags, unsigned int attr_flags)
 __NR_clone3		435		sys_clone3		(struct clone_args *uargs, size_t size)
+__NR_close_range	436		sys_close_range		(unsigned int fd, unsigned int max_fd, unsigned int flags)
 __NR_pidfd_open		434		sys_pidfd_open		(pid_t pid, unsigned int flags)
 __NR_openat2		437		sys_openat2		(int dirfd, char *pathname, struct open_how *how, size_t size)
 __NR_pidfd_getfd	438		sys_pidfd_getfd		(int pidfd, int targetfd, unsigned int flags)
 __NR_rseq       	387		sys_rseq		(void *rseq, uint32_t rseq_len, int flags, uint32_t sig)
+__NR_membarrier 	365		sys_membarrier		(int cmd, unsigned int flags, int cpu_id)
--- a/compel/arch/ppc64/src/lib/include/uapi/asm/sigframe.h
+++ b/compel/arch/ppc64/src/lib/include/uapi/asm/sigframe.h
@ -14,7 +14,7 @@
 */
 #include <signal.h>

-// XXX: the idetifier rt_sigcontext is expected to be struct by the CRIU code
+// XXX: the identifier rt_sigcontext is expected to be struct by the CRIU code
 #define rt_sigcontext sigcontext

 #include <compel/sigframe-common.h>
--- a/compel/arch/ppc64/src/lib/infect.c
+++ b/compel/arch/ppc64/src/lib/infect.c
@ -11,6 +11,7 @@
 #include "log.h"
 #include "common/bug.h"
 #include "common/page.h"
+#include "common/err.h"
 #include "infect.h"
 #include "infect-priv.h"

@ -303,34 +304,59 @@ out_free:
 	return -1; /* still failing the checkpoint */
 }

-static int __get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *fpregs)
-{
-	pr_info("Dumping GP/FPU registers for %d\n", pid);
+/*
+ * This is inspired by kernel function check_syscall_restart in
+ * arch/powerpc/kernel/signal.c
+ */

-	/*
-	 * This is inspired by kernel function check_syscall_restart in
-	 * arch/powerpc/kernel/signal.c
-	 */
 #ifndef TRAP
 #define TRAP(r) ((r).trap & ~0xF)
 #endif

-	if (TRAP(*regs) == 0x0C00 && regs->ccr & 0x10000000) {
-		/* Restart the system call */
-		switch (regs->gpr[3]) {
-		case ERESTARTNOHAND:
-		case ERESTARTSYS:
-		case ERESTARTNOINTR:
-			regs->gpr[3] = regs->orig_gpr3;
-			regs->nip -= 4;
-			break;
-		case ERESTART_RESTARTBLOCK:
-			pr_warn("Will restore %d with interrupted system call\n", pid);
-			regs->gpr[3] = EINTR;
-			break;
-		}
+static bool trap_is_scv(user_regs_struct_t *regs)
+{
+	return TRAP(*regs) == 0x3000;
+}
+
+static bool trap_is_syscall(user_regs_struct_t *regs)
+{
+	return trap_is_scv(regs) || TRAP(*regs) == 0x0C00;
+}
+
+static void handle_syscall(pid_t pid, user_regs_struct_t *regs)
+{
+	unsigned long ret = regs->gpr[3];
+
+	if (trap_is_scv(regs)) {
+		if (!IS_ERR_VALUE(ret))
+			return;
+		ret = -ret;
+	} else if (!(regs->ccr & 0x10000000)) {
+		return;
 	}

+	/* Restart or interrupt the system call */
+	switch (ret) {
+	case ERESTARTNOHAND:
+	case ERESTARTSYS:
+	case ERESTARTNOINTR:
+		regs->gpr[3] = regs->orig_gpr3;
+		regs->nip -= 4;
+		break;
+	case ERESTART_RESTARTBLOCK:
+		pr_warn("Will restore %d with interrupted system call\n", pid);
+		regs->gpr[3] = trap_is_scv(regs) ? -EINTR : EINTR;
+		break;
+	}
+}
+
+static int __get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *fpregs)
+{
+	pr_info("Dumping GP/FPU registers for %d\n", pid);
+
+	if (trap_is_syscall(regs))
+		handle_syscall(pid, regs);
+
 	/* Resetting trap since we are now coming from user space. */
 	regs->trap = 0;

@ -365,17 +391,16 @@ static int __get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_stru
 	return 0;
 }

-int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *ext_regs, save_regs_t save,
+int compel_get_task_regs(pid_t pid, user_regs_struct_t *regs, user_fpregs_struct_t *fpregs, save_regs_t save,
 			 void *arg, __maybe_unused unsigned long flags)
 {
-	user_fpregs_struct_t tmp, *fpregs = ext_regs ? ext_regs : &tmp;
 	int ret;

 	ret = __get_task_regs(pid, regs, fpregs);
 	if (ret)
 		return ret;

-	return save(arg, regs, fpregs);
+	return save(pid, arg, regs, fpregs);
 }

 int compel_set_task_ext_regs(pid_t pid, user_fpregs_struct_t *ext_regs)
--- a/compel/arch/riscv64/plugins/include/asm/prologue.h
+++ b/compel/arch/riscv64/plugins/include/asm/prologue.h
@ -0,0 +1,35 @@
+#ifndef __ASM_PROLOGUE_H__
+#define __ASM_PROLOGUE_H__
+
+#ifndef __ASSEMBLY__
+
+#include <sys/types.h>
+#include <sys/socket.h>
+#include <sys/un.h>
+
+#include <errno.h>
+
+#define sys_recv(sockfd, ubuf, size, flags) sys_recvfrom(sockfd, ubuf, size, flags, NULL, NULL)
+
+typedef struct prologue_init_args {
+	struct sockaddr_un ctl_sock_addr;
+	unsigned int ctl_sock_addr_len;
+
+	unsigned int arg_s;
+	void *arg_p;
+
+	void *sigframe;
+} prologue_init_args_t;
+
+#endif /* __ASSEMBLY__ */
+
+/*
+ * Reserve enough space for sigframe.
