t task is already holding lock:
[ 724.408219] (>legacy_mutex){+.+.+.}, at: []
tty_lock+0x86/0xf0
Note that lack of proper annotation simply makes lockdep grumpy but there
is no real errors so no need to backport it I think.
https://jira.sw.ru/browse/PSBM-136773
Signed-off-by: Cyrill
From: Cyrill Gorcunov
When we create a new vtty instance we should annotate the
@tty->legacy_mutex at moment where the lock is taken not
after. Otherwise lockdep engine complains about possible
circular locking issue.
https://jira.sw.ru/browse/PSBM-136773
Signed-off-by: Cyrill Gorcu
don't even
need to take spinlock at all, because cset won't disappear until last
put_ve() call.
https://jira.sw.ru/browse/PSBM-135460
Signed-off-by: Cyrill Gorcunov
---
kernel/cgroup/cgroup.c | 13 ++---
1 file changed, 10 insertions(+), 3 deletions(-)
Index: vzkernel/kernel/cgroup
a reference,
then we can safely walk over set links to remove the files.
https://jira.sw.ru/browse/PSBM-135460
Signed-off-by: Cyrill Gorcunov
---
kernel/cgroup/cgroup.c | 12 ++--
1 file changed, 10 insertions(+), 2 deletions(-)
Index: vzkernel/kernel/cgroup/cgroup.c
On Wed, Oct 27, 2021 at 05:45:25PM +0300, Pavel Tikhomirov wrote:
> We've previousely used net_device->features bits for our own flags
> (NETIF_F_VIRTUAL and friends). Currenly there is not enough place for
> all our flags. So let's add our own flag variable on net_device.
>
>
On Wed, Oct 27, 2021 at 05:08:07PM +0300, Pavel Tikhomirov wrote:
> > > diff --git a/net/bridge/br_forward.c b/net/bridge/br_forward.c
> > > index 2b1d004d6a1f..dfd0a989c4ab 100644
> > > --- a/net/bridge/br_forward.c
> > > +++ b/net/bridge/br_forward.c
> > > @@ -33,7 +33,10 @@ static inline int
addr_equal(e->h_source, dev->dev_addr))
return 0;
}
return 1;
}
if only I didn't miss somthing obvious. Up to you. The patch looks great for me
in any way.
Acked-by: Cyrill Gorcunov
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
Very good job, Pasha! I've just a few comments but I really like
the current result.
On Wed, Oct 27, 2021 at 04:05:20PM +0300, Pavel Tikhomirov wrote:
> NETIF_F_GRO_UDP_FWD_BIT,/* Allow UDP GRO for forwarding */
> - /* here goes NETIF_F_HW_MACSEC_BIT in ms, temporarily reverted
browse/PSBM-135200
> Fixes: 12b9b0869be8 ("drivers/net/ve: venet network device introduced")
> Signed-off-by: Pavel Tikhomirov
> ---
Acked-by: Cyrill Gorcunov
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
From: Cyrill Gorcunov
We can get rid of sprintf usage when encoding the status.
Just fill the string directly.
Cc: Kirill Tkhai
Signed-off-by: Cyrill Gorcunov
---
drivers/md/dm-ploop-target.c | 13 +++--
1 file changed, 7 insertions(+), 6 deletions(-)
--- vzkernel.orig/drivers/md
From: Cyrill Gorcunov
It looks like plain splinlock guards are not suffice enough to prevent
reuse the same lock entries when several clients issues an operation
simultaneously and one of them are in error path which could possibly
lead to the list corruption. We've been said
On Thu, Oct 21, 2021 at 12:09:23PM +0300, Kirill Tkhai wrote:
...
> >
> > or I miss something obvious?
>
> Good idea. Could you please provide a proper patch reworking
> this function on top of my patch?
Sure. Will do today (I hope) and will send it.
On Wed, Oct 20, 2021 at 06:13:01PM +0300, Kirill Tkhai wrote:
...
