SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for criu-devel-3.19-lp156.126.5.x86_64.rpm :

* Tue Nov 28 2023 Takashi Iwai - Update to criu 3.19: New features:
* LoongArch64 support
* C/R membarrier() registrations
* Restore THP_DISABLE prctl
* prctl: Migrate prctl(NO_NEW_PRIVS) setting Bugfixes:
* Many fixes and improvements from the Google team
* Fix dumping hugetlb-based memfd on kernels < 4.16
* Fixes here and there Improvements:
* drop python 2 support
* support XSAVE on newer Intel CPUs- Refreshed criu-py-install-fix.diff; workarounds appled to both crit and lib/pycriu- Drop obsoleted patch criu-amdgpu-plugin-fix.patch
* Tue Jun 06 2023 Takashi Iwai - Update to criu 3.18: New features:
* Allow CRIU to be used as non-root
* Add SIGTSTP support
* Add opt to skip file r/w/x check on restore Bugfixes:
* Many fixes here and there Improvements:
* cgroup2: Dump cgroup controllers of every threads in a process
* save IP_FREEBIND option for SOCK_RAW sockets also
* support IP_PKTINFO and IPV6_RECVPKTINFO options
* Implement hw breakpoint for arm64 platform
* Set only used XFEATURE_
* in xstate_bv
* Checkpoint and restore some global properties
* A checkpoint optimization for highly sparse ghost files (--ghost-fiemap)- Refresh criu-py-install-fix.diff: a workaround for non-working python-pip inside build environment by reviving the old setup script- Fix shebang of criu-ns script: criu-ns-python3-shebang.patch- Drop obsoleted patches: criu-fix-conflicting-headers.patch mount-add-definition-for-FSOPEN_CLOEXEC.patch
* Fri Sep 30 2022 Takashi Iwai - Disable LTO, as it results in segfaults (bsc#1203854)
* Wed Sep 14 2022 Takashi Iwai - Fix build with glibc 2.36: backports of two upstream fixes criu-fix-conflicting-headers.patch mount-add-definition-for-FSOPEN_CLOEXEC.patch
* Thu Aug 11 2022 Takashi Iwai - Update to criu 3.17.1:
* Fixes for pre-dump read mode
* Fixes for mount-v2
* amdgpu plugin build and installation fixes
* Some minor CI related fixes
* Wed May 18 2022 Takashi Iwai - Update to criu 3.17: New features:
* Introduced mount-v2 engine
* Added support for MAP_HUGETLB mappings
* Added support for Linux Restartable Sequences
* Added support for SOCK_SEQPACKET unix sockets
* CRIU AMD GPU plugin Bugfixes:
* GCC 12 compatibility fixes
* cgroup: fix --manage-cgroups=ignore
* several memory leaks fixed in net, files, mount, tun and config subsystems
* Improvements:
* bpf: switch from deprecated bpf_create_map_xattr to bpf_map_create
* bpfmap: handle map_extra field
* setsockopt(SO_BUF_LOCK) support for tcp sockets- New criu-plugin-amdgpu sub-package for AMDGPU ROCm plugin, enabled only for x86_64 and aarch64.- Build fixes for plugins: criu-amdgpu-plugin-fix.patch- Change the plugin install path to $libdir/criu: plugin-dir-path.patch
* Wed Dec 15 2021 tiwaiAATTsuse.de- Drop ix86 build, which has been failing almost always
* Tue Dec 07 2021 tiwaiAATTsuse.de- Enable nftables for SLE15-SP3 / openSUSE Leap 15.3, too (bsc#1193486)
* Fri Oct 15 2021 tiwaiAATTsuse.de- Update to criu 3.16.1: see details at https://criu.org/Download/criu/3.16.1 Bugfixes:
* Switch criu-ns helper script from unversioned \'python\' to \'python3\' for easier distribution packaging Improvements:
* Add \'--join-ns\' interface to libcriu to allow joining namespaces via libcriu like CLI and RPC already allow- Change Source URL to github
* Tue Oct 12 2021 tiwaiAATTsuse.de- Update to criu 3.16: see details at https://criu.org/Download/criu/3.16 New features:
* criu-ns helper script
* support checkpoint/restore of stacked apparmor profiles
* add nftables based network locking/unlocking
* allow restoring of precreated veth devices Improvements:
* better support for restoring containers into existing pods
* pidfd based pid reuse detection for RPC clients
* license change for all files in the images/ directory to MIT
* use clang-format for automatic code indentation- Drop criu-protobuf-c-1.4-underscore-fix.patch as obsoleted
* Wed May 26 2021 tiwaiAATTsuse.de- Fix the build with protobuf-c 1.4: criu-protobuf-c-1.4-underscore-fix.patch
* Tue Dec 01 2020 tiwaiAATTsuse.de- Update to criu 3.15: see details at https://criu.org/Download/criu/3.15 New features:
* Introduced criu-image-streamer
* Added MIPS support
* Allow checkpointing out of existing PID namespace and restoring into existing PID namespace
* Added additional file validation mechanisms
* Added support to checkpoint and restore BPF hash maps (BPF_MAP_TYPE_HASH) and array maps (BPF_MAP_TYPE_ARRAY)
* Initial cgroups v2 support- Fix build with nftables package: 0002-Fix-build-with-nftables-installed-in-different-direc.patch
* Wed Sep 23 2020 Dirk Mueller - fix filelist mismatch after libexecdir change
* Wed May 20 2020 tiwaiAATTsuse.de- Update to criu 3.14: New features:
* C/R of memfd memory mappings and file descriptors
* Add time namespace support
* Add the read pre-dump mode which uses process_vm_readv
* Add --cgroup-yard option
* Add support of the cgroup v2 freezer
* Add support of opened O_PATH fds Bugfixes:
* Fix C/R ia32 processes on AMD #398
* Fix cross-compilation
* Many fixes here and there Improvements:
* Use clone3() with set_tid to restore processes
* Clean up compel headers
* Use the new mount API- Add libgnutls-devel to buildreq
* Wed May 13 2020 Guillaume GARDET - Disable LTO on aarch64 and armv7- Add \'-Wno-error=deprecated\' to fix build on armv7- Exclude armv6 since criu/arch/arm/bitops.S uses \'dmb ish\' which is armv7+
* Mon Nov 18 2019 tiwaiAATTsuse.de- Update to criu 3.13: New features:
* VDSO: arm32 support
* Add TLS support for page server communications
* \"Ignore\" mode for --manage-cgroups
* Restore SO_BROADCAST option for inet sockets Bugfixes:
* Auxiliary events were left in inotify queues
* Lazy-pages daemon didn\'t detect stack pages and surrounders properly and marked them as \"lazy\"
* Memory and resource leakage were detected by coverity, cppcheck and clang Improvements:
* Use gettimeofday() directly from vdso for restore timings
* Reformat all .py code into pep8 style
* Wed Sep 04 2019 antoine.belvireAATTopensuse.org- Fix build on Tumbleweed: Add -ffat-lto-objects to lto cflags.
* Mon May 06 2019 tiwaiAATTsuse.de- Update to criu 3.12: New features:
* build CRIU with Android NDK
* C/R of IP RAW sockets
* lsm: dump and restore any SELinux process label
* support restoring ghost files on readonly mounts Bugfixes:
* Do not lock network if running in the host network namespace
* Fix RPC configuration file handling
* util: don\'t leak file descriprots to third-party tools
* small fixes here and there Improvements:
* travis: switch to the Ubuntu Xenial
* travis-ci: Enable ia32 tests
* Many improvements and bug fixes in the libcriu
* Changes in the API and ABI (SONAME increased from 1 to 2)- Updated to libcriu2 subpackage to follow SONAME 2- Dropped obsoleted patch: criu-asciidoctor.patch
* Mon Nov 19 2018 tiwaiAATTsuse.de- Update to criu 3.10: New features:
* Support Python3 in ZDTM and CRIT
* Keep names for UNIX sockets, that are unlinked from the FS
* IPVv6 support for page server
* Set page server socket fd via CLI
* Large pages support for aarch64/ppc64
* C/R of Per-thread seccomp chains Bugfixes:
* Failed non-container restore could kill random task on the host
* Failure to dump namespaces was erroneously ignored
* CRIT didn\'t show cpuinfo image file
* Tasks that got PID-reuse couldn\'t be dumped iteratively because previous images were missing- Update to criu 3.11: New features:
* cpuinfo: Detect compact frames and handle noxsaves
* Add support for configuration files
* Add support for external net namespaces
* Punch holes in input files when restoring anonymous non-shared memory ( --auto-dedup )
* C/R of + epoll: Add support for duped targets + tun: Add support for multiple net ns + x86: Support extendable fpu frames Bugfixes:
* mount: Better handling of mount points propagation
* nmk: Make collect-deps to be more precise about targets
* lazy-pages: Don\'t mark current stack page as lazy
* x86: CPU -- Rework feature testing
* files: Fix O(n^2) restore in terms of the number of fds
* fdstore: Unlimit fdstore queue on start
* mount: Fix regression where open_mountpoint failed on readonly fs
* page server: Handle partial splicing
* ... lots of small fixes here and there Improvements:
* Remove all magic of service descriptors when it isn\'t required- Switch to python3- Use asciidoctor instead of asciidoc for formatting manuals: criu-asciidoctor.patch
* Mon May 28 2018 avindraAATTopensuse.org- update to criu 3.9: New features - C/R of + Tun-Tap devices in sub-netns + File descriptors which were opened with O_TMPFILE Improvements - Restore of inotify watchers - Restore unix sockets in proper mount namespaces - Print CRIU and kernel version also in RPC mode Bugfixes - Random memory corruptions during lazy restore - Workaround the iptables issue - Don\'t use standard descriptors when tar is running to dump tmpfs mounts - Fail dump if dump_one_file() fails - Fill kerndat with zero-s before reading it from cache- cleanup with spec-cleaner
* Thu Apr 05 2018 tiwaiAATTsuse.de- update to criu 3.8.1: a bug-fix release FDstore was initialized twice (re-initialized) causing e.g. - -shell-job restore to fail
* Tue Mar 20 2018 tiwaiAATTsuse.de- Add python-devel to BuildReq explicitly, as a preparation for fallback to asciidoctor (bsc#1075764)
* Tue Mar 13 2018 avindraAATTopensuse.org- update to criu 3.8: New features