+ *
+ * FIXME It is rather should be taken from sigframe header.
+ */
+#define PROLOGUE_SGFRAME_SIZE 4096
+
+#define PROLOGUE_INIT_ARGS_SIZE 1024
+
+#endif /* __ASM_PROLOGUE_H__ */
--- a/compel/arch/riscv64/plugins/include/asm/syscall-types.h
+++ b/compel/arch/riscv64/plugins/include/asm/syscall-types.h
@ -0,0 +1,28 @@
+#ifndef COMPEL_ARCH_SYSCALL_TYPES_H__
+#define COMPEL_ARCH_SYSCALL_TYPES_H__
+
+#define SA_RESTORER 0x04000000
+
+typedef void rt_signalfn_t(int, siginfo_t *, void *);
+typedef rt_signalfn_t *rt_sighandler_t;
+
+typedef void rt_restorefn_t(void);
+typedef rt_restorefn_t *rt_sigrestore_t;
+
+#define _KNSIG	  64 // number of signals
+#define _NSIG_BPW 64 // number of signals per word
+
+#define _KNSIG_WORDS (_KNSIG / _NSIG_BPW)
+
+typedef struct {
+	unsigned long sig[_KNSIG_WORDS];
+} k_rtsigset_t;
+
+typedef struct {
+	rt_sighandler_t rt_sa_handler;
+	unsigned long rt_sa_flags;
+	rt_sigrestore_t rt_sa_restorer;
+	k_rtsigset_t rt_sa_mask;
+} rt_sigaction_t;
+
+#endif /* COMPEL_ARCH_SYSCALL_TYPES_H__ */
--- a/compel/arch/riscv64/plugins/include/features.h
+++ b/compel/arch/riscv64/plugins/include/features.h
@ -0,0 +1,4 @@
+#ifndef __COMPEL_ARCH_FEATURES_H
+#define __COMPEL_ARCH_FEATURES_H
+
+#endif /* __COMPEL_ARCH_FEATURES_H */
--- a/compel/arch/riscv64/plugins/std/parasite-head.S
+++ b/compel/arch/riscv64/plugins/std/parasite-head.S
@ -0,0 +1,7 @@
+#include "common/asm/linkage.h"
+
+	.section .head.text, "ax"
+ENTRY(__export_parasite_head_start)
+	jal parasite_service
+	ebreak
+END(__export_parasite_head_start)
--- a/compel/arch/riscv64/plugins/std/syscalls/Makefile.syscalls
+++ b/compel/arch/riscv64/plugins/std/syscalls/Makefile.syscalls
@ -0,0 +1,59 @@
+ccflags-y		+= -iquote $(PLUGIN_ARCH_DIR)/std/syscalls/
+asflags-y		+= -iquote $(PLUGIN_ARCH_DIR)/std/syscalls/
+
+sys-types		:= $(obj)/include/uapi/std/syscall-types.h
+sys-codes		:= $(obj)/include/uapi/std/syscall-codes.h
+sys-proto		:= $(obj)/include/uapi/std/syscall.h
+
+sys-def			:= $(PLUGIN_ARCH_DIR)/std/syscalls/syscall.def
+sys-asm-common-name	:= std/syscalls/syscall-common.S
+sys-asm-common		:= $(PLUGIN_ARCH_DIR)/$(sys-asm-common-name)
+sys-asm-types		:= $(obj)/include/uapi/std/asm/syscall-types.h
+sys-exec-tbl		 = $(PLUGIN_ARCH_DIR)/std/sys-exec-tbl.c
+
+sys-gen			:= $(PLUGIN_ARCH_DIR)/std/syscalls/gen-syscalls.pl
+sys-gen-tbl		:= $(PLUGIN_ARCH_DIR)/std/syscalls/gen-sys-exec-tbl.pl
+
+sys-asm			:= ./$(PLUGIN_ARCH_DIR)/std/syscalls/syscalls.S
+std-lib-y		+= $(sys-asm:.S=).o
+
+ifeq ($(ARCH),arm)
+arch_bits		:= 32
+else
+arch_bits		:= 64
+endif
+
+sys-exec-tbl		:= sys-exec-tbl.c
+
+$(sys-asm) $(sys-types) $(sys-codes) $(sys-proto): $(sys-gen) $(sys-def) $(sys-asm-common) $(sys-asm-types)
+	$(E) "  GEN     " $@
+	$(Q) perl				\
+		$(sys-gen)			\
+		$(sys-def)			\
+		$(sys-codes)			\
+		$(sys-proto)			\
+		$(sys-asm)			\
+		$(sys-asm-common-name)		\
+		$(sys-types)			\
+		$(arch_bits)
+
+$(sys-asm:.S=).o: $(sys-asm)
+
+$(sys-exec-tbl): $(sys-gen-tbl) $(sys-def)
+	$(E) "  GEN     " $@
+	$(Q) perl				\
+		$(sys-gen-tbl)			\
+		$(sys-def)			\
+		$(sys-exec-tbl)			\
+		$(arch_bits)
+
+$(sys-asm-types): $(PLUGIN_ARCH_DIR)/include/asm/syscall-types.h
+	$(call msg-gen, $@)
+	$(Q) ln -s ../../../../../../$(PLUGIN_ARCH_DIR)/include/asm/syscall-types.h $(sys-asm-types)
+	$(Q) ln -s ../../../../../$(PLUGIN_ARCH_DIR)/std/syscalls/syscall-aux.S $(obj)/include/uapi/std/syscall-aux.S
+	$(Q) ln -s ../../../../../$(PLUGIN_ARCH_DIR)/std/syscalls/syscall-aux.h $(obj)/include/uapi/std/syscall-aux.h
+
+std-headers-deps	+= $(sys-asm) $(sys-codes) $(sys-proto) $(sys-asm-types) $(sys-codes)
+mrproper-y		+= $(std-headers-deps)
+mrproper-y		+= $(obj)/include/uapi/std/syscall-aux.S
+mrproper-y		+= $(obj)/include/uapi/std/syscall-aux.h
--- a/compel/arch/riscv64/plugins/std/syscalls/gen-sys-exec-tbl.pl
+++ b/compel/arch/riscv64/plugins/std/syscalls/gen-sys-exec-tbl.pl
