Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
openSUSE:Leap:42.2:Update
criu
criu.changes
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File criu.changes of Package criu
------------------------------------------------------------------- Thu Sep 15 22:36:21 CEST 2016 - tiwai@suse.de - Update to criu 2.6: New features: * Ability to leave process stopped after restore * Memory changes tracking for anonymous shared memory * Deprecation option/environment * First error message is reported back via RPC * C/R of More IPCNS sysctls, xIDs of PTYs, TMEM on PPC64LE Optimizations/improvements: * Use service FD for transport sockets on restore * Ability to turn pagemap-cache off (some kernels are buggy) * The criu --help text has become better Fixes: * R/O-mounted root could block the dump * Restore of cgroup.mm.oom_control could fail * Cgroup fs bind mounts were detected with error * Unaligned futex-es in parasite could cause dump to crash * When compiled with gcc-4.9 parasite code crashed * Failure to freeze cgroup didn't result in aborting of dump * Wrong ns list was parsed when dumping userns (invisible since nesting works only for mntns) * Non-inheritable non-tty as stdin caused shell-job restore to erroneously fail Error path in criu dedup could crash Deprecated: * Per-pid rlimit, itimers and posix-timers * Separate image for epoll tfds (target file descriptors) ------------------------------------------------------------------- Tue Aug 23 17:00:30 CEST 2016 - tiwai@suse.de - Update to criu 2.5: New features: * C/R of fs.mqueue.msg*_default sysctls, Unix sockets with overwritten paths, and Link-remap files in removed directories Optimizations/improvements: * Micro-optimization on namespace ID evaluation * Restoring shared files uses one socket instead of per-fd ones * More verbosity when refusing to dump a file descriptor Fixes: * Restore could fail on openat() with ENXIO when multiple mnt namespaces get restored * The criu exec action got broken * Link-remap and ghost files remained on FS after restore failure * TCP window could remain clamped after restore resulting in connection lockup/slowdown * Dump could stuck when injecting a parasite * The --timeout option wasn't taken into account when freezing tasks using freezecg * Race in freezeing/seizing could result in lost tasks * Memory leaks here and there on error paths * Double free in xvstrcat (crash) * VDSO length was mis-calculated * Symlink on --root path could make restore erroneously fail * Potential memory corruption on reading mntns images * When restoring on systems with low pid_max limit restore could fail * RO-protected SysV shmem segments could be restored with PROT_EXEC * File mode of mapped file was evaluated with errors * Restore of cgroups' mem.swappines and ..use_hierarchy blocked sub-groups creation * Impossible to restore cgoup mem.swappines default value * Zombies living in orphan sessions/groups failed the restore ------------------------------------------------------------------- Tue Jul 12 12:10:20 CEST 2016 - tiwai@suse.de - Update to criu 2.4: New features: * Generate core from images * Ability to forcibly drop half-open TCP connections on C/R * Ability to specify cgroup ctls to dump via API Opened/mapped files' mode is compared between dump and restore times * AutoFS mountpoints * New cgroups (perf_event, net_cls, net_prio and pids) * Memcgroup optional properties * Devices cgroup Optimizations/improvements: * Pagemap image entries are cached in memory Fixes: * Configured kmem cgroup limit restore failed * Mem cgroup oom_control * Cgroup's pids.max was not C/R-ed * Failure to write cgroup property was ignored * No init PID in pre-dump action script * Sigactions inheritance didn't work on ARM * Opened "/proc" dir blocked the dump * Working with iptables was racy * Sibling mounts detection error on dump * Devconf accept_redirects devconf could be restored with errors * "All" devconfs could be overridden by "Default" * Name-less unix sockets got auto-bound * Mode was lost for PTY device file on restore * Newer protobuf compilers didn't recognize PB files * External mounts could be remounted with MS_PRIVATE * Build fail on Alpine Linux