> diff --git a/drivers/md/dm-ploop-target.c b/drivers/md/dm-ploop-target.c
> index 327095f75359..bd68d5fb272b 100644
> --- a/drivers/md/dm-ploop-target.c
> +++ b/drivers/md/dm-ploop-target.c
> @@ -455,6 +455,8 @@ static void
On Wed, Oct 20, 2021 at 06:39:40PM +0300, Pavel Tikhomirov wrote:
...
>
> This patch comes from LKML
> https://lore.kernel.org/all/20210121221207.GB2174@grain/T/#u
> It's still not in ms tree but will be commited soon.
It is already merged, commit e1fbbd073137a9d63279f6bf363151a938347640
Not
They should be external otherwise linker will complain
about multiple declaration.
Fixes 596651d0222ff5196cf80db6e8812a535bf99734
Signed-off-by: Cyrill Gorcunov
---
criu/include/mount.h | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/criu/include/mount.h b/criu/include
When building criu on latest fedora 34 with gcc-11 I got errors
on global vars declaration, fix them.
Cyrill Gorcunov (2):
mount-v2: fix nested_pidns_procs declaration
mount: fix declaration of root_yard_mp and mnt_roots
criu/include/mount-v2.h | 2 +-
criu/include/mount.h| 4 ++--
2
Global vars should be defined as extern ones,
otherwise linker will complain about multiple
definition of symbols.
Fixes a2ac72ab1d35ba49ee2cc59ab973ac624d6125f0
Signed-off-by: Cyrill Gorcunov
---
criu/include/mount-v2.h | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/criu
Tkhai
Signed-off-by: Cyrill Gorcunov
---
arch/x86/kernel/cpu/proc.c | 10 +-
1 file changed, 5 insertions(+), 5 deletions(-)
--- vzkernel.orig/arch/x86/kernel/cpu/proc.c
+++ vzkernel/arch/x86/kernel/cpu/proc.c
@@ -69,7 +69,7 @@ struct cpu_flags {
};
static DEFINE_PER_CPU(struct cpu
to happen earlier because there is no need to
keep it once we've finished traversing the @ve_root_list list.
https://jira.sw.ru/browse/PSBM-134756
CC: Kirill Tkhai
Signed-off-by: Cyrill Gorcunov
---
kernel/sched/core.c| 10 +-
kernel/sched/loadavg.c |6 +++---
2 files changed, 8
, seems like been occasionally sneaked in from
previous kernels
https://jira.sw.ru/browse/PSBM-134658
Signed-off-by: Cyrill Gorcunov
---
Index: vzkernel/drivers/tty/pty.c
===
--- vzkernel.orig/drivers/tty/pty.c
+++ vzkernel/drivers
vz7 commit ded5965d1d58 ("ve/proc/block: show
/proc/diskstats inside a Container"))
Signed-off-by: Vasily Averin
gorcunov@: cherry-picked from commit d29e2f9fbf277, the vz9
code is changed so had to apply the patch manually).
Signed-off-by: Cyrill Gorcunov
---
block/genhd.c | 8 ++
t;)
- the name of routine has been changed to scsi_device_state_check
so had to apply the commit manually
Signed-off-by: Cyrill Gorcunov
---
drivers/scsi/scsi_lib.c | 14 ++
1 file changed, 10 insertions(+), 4 deletions(-)
diff --git a/drivers/scsi/scsi_lib.c b/drivers/scsi
ridge: handle netlink messages
AF_BRIDGE / RTM_[GSD]ETLINK sent from inside a Container"))
Signed-off-by: Vasily Averin
Signed-off-by: Cyrill Gorcunov
---
kernel/ve/ve.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/kernel/ve/ve.c b/kernel/ve/ve.c
index 38ede55d65b7..76de50886
From: Andrey Zhadchenko
CRIU is preserving ifindexes of net devices after restoration, but
current Open vSwitch API are not capable to do that. So we need to
modify it, because
- Restoring net devices with random ifindex will lead to some excessive
work to restore master relationship.