* C/R of - Multiple network namespaces - Overmounted tmpfs mounts - Unix sockets and epoll descriptors in SCM messages Improvements
* Rework service descriptors not to cause fdtable enormous grows Bugfixes
* FP state wasn\'t reported on Skylake due to a kernel bug
* gcc 8 warning fixes
* Resource leaked on error paths
* Attributes of sit devices with value 0 were not saved into images (and were restored into default values)
* Tasks with pgid of a zombie hung the resture
* Ghost files on RO bind-mounts of an RW mount couldn\'t be restored
* Random memory corruptions during lazy restore- cleanup with spec-cleaner- switch to https urls- list binaries and man pages explicitly- remove rest of static libs to fix rpm lint errors
* Fri Dec 22 2017 avindraAATTopensuse.org- update to criu 3.7: New features
* Pipes usage statistics
* Run page server as non-daemon via RPC
* C/R of - SO_REUSEPORT option - IPv4-mapped inet sockets - Net_prio CGroups - Overmounted shared mountpoints - Non-broken and breaking leases Improvements
* Show criu and kernel versions in logs
* CRIT decodes socket families, protocols and types
* Much less pipes is needed for pre-dump, which is especially useful for big mem migration Bugfixes
* Files in /proc/pid/map_file could be opened by non-exiting name (with 0x prefix) and it was fixed in kernel
* CRIU log levels were used to configure logging for libsoccr thus breaking its logs
* Overflow in various IDs caused bad image names
* Compat (32bit) syscalls lost signedness in compel
* Corked sockets lost cork flag
* Preadv() syscall was declared with error which resulted in dump errors on 32-bit processors
* Musl compilation failed
* Ghost files in / dump failed
* Crash when releasing context for ghost files, due to free()-ing shmalloc()-ed area
* Lazy restore could receive partial page and crashed
* Erroneous closing of lazy pages connection caused restore to hang
* Lazy memory fetch restore could start before tasks are restored- Remove 0001-images.py-remove-shebang.patch
* upstreamed in 8e45ce4905d186abafb7c20abb3b00207fefdb53
* Sun Nov 12 2017 aavindraaAATTgmail.com- add 0001-images.py-remove-shebang.patch
* fixes a lint warning about a non-executable python file being executable due to a superfluous shebang
* upstream: https://lists.openvz.org/pipermail/criu/2017-November/039907.html- run spec-cleaner
* Sat Nov 04 2017 aavindraaAATTgmail.com- update to criu 3.6: New features
* C/R for files (except for unix sockets, ttys and epolls) sent over unix sockets
* C/R for threads with different creds
* Ipv6 over ipv4 tunnel (SIT device) Bugfixes
* Some s390x registers were not restored by native sigrestore way
* Overflow when parsing autofs info from /proc file
* Dumps of anon shared memory with sysvipc one raced with each other clashing and corrupting image file names
* The \"dumpable\" flag was not restore on shmem regions
* Trash bits leaked into image when dumping fsnotify on some kernels
* Lock/unlock of iptables from different criu processes raced with each other
* Closed TCP connection with non-empty send queue blocked the dump
* When --empty-ns for netns was set on dump only, the restore failed (Docker case)- includes changes from 3.5: see https://criu.org/Download/criu/3.5 for details
* Tue Aug 22 2017 tiwaiAATTsuse.de- update to criu 3.4: New features:
* Support for s390x architecture Improvements:
* Unexpected death of restored tasks is reported with more details in logs
* Merged many images containing info about files into one big files.img
* When helper utility fails (ip, iptables, tar) its name is printed in logs Bugfixes:
* Compilation failed on newer glibcs (ucontext_t)
* Dying helper task could deadlock the restore process
* Install-related makefile variables weren\'t configurable for distro build
* SIT (ipv6-to-v4 tunnel) presence on host blocked dump of any containers
* Potential NULL dereference when dumping net namespace
* Dump via page server might not work across different criu versions
* Failure to restore a subtask could be ignored by the restore command
* EOF on page-server socket wasn\'t handled- Dropped obsoleted patch: criu-correct-ppc64-AT_VECTOR_SIZE_ARCH.patch- Add s390x to exclusivearch
* Wed Jul 19 2017 bwiedemannAATTsuse.com- update to criu 3.3
* Add --tcp-close option to help migration of Docker containers
* Allow to override build time to fix build-compare (boo#1047218)
* Fri Jun 30 2017 tiwaiAATTsuse.de- update to criu 3.2.1: bug fix release,
* Restoring a stack fails on recent kernels due to kernel changes
* Restoring on a host with LSM profiles failed
* Tue Jun 20 2017 tiwaiAATTsuse.de- update to criu 3.1: New features:
* Each boolean option now has the --no-$option pair
* RSS explorer in CRIT
* Multiple plugins in compel
* Run-time check of 32-mmap BUG on x86