@ -0,0 +1,43 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+my $in		= $ARGV[0];
+my $tblout	= $ARGV[1];
+my $bits	= $ARGV[2];
+
+my $code	= "code$bits";
+
+open TBLOUT,	">", $tblout	or die $!;
+open IN,		"<", $in		or die $!;
+
+print TBLOUT "/* Autogenerated, don't edit */\n";
+print TBLOUT "static struct syscall_exec_desc sc_exec_table[] = {\n";
+
+for (<IN>) {
+	if ($_ =~ /\#/) {
+		next;
+	}
+
+	my $sys_name;
+	my $sys_num;
+
+	if (/(?<name>\S+)\s+(?<alias>\S+)\s+(?<code64>\d+|\!)\s+(?<code32>(?:\d+|\!))\s+\((?<args>.+)\)/) {
+		$sys_name = $+{alias};
+	} elsif (/(?<name>\S+)\s+(?<code64>\d+|\!)\s+(?<code32>(?:\d+|\!))\s+\((?<args>.+)\)/) {
+		$sys_name = $+{name};
+	} else {
+		unlink $tblout;
+		die "Invalid syscall definition file: invalid entry $_\n";
+	}
+
+	$sys_num = $+{$code};
+
+	if ($sys_num ne "!") {
+		print TBLOUT "SYSCALL($sys_name, $sys_num)\n";
+	}
+}
+
+print TBLOUT " 	{ }, /* terminator */";
+print TBLOUT "};"
--- a/compel/arch/riscv64/plugins/std/syscalls/gen-syscalls.pl
+++ b/compel/arch/riscv64/plugins/std/syscalls/gen-syscalls.pl
@ -0,0 +1,99 @@
+#!/usr/bin/perl
+
+use strict;
+use warnings;
+
+my $in         = $ARGV[0];
+my $codesout   = $ARGV[1];
+my $codes      = $ARGV[1];
+$codes         =~ s/.*include\/uapi\//compel\/plugins\//g;
+my $protosout  = $ARGV[2];
+my $protos     = $ARGV[2];
+$protos        =~ s/.*include\/uapi\//compel\/plugins\//g;
+my $asmout     = $ARGV[3];
+my $asmcommon  = $ARGV[4];
+my $prototypes = $ARGV[5];
+$prototypes    =~ s/.*include\/uapi\//compel\/plugins\//g;
+my $bits       = $ARGV[6];
+
+my $codesdef   = $codes;
+$codesdef      =~ tr/.\-\//_/;
+my $protosdef  = $protos;
+$protosdef     =~ tr/.\-\//_/;
+my $code       = "code$bits";
+my $need_aux   = 0;
+
+unlink $codesout;
+unlink $protosout;
+unlink $asmout;
+
+open CODESOUT,	">", $codesout	or die $!;
+open PROTOSOUT, ">", $protosout or die $!;
+open ASMOUT,	">", $asmout	or die $!;
+open IN,	"<", $in	or die $!;
+
+print CODESOUT <<"END";
+/* Autogenerated, don't edit */
+#ifndef $codesdef
+#define $codesdef
+END
+
+print PROTOSOUT <<"END";
+/* Autogenerated, don't edit */
+#ifndef $protosdef
+#define $protosdef
+#include <$prototypes>
+#include <$codes>
+END
+
+print ASMOUT <<"END";
+/* Autogenerated, don't edit */
+#include <$codes>
+#include "$asmcommon"
+END
+
+
+for (<IN>) {
+	if ($_ =~ /\#/) {
+		next;
+	}
+
+	my $code_macro;
+	my $sys_macro;
+	my $sys_name;
+
+	if (/(?<name>\S+)\s+(?<alias>\S+)\s+(?<code64>\d+|\!)\s+(?<code32>(?:\d+|\!))\s+\((?<args>.+)\)/) {
+		$code_macro = "__NR_$+{name}";
+		$sys_macro  = "SYS_$+{name}";
+		$sys_name   = "sys_$+{alias}";
+	} elsif (/(?<name>\S+)\s+(?<code64>\d+|\!)\s+(?<code32>(?:\d+|\!))\s+\((?<args>.+)\)/) {
+		$code_macro = "__NR_$+{name}";
+		$sys_macro  = "SYS_$+{name}";
+		$sys_name   = "sys_$+{name}";
+	} else {
+		unlink $codesout;
+		unlink $protosout;
+		unlink $asmout;
+
+		die "Invalid syscall definition file: invalid entry $_\n";
+	}
+
+	if ($+{$code} ne "!") {
+		print CODESOUT "#ifndef $code_macro\n#define $code_macro $+{$code}\n#endif\n";
+		print CODESOUT "#ifndef $sys_macro\n#define $sys_macro $code_macro\n#endif\n";
+		print ASMOUT "syscall $sys_name, $code_macro\n";
+
+	} else {
+		$need_aux = 1;
+	}
+
+	print PROTOSOUT "extern long $sys_name($+{args});\n";
+}
+
+if ($need_aux == 1) {
+	print ASMOUT   "#include <compel/plugins/std/syscall-aux.S>\n";
+	print CODESOUT "#include <compel/plugins/std/syscall-aux.h>\n";
+}
+
+print CODESOUT  "#endif /* $codesdef */";
+print PROTOSOUT "#endif /* $protosdef */";
--- a/compel/arch/riscv64/plugins/std/syscalls/syscall-aux.S
+++ b/compel/arch/riscv64/plugins/std/syscalls/syscall-aux.S
@ -0,0 +1,37 @@
+/**
+ * This source contains emulation of syscalls
+ * that are not implemented in the riscv64 Linux kernel
+ */
+
+ENTRY(sys_open)
+	add a3, x0, a2
+	add a2, x0, a1
+	add a1, x0, a0
+	addi a0, x0, -100