- OVS
From: Vasily Averin
openvswitch briges are used by Weave net plugin for Kubernetes.
https://jira.sw.ru/browse/PSBM-92107
Signed-off-by: Konstantin Khorenko
(cherry picked from vz7 commit 8ed1b4ae93bc ("openvswitch: allow to create ovs
bridges inside Containers"))
Signed-off-by: Vasily
From: Konstantin Khorenko
Don't complain about searching for a non ns specific sysfs entry in ns specific
parent dirent.
When we set sysfs permissions for a CT via ve.sysfs_permissions
we assume the target sysfs entry is non ns specific and call
sysfs_find_dirent() with NULL ns arg.
This
;sock: allow reading
and changing sk_userlocks with setsockopt")
Reviewed-by: Alexander Mikhalitsyn
Signed-off-by: Pavel Tikhomirov
Signed-off-by: Cyrill Gorcunov
---
arch/alpha/include/uapi/asm/socket.h | 2 ++
arch/mips/include/uapi/asm/socket.h | 2 ++
arch/parisc/include/uapi/as
From: Pavel Tikhomirov
Set default size to half of physpages from ve memory cgroup. User in ct
would get -ENOSPC on 1/2 memory limit reached like we do on host.
https://jira.sw.ru/browse/PCLIN-26841
https://jira.sw.ru/browse/PSBM-127785
(extracted from vz7 commit dce154c32257 ("ub/memcg:
From: Pavel Tikhomirov
The task having task->mm->vps_dumpable == VD_VE_ENTER_TASK is a task
which entered container's ve cgroup and not yet called exec until:
sys_execve
do_execve
do_execve_common [1]
exec_binprm
search_binary_handler
load_elf_binary
flush_old_exec
Signed-off-by: Cyrill Gorcunov
---
include/linux/memcontrol.h | 6 ++
mm/memcontrol.c| 40 ++
mm/vmstat.c| 16 ++-
3 files changed, 61 insertions(+), 1 deletion(-)
diff --git a/include/linux/memcontrol.h b/inc
Hi! Take a look please, once time permit. This series doesn't
cover all patches because we can't use css_local_root() helper
until PSBM-134002 get merged (in those patches this helper is
introduced). Thus the commit
c1b584c0d3be ve/cgroup: Get correct VE init css when ve init_task is moved to
it must survive container start/stop cycle
and checkpoint/restore as well.
For this sake we:
- drop ve_hook code, it no longer needed
- free console @map on final close of the last tty opened
https://jira.sw.ru/browse/PSBM-39463
Signed-off-by: Cyrill Gorcunov
Reviewed-by: Vladimir Davydov
(and move it into vtty_release helper).
https://jira.sw.ru/browse/PSBM-41985
https://jira.sw.ru/browse/PSBM-41672
Signed-off-by: Cyrill Gorcunov
Reviewed-by: Vladimir Davydov
+++
ve/vtty: fix mixed declarations and code in vtty_release()
Compilation error fixed:
drivers/tty/pty.c: In function 'vtty_release':
d
nits: disable setup of controlling
terminal on /dev/console only, since all ttys can have
controlling sign; make sure we're having @tty_fops for
such terminals.
https://jira.sw.ru/browse/PSBM-40088
Signed-off-by: Cyrill Gorcunov
Reviewed-by: Vladimir Davydov
CC: Konstantin Khorenko
CC: Igor S
ort vtty_open_master
Signed-off-by: Cyrill Gorcunov
Reviewed-by: Vladimir Davydov
CC: Konstantin Khorenko
+++
ve/tty: WARN_ON commented out in vtty_open_master()
i've just commented it out for now because of compilation issues
and the fact we are going to rework tty code anyway.
Reason of the prob
.
Note there is still problem remains: upon vzctl console
call the carrige return (enter press) is still required
for login prompt to appear, I'm investigating it now.
https://jira.sw.ru/browse/PSBM-41057
Signed-off-by: Cyrill Gorcunov
Reviewed-by: Vladimir Davydov
https://jira.sw.ru/browse/PSBM
):
ve/kbd: add file kbd_bind in sysfs, which allow unbind keyboard from
tty (v2)
Cyrill Gorcunov (6):
ve/tty: Provide interface for current tty inheritance
ve/tty: vt -- Implement per VE support for console and terminals
ve/vtty: Don't zap termios fields on slave peer
ve/vtty: Make indices
/tty_io.c:2843:7: error: ‘TIOSAK’ undeclared (first use in
| this function)
| case TIOSAK:
|
| This is an addition to commit 28f8dfa.