Deprecated/removed: * Per-pid file locks images * Per-pid fdinfo images * Ancient pagemap/pages images - Enable builds on 32bit ARM ------------------------------------------------------------------- Wed Jun 15 08:19:40 CEST 2016 - tiwai@suse.de - Update to criu 2.3: New features * Ability not to show payload for some objects in CRIT * Pidfile is written at the end of restore * Ability to join existing namespaces on restore * C/R of Data sitting in TTYs, Partially write-protected SysVIPC segments, Debugfs and tracefs mounts, Overmounted tmpfs, IPv6 devconf sysctls, External block devices, Unix sockets with mismatched shutdown state Optimizations/improvements: * Relaxed calculation of AIO ring size * Tree-based search of tasks by real pid * Less mem-to-mem copies on restore * Saner devconf image format * More verbose explanation of why task cannot be seized * PID is printed in PIE logs Fixes: * Too many mmap-ed files blocked the dump * Potential memory corruption when working with IPv6 sockets * Overmounted bind mounts could cause restore to fail * Overmounted bind mounts could result in badly restored mount tree * Incomplete restoration of RO bind mounts options Deprecated/removed: * Greedy mode of pagemap (non-root) caused dump to fail (disabled) ------------------------------------------------------------------- Tue May 17 14:03:06 CEST 2016 - tiwai@suse.de - Update to criu 2.2: mostly bugfixes New features: * "Post-resume" added to action scripts * Root task's PID in environment for action scripts * Devconfs drop_gratuitous_arp and drop_unicast_in_l2_multicast * Serial ttys Optimizations/improvements * Lighter link-remaps restore on newer kernels Fixes: * Race when restoring userns vs setting ns' maps * Tasks with zero fds failed the dump * Restore of TCP recv queue could fail due to kernel mem alloc constraints * No errors were written to logs when launching helper (tar/iptables) app in userns restore * User-mode dumped no memory pages sometimes * Bind mounts considered not as bind sometimes * Two mounts in the same directory blocked the dump * Off-by in on /dev/tty{1,63} dumping * Forking of cgroupns task was done with screwed clone flags Deprecated/removed: * Greedy mode of pagemap dumping (on some kernels we do not support user-mode) * Removed the --namespaces option ------------------------------------------------------------------- Tue Apr 12 16:35:06 CEST 2016 - tiwai@suse.de - Update to criu 2.1: New features: * Checking now classifies features to important/extra/experimental * Ability to bring some disk files into images. * C/R of Completed AIO requests and fallback gre and gretap net devices Optimizations/improvements: * Code coverage collecting now works * Use native rtnl library for netlink messages processing * Using --output - now results in stdout as log, not a file with the name "-" * Signals are printed by names in logs Fixes: * Make tar generated tarbal with bad name * CG restore code lacked rollback in some places * Error code from raw syscalls was treated with errors resulting in wrong criu check reports * Dumping task with HUGE amount of file descriptors failed * Task could be stopped after pre-dump if respective option was used * A /proc/pid directory from dead process conflicting with a new alive one could cause dump to fail * Zombie from alien session/process group caused restore to fail * CGroup fs was wrongly mounted in CGNS on restore * Irmap scan was mis-checking devices numbers * Use-after-free in irmap scan * Btrfs bindmounts detection was mistaken due to 'subvol=' options met * Propagation of mountpoint's shared groups was lost for propagated mounts * Unaligned allocations of restore shared memory could result in codedumps when used by futexes * Temporary mountpoints could result in spurious propagations * When aborting the dump criu could crash on use-after-free objects * Locking the network could stuck doing the DNS resolve * Several build fixes Deprecated/removed * The images from criu prior to 0.4 are deprecated * The --namespaces option makes no sense and is also deprecated * The --ms option for check action is deprecated ------------------------------------------------------------------- Wed