+	j   sys_openat
+END(sys_open)
+
+
+ENTRY(sys_mkdir)
+	add a3,x0, a2
+	add a2, x0, a1
+	add a1, x0, a0
+	addi a0, x0, -100
+	j   sys_mkdirat
+END(sys_mkdir)
+
+
+ENTRY(sys_rmdir)
+	addi a2, x0, 0x200		// flags = AT_REMOVEDIR
+	add a1, x0, a0
+	addi a0, x0, -100
+	j   sys_unlinkat
+END(sys_rmdir)
+
+
+ENTRY(sys_unlink)
+	addi a2, x0, 0		// flags = 0
+	add a1, x0, a0
+	addi a0, x0, -100
+	j   sys_unlinkat
+END(sys_unlink)
--- a/compel/arch/riscv64/plugins/std/syscalls/syscall-aux.h
+++ b/compel/arch/riscv64/plugins/std/syscalls/syscall-aux.h
@ -0,0 +1,3 @@
+#ifndef __NR_openat
+#define __NR_openat 56
+#endif
--- a/compel/arch/riscv64/plugins/std/syscalls/syscall-common.S
+++ b/compel/arch/riscv64/plugins/std/syscalls/syscall-common.S
@ -0,0 +1,17 @@
+#include "common/asm/linkage.h"
+
+syscall_common:
+	ecall
+	ret
+
+.macro syscall name, nr
+	ENTRY(\name)
+		li	a7, \nr
+		j	syscall_common
+	END(\name)
+.endm
+
+ENTRY(__cr_restore_rt)
+	li	a7, __NR_rt_sigreturn
+	ecall
+END(__cr_restore_rt)
--- a/compel/arch/riscv64/plugins/std/syscalls/syscall.def
+++ b/compel/arch/riscv64/plugins/std/syscalls/syscall.def
@ -0,0 +1,125 @@
+#
+# System calls table, please make sure the table consists of only the syscalls
+# really used somewhere in the project.
+#
+# The template is (name and arguments are optional if you need only __NR_x
+# defined, but no real entry point in syscalls lib).
+#
+# name/alias			code64	code32	arguments
+# -----------------------------------------------------------------------
+#
+read				63	3	(int fd, void *buf, unsigned long count)
+write				64	4	(int fd, const void *buf, unsigned long count)
+open				!	5	(const char *filename, unsigned long flags, unsigned long mode)
+close				57	6	(int fd)
+lseek				62	19	(int fd, unsigned long offset, unsigned long origin)
+mmap				222	!	(void *addr, unsigned long len, unsigned long prot, unsigned long flags, unsigned long fd, unsigned long offset)
+mprotect			226	125	(const void *addr, unsigned long len, unsigned long prot)
+munmap				215	91	(void *addr, unsigned long len)
+brk				214	45	(void *addr)
+rt_sigaction	sigaction	134	174	(int signum, const rt_sigaction_t *act, rt_sigaction_t *oldact, size_t sigsetsize)
+rt_sigprocmask	sigprocmask	135	175	(int how, k_rtsigset_t *set, k_rtsigset_t *old, size_t sigsetsize)
+rt_sigreturn			139	173	(void)
+ioctl				29	54	(unsigned int fd, unsigned int cmd, unsigned long arg)
+pread64				67	180	(unsigned int fd, char *buf, size_t count, loff_t pos)
+ptrace				117	26	(long request, pid_t pid, void *addr, void *data)
+mremap				216	163	(unsigned long addr, unsigned long old_len, unsigned long new_len, unsigned long flag, unsigned long new_addr)
+mincore				232	219	(void *addr, unsigned long size, unsigned char *vec)
+madvise				233	220	(unsigned long start, size_t len, int behavior)
+shmat				196	305	(int shmid, void *shmaddr, int shmflag)
+pause				1061	29	(void)
+nanosleep			101	162	(struct timespec *req, struct timespec *rem)
+getitimer			102	105	(int which, const struct itimerval *val)
+setitimer			103	104	(int which, const struct itimerval *val, struct itimerval *old)
+getpid				172	20	(void)
+socket				198	281	(int domain, int type, int protocol)
+connect				203	283	(int sockfd, struct sockaddr *addr, int addrlen)
+sendto				206	290	(int sockfd, void *buff, size_t len, unsigned int flags, struct sockaddr *addr, int addr_len)
+recvfrom			207	292	(int sockfd, void *ubuf, size_t size, unsigned int flags, struct sockaddr *addr, int *addr_len)
+sendmsg				211	296	(int sockfd, const struct msghdr *msg, int flags)
+recvmsg				212	297	(int sockfd, struct msghdr *msg, int flags)
+shutdown			210	293	(int sockfd, int how)
+bind				235	282	(int sockfd, const struct sockaddr *addr, int addrlen)
+setsockopt			208	294	(int sockfd, int level, int optname, const void *optval, socklen_t optlen)
+getsockopt			209	295	(int sockfd, int level, int optname, const void *optval, socklen_t *optlen)