Keep it for backward compatibility.
Signed-off-by: Cyrill Gorcunov
---
arch/powerpc/include/uapi/asm/ioctls.h | 2 ++
drivers/tty/tty_io.c
From: Andrey Vagin
port of 2.6.32-x diff-ms-input-detach-input-from-console
ported by Dmitry Guryanov
Signed-off-by: Andrey Vagin
Signed-off-by: Dmitry Guryanov
Author: Andrey Vagin
Email: ava...@openvz.org
Subject: kbd: add file kbd_bind in sysfs, which allow unbind keyboard from tty
(v2)
On 10/6/21 12:58, Kirill Tkhai wrote:
--- a/include/linux/cgroup-defs.h
+++ b/include/linux/cgroup-defs.h
@@ -125,6 +125,8 @@ enum {
*/
CFTYPE_VE_WRITABLE = (1 << 15),
+ CFTYPE_SYMLINKED = (1 << 6), /* pointed to by symlink too */
We already have:
54b7b868e826b294687c439b68ec55fe20cafe5b)
Signed-off-by: Andrey Ryabinin
Signed-off-by: Cyrill Gorcunov
---
include/linux/cgroup-defs.h | 2 ++
kernel/cgroup/cgroup.c | 33 +
2 files changed, 31 insertions(+), 4 deletions(-)
diff --git a/include/linux/cgroup-defs.h b
54b7b868e826b294687c439b68ec55fe20cafe5b)
Signed-off-by: Andrey Ryabinin
Signed-off-by: Cyrill Gorcunov
---
include/linux/cgroup-defs.h | 3 +++
kernel/cgroup/cgroup.c | 33 +
2 files changed, 32 insertions(+), 4 deletions(-)
diff --git a/include/linux/cgroup-defs.h b
)
https://jira.sw.ru/browse/PSBM-101019
Signed-off-by: Andrey Ryabinin
Signed-off-by: Cyrill Gorcunov
---
block/bfq-cgroup.c | 6 --
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/block/bfq-cgroup.c b/block/bfq-cgroup.c
index e2f14508f2d6..590e6ee700c8 100644
--- a/block/bfq-cgroup.c
From: Andrey Zhadchenko
Sometimes during dump criu can encounter sockets with overflown kernel
buffer, which results in ENOBUFS error during next read.
We need a reliable way to restore sk->sk_err.
https://jira.sw.ru/browse/PSBM-120976
Signed-off-by: Andrey Zhadchenko
Signed-off-by: Cyr
From: Andrey Vagin
This patch adds an repair mode for netlink sockets. sendmsg queues
messages into a receive queue if a socket is in the repair mode.
https://jira.sw.ru/browse/PSBM-28386
Signed-off-by: Andrey Vagin
Reviewed-by: Cyrill Gorcunov
https://jira.sw.ru/browse/PSBM-101289
vz7
/PSBM-28386
Signed-off-by: Andrey Vagin
Reviewed-by: Cyrill Gorcunov
===
netlink: Don't manipulate @sk_peek_off if data fetching failed
When skb_copy_datagram_iovec called to fetch queued data
it may fail with EFAULT and if MSG_PEEK set
54b7b868e826b294687c439b68ec55fe20cafe5b)
Signed-off-by: Andrey Ryabinin
Signed-off-by: Cyrill Gorcunov
---
include/linux/cgroup-defs.h | 3 +++
kernel/cgroup/cgroup.c | 33 +
2 files changed, 32 insertions(+), 4 deletions(-)
diff --git a/include/linux/cgroup-defs.h b
Hi! The series addresses patches left from userfaultfd handling,
which were mostly merged already so only netlink and a few puckups
left. I had to tune up netlink series since it didn't apply smoothly:
datagram seding proto has been lifted up and netlink socket errors
has been depending on repair
spfs we do PR_SET_MM + PR_SET_MM_EXE_FILE from parasite (can be
unprivileged userns). PR_SET_MM_EXE_FILE one is not available in
mainstream.
