Download/criu/2.0

From CRIU
Revision as of 10:38, 20 February 2016 by Xemul (talk | contribs)
Jump to navigation Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Tarball: criu-2.0.tar.bz2
Version: 2.0
Released: 7 Mar 2016
GIT tag: v2.0

New features

  • New code layout for sub-projects (e.g. Compel)
  • Unprivileged dump
  • Dump/check cpuinfo support for PPC
  • Explorers for CRIT
  • Added "post-setup-namespaces" to action scripts
  • Added timeout for dump procedure (5 sec by default)
  • Ability to override LSM profile on restore with CLI/RPC option
  • External bind mounts can be fs-root mounts too
  • Skip netns' internals on dump and restore (for Docker integration)
  • Advanced support for external files
  • C/R for
    • Mode and uid/gid of cgroup files and dirs
    • Freeze cgroup state (frozen/thawed)
    • Task's loginuid
    • Task's oom score
    • Per-thread credentials
    • Filter mode of seccomp
    • Ghost file in removed directory
    • Ghost files lutimes
    • Binfmt-misc FS contents
    • Netfilter conntracks and expectations

Optimizations/improvements

  • Align parasite stack on 16 bits for correctness
  • Compilation with native libc syscall wrappers and helpers
  • Parasite code injection done via memfd system call
  • Make vaddr to pfn conversion with one less syscall
  • CRIT shows device numbers in "maj:min" manner
  • CRIT shows mmap's status in verbose

Fixes

  • Absent readlink syscall on ARM (use readlinkat instead) could cause dump to fail
  • Wrong argument to timer_create system call could cause restore to crash
  • Extra tasks in freeze cgroup caused dump to fail/hand/crash
  • Unaligned restore-time object allocations caused lock operations to fail
  • Opened /proc/pid dir of dead task failed the dump
  • Unaligned stacks caused criu to fail on aarch64
  • Changed device numbers on restore side could cause random failures
  • Fixes in mount points sharing/slavery/propagation restore
  • Race between mntns creation and fds closing in different tasks could cause restore to fail
  • Hard kernel limit on TCP repair recv queue restore could cause big queue restore to fail
  • Unconnected dgram UNIX socket with data lost packets on restore
  • CRIT didn't show IPC objects
  • CRIT didn't convert IP addresses in images

Security

Deprecated/removed

  • Completely removed 'show' action. Use CRIT instead.
Retrieved from "https://criu.org/index.php?title=Download/criu/2.0&oldid=2785"