+clone				220	120	(unsigned long flags, void *child_stack, void *parent_tid, unsigned long newtls, void *child_tid)
+exit				93	1	(unsigned long error_code)
+wait4				260	114	(int pid, int *status, int options, struct rusage *ru)
+waitid				95	280	(int which, pid_t pid, struct siginfo *infop, int options, struct rusage *ru)
+kill				129	37	(long pid, int sig)
+fcntl				25	55	(int fd, int type, long arg)
+flock				32	143	(int fd, unsigned long cmd)
+mkdir				!	39	(const char *name, int mode)
+rmdir				!	40	(const char *name)
+unlink				!	10	(char *pathname)
+readlinkat			78	332	(int fd, const char *path, char *buf, int bufsize)
+umask				166	60	(int mask)
+getgroups			158	205	(int gsize, unsigned int *groups)
+setgroups			159	206	(int gsize, unsigned int *groups)
+setresuid			147	164	(int uid, int euid, int suid)
+getresuid			148	165	(int *uid, int *euid, int *suid)
+setresgid			149	170	(int gid, int egid, int sgid)
+getresgid			150	171	(int *gid, int *egid, int *sgid)
+getpgid				155	132	(pid_t pid)
+setfsuid			151	138	(int fsuid)
+setfsgid			152	139	(int fsgid)
+getsid				156	147	(void)
+capget				90	184	(struct cap_header *h, struct cap_data *d)
+capset				91	185	(struct cap_header *h, struct cap_data *d)
+rt_sigqueueinfo			138	178	(pid_t pid, int sig, siginfo_t *info)
+setpriority			140	97	(int which, int who, int nice)
+sched_setscheduler		119	156	(int pid, int policy, struct sched_param *p)
+sigaltstack			132	186	(const void *uss, void *uoss)
+personality			92	136	(unsigned int personality)
+prctl				167	172	(int option, unsigned long arg2, unsigned long arg3, unsigned long arg4, unsigned long arg5)
+arch_prctl			!	17	(int option, unsigned long addr)
+setrlimit			164	75	(int resource, struct krlimit *rlim)
+mount				40	21	(char *dev_nmae, char *dir_name, char *type, unsigned long flags, void *data)
+umount2				39	52	(char *name, int flags)
+gettid				178	224	(void)
+futex				98	240	(uint32_t *uaddr, int op, uint32_t val, struct timespec *utime, uint32_t *uaddr2, uint32_t val3)
+set_tid_address			96	256	(int *tid_addr)
+restart_syscall			128	0	(void)
+timer_create			107	257	(clockid_t which_clock, struct sigevent *timer_event_spec, kernel_timer_t *created_timer_id)
+timer_settime			110	258	(kernel_timer_t timer_id, int flags, const struct itimerspec *new_setting, struct itimerspec *old_setting)
+timer_gettime			108	259	(int timer_id, const struct itimerspec *setting)
+timer_getoverrun		109	260	(int timer_id)
+timer_delete			111	261	(kernel_timer_t timer_id)
+clock_gettime			113	263	(clockid_t which_clock, struct timespec *tp)
+exit_group			94	248	(int error_code)
+set_robust_list			99	338	(struct robust_list_head *head, size_t len)
+get_robust_list			100	339	(int pid, struct robust_list_head **head_ptr, size_t *len_ptr)
+signalfd4			74	355	(int fd, k_rtsigset_t *mask, size_t sizemask, int flags)
+rt_tgsigqueueinfo		240	363	(pid_t tgid, pid_t pid, int sig, siginfo_t *info)
+vmsplice			75	343	(int fd, const struct iovec *iov, unsigned long nr_segs, unsigned int flags)
+timerfd_settime			86	353	(int ufd, int flags, const struct itimerspec *utmr, struct itimerspec *otmr)
+fanotify_init			262	367	(unsigned int flags, unsigned int event_f_flags)
+fanotify_mark			263	368	(int fanotify_fd, unsigned int flags, uint64_t mask, int dfd, const char *pathname)
+open_by_handle_at		265	371	(int mountdirfd, struct file_handle *handle, int flags)
+setns				268	375	(int fd, int nstype)
+kcmp				272	378	(pid_t pid1, pid_t pid2, int type, unsigned long idx1, unsigned long idx2)
+openat				56	322	(int dirfd, const char *pathname, int flags, mode_t mode)
+mkdirat				34	323	(int dirfd, const char *pathname, mode_t mode)
+unlinkat			35	328	(int dirfd, const char *pathname, int flags)
+memfd_create			279	385	(const char *name, unsigned int flags)
+io_setup			0	243	(unsigned nr_events, aio_context_t *ctx)