Here are descriptions of patches which allowed PR_SET_MM_EXE_FILE
everywhere and all other PR_SET_MM flags in ve:
Acke
f objects returned by do_shrink_slab()
> may be interpreted as SHRINK_EMPTY, if low bytes of
> their value are equal to 0xfffe. Fix that
> by declaration ret as unsigned long in these functions.
>
> Reported-by: Cyrill Gorcunov
> Signed-off-by: Kir
l- 1 root root 64 Feb 1 09:41 4 -> /tmp/test_sock
$ cat /proc/760/fdinfo/4
pos:0
flags: 01200
mnt_id: 40
$ cat /proc/self/mountinfo | grep "^40\s"
40 19 0:37 / /tmp rw shared:23 - tmpfs tmpfs rw
Signed-off-by: Andrei Vagin
Signed-off-by: David S. Miller
Sign
get_exec_env();
>
> - return ve_is_super(ve) ||
> + return ve_is_super(ve) || ve->is_pseudosuper ||
> atomic_read(>mnt_nr) < (int)sysctl_ve_mount_nr;
> }
>
> --
> 2.17.0
>
Acked-by: Cyrill Gorcunov
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
of action would be a workaround in the tswap, similar to what we
> do in __read_swap_cache_async() - bail out on zero swap_count. Apperently
> it works for __read_swap_cache_async(), so it should work for tswap.
>
> https://jira.sw.ru/browse/PSBM-86344
> Signed-off-by: Andrey Ryabinin
Reviewed-by
uot; > $CG_PATH/blkio.throttle.read_bps_device
>
> # Check that everything work as expected
> $ dd if=/dev/sda of=/dev/null iflag=direct bs=1M count=100
> 100+0 records in
> 100+0 records out
> 104857600 bytes (105 MB, 100 MiB) copied, 16.6958 s, 6.3 MB/s
>
On Mon, May 07, 2018 at 11:35:35AM -0700, Andrei Vagin wrote:
> On Sat, May 05, 2018 at 09:12:02AM +0300, Cyrill Gorcunov wrote:
> > On Sat, May 05, 2018 at 01:42:36AM +0300, Andrei Vagin wrote:
> > > The Block I/O (blkio) subsystem controls and monitors access to I/O on
&
0x 0x
0x
In a sake of https://jira.sw.ru/browse/PSBM-84029
Signed-off-by: Cyrill Gorcunov <gorcu...@openvz.org>
---
arch/x86/kernel/cpuid_fault.c | 32
1 file changed, 32 insertions(+)
Index: linux-pcs7.git/arch/x86/kernel/cpuid_f
On Sat, May 05, 2018 at 01:42:36AM +0300, Andrei Vagin wrote:
> The Block I/O (blkio) subsystem controls and monitors access to I/O on
> block devices by tasks in cgroups. With the introduced changes, a
> backstore will be like a task in a specified group.
>
> One of interesting feature is an
maximum fd after lock is
> acquired to see such the parallel users.
>
> https://jira.sw.ru/browse/PSBM-82984
>
> Signed-off-by: Kirill Tkhai <ktk...@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcu...@openvz.org>
_
On Fri, Mar 23, 2018 at 05:33:01PM +0300, Kirill Tkhai wrote:
> On 23.03.2018 17:09, Cyrill Gorcunov wrote:
> > On Fri, Mar 23, 2018 at 04:50:20PM +0300, Kirill Tkhai wrote:
> >>>>>
> >>>>> When are you going to do this?
> >>>>
> &g
On Fri, Mar 23, 2018 at 04:50:20PM +0300, Kirill Tkhai wrote:
> >>>
> >>> When are you going to do this?
