Download/criu/2.0
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Tarball: | criu-2.0.tar.bz2 |
Version: | 2.0 |
Released: | 7 Mar 2016 |
GIT tag: | v2.0 |
New features
- New code layout for sub-projects (e.g. Compel)
- Unprivileged dump
- Dump/check cpuinfo support for PPC
- Explorers for CRIT
- Added "post-setup-namespaces" to action scripts
- Added timeout for dump procedure (5 sec by default)
- Ability to override LSM profile on restore with CLI/RPC option
- External bind mounts can be fs-root mounts too
- Skip netns' internals on dump and restore (for Docker integration)
- Advanced support for external files
- C/R for
- Mode and uid/gid of cgroup files and dirs
- Freeze cgroup state (frozen/thawed)
- Task's loginuid
- Task's oom score
- Per-thread credentials
- Filter mode of seccomp
- Ghost file in removed directory
- Ghost files lutimes
- Binfmt-misc FS contents
- Netfilter conntracks and expectations
Optimizations/improvements
- Align parasite stack on 16 bits for correctness
- Compilation with native libc syscall wrappers and helpers
- Parasite code injection done via memfd system call
- Make vaddr to pfn conversion with one less syscall
- CRIT shows device numbers in "maj:min" manner
- CRIT shows mmap's status in verbose
Fixes
- Absent readlink syscall on ARM (use readlinkat instead) could cause dump to fail
- Wrong argument to timer_create system call could cause restore to crash
- Extra tasks in freeze cgroup caused dump to fail/hand/crash
- Unaligned restore-time object allocations caused lock operations to fail
- Opened /proc/pid dir of dead task failed the dump
- Unaligned stacks caused criu to fail on aarch64
- Changed device numbers on restore side could cause random failures
- Fixes in mount points sharing/slavery/propagation restore
- Race between mntns creation and fds closing in different tasks could cause restore to fail
- Hard kernel limit on TCP repair recv queue restore could cause big queue restore to fail
- Unconnected dgram UNIX socket with data lost packets on restore
- CRIT didn't show IPC objects
- CRIT didn't convert IP addresses in images
Security
Deprecated/removed
- Completely removed 'show' action. Use CRIT instead.