Mirrors/criu
1
0
Fork 0
mirror of https://github.com/checkpoint-restore/criu.git synced 2026-01-23 02:14:37 +00:00
Code Issues Projects Releases Wiki Activity
criu/include
History
Andrey Vagin 7424ccaae8 lsm: get host lsm type from the host mntns 
We check files in /sys, so we must do this from host mount namespaces.

The write_img_inventory() is called after kerndat_init() and it's only
called on dump. The bug is triggered on restore, because the mount
namespace of the restored process doesn't have
/sys/kernel/security/apparmor/

I think it's better to initialize the host lsm in a one place for dump
and restore.

Currently we initialize the host lsm when we try to use it at a first
time. It works fine for the dump operation. On restore it doesn't work
because criu checks files in a restored mount namespace and it does this
for each process, what isn't optimal.

Signed-off-by: Andrew Vagin <avagin@openvz.org>
Signed-off-by: Andrey Vagin <avagin@openvz.org>
Acked-by: Tycho Andersen <tycho.andersen@canonical.com>
Signed-off-by: Pavel Emelyanov <xemul@parallels.com>
2015-05-19 22:36:59 +03:00
..
asm-generic Use run-time page size where it matters 2015-04-22 15:39:05 +03:00
action-scripts.h scripts: Add ACT_MAX limit and make @action_names being const 2014-10-27 21:30:37 +04:00
aio.h aio: Restore AIO contexts 2014-12-26 18:13:40 +03:00
bfd.h bfd: Don't leak image-open flags into bfdopen 2015-03-16 15:58:14 +03:00
bug.h bug: Include <stdbool.h> 2014-02-21 16:27:16 +04:00
cgroup.h cg: add --cgroup-root option 2014-08-19 12:58:36 +04:00
compiler.h include/compiler.h: Cleanup 2013-02-15 17:34:38 +04:00
config-base.h config-base: Add F_SETPIPE_SZ/F_GETPIPE_SZ 2014-02-18 12:53:09 +04:00
cpu.h cpuinfo: Add "cpuinfo [dump|check]" commands, v2 2014-10-03 13:26:58 +04:00
cr-errno.h cr_errno: move cr_err helpers into cr_errno.h 2014-12-22 13:50:45 +03:00
cr-service-const.h service: allocate buffers for messages dinamically (v2) 2015-04-21 16:09:09 +03:00
cr-service.h scripts: Use numeric action val in RPC notifications 2014-09-05 13:48:27 +04:00
cr-show.h img: Introduce the struct cr_img 2014-09-30 21:48:13 +04:00
cr_options.h mnt: add --enable-external-masters option 2015-04-10 17:54:51 +03:00
criu-log.h criu: print correct errno messages from pr_perror() 2015-02-13 15:14:44 +03:00
criu-plugin.h plugin: Explicit assign plugin hooks 2014-09-19 17:39:06 +04:00
crtools.h security: create separate security.h header 2015-02-10 16:53:54 +03:00
err.h headers: Add err.h header 2013-04-02 20:27:51 +04:00
errno.h headers: Move ERESTART codes to errno.h 2013-11-14 22:22:21 +04:00
eventfd.h anon-inode: Don't readlink fd/fd multiple times 2014-02-02 22:14:29 +04:00
eventpoll.h anon-inode: Don't readlink fd/fd multiple times 2014-02-02 22:14:29 +04:00
fcntl.h fsnotify: Open handle with O_PATH, v2 2014-02-25 23:38:35 +04:00
fifo.h img: Rename fdset -> imgset 2014-09-30 21:48:10 +04:00
file-ids.h files-ids: generate id-s accoding with mnt_id, st->st_dev and st->st_ino 2014-04-21 22:39:28 +04:00
file-lock.h locks: Don't dump locks in per-task manner (v3) 2014-09-02 17:44:46 +04:00
files-reg.h reg-files: Do not try to linkat with wrong user 2015-02-13 16:11:38 +04:00
files.h service: add ability to set inherit file descriptors (v3) 2015-03-30 13:09:25 +03:00
fs-magic.h remap: add a dead pid /proc remap 2014-09-19 17:42:48 +04:00
fsnotify.h fsnotify: merge fanotify mark image into fanotify image (v3) 2014-09-03 20:51:39 +04:00
image-desc.h add netns protobuf entry and image, also add conf to net device entry 2015-04-09 18:59:17 +03:00
image.h arch/ppc64: Add PowerPC 64 LE support 2015-04-30 09:57:49 +03:00
imgset.h img: Introduce the struct cr_img 2014-09-30 21:48:13 +04:00
inet_diag.h headers: Unify include guards (in comments) and a few fixes 2012-12-25 22:40:24 +04:00
ipc_ns.h ns: Factor out namespace switching call 2014-09-30 21:54:11 +04:00
irmap.h irmap: Get root mntfd before releasing tasks on predump 2014-10-01 09:37:04 +04:00
kcmp-ids.h headers: Add extern specificator to functions 2013-11-15 17:00:58 +04:00
kcmp.h headers: Move kcmp_type to kcmp.h 2013-11-14 22:13:59 +04:00
kerndat.h kerndat: check the lock field in fdinfo (v2) 2015-04-27 14:53:22 +03:00
libnetlink.h nlk: Add error callback to do_rtnl_req 2015-01-22 18:54:37 +03:00
list.h criu: Several formatting fixes 2014-01-14 09:33:19 +04:00
lock.h atomic: Use atomic_read instead of atomic_get 2013-08-16 19:37:06 +04:00