+io_submit			2	246	(aio_context_t ctx_id, long nr, struct iocb **iocbpp)
+io_getevents			4	245	(aio_context_t ctx, long min_nr, long nr, struct io_event *evs, struct timespec *tmo)
+seccomp				277	383	(unsigned int op, unsigned int flags, const char *uargs)
+gettimeofday			169	78	(struct timeval *tv, struct timezone *tz)
+preadv_raw			69	361	(int fd, struct iovec *iov, unsigned long nr, unsigned long pos_l, unsigned long pos_h)
+userfaultfd			282	388	(int flags)
+fallocate			47	352	(int fd, int mode, loff_t offset, loff_t len)
+cacheflush			!	983042	(void *start, void *end, int flags)
+ppoll				73	336	(struct pollfd *fds, unsigned int nfds, const struct timespec *tmo, const sigset_t *sigmask, size_t sigsetsize)
+fsopen				430	430	(char *fsname, unsigned int flags)
+fsconfig			431	431	(int fd, unsigned int cmd, const char *key, const char *value, int aux)
+fsmount				432	432	(int fd, unsigned int flags, unsigned int attr_flags)
+clone3				435	435	(struct clone_args *uargs, size_t size)
+pidfd_open			434	434	(pid_t pid, unsigned int flags)
+pidfd_getfd			438	438	(int pidfd, int targetfd, unsigned int flags)
+rseq				293 	293 	(void *rseq, uint32_t rseq_len, int flags, uint32_t sig)
+move_mount          		429	429	(int from_dfd, const char *from_pathname, int to_dfd, const char *to_pathname, int flags)
+open_tree			428	428	(int dirfd, const char *pathname, unsigned int flags)
+openat2				437	437	(int dirfd, char *pathname, struct open_how *how, size_t size)
+membarrier 			283	283	(int cmd, unsigned int flags, int cpu_id)
--- a/compel/arch/riscv64/scripts/compel-pack.lds.S
+++ b/compel/arch/riscv64/scripts/compel-pack.lds.S
@ -0,0 +1,32 @@
+OUTPUT_ARCH(riscv)
+EXTERN(__export_parasite_head_start)
+
+SECTIONS
+{
+	.crblob 0x0 : {
+		*(.head.text)
+		ASSERT(DEFINED(__export_parasite_head_start),
+			"Symbol __export_parasite_head_start is missing");
+		*(.text*)
+		. = ALIGN(32);
+		*(.data*)
+		. = ALIGN(32);
+		*(.rodata*)
+		. = ALIGN(32);
+		*(.bss*)
+		. = ALIGN(32);
+		*(.got*)
+		. = ALIGN(32);
+		*(.toc*)
+		. = ALIGN(32);
+	} =0x00000000,
+
+	/DISCARD/ : {
+		*(.debug*)
+		*(.comment*)
+		*(.note*)
+		*(.group*)
+		*(.eh_frame*)
+		*(*)
+	}
+}
--- a/compel/arch/riscv64/src/lib/cpu.c
+++ b/compel/arch/riscv64/src/lib/cpu.c
@ -0,0 +1,78 @@
+#include <string.h>
+#include <stdbool.h>
+
+#include "compel-cpu.h"
+
+#include "common/bitops.h"
+
+#include "log.h"
+
+#undef LOG_PREFIX
+#define LOG_PREFIX "cpu: "
+
+static compel_cpuinfo_t rt_info;
+
+static void fetch_rt_cpuinfo(void)
+{
+	static bool rt_info_done = false;
+
+	if (!rt_info_done) {
+		compel_cpuid(&rt_info);
+		rt_info_done = true;
+	}
+}
+
+void compel_set_cpu_cap(compel_cpuinfo_t *info, unsigned int feature)
+{
+}
+void compel_clear_cpu_cap(compel_cpuinfo_t *info, unsigned int feature)
+{
+}
+int compel_test_cpu_cap(compel_cpuinfo_t *info, unsigned int feature)
+{
+	return 0;
+}
+int compel_test_fpu_cap(compel_cpuinfo_t *info, unsigned int feature)
+{
+	return 0;
+}
+int compel_cpuid(compel_cpuinfo_t *info)
+{
+	return 0;
+}
+
+bool compel_cpu_has_feature(unsigned int feature)
+{
+	fetch_rt_cpuinfo();
+	return compel_test_cpu_cap(&rt_info, feature);
+}
+
+bool compel_fpu_has_feature(unsigned int feature)
+{
+	fetch_rt_cpuinfo();
+	return compel_test_fpu_cap(&rt_info, feature);
+}
+
+uint32_t compel_fpu_feature_size(unsigned int feature)
+{
+	fetch_rt_cpuinfo();
+	return 0;
+}
+
+uint32_t compel_fpu_feature_offset(unsigned int feature)
+{
+	fetch_rt_cpuinfo();
+	return 0;
+}
+
+void compel_cpu_clear_feature(unsigned int feature)
+{
+	fetch_rt_cpuinfo();
+	return compel_clear_cpu_cap(&rt_info, feature);
+}
+
+void compel_cpu_copy_cpuinfo(compel_cpuinfo_t *c)
+{
+	fetch_rt_cpuinfo();
+	memcpy(c, &rt_info, sizeof(rt_info));
+}
--- a/compel/arch/riscv64/src/lib/handle-elf-host.c
+++ b/compel/arch/riscv64/src/lib/handle-elf-host.c
@ -0,0 +1 @@
+handle-elf.c
