Validate files on restore

From CRIU
Revision as of 15:56, 10 March 2020 by Xemul (talk | contribs)
Jump to navigation Jump to search

This page describes what CRIU does to make sure it restores on the correct set of files.

Problem

We make sure that the files we restore on are "the same" (whatever it means) as they were during dump. Especially this is critical for ELF-s (execulable and libs) Checksum is the way to go, but calculation of checksum over all files is very time and resource consuming, we shouldn't do it. Instead there should be some partial checksum for files that's both -- fast enough not to kill the system but at the same time string enough to bear common cases of files change. The primary goal is to prevent restoring on executables and libraries of wrong version.

Possible solutions

Size checks =

First and obvious -- check the file size is the same. This is what currently criu does

Build-id

The ld linker supports the --build-id option that requests creation of ".note.gnu.build-id" ELF note section. If we find one in .so file, we can (probably) not count the checksub, but just read one and save in images and require it to match on restore. Need to check if standard (libc, libssl, and alike) libraries of modern distros use it.

Check-summing

Other than this we may try to checksum parts of the file.

Retrieved from "https://criu.org/index.php?title=Validate_files_on_restore&oldid=5032"