log.h img: Introduce the struct cr_img 2014-09-30 21:48:13 +04:00
lsm.h lsm: get host lsm type from the host mntns 2015-05-19 22:36:59 +03:00
magic.h img: Introduce v1.1 images (v2) 2015-04-14 15:18:32 +03:00
mem.h mem: Move shmem preparation routine and rename 2014-02-03 23:34:12 +04:00
mman.h headers: Move MADV definitions to own mman.h 2013-11-14 22:48:30 +04:00
mount.h introduce --enable-fs cli option 2015-04-10 17:35:43 +03:00
namespaces.h revert 246367e4e4 "add walk_all flag to walk_namespaces" 2015-04-14 22:34:40 +03:00
net.h Allow the veth-pair option to specify a bridge 2015-01-12 14:54:18 +03:00
netfilter.h headers: Add extern specificator to functions 2013-11-15 17:00:58 +04:00
netlink_diag.h headers: Add missing __CR_ at last endif 2013-11-15 16:59:57 +04:00
packet_diag.h headers: Unify include guards (in comments) and a few fixes 2012-12-25 22:40:24 +04:00
page-pipe.h page-pipe: split dumping memory on chunks (v3) 2014-02-10 15:06:39 +04:00
page-read.h page-read: Explicitly mark ENOENT with return code 2015-03-13 14:42:11 +03:00
page-xfer.h mem: check existence of parent images before dumping pages (v2) 2014-11-29 19:32:40 +03:00
pagemap-cache.h Use run-time page size where it matters 2015-04-22 15:39:05 +03:00
parasite-syscall.h parasite: Cleanup args size fetching 2014-11-11 20:11:34 +04:00
parasite.h tty: Rework tty_driver structure 2015-04-02 20:20:01 +03:00
pid.h headers: Add missing __CR_ at last endif 2013-11-15 16:59:57 +04:00
pipes.h collect: Shorten common images collecting code 2013-08-21 03:52:18 +04:00
plugin.h plugin: Rework plugins API, v2 2014-09-03 20:48:36 +04:00
posix-timer.h posix-timers: Helper for freeing proc parsed data 2014-04-17 12:01:02 +04:00
prctl.h prctl: Add new interface constants 2014-10-27 21:25:25 +04:00
proc_parse.h lock: parse the lock field in fdinfo if it's avaliable (v2) 2015-04-27 14:53:24 +03:00
protobuf-desc.h add netns protobuf entry and image, also add conf to net device entry 2015-04-09 18:59:17 +03:00
protobuf.h img: Remove O_OPT and COLLECT_OPTIONAL 2015-03-13 14:42:01 +03:00
pstree.h pstree: Add helper for adding helpers to pstree 2014-10-14 18:02:36 +04:00
ptrace.h dump: remove useless arguments from seize_task() 2014-11-07 17:14:54 +04:00
rbtree.h x86: moved x86-specific files into the directory arch/x86. 2013-01-09 17:02:47 +04:00
restorer.h lsm: add support for c/ring LSM profiles 2015-05-08 15:31:05 +03:00
rst-malloc.h whitespace-at-eol cleanup 2013-12-12 10:00:45 +04:00
rst_info.h tty: Implement support of current tty 2015-04-02 20:20:08 +03:00
security.h security: add cr_fchown 2015-02-10 16:54:31 +03:00
servicefd.h usernsd: The way to restore priviledged stuff in userns 2015-02-13 16:11:38 +04:00
setproctitle.h crtools: check for setproctitle_init 2014-09-02 16:14:39 +04:00
shmem.h shmem: Turn shmem-info into shared objects from shremap ones 2015-01-12 14:47:24 +03:00
sigframe.h parasite: don't include restorer.h in parasite-syscall.c 2013-11-06 12:39:36 +04:00
signalfd.h img: Rename fdset -> imgset 2014-09-30 21:48:10 +04:00
sk-inet.h Do not call listen() when SO_REUSEADDR is off 2015-02-16 13:18:32 +03:00
sk-packet.h img: Rename fdset -> imgset 2014-09-30 21:48:10 +04:00
sk-queue.h crtools: move all stuff about vma together 2013-11-06 12:43:49 +04:00
sockets.h sockets: define NETLINK_SOCK_DIAG in sockets.h 2015-01-23 15:40:02 +03:00
stats.h stats: Fix restore pages stats 2014-02-04 14:03:10 +04:00
string.h make: config -- Add testing if we have libbsd installed 2014-03-26 01:44:23 +04:00
syscall-types.h x86: Add io syscalls 2014-12-26 18:13:33 +03:00
sysctl.h sysctl: Make CTL_READ nonfatal 2015-05-12 15:58:58 +03:00
sysfs_parse.h Added AUFS support. 2014-08-21 18:35:22 +04:00
timerfd.h timerfd: Implement check routine 2014-08-07 10:18:09 +04:00
tty.h tty: Rework tty_driver structure 2015-04-02 20:20:01 +03:00
tun.h check/zdtm: Introduce fine-grained feature testing 2015-01-22 18:55:34 +03:00
unix_diag.h x86: moved x86-specific files into the directory arch/x86. 2013-01-09 17:02:47 +04:00
util-pie.h headers: Drop uintX_t usage 2013-12-12 10:03:07 +04:00
util.h util: Fix the ispathsub corner case 2014-11-09 23:26:56 +04:00
uts_ns.h ns: Factor out namespace switching call 2014-09-30 21:54:11 +04:00
vdso.h vdso: Implement vDSO proxification of any vvar/vdso order 2014-08-04 15:35:03 +04:00
vma.h vma: Unify private VMAs testing 2015-04-01 12:36:46 +03:00
xmalloc.h core: Allocate CoreEntry (except arch) with single xmalloc 2014-03-14 13:39:28 +04:00