--- a/compel/arch/riscv64/src/lib/handle-elf.c
+++ b/compel/arch/riscv64/src/lib/handle-elf.c
@ -0,0 +1,32 @@
+#include <string.h>
+#include <errno.h>
+
+#include "handle-elf.h"
+#include "piegen.h"
+#include "log.h"
+
+static const unsigned char __maybe_unused elf_ident_64_le[EI_NIDENT] = {
+	0x7f, 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, /* clang-format */
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+static const unsigned char __maybe_unused elf_ident_64_be[EI_NIDENT] = {
+	0x7f, 0x45, 0x4c, 0x46, 0x02, 0x02, 0x01, 0x00, /* clang-format */
+	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
+};
+
+int handle_binary(void *mem, size_t size)
+{
+	const unsigned char *elf_ident =
+#if __BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__
+		elf_ident_64_le;
+#else
+		elf_ident_64_be;
+#endif
+
+	if (memcmp(mem, elf_ident, sizeof(elf_ident_64_le)) == 0)
+		return handle_elf_riscv64(mem, size);
+
+	pr_err("Unsupported Elf format detected\n");
+	return -EINVAL;
+}
--- a/compel/arch/riscv64/src/lib/include/cpu.h
+++ b/compel/arch/riscv64/src/lib/include/cpu.h
--- a/compel/arch/riscv64/src/lib/include/handle-elf.h
+++ b/compel/arch/riscv64/src/lib/include/handle-elf.h
@ -0,0 +1,12 @@
+#ifndef COMPEL_HANDLE_ELF_H__
+#define COMPEL_HANDLE_ELF_H__
+
+#include "elf64-types.h"
+
+#define __handle_elf handle_elf_riscv64
+#define ELF_RISCV
+#define arch_is_machine_supported(e_machine) (e_machine == EM_RISCV)
+
+extern int handle_elf_riscv64(void *mem, size_t size);
+
+#endif /* COMPEL_HANDLE_ELF_H__ */
--- a/compel/arch/riscv64/src/lib/include/syscall.h
+++ b/compel/arch/riscv64/src/lib/include/syscall.h
@ -0,0 +1,8 @@
+#ifndef __COMPEL_SYSCALL_H__
+#define __COMPEL_SYSCALL_H__
+#define __NR(syscall, compat)   \
+	({                      \
+		(void)compat;   \
+		__NR_##syscall; \
+	})
+#endif
--- a/compel/arch/riscv64/src/lib/include/uapi/asm/breakpoints.h
+++ b/compel/arch/riscv64/src/lib/include/uapi/asm/breakpoints.h
@ -0,0 +1,15 @@
+#ifndef __COMPEL_BREAKPOINTS_H__
+#define __COMPEL_BREAKPOINTS_H__
+#define ARCH_SI_TRAP TRAP_BRKPT
+
+static inline int ptrace_set_breakpoint(pid_t pid, void *addr)
+{
+	return 0;
+}
+
+static inline int ptrace_flush_breakpoints(pid_t pid)
+{
+	return 0;
+}
+
+#endif
--- a/compel/arch/riscv64/src/lib/include/uapi/asm/cpu.h
+++ b/compel/arch/riscv64/src/lib/include/uapi/asm/cpu.h
@ -0,0 +1,7 @@
+#ifndef UAPI_COMPEL_ASM_CPU_H__
+#define UAPI_COMPEL_ASM_CPU_H__
+
+typedef struct {
+} compel_cpuinfo_t;
+
+#endif /* UAPI_COMPEL_ASM_CPU_H__ */
--- a/compel/arch/riscv64/src/lib/include/uapi/asm/fpu.h
+++ b/compel/arch/riscv64/src/lib/include/uapi/asm/fpu.h
@ -0,0 +1,4 @@
+#ifndef __CR_ASM_FPU_H__
+#define __CR_ASM_FPU_H__
+
+#endif /* __CR_ASM_FPU_H__ */
--- a/compel/arch/riscv64/src/lib/include/uapi/asm/infect-types.h
+++ b/compel/arch/riscv64/src/lib/include/uapi/asm/infect-types.h
@ -0,0 +1,52 @@
+#ifndef UAPI_COMPEL_ASM_TYPES_H__
+#define UAPI_COMPEL_ASM_TYPES_H__
+
+#include <stdint.h>
+#include <signal.h>
+#include <sys/mman.h>
+#include <asm/ptrace.h>
+
+#define SIGMAX	   64
+#define SIGMAX_OLD 31
+
+/*
+ * Copied from the Linux kernel header arch/riscv/include/uapi/asm/ptrace.h
+ *
+ * A thread RISC-V CPU context
+ */
+typedef struct user_regs_struct user_regs_struct_t;
+typedef struct __riscv_d_ext_state user_fpregs_struct_t;
+
+#define __compel_arch_fetch_thread_area(tid, th) 0
+#define compel_arch_fetch_thread_area(tctl)	 0
+#define compel_arch_get_tls_task(ctl, tls)
+#define compel_arch_get_tls_thread(tctl, tls)
+
+#define REG_RES(registers)	   ((uint64_t)(registers).a0)
+#define REG_IP(registers)	   ((uint64_t)(registers).pc)
+#define SET_REG_IP(registers, val) ((registers).pc = (val))
+
+/*
+ * REG_SP is also defined in riscv64-linux-gnu/include/sys/ucontext.h
+ * with a different meaning, and it's not used in CRIU. So we have to
+ * undefine it here.
