Difference between revisions of "Download/criu/1.8"

From CRIU
Jump to navigation Jump to search
(Created page with "{{Release|1.8|7 Dec 2015}} === New features === * Ability to check CRIU features via RPC * New zdtm.py test suite * C/R of read-only bind mounts * C/R of IPv6 routes and...")
 
 
(9 intermediate revisions by the same user not shown)
Line 4: Line 4:
 
* Ability to check CRIU features via [[RPC]]
 
* Ability to check CRIU features via [[RPC]]
 
* New zdtm.py test suite
 
* New zdtm.py test suite
* C/R of read-only bind mounts
 
* C/R of IPv6 routes and iptables rules
 
* C/R of ip rules (it ip tool supports such)
 
 
* Pre-dump and pre-restore [[action scripts]]
 
* Pre-dump and pre-restore [[action scripts]]
 
* The "info" action in [[CRIT]] showing stats about image file
 
* The "info" action in [[CRIT]] showing stats about image file
Line 12: Line 9:
 
* Python API -- pycriu
 
* Python API -- pycriu
 
* Ability to add custom paths to irmap scan
 
* Ability to add custom paths to irmap scan
* C/R of ignore_routes_with_linkdown netns devconf
+
* C/R of
 +
** read-only bind mounts
 +
** IPv6 routes and iptables rules
 +
** ip rules (it ip tool supports such)
 +
** ignore_routes_with_linkdown netns devconf
 +
** empty bridges in netns
 +
** FILTER mode of seccomp
 +
** IP_FREEBIND socket option
  
 
=== Optimizations/improvements ===
 
=== Optimizations/improvements ===
Line 24: Line 28:
 
* Improved page-server dump speed by keeping control over the Nagle algorithm  
 
* Improved page-server dump speed by keeping control over the Nagle algorithm  
 
* Read pages.img in more optimal manner rather than page-by-page
 
* Read pages.img in more optimal manner rather than page-by-page
 +
* Less "Error"-s in logs, that actually don't lead to errors
 +
* Slightly faster /proc/pid/status parsing
 +
* Dead/live-locks on internal criu locks now emits a warning into logs
  
 
=== Fixes ===
 
=== Fixes ===
Line 45: Line 52:
 
* Unsupported filesystems silently failed the dump
 
* Unsupported filesystems silently failed the dump
 
* External tmpfs (and some other) mounts generated tarballs with their contents
 
* External tmpfs (and some other) mounts generated tarballs with their contents
 +
* Privately mapped files were picked from wrong mount namespace
 +
* Controlling tty could be restored on wrong tty end
 +
* Tmpfs mount of sub-namespace was restored from wrong image file
 +
* Potential stack overflow in libcriu
 +
* Partially-restored tasks could be left after failed restore
 +
* In-container TCP connection sometimes failed to restore
 +
* Race in sending SIGSTOP vs dump might cause dump to fail
 +
* Post-restore actions could generate stats files in wrong directories
 +
* Freeze-cgroup didn't take sub-cgroups' tasks into account
 +
* Tentative state in IPv6 sockets binding prevented socket from being bound immediately
 +
* Restoring from images with files pointing to /proc file of dead tasks could crash
 +
* Tasks with STOP in queue (i.e. -- not ''yet'' stopped) were CONT-ed in case of --leave-running dump
 +
* Stopped task with one more STOP in queue caused dump to stuck
 +
* If parent task left the MNT namespace it created for children restore could BUG()
 +
* Link-local IPv6 addresses sometimes failed to bind() at restore
  
 
=== Security ===
 
=== Security ===
 
* Service run as root could allow users to violate ptrace policies
 
* Service run as root could allow users to violate ptrace policies
 
* Service run as root could give users access to privileged files and directories
 
* Service run as root could give users access to privileged files and directories

Latest revision as of 08:51, 30 November 2015

Tarball: criu-1.8.tar.bz2
Version: 1.8
Released: 7 Dec 2015
GIT tag: v1.8

New features[edit]

  • Ability to check CRIU features via RPC
  • New zdtm.py test suite
  • Pre-dump and pre-restore action scripts
  • The "info" action in CRIT showing stats about image file
  • More user-friendly output by CRIT
  • Python API -- pycriu
  • Ability to add custom paths to irmap scan
  • C/R of
    • read-only bind mounts
    • IPv6 routes and iptables rules
    • ip rules (it ip tool supports such)
    • ignore_routes_with_linkdown netns devconf
    • empty bridges in netns
    • FILTER mode of seccomp
    • IP_FREEBIND socket option

Optimizations/improvements[edit]

  • Shared pie/non-pie .c files are built two times with proper flags
  • VDSO code re-shuffled for better re-use between arches
  • Failures of action scripts are reported in logs
  • OpenVZ's VENET handling is tuned to fit the current kernel state
  • Do not use hardcoded /dev/rts maj:min numbers
  • Unsupported socket protocols are reported at expected place
  • Slightly faster access to /proc files by using O_PATH open mode
  • Improved page-server dump speed by keeping control over the Nagle algorithm
  • Read pages.img in more optimal manner rather than page-by-page
  • Less "Error"-s in logs, that actually don't lead to errors
  • Slightly faster /proc/pid/status parsing
  • Dead/live-locks on internal criu locks now emits a warning into logs

Fixes[edit]

  • Page server flooded node with tw buckets during migration
  • Turned off cgroups controllers weren't detected as such
  • Netns sysctls from old images weren't properly restored
  • Running process could be mistakenly stopped after --leave-running dump
  • Helper processes run by CRIU produced fake error messages in logs
  • Error code from sigaction restore could be missed
  • Several potential buffers overruns due to missed '\0' after strcpy-s existed
  • Killed processes after dump survived in zombie state for some time holding PIDs and resources
  • If task had MANY children, the latter could be skipped on dump
  • Task dying while being frozen could fail the dump
  • On Aarch64 the upper limit for user memory was not properly detected sometimes
  • Guess for TCP buffer max segment size was too optimistic (could fail the restore on low-mem machines)
  • CRIT didn't decode userns images
  • Ghost files were left in the FS tree after failed restore (blocking the next restore attempt)
  • Some log messages from pie code were lost
  • Some net/ipc/uts sysctls failed to restore in userns
  • Move tasks int cgroups failed in userns
  • Unsupported filesystems silently failed the dump
  • External tmpfs (and some other) mounts generated tarballs with their contents
  • Privately mapped files were picked from wrong mount namespace
  • Controlling tty could be restored on wrong tty end
  • Tmpfs mount of sub-namespace was restored from wrong image file
  • Potential stack overflow in libcriu
  • Partially-restored tasks could be left after failed restore
  • In-container TCP connection sometimes failed to restore
  • Race in sending SIGSTOP vs dump might cause dump to fail
  • Post-restore actions could generate stats files in wrong directories
  • Freeze-cgroup didn't take sub-cgroups' tasks into account
  • Tentative state in IPv6 sockets binding prevented socket from being bound immediately
  • Restoring from images with files pointing to /proc file of dead tasks could crash
  • Tasks with STOP in queue (i.e. -- not yet stopped) were CONT-ed in case of --leave-running dump
  • Stopped task with one more STOP in queue caused dump to stuck
  • If parent task left the MNT namespace it created for children restore could BUG()
  • Link-local IPv6 addresses sometimes failed to bind() at restore

Security[edit]

  • Service run as root could allow users to violate ptrace policies
  • Service run as root could give users access to privileged files and directories