Changes

Jump to: navigation, search

Shared memory

693 bytes added, 19:37, 2 September 2016
Restore: OK this is the way it works. Perhaps we need a picture here.
== Restore ==
Upon During the restore, CRIU already knows which mappings are shared, and the trick is so they need to restore them be restored as suchshared.For thatTo restore file mappings, two different approaches no tricks are usedneeded, depending on the availabilitythey are opened and mmaped with with a MAP_SHARED flag set.
The common part is, between the processes sharing a mappingAnonymous memory mappings, the one with the lowest PIDamong the group performs the actual <code>mmap()</code>though, while all the others waitfor the mapping need some work to appear and, once it's available, use be restored as such. Here is how itis done.
=== memfd ===Among all the processes sharing a mapping, the one with the lowest PID among the group(see [[postulates]]) is assigned to be a mapping creator. The creator task is to obtain a mappingfile descriptor, restore the mapping data, and signal all the other process that it's ready.During this process, all the other processes are waiting.
Linux kernel v3.17 adds First, the creator need to obtain a [http://man7.org/linux/man-pages/man2/memfd_create.2.html memfd_create()]syscallfile descriptor for the mapping. CRIU restore checks if it is available from the running kernel; To achieve it yes, it is two differentapproaches are used, depending on the availability.
FIXME howIn case [http://man7.org/linux/man-pages/man2/memfd_create.2.html memfd_create()]syscall is available (Linux kernel v3.17+), it is used to obtain a file descriptor.Next, <code>ftruncate()</code> is called to set the proper size of mapping.
HOW: The memfd in question If <code>memfd_create()</code> is created in not available, the task with lowest PID alternative approach is used.First, mmap(see [[postulates]]) among those having this shmem segmentis called to create a mapping. Next, a file in <code>/proc/self/map_files/</code>mapped, then criu waits for the others is opened to get this a file by opening descriptor for the creator's mapping. The limitation of this method is,due to security concerns, /proc/pid$PID/fdmap_files/ link.is not available for processes thatlive inside a user namespace, so it is impossible to use it if thereAfterwards all are any user namespaces in the files just mmap() this descriptor into their address spacedump.
=== /proc/$PID/map_files/ ===Once the creator have the file descriptor, it mmap()s it and restores its content fromthe dump (using memcpy()). The creator then unmaps the the mapping (note the fileThis method descriptor is used if memfd is not still available). The limitation isNext, /proc/$PID/map_files/ is not availablefor users inside user namespaces it calls futex(due to security concernsFUTEX_WAKE), so it's not possible to use it if theresignal all theare any user namespaces in waiting processes that the dumpmapping file descriptor is ready.
FIXME howAll the other processes that need this mapping wait on futex(FUTEX_WAIT). Once thewait is over, they open the creator's /proc/$CREATOR_PID/fd/$FD file to get themapping file descriptor.
HOW: The same technique as with memfd is usedFinally, with two exceptions. First is that all the processes (including the creator calls itself) call mmap()to create anot memfd_createneeded mapping (note that mmap() arguments such as length, offset and creates the shared memory at once. Then it waits flags maydiffer for the others to open its/proc/pid/map_files/ link. After opening "the others" mmapdifferent processes), and close() one to their address space just the mapping file descriptor as ifit isthey would have done it with memfd descriptorno longer needed.
== Changes tracking ==

Navigation menu