+ */
+#ifdef REG_SP
+#undef REG_SP
+#endif
+
+#define REG_SP(registers) ((uint64_t)((registers).sp))
+
+#define REG_SYSCALL_NR(registers) ((uint64_t)(registers).a7)
+
+#define user_regs_native(pregs) true
+
+#define ARCH_SI_TRAP TRAP_BRKPT
+
+#define __NR(syscall, compat)   \
+	({                      \
+		(void)compat;   \
+		__NR_##syscall; \
+	})
+
+#endif /* UAPI_COMPEL_ASM_TYPES_H__ */
--- a/compel/arch/riscv64/src/lib/include/uapi/asm/instruction_formats.h
+++ b/compel/arch/riscv64/src/lib/include/uapi/asm/instruction_formats.h
@ -0,0 +1,26 @@
+#ifndef COMPEL_RELOCATIONS_H__
+#define COMPEL_RELOCATIONS_H__
+
+#include <stdint.h>
+
+static inline uint32_t riscv_b_imm(uint32_t val)
+{
+	return (val & 0x00001000) << 19 | (val & 0x000007e0) << 20 | (val & 0x0000001e) << 7 | (val & 0x00000800) >> 4;
+}
+
+static inline uint32_t riscv_i_imm(uint32_t val)
+{
+	return val << 20;
+}
+
+static inline uint32_t riscv_u_imm(uint32_t val)
+{
+	return val & 0xfffff000;
+}
+
+static inline uint32_t riscv_j_imm(uint32_t val)
+{
+	return (val & 0x00100000) << 11 | (val & 0x000007fe) << 20 | (val & 0x00000800) << 9 | (val & 0x000ff000);
+}
+
+#endif /* COMPEL_RELOCATIONS_H__ */
--- a/compel/arch/riscv64/src/lib/include/uapi/asm/processor-flags.h
+++ b/compel/arch/riscv64/src/lib/include/uapi/asm/processor-flags.h
@ -0,0 +1,4 @@
+#ifndef UAPI_COMPEL_ASM_PROCESSOR_FLAGS_H__
+#define UAPI_COMPEL_ASM_PROCESSOR_FLAGS_H__
+
+#endif /* UAPI_COMPEL_ASM_PROCESSOR_FLAGS_H__ */
--- a/compel/arch/riscv64/src/lib/include/uapi/asm/sigframe.h
+++ b/compel/arch/riscv64/src/lib/include/uapi/asm/sigframe.h
@ -0,0 +1,68 @@
+#ifndef UAPI_COMPEL_ASM_SIGFRAME_H__
+#define UAPI_COMPEL_ASM_SIGFRAME_H__
+
+#include <sys/ucontext.h>
+
+#include <stdint.h>
+
+#include <signal.h>
+
+/* Copied from the kernel header arch/riscv/include/uapi/asm/sigcontext.h */
+/*
+ * Signal context structure
+ *
+ * This contains the context saved before a signal handler is invoked;
+ * it is restored by sys_sigreturn / sys_rt_sigreturn.
+ */
+// struct sigcontext {
+// 	struct user_regs_struct sc_regs;
+// 	union __riscv_fp_state sc_fpregs;
+// 	/*
+// 	 * 4K + 128 reserved for vector state and future expansion.
+// 	 * This space is enough to store the vector context whose VLENB
+// 	 * is less or equal to 128.
+// 	 * (The size of the vector context is 4144 byte as VLENB is 128)
+// 	 */
+// 	__u8 __reserved[4224] __attribute__((__aligned__(16)));
+// };
+
+#define rt_sigcontext sigcontext
+
+#include <compel/sigframe-common.h>
+
+/* Copied from the kernel source arch/riscv/kernel/signal.c */
+struct rt_sigframe {
+	siginfo_t info;
+	ucontext_t uc; //ucontext_t structure holds the user context, e.g., the signal mask, GP regs
+};
+
+/*
+	generates inline assembly code for triggering the rt_sigreturn system call.
+	used to return from a signal handler back to the normal execution flow of the process.
+*/
+/* clang-format off */
+#define ARCH_RT_SIGRETURN(new_sp, rt_sigframe)					\
+	asm volatile(								\
+			"mv sp, %0\n"	\
+			"li a7,  "__stringify(__NR_rt_sigreturn)" \n"     \
+			"ecall\n"	\
+			:							\
+			: "r"(new_sp)						\
+			: "a7", "memory")
+/* clang-format on */
+
+#define RT_SIGFRAME_UC(rt_sigframe)	 (&rt_sigframe->uc)
+#define RT_SIGFRAME_REGIP(rt_sigframe)	 ((long unsigned int)(rt_sigframe)->uc.uc_mcontext.__gregs[REG_PC])
+#define RT_SIGFRAME_HAS_FPU(rt_sigframe) 1
+#define RT_SIGFRAME_OFFSET(rt_sigframe)	 0
+
+// #define RT_SIGFRAME_SIGCONTEXT(rt_sigframe)  ((struct cr_sigcontext *)&(rt_sigframe)->uc.uc_mcontext)
+// #define RT_SIGFRAME_AUX_CONTEXT(rt_sigframe) ((struct sigcontext *)&(RT_SIGFRAME_SIGCONTEXT(rt_sigframe)->__reserved))
+// #define RT_SIGFRAME_FPU(rt_sigframe)	     (&RT_SIGFRAME_AUX_CONTEXT(rt_sigframe)->fpsimd)
+
+#define rt_sigframe_erase_sigset(sigframe) \
+	memset(&sigframe->uc.uc_sigmask, 0, sizeof(k_rtsigset_t)) // erase the signal mask
+#define rt_sigframe_copy_sigset(sigframe, from) \
+	memcpy(&sigframe->uc.uc_sigmask, from, sizeof(k_rtsigset_t)) // copy the signal mask
+
+#endif /* UAPI_COMPEL_ASM_SIGFRAME_H__ */
--- a/Show more
+++ b/Show more