* C/R of 32-bit futex robust list on x86 Optimizations/improvements:
* Start time is improved significantly with kerndat cache
* Sigaction image is merged into Core
* Unneeded stages are skipped during restore
* Restore w/o namespaces uses host /proc
* Restore w/o namespaces doesn\'t parse host mounts (not needed)
* Single-threaded tasks do not parse /proc/pid/task/ in vain
* BFD engine is used for more /proc files
* More verbosity in libsoccr
* Fsnotify dump w/o namespaces doesn\'t walk mounts tree Bugfixes:
* Python bindings left zombie in self-dump mode
* The last_pid sys-control was reset by restore
* Threads caps were compared with mistake
* make install put crit/pycriu to wrong place if DESTDIR was not set
* Fsnotifies C/R w/o namespaces restored with errors
* Inherited control terminal restore was failed (but dump succeeded)- update to criu 3.2: Optimizations/improvements:
* Invisible files restore is de-serialized
* VMAs restore performance is improved significantly - Mappings of the same file re-use the descriptor, not re-open it every time - Not-COW-ed mappings are restored in-place and are not mremmap()ed - Empty RO mappings are mmap()ed as such and thus not re-mprotect()ed at the end
* More verbosity in case TCP locking fails (#292)
* More verbosity in case VDSO magic mismatch
* Restore or legacy epoll target descriptors and fsnotify marks is unified with common case Bugfixes:
* Restoring fanotify marks from old images (<1.3) dropped the mark
* Binfmt_misc mount could be mounted into wrong place
* Compilation failed with gcc 6.3.0 (#315)
* Waiting helpers could race with sigchild handler and would result in restore failure
* Missing VVAR page in 32bit tasks wasn\'t skipped and resulted in restore failure
* After restore consumption of files is increased (was fixed as side effect of mmap optimization) Deprecation/Removal:
* Deprecated separate images for fsnotify marks- Fix the installation of python stuff: criu-py-install-fix.diff- Fix the build for ppc64: criu-correct-ppc64-AT_VECTOR_SIZE_ARCH.patch
* Mon Apr 24 2017 tiwaiAATTsuse.de- update to criu 3.0: New features:
* Compel library
* Support for x86 32-bit arch
* Version check via RPC
* ASAN support
* Force VDSO trampolines via fault injection
* C/R of shutdown-ed UDP sockets
* C/R of bind-mounts made from external mounts Optimizations/improvements:
* SysVIPC shmem segments are now dumped as any other shmem (taking holes into account and sitting in common memory dumps)
* CRIT show decodes socket\'s states and types and task\'s states into strings
* CRIT show prints unix sockets names in more human-readable form Bugfixes:
* Unix sockets\' names appeared in logs with mistakes
* Contents of SysVIPC shmem segments was dumped twice
* Dumping of any memory segment more than 4Gigs failed
* Migration of unaligned SysvSHM segment on Armv7 failed Deprecation/removal:
* Exec action is removed, use compel instead- Create libcompel1 sub-package
* Fri Mar 31 2017 tiwaiAATTsuse.de- update to criu 2.12.1: Fixes:
* Content for external bind mounts was erroneously dumped, which could lead to dump failures or huuuge images
* Unneeded collection of host mounts on restore could cause restore to fail
* Tue Mar 21 2017 tiwaiAATTsuse.de- update to criu 2.12: New features:
* C/R of external TTYs (for Docker C/R) Optimizations/improvements:
* Sanitized the way the -v works Fixes:
* Checking features via RPC crashed
* Resting pipes in user-namespaces could fail on modern kernels
* Shutdown state for UNIX sockets could be lost on restore
* Dump of huge (over 2Gb) SysV shmem segments didn\'t work
* Tue Feb 28 2017 tiwaiAATTsuse.de- Update to criu 2.11: New features:
* Added \"pre-resume\" to action scripts
* New --status-fd option for better control of page server
* C/R OFD file locks, RO root mount for mount namespaces Optimizations/improvements:
* More strict checks for extra CLI options
* Report errors when probing locks
* Restorer logs now contain timestamps Fixes:
* Regression: v2.10 was broken on ARM
* Use-after-free when restoring ghost directory
* Array out-of-bound access when restoring VETH device
* Page server exit code could be screwed up
* Clang over-optimized string.h routines resulting in random crashes
* Parasite failed to send FDs via socket on Alpine Linux
* Restore of huge file tables could get stuck
* Restore of epoll in epoll could fail
* Errno value could be lost when reporting failure to restore invisible files
* Dump of sched params didn\'t work on Alpine
* Restore of huge memory dumps (over 2G) failed
* Installation guessed /lib vs /lib64 with errors
* Migration between xsave and noxsave didn\'t work for wrong cpu feature being checked- Update to criu 2.11.1: Fixes:
* Page server start via RPC was broken