> >>
> >> I'm not going to port raw socket functionality to vz7, since this is
> >> Cyrill's patch.
> >>
> >> I can replace IP_FREEBIND workarounds with sysctl.ip_nonlocal_bind in
> >> vanila
do_ipv6_setsockopt(), and
> IPV6_ADDRFORM optname changes sk->sk_prot to refer
> to tcp_prot, udp_prot and udplite_prot, which contains
> link to ip_setsockopt().
>
> Signed-off-by: Kirill Tkhai <ktk...@virtuozzo.com>
Acked-by: Cyrill Gorcunov <gorcu...@openvz.org>
_
On Thu, Feb 15, 2018 at 02:18:27PM -0800, Andrey Vagin wrote:
> On Thu, Feb 15, 2018 at 09:54:39PM +0300, Cyrill Gorcunov wrote:
> > When fork() is called the current controlling terminal is inherited
> > by a child process. But in criu we fork all process first and then
> >
t terminal propagated) via ve.ctty interface,
and we kick all queued ctty waiters to proceed opening,
because now open ctty is valid
https://jira.sw.ru/browse/PSBM-76490
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/tty.c | 12 ++--
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/criu/tty.c b/criu/tty.c
index 4cc99690f..41d8dcaa2 100644
--- a/criu/tty.c
+++ b/criu/tty.c
@@ -1292,12 +1292,12 @@ static struct file_de
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/include/kerndat.h | 1 +
criu/kerndat.c | 17 +
2 files changed, 18 insertions(+)
diff --git a/criu/include/kerndat.h b/criu/include/kerndat.h
index f3af32df1..a3fe7efd6 100644
--- a/criu/include/ker
The group may vary so we only need to check
if sid is reachable, othrewise it might trigger
false positive.
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/tty.c | 9 -
1 file changed, 4 insertions(+), 5 deletions(-)
diff --git a/criu/tty.c b/criu/tty.c
index 1eb
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/include/log.h | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/criu/include/log.h b/criu/include/log.h
index f6b9ec28a..a77c606ca 100644
--- a/criu/include/log.h
+++ b/criu/include/log.h
@@ -63,7
Need it to distinguish current console instances.
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/files.c | 1 +
criu/include/files.h | 1 +
2 files changed, 2 insertions(+)
diff --git a/criu/files.c b/criu/files.c
index d5b523f56..2d5d1bc89 100644
--- a/criu/f
Otherwise MS_RDONLY become undefined on modern distros.
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/cr-check.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/criu/cr-check.c b/criu/cr-check.c
index 78a0571eb..e4e4a047b 100644
--- a/criu/cr-check.c
This series requires kernel patch titled
[PATCH rh7]: ve: Provide interface for current tty inheritance
An easy way to test this is to run container, start screen
sessions inside and open a few new sessions where run python
script with multiple f=open("/dev/tty", "r+").
jira.sw.ru/browse/PSBM-76490
CC: Andrey Vagin <ava...@virtuozzo.com>
CC: Andrey Ryabinin <aryabi...@virtuozzo.com>
CC: Konstantin Khorenko <khore...@virtuozzo.com>
CC: "Denis V. Lunev" <d...@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.co
<ava...@virtuozzo.com>
CC: Andrey Ryabinin <aryabi...@virtuozzo.com>
CC: Konstantin Khorenko <khore...@virtuozzo.com>
CC: "Denis V. Lunev" <d...@virtuozzo.com>
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
Note I wrapped the calls with C
checks are happen in is_pseudosuper
> mode, so we do not affect performance on normal work mode.
>
> The problem is we can't solve this for 100% case in userspace.
> Kernel allows to fix that completely.
>
> What do you think?