Mar 9 20:43:04 CET 2016 - tiwai@suse.de - Update to criu 2.0: New features: * New code layout for sub-projects (e.g. Compel) * Unprivileged dump * Dump/check cpuinfo support for PPC * Explorers for CRIT * Added "post-setup-namespaces" to action scripts * Added timeout for dump procedure (5 sec by default) * Ability to override LSM profile on restore with CLI/RPC option * External bind mounts can be fs-root mounts too * Skip netns' internals on dump and restore (for Docker integration) * Advanced support for external files * More C/R supports Optimizations/improvements: * Align parasite stack on 16 bits for correctness * Compilation with native libc syscall wrappers and helpers * Parasite code injection done via memfd system call * Make vaddr to pfn conversion with one less syscall * CRIT shows device numbers in "maj:min" manner * CRIT shows mmap's status in verbose * Docker files for builds on all supported arches Fixes: * Absent readlink syscall on ARM (use readlinkat instead) could cause dump to fail * Wrong argument to timer_create system call could cause restore to crash * Extra tasks in freeze cgroup caused dump to fail/hand/crash * Unaligned restore-time object allocations caused lock operations to fail * Opened /proc/pid dir of dead task failed the dump * Unaligned stacks caused criu to fail on aarch64 * Changed device numbers on restore side could cause random failures * Fixes in mount points sharing/slavery/propagation restore * Race between mntns creation and fds closing in different tasks could cause restore to fail * Hard kernel limit on TCP repair recv queue restore could cause big queue restore to fail * Unconnected dgram UNIX socket with data lost packets on restore * CRIT didn't show IPC objects * CRIT didn't convert IP addresses in images * Logs from PIE code contained corrupted addresses and sizes * Not loaded netfilter modules could cause dump/restore to stuck on dumping netlink socket * Shared external mounts were restored with error Security: * When checking for namespaces' CRIU entered userns with host creds * Deprecated/removed: * Completely removed 'show' action. Use CRIT instead. ------------------------------------------------------------------- Tue Dec 8 12:01:05 CET 2015 - tiwai@suse.de - Update to criu 1.8: * Ability to check CRIU features via RPC * Pre-dump and pre-restore action scripts * The "info" action in CRIT showing stats about image file * Python API * C/R of read-only bind mounts, IPv6 routes and iptables rules, ip rules (it ip tool supports such), ignore_routes_with_linkdown netns devconf, empty bridges in netns, FILTER mode of seccomp, and IP_FREEBIND socket option * Lots of fixes, two security fixes Service run as root could allow users to violate ptrace policies Service run as root could give users access to privileged files and directories - Remove superfluous dependencies - Clean up spec file, as systemd and logrotate supports have been officially dropped ------------------------------------------------------------------- Thu Nov 19 16:10:29 CET 2015 - tiwai@suse.de - update to criu 1.7.1: Fixes in mounts, notifies and userns found while testing openvz - update to criu 1.7.2: Fixes for IPC in userns, venet C/R, socket buffers overflow and unix sockets name off-by-one - Add the package dependency on python-protobuf ------------------------------------------------------------------- Fri Sep 11 16:06:30 CEST 2015 - tiwai@suse.de - Disable systemd service as a temporary workaround for possibile security issues (CVE-2015-5228, CVE-2015-5231, bsc#943105) - Update to criu 1.7: * Improved cgroups management * Support for seccomp strict mode * Support for stream unix sockets inheritance * Support uid/gid-restricted mounts in userns * Support deleted bind-mounts * Ability to specify maximum ghost file size * OverlayFS support * Support relative unix sockets' bind paths * Altivec and PSX support for PPC * Small PIE loader * Temporary proc mountpoint is mounted with nosuid, noexec and nodev * Less memory copies when preparing restorer binary * CRIT action "show" for less keystrokes on common use-case * Fsnotify log messages now use hex everywhere :) * CRIT output doesn't mix