* Fedora build didn\'t work
* Ppc64LE restorer switch crashed
* Wed Jan 25 2017 tiwaiAATTsuse.de- Update to criu 2.10: New features:
* C/R of SOCK_PACKET sockets
* Libsoccr -- library for C/R of TCP sockets Optimizations/improvements:
* Logs cleaned up (removed bunch of useless, fixed \'\
\' in perrors)
* Action scripts errors are printed in logs
* Removed several iovec-s copying over the pagemap code
* Restore degraded linearly on Xen guests. Breakpoints disabled until solution Fixes:
* Py bindings fault on restore error delivery
* Fd leaked on file restore error path
* Fd leaked when restoring invisible files (gets closed with criu exit though)
* Link remap restore could fail on kernels 4.8 and higher
* Impossible to restore after restore error with link remap file in images
* When going daemon a descriptor could be leaked
* Custom setting of mmap_min_addr could make restore to fail
* Sending pages over UNIX socket could race and fail with EAGAIN
* Error getting ID of /proc/pid/ns/foo link not propagated and could result in bogus NS ID generated- Add libnet-devel to buildreq for dependency
* Mon Dec 12 2016 tiwaiAATTsuse.de- Update to criu 2.9: New features:
* CRIU can now be built with clang on all supported architectures
* Ignore missing sysctls on restore with --weak-sysctl C/R overmounted mountpoints Optimizations/improvements:
* Batch restore of memory contents from pages.img files
* Link-remap type for invisible files is explicit in images Man page for CRIT Fixes:
* C/R with --empty-ns still handled iptables configuration
* SCM messages inside UNIX socket got lost after C/R (now dump aborted)
* Empty unixsk.img file appeared when dumping tasks without unix sockets
* Install procedure wasn\'t PEP-394 compliant
* CRIU blocking netfilter rules were added at the tail of the chain resulting in unlocked TCP connections
* Dump/Restore spurious failures when open() returned 0 descriptor
* When dumping shmem lots of zero pages were written into image files
* Ghost directory with more than zero ghost parents caused restore to fail
* Shared mount could escape to different group on restore
* Mon Nov 14 2016 tiwaiAATTsuse.de- Update to criu 2.8: New features:
* Ability to configure CRIU build
* Show statistics on the screen with --display-stats
* C/R of Mac-Vlan devices Optimizations/improvements:
* x86 can now be built with clang
* When dumping files useless garbage was sent with descriptors from parasite
* The clear_tid_address and regs are printed in hex with CRIT
* Big code rework for compel (part 1)
* Removed duplicate error messages from opening /proc files Fixes:
* Restoring cgroup NS could use old path prefix
* criu check crashed on btrfs mounts
* RO external mounts in userns couldn\'t be restored
* Unmounted on host binfmt_misc could cause dump to fail
* Off-by-one could cause criu crash when dumping shared / bind-mount
* Mount namespace\' roots could have flags changed on restore
* Dying tasks could erroneously be tried to dump
* Swapped shared memory pages were not dumped
* Errno value can be sometimes spoiled by RPC
* Restore of netns with newer iproute2 tool could fail Deprecated:
* --ext-unix-sk, --veth-pair and --ext-mount-map, by --external- Set BINFMT_MISC_VIRTUALIZED config to build
* Tue Oct 18 2016 tiwaiAATTsuse.de- Update to criu 2.7: New features:
* Option --cgroup-root now makes sense on dump too
* CLOCK_BOOTTIME timer supported Optimizations/improvements:
* Output of iptables command leaked into logs for no use
* Helper dev environment installation script for Debian
* Man-page updated and prettified :) Fixes:
* Unmounted binfmt_misc with rules wasn\'t dumped at all
* Malloc() error could result in crash
* Device cgroup restore could fail restoring empty record
* Some entries in device cgroups were restored twice
* Potential crash when dumping cgroup bindmounts
* Sign error caused dump to fail on btrfs partitions
* Shared mounts with the same mount path failed the dump
* Threads were restored with unshared FS (cwd and root)
* Shared memory changes tracking disabled (regression found)
* Restore of autofs can hang
* LSM profile propagation could be lost
* Mountpoint with lots of options blocked the dump (too small buffer for parsing)
* External slave mount (with external master) blocked the dump
* Mounts with STRICTATIME restored with others flags dropped Deprecated:
* No reg-file entry for TTYs
* Thu Sep 15 2016 tiwaiAATTsuse.de- Update to criu 2.6: New features:
* Ability to leave process stopped after restore
* Memory changes tracking for anonymous shared memory
* Deprecation option/environment
* First error message is reported back via RPC
* C/R of More IPCNS sysctls, xIDs of PTYs, TMEM on PPC64LE Optimizations/improvements:
* Use service FD for transport sockets on restore
* Ability to turn pagemap-cache off (some kernels are buggy)
* The criu --help text has become better Fixes:
* R/O-mounted root could block the dump
* Restore of cgroup.mm.oom_control could fail
* Cgroup fs bind mounts were detected with error
* Unaligned futex-es in parasite could cause dump to crash
* When compiled with gcc-4.9 parasite code crashed
* Failure to freeze cgroup didn\'t result in aborting of dump
* Wrong ns list was parsed when dumping userns (invisible since nesting works only for mntns)
* Non-inheritable non-tty as stdin caused shell-job restore to erroneously fail Error path in criu dedup could crash Deprecated:
* Per-pid rlimit, itimers and posix-timers
* Separate image for epoll tfds (target file descriptors)
* Tue Aug 23 2016 tiwaiAATTsuse.de- Update to criu 2.5: New features:
* C/R of fs.mqueue.msg
*_default sysctls, Unix sockets with overwritten paths, and Link-remap files in removed directories Optimizations/improvements:
* Micro-optimization on namespace ID evaluation
* Restoring shared files uses one socket instead of per-fd ones
* More verbosity when refusing to dump a file descriptor Fixes:
* Restore could fail on openat() with ENXIO when multiple mnt namespaces get restored
* The criu exec action got broken
* Link-remap and ghost files remained on FS after restore failure
* TCP window could remain clamped after restore resulting in connection lockup/slowdown
* Dump could stuck when injecting a parasite
* The --timeout option wasn\'t taken into account when freezing tasks using freezecg
* Race in freezeing/seizing could result in lost tasks
* Memory leaks here and there on error paths
* Double free in xvstrcat (crash)
* VDSO length was mis-calculated
* Symlink on --root path could make restore erroneously fail
* Potential memory corruption on reading mntns images
* When restoring on systems with low pid_max limit restore could fail
* RO-protected SysV shmem segments could be restored with PROT_EXEC
* File mode of mapped file was evaluated with errors
* Restore of cgroups\' mem.swappines and ..use_hierarchy blocked sub-groups creation
* Impossible to restore cgoup mem.swappines default value
* Zombies living in orphan sessions/groups failed the restore
* Tue Jul 12 2016 tiwaiAATTsuse.de- Update to criu 2.4: New features:
* Generate core from images
* Ability to forcibly drop half-open TCP connections on C/R
* Ability to specify cgroup ctls to dump via API Opened/mapped files\' mode is compared between dump and restore times
* AutoFS mountpoints
* New cgroups (perf_event, net_cls, net_prio and pids)
* Memcgroup optional properties
* Devices cgroup Optimizations/improvements:
* Pagemap image entries are cached in memory Fixes:
* Configured kmem cgroup limit restore failed
* Mem cgroup oom_control
* Cgroup\'s pids.max was not C/R-ed
* Failure to write cgroup property was ignored
* No init PID in pre-dump action script
* Sigactions inheritance didn\'t work on ARM
* Opened \"/proc\" dir blocked the dump
* Working with iptables was racy
* Sibling mounts detection error on dump
* Devconf accept_redirects devconf could be restored with errors
* \"All\" devconfs could be overridden by \"Default\"
* Name-less unix sockets got auto-bound
* Mode was lost for PTY device file on restore
* Newer protobuf compilers didn\'t recognize PB files
* External mounts could be remounted with MS_PRIVATE
* Build fail on Alpine Linux Deprecated/removed:
* Per-pid file locks images
* Per-pid fdinfo images
* Ancient pagemap/pages images- Enable builds on 32bit ARM
* Wed Jun 15 2016 tiwaiAATTsuse.de- Update to criu 2.3: New features
* Ability not to show payload for some objects in CRIT
* Pidfile is written at the end of restore
* Ability to join existing namespaces on restore
* C/R of Data sitting in TTYs, Partially write-protected SysVIPC segments, Debugfs and tracefs mounts, Overmounted tmpfs, IPv6 devconf sysctls, External block devices, Unix sockets with mismatched shutdown state Optimizations/improvements:
* Relaxed calculation of AIO ring size
* Tree-based search of tasks by real pid
* Less mem-to-mem copies on restore
* Saner devconf image format
* More verbose explanation of why task cannot be seized
* PID is printed in PIE logs Fixes:
* Too many mmap-ed files blocked the dump
* Potential memory corruption when working with IPv6 sockets
* Overmounted bind mounts could cause restore to fail
* Overmounted bind mounts could result in badly restored mount tree
* Incomplete restoration of RO bind mounts options Deprecated/removed:
* Greedy mode of pagemap (non-root) caused dump to fail (disabled)
* Tue May 17 2016 tiwaiAATTsuse.de- Update to criu 2.2: mostly bugfixes New features:
* \"Post-resume\" added to action scripts