>
> https://jira.sw.ru/browse/PSBM-78827
Reviewe
On Tue, Jan 16, 2018 at 11:03:26AM +0300, grem...@gremlin.ru wrote:
> On 2018-01-16 01:51:31 +0300, Cyrill Gorcunov wrote:
>
> > The kernel virtualize access to proc/sys/ entries in lightweight
> > way -- if entry is opened from inside of veX then it's not allowed
/PSBM-80585
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/files-reg.c | 12 +++-
1 file changed, 11 insertions(+), 1 deletion(-)
diff --git a/criu/files-reg.c b/criu/files-reg.c
index 27e4cf48d..0cc6a5e19 100644
--- a/criu/files-reg.c
+++ b/criu/files-reg.c
@@
ira.sw.ru/browse/PSBM-80421
>
> Signed-off-by: Pavel Tikhomirov <ptikhomi...@virtuozzo.com>
Reviewed-by: Cyrill Gorcunov <gorcu...@openvz.org>
Lets move it to testing. It should not break criu, neither libvzctl
which does access from the root namespace.
__
Tikhomirov <ptikhomi...@virtuozzo.com>
Acked-off-by: Cyrill Gorcunov <gorcu...@openvz.org>
Kirill, take it please
___
Devel mailing list
Devel@openvz.org
https://lists.openvz.org/mailman/listinfo/devel
-- mointinfo keeps
superblock device in kernel format while the source s_dev
is obtained from the stat() syscall so we should use
kdev_to_odev helper to not miss device if there are many
devpts mounted on the node.
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/include/mount.
On Tue, Nov 21, 2017 at 04:18:52PM -0800, Andrei Vagin wrote:
> criu and soccr has different values for log levels, so
> someone has to remap them.
>
> Cc: Cyrill Gorcunov <gorcu...@openvz.org>
> Reported-by: Cyrill Gorcunov <gorcu...@openvz.org>
> Signed-off-by: A
On Fri, Nov 10, 2017 at 04:04:01PM +, Dmitry Safonov wrote:
> > + if (regs->cs == __USER32_CS) {
> > + /*
> > +* It's close to set_personality_ia32
> > +* but we don't want to change orig_ax.
> > +*/
> > +
On Fri, Nov 10, 2017 at 10:45:55AM +, Pavel Vokhmyanin wrote:
>WAIT_PID rpc command is necessary to wait on a page server and retrieve
>
>its exit code. Keep_open flag is essential for this command - we need
>
>RPC server to keep running after processing WAIT_PID in order to
:name=systemd:/
| 3:beancounter:/
| 2:memory:/
| 1:blkio:/
Thus in the patch we extend cg_attach_task to allow to filter
VE cgroup from attachement on restore while the rest of cgroups
are attached. CRIU will join veX by self.
https://jira.sw.ru/browse/PSBM-64756
Signed-off-by: Cyrill Gorcunov
On Mon, Oct 23, 2017 at 03:30:25PM -0700, Andrei Vagin wrote:
> > @@ -76,6 +77,7 @@ static int run_shell_scripts(const char *action)
> > return -1;
> >
> > if (!(env_set & ENV_ROOTPID) && root_item) {
> > + char mnt_ns_roots[PATH_MAX];
>
> Should it be declared in a
On Mon, Oct 23, 2017 at 03:27:01PM -0700, Andrei Vagin wrote:
> > +
> > + dst[0] = '\0';
> > + for (nsid = ns_ids; nsid; nsid = nsid->next) {
> > + if (nsid->nd != _ns_desc)
> > + continue;
> > +
> > + len = print_ns_root(nsid, 0, p, size);
> > +
to verify the former bug, adding arbitrary
numbers into shmid is not harmless, thus only valid for small containers
and should not be used for heavy ones.
https://jira.sw.ru/browse/PSBM-75112
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/fault-injection.c | 6 ++
https://jira.sw.ru/browse/PSBM-75112
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
crit/crit | 2 +-
criu/cr-dedup.c | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/crit/crit b/crit/crit
index a6a6832..6b42fa2 100755
--- a/crit/crit
+++ b/cri
Andrew, Kirill, take a look please. I think we should use %lu
for all images names instead of %d, but this will require more
code changes which I'm planning to do for vanilla criu first.