fields any more * Many fixes - Drop obsoleted patches: crit-install-prefix.diff lsm-prototype-fix.diff 4c5b23e5-criu.pc.diff ------------------------------------------------------------------- Fri Jul 31 07:47:22 UTC 2015 - cbosdonnat@suse.com - Fix version in criu.pc file. 4c5b23e5-criu.pc.diff ------------------------------------------------------------------- Mon Jun 1 15:26:56 CEST 2015 - tiwai@suse.de - update to version 1.6: * PowerPC 64bit LE support * Makefile.local for 3-rd party build rules * Ability to "enable" filesystem on dump (--enable-fs) * Ability to skip mountpoint on dump (--skip-mnt) * Prepare to deprecate "criu show" command * External mounts auto-detection * /dev/tty (current terminal) support * Netdev and netns (all/default) confs C/R * Images v1.1 with extra magic at head * Support fusectl (only ctl) mountpoint * Sub-version format is now as of git-describe * Apparamor labels C/R support - Fix library path for aarch64 and ppc64le - Fix the prototype for lsm.c (to fix build errors): lsm-prototype-fix.diff - Refreshed crit-install-prefix.diff ------------------------------------------------------------------- Tue Apr 28 11:54:14 CEST 2015 - tiwai@suse.de - update to version 1.5.2: * fix error in mutli-threaded tasks restore with --restore-sibling (Docker and LXC cases) * fix too big RPC messages error for service (and swrk) ------------------------------------------------------------------- Tue Apr 7 15:52:47 CEST 2015 - tiwai@suse.de - Fix build failure on FACTORY due to comment-in-comment in google/protobuf/descriptor.proto - update to version 1.5.1: * fix crash with 4.0 kernel * legalize swrk API and add the ability for inheriting fds via it * cgroup yard destruction and properties restore ------------------------------------------------------------------- Fri Mar 13 10:10:07 CET 2015 - tiwai@suse.de - update to version 1.5: New features * CRIT tool * ability to request CPU compatibility on instructions level only * C/R of empty AIO rings * more detailed errno report via RPC * per-feature "criu check" * inheriting FDs on restore * ability to automatically move veth device to host-side bridge on netns restore * VT terminals support * more user namespaces C/R stuff See more details at http://criu.org/Releases#v._1.5 - fix installation of crit: crit-install-prefix.diff ------------------------------------------------------------------- Mon Dec 1 18:17:51 CET 2014 - tiwai@suse.de - update to version 1.4: New features: * Dump and check cpuinfo * Initial support for user namespaces * The docker_cr.sh script for Docker * New API for writing plugins (old one is still possible) * Service workers change their title to better look in ps output * Ability to feed socket for pre-dump and page-server in swrk mode * Page-server can auto-bind its port * Ability to perform several actions during one connection to RPC service * C/R of opened /proc/$pid/foo files of dead tasks * C/R of /dev/console * C/R of virtualized devtmpfs (openvz and future upstream kernels) * C/R of empty mqueue fs (posix message queues) * C/R of shared bind-mounts See more details at http://criu.org/Releases#v._1.4 ------------------------------------------------------------------- Mon Sep 15 13:43:00 CEST 2014 - tiwai@suse.de - update to version 1.3.1, a stable releasing fixing below: * Sibling restore mode didn't set up CRIU signals properly * Unpredictable sibling/child root task restore. Fixed with explicit CLI option * Validation for leaf mount points was skipped * Mount options were corrupted on dump, which resulted in errors bind mounts detection ------------------------------------------------------------------- Tue Sep 2 07:33:29 CEST 2014 - tiwai@suse.de - update to version 1.3: * Docker and LXC support, lots of bug fixes - cleanup spec file, fix rpmlint warnings ------------------------------------------------------------------- Wed Jun 18 16:59:16 CEST 2014 - tiwai@suse.de - Update to version 1.3-rc2: * external bind mounts and tasks-to-cgroups bindings * many bugfixes in memory restore and mounpoints dump ------------------------------------------------------------------- Tue May 6 11:48:37 CEST 2014 - tiwai@suse.de - Update