2,257
edits
Changes
Jump to navigation
Jump to search
Line 2:
Line 2: − + + + + + + + + + + + + + + + + + − + + + + + + + − + + + + + + + + + + + + + − +
no edit summary
=== New features ===
=== New features ===
* 2.0 -- new code layout for sub-projects (e.g. [[Compel]])
* New code layout for sub-projects (e.g. [[Compel]])
* [[Unprivileged dump]]
* Dump/check cpuinfo support for PPC
* Dump/check cpuinfo support for PPC
* Explorers for [[CRIT]]
* Explorers for [[CRIT]]
* Added "post-setup-namespaces" to [[action scripts]]
* Added "post-setup-namespaces" to [[action scripts]]
* Added timeout for dump procedure (5 sec by default)
* Ability to override LSM profile on restore with CLI/RPC option
* [[External resources|External TTYs]]
* [[External bind mounts]] can be fs-root mounts too
* C/R for
** Mode and uid/gid of cgroup files and dirs
** Freeze cgroup state (frozen/thawed)
** Task's loginuid
** Task's oom score
** Per-thread credentials
** Filter mode of seccomp
** Ghost file in removed directory
** Ghost files lutimes
** Binfmt-misc FS contents
** Netfilter conntracks and expectations
=== Optimizations/improvements ===
=== Optimizations/improvements ===
*
* Align parasite stack on 16 bits for correctness
* Compilation with native libc syscall wrappers and helpers
* Parasite code injection done via memfd system call
* Make vaddr to pfn conversion with one less syscall
* CRIT shows device numbers in "maj:min" manner
* CRIT shows mmap's status in verbose
*
=== Fixes ===
=== Fixes ===
*
* Absent readlink syscall on ARM (use readlinkat instead) could cause dump to fail
* Wrong argument to timer_create system call could cause restore to crash
* Extra tasks in freeze cgroup caused dump to fail/hand/crash
* Unaligned restore-time object allocations caused lock operations to fail
* Opened /proc/pid dir of dead task failed the dump
* Unaligned stacks caused criu to fail on aarch64
* Changed device numbers on restore side could cause random failures
* Fixes in mount points sharing/slavery/propagation restore
* Race between mntns creation and fds closing in different tasks could cause restore to fail
* Hard kernel limit on TCP repair recv queue restore could cause big queue restore to fail
* Unconnected dgram UNIX socket with data lost packets on restore
* CRIT didn't show IPC objects
* CRIT didn't convert IP addresses in images
=== Security ===
=== Security ===
*
* [[User-mode]]
=== Deprecated/removed ===
=== Deprecated/removed ===
* Completely removed 'show' action. Use [[CRIT]] instead.
* Completely removed 'show' action. Use [[CRIT]] instead.