Cyrill Gorcunov (2):
vz7: image-desc -- Make pagemap and pagemap-shmem images to use lu
vz7: crit: Use lu
From: Cyrill Gorcunov <gorcu...@openvz.org>
The restore of ploop device is a bit tricky: its major/minor
is not a constant but allocated dynamicaly by the kernel
driver. Thus we may have a situation when /dev/ploopXX
points for some obsolete name which we have to resolve
into valid
This helper produce space separated list of
mount namespace roots which can be exported
then into environment variable.
https://jira.sw.ru/browse/PSBM-71861
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.com>
---
criu/include/mount.h | 2 ++
criu/mount.c
Guys, take a look please.
Cyrill Gorcunov (3):
criu: mount: Add export_mnt_ns_roots helper
criu: action-scripts: Export mount namespace roots via CRIU_MNT_NS_ROOTS
libvzctl: scripts: Tune up ploop links on post-setup-namespaces stage
--
2.7.5
In particular we need to process filesystem to restore
ploop device migration, thus export roots and the script
can use CRTOOLS_INIT_PID together with nsenter to step
into prepared file systems and whatever needed.
https://jira.sw.ru/browse/PSBM-71861
Signed-off-by: Cyrill Gorcunov <go
On Tue, Sep 12, 2017 at 5:43 PM, Cyrill Gorcunov <gorcu...@gmail.com> wrote:
> On Sun, Jul 23, 2017 at 6:15 PM, Cyrill Gorcunov <gorcu...@gmail.com> wrote:
>> We are carrying uids/gids in per-thread way since v1.8,
>> so no need to require them to match anymore.
On Sun, Jul 23, 2017 at 6:15 PM, Cyrill Gorcunov <gorcu...@gmail.com> wrote:
> We are carrying uids/gids in per-thread way since v1.8,
> so no need to require them to match anymore. We still
> require seccomp to match though. Need to revisit, seems
> may relax this requirement
Hi all! I just finished rebasing of our criu instance on the
latest vanilla master v3.4. Please give it a shot. A short
summary:
- 212 commits on top of vanilla
- 105 files changed, 6310 insertions(+), 667 deletions(-)
Sources are sitting in known place
On Tue, Jul 25, 2017 at 10:26:17AM -0700, Andrey Vagin wrote:
>
> ^^^ It is incorrect. We want to check that a parent task lives in this
> same mount namespace.
>
> The code has to be something like this:
>
> if (next->ids == NULL) /* helper or zombie */
>
On Mon, Jul 24, 2017 at 07:09:39PM +0300, Stanislav Kinsburskiy wrote:
>
>Well, no. I don't like this defines.
>And I don't think that pid has to be explicitly provided. At least for
>ve0.
>But frankly, I don't want to do it anyways.
Man, it happened that cgroup interace works
On Mon, Jul 24, 2017 at 06:52:31PM +0300, Stanislav Kinsburskiy wrote:
>
> >> int join_ve(pid_t pid, bool veX)
> >
> > Does pid have to be 0 in this case?
> >
>
> Maybe interface to this helper should be reworked?
In criu/cr_restore.c
#define join_veX(pid) join_ve(pid, true)
#define
On Mon, Jul 24, 2017 at 08:34:52AM -0700, Andrei Vagin wrote:
> >
> > -static int iptables_tool_restore(char *def_cmd, int fdin)
> > +static int __iptables_tool_restore(char *def_cmd, int fdin)
> > {
> > + if (join_ve(root_item->pid->real, false))
>
> Do you switch here into VE0? Could you
We are carrying uids/gids in per-thread way since v1.8,
so no need to require them to match anymore. We still
require seccomp to match though. Need to revisit, seems
may relax this requirement as well.
https://jira.sw.ru/browse/PSBM-68756
Signed-off-by: Cyrill Gorcunov <gorcu...@virtuozzo.
In case if our parent is a dead task (zombie) we should lookup
for parent ids which will be inherited on restore. Otherwise
parent->ids may be nil and SIGSEGV produced.
https://jira.sw.ru/browse/PSBM-68062
v2:
- make sure the ids is inherited if zombie met
Signed-off-by: Cyrill Gorcunov <
1 - 100 of 577 matches
Mail list logo