* Root task\'s PID in environment for action scripts
* Devconfs drop_gratuitous_arp and drop_unicast_in_l2_multicast
* Serial ttys Optimizations/improvements
* Lighter link-remaps restore on newer kernels Fixes:
* Race when restoring userns vs setting ns\' maps
* Tasks with zero fds failed the dump
* Restore of TCP recv queue could fail due to kernel mem alloc constraints
* No errors were written to logs when launching helper (tar/iptables) app in userns restore
* User-mode dumped no memory pages sometimes
* Bind mounts considered not as bind sometimes
* Two mounts in the same directory blocked the dump
* Off-by in on /dev/tty{1,63} dumping
* Forking of cgroupns task was done with screwed clone flags Deprecated/removed:
* Greedy mode of pagemap dumping (on some kernels we do not support user-mode)
* Removed the --namespaces option
* Tue Apr 12 2016 tiwaiAATTsuse.de- Update to criu 2.1: New features:
* Checking now classifies features to important/extra/experimental
* Ability to bring some disk files into images.
* C/R of Completed AIO requests and fallback gre and gretap net devices Optimizations/improvements:
* Code coverage collecting now works
* Use native rtnl library for netlink messages processing
* Using --output - now results in stdout as log, not a file with the name \"-\"
* Signals are printed by names in logs Fixes:
* Make tar generated tarbal with bad name
* CG restore code lacked rollback in some places
* Error code from raw syscalls was treated with errors resulting in wrong criu check reports
* Dumping task with HUGE amount of file descriptors failed
* Task could be stopped after pre-dump if respective option was used
* A /proc/pid directory from dead process conflicting with a new alive one could cause dump to fail
* Zombie from alien session/process group caused restore to fail
* CGroup fs was wrongly mounted in CGNS on restore
* Irmap scan was mis-checking devices numbers
* Use-after-free in irmap scan
* Btrfs bindmounts detection was mistaken due to \'subvol=\' options met
* Propagation of mountpoint\'s shared groups was lost for propagated mounts
* Unaligned allocations of restore shared memory could result in codedumps when used by futexes
* Temporary mountpoints could result in spurious propagations
* When aborting the dump criu could crash on use-after-free objects
* Locking the network could stuck doing the DNS resolve
* Several build fixes Deprecated/removed
* The images from criu prior to 0.4 are deprecated
* The --namespaces option makes no sense and is also deprecated
* The --ms option for check action is deprecated
* Wed Mar 09 2016 tiwaiAATTsuse.de- Update to criu 2.0: New features:
* New code layout for sub-projects (e.g. Compel)
* Unprivileged dump
* Dump/check cpuinfo support for PPC
* Explorers for CRIT
* Added \"post-setup-namespaces\" to action scripts
* Added timeout for dump procedure (5 sec by default)
* Ability to override LSM profile on restore with CLI/RPC option
* External bind mounts can be fs-root mounts too
* Skip netns\' internals on dump and restore (for Docker integration)
* Advanced support for external files
* More C/R supports Optimizations/improvements:
* Align parasite stack on 16 bits for correctness
* Compilation with native libc syscall wrappers and helpers
* Parasite code injection done via memfd system call
* Make vaddr to pfn conversion with one less syscall
* CRIT shows device numbers in \"maj:min\" manner
* CRIT shows mmap\'s status in verbose
* Docker files for builds on all supported arches Fixes:
* Absent readlink syscall on ARM (use readlinkat instead) could cause dump to fail
* Wrong argument to timer_create system call could cause restore to crash
* Extra tasks in freeze cgroup caused dump to fail/hand/crash
* Unaligned restore-time object allocations caused lock operations to fail
* Opened /proc/pid dir of dead task failed the dump
* Unaligned stacks caused criu to fail on aarch64
* Changed device numbers on restore side could cause random failures
* Fixes in mount points sharing/slavery/propagation restore
* Race between mntns creation and fds closing in different tasks could cause restore to fail
* Hard kernel limit on TCP repair recv queue restore could cause big queue restore to fail
* Unconnected dgram UNIX socket with data lost packets on restore
* CRIT didn\'t show IPC objects
* CRIT didn\'t convert IP addresses in images
* Logs from PIE code contained corrupted addresses and sizes
* Not loaded netfilter modules could cause dump/restore to stuck on dumping netlink socket
* Shared external mounts were restored with error Security:
* When checking for namespaces\' CRIU entered userns with host creds
* Deprecated/removed:
* Completely removed \'show\' action. Use CRIT instead.
* Tue Dec 08 2015 tiwaiAATTsuse.de- Update to criu 1.8:
* Ability to check CRIU features via RPC
* Pre-dump and pre-restore action scripts
* The \"info\" action in CRIT showing stats about image file
* Python API
* C/R of read-only bind mounts, IPv6 routes and iptables rules, ip rules (it ip tool supports such), ignore_routes_with_linkdown netns devconf, empty bridges in netns, FILTER mode of seccomp, and IP_FREEBIND socket option
* Lots of fixes, two security fixes Service run as root could allow users to violate ptrace policies Service run as root could give users access to privileged files and directories- Remove superfluous dependencies- Clean up spec file, as systemd and logrotate supports have been officially dropped
* Thu Nov 19 2015 tiwaiAATTsuse.de- update to criu 1.7.1: Fixes in mounts, notifies and userns found while testing openvz- update to criu 1.7.2: Fixes for IPC in userns, venet C/R, socket buffers overflow and unix sockets name off-by-one- Add the package dependency on python-protobuf
* Fri Sep 11 2015 tiwaiAATTsuse.de- Disable systemd service as a temporary workaround for possibile security issues (CVE-2015-5228, CVE-2015-5231, bsc#943105)- Update to criu 1.7:
* Improved cgroups management
* Support for seccomp strict mode
* Support for stream unix sockets inheritance
* Support uid/gid-restricted mounts in userns
* Support deleted bind-mounts
* Ability to specify maximum ghost file size
* OverlayFS support
* Support relative unix sockets\' bind paths
* Altivec and PSX support for PPC
* Small PIE loader
* Temporary proc mountpoint is mounted with nosuid, noexec and nodev
* Less memory copies when preparing restorer binary
* CRIT action \"show\" for less keystrokes on common use-case
* Fsnotify log messages now use hex everywhere :)
* CRIT output doesn\'t mix fields any more
* Many fixes- Drop obsoleted patches: crit-install-prefix.diff lsm-prototype-fix.diff 4c5b23e5-criu.pc.diff
* Fri Jul 31 2015 cbosdonnatAATTsuse.com- Fix version in criu.pc file. 4c5b23e5-criu.pc.diff
* Mon Jun 01 2015 tiwaiAATTsuse.de- update to version 1.6:
* PowerPC 64bit LE support
* Makefile.local for 3-rd party build rules
* Ability to \"enable\" filesystem on dump (--enable-fs)
* Ability to skip mountpoint on dump (--skip-mnt)
* Prepare to deprecate \"criu show\" command
* External mounts auto-detection
* /dev/tty (current terminal) support
* Netdev and netns (all/default) confs C/R
* Images v1.1 with extra magic at head
* Support fusectl (only ctl) mountpoint
* Sub-version format is now as of git-describe
* Apparamor labels C/R support- Fix library path for aarch64 and ppc64le- Fix the prototype for lsm.c (to fix build errors): lsm-prototype-fix.diff- Refreshed crit-install-prefix.diff
* Tue Apr 28 2015 tiwaiAATTsuse.de- update to version 1.5.2:
* fix error in mutli-threaded tasks restore with --restore-sibling (Docker and LXC cases)
* fix too big RPC messages error for service (and swrk)
* Tue Apr 07 2015 tiwaiAATTsuse.de- Fix build failure on FACTORY due to comment-in-comment in google/protobuf/descriptor.proto- update to version 1.5.1:
* fix crash with 4.0 kernel
* legalize swrk API and add the ability for inheriting fds via it
* cgroup yard destruction and properties restore
* Fri Mar 13 2015 tiwaiAATTsuse.de- update to version 1.5: New features
* CRIT tool
* ability to request CPU compatibility on instructions level only
* C/R of empty AIO rings
* more detailed errno report via RPC
* per-feature \"criu check\"
* inheriting FDs on restore
* ability to automatically move veth device to host-side bridge on netns restore
* VT terminals support
* more user namespaces C/R stuff See more details at http://criu.org/Releases#v._1.5- fix installation of crit: crit-install-prefix.diff
* Mon Dec 01 2014 tiwaiAATTsuse.de- update to version 1.4: New features:
* Dump and check cpuinfo
* Initial support for user namespaces
* The docker_cr.sh script for Docker
* New API for writing plugins (old one is still possible)
* Service workers change their title to better look in ps output
* Ability to feed socket for pre-dump and page-server in swrk mode
* Page-server can auto-bind its port
* Ability to perform several actions during one connection to RPC service
* C/R of opened /proc/$pid/foo files of dead tasks
* C/R of /dev/console
* C/R of virtualized devtmpfs (openvz and future upstream kernels)
* C/R of empty mqueue fs (posix message queues)
* C/R of shared bind-mounts See more details at http://criu.org/Releases#v._1.4
  
ICM