to version 1.3-rc1: New features: * AArch64 * Multiple mount namespaces * FPU state restore control Restore old FPU state on newer CPUs Ability to ignore FPU restoration * Support stopped multi-threaded tasks * CRIU now can execv() other binary right after restore is complete * Inode-revese mapping can be enforced to allow live-migration with FS copying * Gold linker can now be used to compile CRIU * "Berserker" test to check CRIU scalability * Punch pages from mem images on restore (optimizes live-migration) Optimizations: * Batched deduplication of memory images * Packed rlimits into core image * Packed timers into core image Fixes: * Bad checks for kcmp() ret codes resulted in errors in file sharing detection * Multiple mmap-s of same files with different flags blocked the restore * Integer overflow in huge mapping restore caused restoration failure * Devpts's newinstance option was lost during dump * Subsequent dump could try to find old mem dump for newly forked task * Bad detection of overmounted mountpoints on fsnotify restore * Page-server could read partial message and failed * Errors in dumping of two subsequent anon vmas in some cases * Irmap mis-compared devices for disk FS-s * TMPFS handles always change during dump/restore * Pre-dump sometimes hangs on FIFO-s * Post-restore script fails too late (if does it) ------------------------------------------------------------------- Sat Mar 1 09:39:03 CET 2014 - tiwai@suse.de - Run spec-cleaner, nothing more than that. ------------------------------------------------------------------- Wed Feb 26 17:15:26 CET 2014 - tiwai@suse.de - Update to version 1.2: New features: * Performance improvements * Library versioning * RPC API got closer to CLI * New "post-restore" call in action scripts * Logrotate rules file * Default log file for service when starting via systemd Bug fixes: * A lot for ARM cross-compile * Fsnotifies dumping didn't work on NFS * Images auto-deduplication only worked one level up * Packet socket ID was treated as file-descriptor and close()-d * Badly counted pages stats on restore * Linked remap name conflict when dump and restore on NFS * Sporadic failures in memory draining due to huge pipes used * Broken criu show of repeated fields * Failure to open mountpoint in foreign pid namespace * Unlinked bound unix socket dump error * Small memory leak when writing to incremental image(s) * Restoring fsnotify for links results in ELOOP * Host's PATH is not suitable when execv-ing tar/ip/iptable to restore namespace (workaround, proper fix will be in 1.3) * Using subdirs in log file name via RPC breaks security - New subpackages: libcriu1 and criu-devel - Remove obsoleted always-define-ptrace_peeksiginfo_args.diff ------------------------------------------------------------------- Tue Jan 28 12:42:34 CET 2014 - tiwai@suse.de - Update to version 1.1: BUGs fixed, * Errors from memory dumping are not handled resulting in corrupted dumps * EOF detection in stacked images is done with error * Stacked images don't work on non-shared FS (missing pagemap-s) ------------------------------------------------------------------- Tue Jan 21 12:23:27 CET 2014 - tiwai@suse.de - Update to version 1.1-rc2: Bugs fixed, * Crash in criu check * RPC check always fail on 3.11 kernel * Failed fork() didn't abort restore * Dump fail not reported via RPC * RPC client disconnect wasn't handled * Page server could connect to self for writing images * Hang on pre-dumping task livig in net-namespace * VDSO page mis-handle on pre-dump * FPU state loss on pre-dump * Memory tracking turns ON w/o request * Various fixes (and improvements) in build system - Fix missing struct ptrace_peeksiginfo_args on FACTORY: always-define-ptrace_peeksiginfo_args.diff ------------------------------------------------------------------- Wed Jan 8 16:40:12 CET 2014 - tiwai@suse.de - Update to version 1.1-rc1: New features: * libcriu.so -- wrapper library for RPC clients * new plugins: external unix sockets, external bind mounts, external net devices and unknown file types * Images deduplication in incremental dumps * Integration with systemd * Filtering of criu show output Bug fixes: * Errors in unlinked