Line 11: |
Line 11: |
| * [[External bind mounts]] can be fs-root mounts too | | * [[External bind mounts]] can be fs-root mounts too |
| * Skip netns' internals on dump and restore (for Docker [[integration]]) | | * Skip netns' internals on dump and restore (for Docker [[integration]]) |
− | * Avoid dumping seccomp state (for older kernels)
| |
| * Advanced support for [[external files]] | | * Advanced support for [[external files]] |
| ** [[External resources|External TTYs]] | | ** [[External resources|External TTYs]] |
Line 17: |
Line 16: |
| ** Mode and uid/gid of cgroup files and dirs | | ** Mode and uid/gid of cgroup files and dirs |
| ** Freeze cgroup state (frozen/thawed) | | ** Freeze cgroup state (frozen/thawed) |
− | ** Task's loginuid | + | ** Task's loginuid and oom score |
− | ** Task's oom score
| |
| ** Per-thread credentials | | ** Per-thread credentials |
| ** Filter mode of seccomp | | ** Filter mode of seccomp |
Line 25: |
Line 23: |
| ** Binfmt-misc FS contents | | ** Binfmt-misc FS contents |
| ** Netfilter conntracks and expectations | | ** Netfilter conntracks and expectations |
| + | ** Multi-headed cgroups |
| + | ** CGroup namespaces (no nesting) |
| | | |
| === Optimizations/improvements === | | === Optimizations/improvements === |
Line 33: |
Line 33: |
| * CRIT shows device numbers in "maj:min" manner | | * CRIT shows device numbers in "maj:min" manner |
| * CRIT shows mmap's status in verbose | | * CRIT shows mmap's status in verbose |
− | * | + | * Docker files for builds on all supported arches |
| | | |
| === Fixes === | | === Fixes === |
Line 49: |
Line 49: |
| * CRIT didn't show IPC objects | | * CRIT didn't show IPC objects |
| * CRIT didn't convert IP addresses in images | | * CRIT didn't convert IP addresses in images |
| + | * Logs from PIE code contained corrupted addresses and sizes |
| + | * Not loaded netfilter modules could cause dump/restore to stuck on dumping netlink socket |
| + | * Shared external mounts were restored with error |
| | | |
| === Security === | | === Security === |
| * [[User-mode]] | | * [[User-mode]] |
| + | * When checking for namespaces' CRIU entered userns with host creds |
| | | |
| === Deprecated/removed === | | === Deprecated/removed === |
| * Completely removed 'show' action. Use [[CRIT]] instead. | | * Completely removed 'show' action. Use [[CRIT]] instead. |