files/sockets detection on BTRFS * NFS silly-rename files are not treated as unlinked * Freezer fail to seize quickly forking/pthread_create-ing tasks * Extra stop signal queued for stopped tasks after pre-dump * Wrong dying task state detection * Lost RPC dump response * Crash when reporting restore error via RPC * Negative return code into shell * Tasks left in wrong states after failed dump * A little bit more verbose check action * Coverity checks fail here and there - Drop obsoleted criu-fix-PTRACE_LISTEN-define.diff ------------------------------------------------------------------- Wed Nov 27 14:29:51 CET 2013 - tiwai@suse.de - Fix rpm group tag to System/Console ------------------------------------------------------------------- Mon Nov 25 18:09:55 CET 2013 - tiwai@suse.de - updated to version 1.0 * New features: -W option to specify working dir CHECK request in RPC Optimized headers More info in logs about undumpable files More comments about tricky dump/restore places Generic memory allocation for restorer * Bugfixes After --leave-running linked remaps were not cleaned TCP was left locked after --leave-running Weak criteria in memory COW detection Private mapping's premmapped address overwrote file ID Restorer memory could overlap with timers/signals arrays RPC worker reused options from service task Suboptimal memory utilization by restorer arguments TCP unsent/unacked data boundary was lost Wrong dev_t decoding on 64 bit Unpredictable daemons (service and page-service) working dir Parasite stack could be corrupted by its arguments Error from exe link restore was ignored Artificial small limit on the number of shared memory segments to restore Bug in ARM VFP restore VDSO proxy was unmapped at the very end of restore ------------------------------------------------------------------- Sun Oct 20 09:41:15 CEST 2013 - tiwai@suse.de - updated to version 0.8: * New features: RPC service Ability to work from non-root user (via +s bit) Handle stopped tasks Restore tasks' root path Dump and restore net ns iptables configuration (w/o conntracks) Support for external net devices in netns (e.g. openvz venet) Support CORK and NODELAY TCP options SEQPACKET unix sockets support * Fixes and improvements Unload restorer blob after restore Fixes and enhancements in criu show Fix in unsorted inotify wd restoring Fixed trimmed messages in parasite transport Fine-grained pgrps restore Fix in large TCP buffers restore Fixed buffer overflow in IPC ns dumping Fix in early page server connection close on pre-dump Fixed race in handling aborted parasite blob Fixed lost unmapped criu vmas in restore Fixes in parsing devices in /proc/pid/maps and /proc/locks Fixed snd/rcv buf sockoptions restore Enhanced logging in parasite ------------------------------------------------------------------- Fri Sep 6 09:08:02 CEST 2013 - tiwai@suse.de - updated to version 0.7: * TUN devices support (requires patched kernel) * Alternative stack (sigaltstack) C/R * Shared and master/slave mounts support * Restore statistics * Net device address C/R * Safer and simpler asynchronous parasite * Fixes in: - Stack guard page dump/restore - Page server communications - COW mappings restore - Zombies restore - Aborting failed restore - TCP connection restore (some require patched kernel) - Semi-closed Unix sockets with data dump/restore - Fix build error on FACTORY due to redefinition of PTRACE_LISTEN: criu-fix-PTRACE_LISTEN-define.diff ------------------------------------------------------------------- Mon Jul 8 12:35:16 CEST 2013 - tiwai@suse.de - updated to version 0.6: * Cross-compiling support * Ready to accept images from OpenVZ RHEL6-based kernel * Posix CPU timers C/R * Asynchronous parasite * Memory changes tracking (requires patched kernel) * Dump statistics * Return-arg for remote syscalls execution * Improved "show" output * Opened /proc/PID/ns/* files C/R * Daemon mode for page-server * Build-time features test (makes it possible to build on different distros) ------------------------------------------------------------------- Wed May 29 09:42:17 CEST 2013 - tiwai@suse.de - initial version: 0.5
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor