diff options
| author | Younes Manton <ymanton@ca.ibm.com> | 2022-05-30 20:34:20 +0300 |
|---|---|---|
| committer | Andrei Vagin <avagin@gmail.com> | 2022-07-13 09:43:50 +0300 |
| commit | 290a998ec827dac96f22bdbc978dc931784b6d1e (patch) | |
| tree | 5f33a9f0f4f12ab348ff32c6feb77a4d77d6823e /criu | |
| parent | c8f9880adab038481f7806173b698fc6e17ba76a (diff) | |
config/files-reg: Add opt to skip file r/w/x check on restore
A file's r/w/x changing between checkpoint and restore does
not necessarily imply that something is wrong. For example,
if a process opens a file having perms rw- for reading and
we change the perms to r--, the process can be restored and
will function as expected.
Therefore, this patch adds an option
--skip-file-rwx-check
to disable this check on restore. File validation is unaffected
and should still function as expected with respect to the content
of files.
Signed-off-by: Younes Manton <ymanton@ca.ibm.com>
Diffstat (limited to 'criu')
| -rw-r--r-- | criu/config.c | 1 | ||||
| -rw-r--r-- | criu/cr-service.c | 3 | ||||
| -rw-r--r-- | criu/crtools.c | 3 | ||||
| -rw-r--r-- | criu/files-reg.c | 18 | ||||
| -rw-r--r-- | criu/include/cr_options.h | 1 |
5 files changed, 23 insertions, 3 deletions
diff --git a/criu/config.c b/criu/config.c index 4023d807c..24c445c8b 100644 --- a/criu/config.c +++ b/criu/config.c @@ -696,6 +696,7 @@ int parse_options(int argc, char **argv, bool *usage_error, bool *has_exec_cmd, { "cgroup-yard", required_argument, 0, 1096 }, { "pre-dump-mode", required_argument, 0, 1097 }, { "file-validation", required_argument, 0, 1098 }, + BOOL_OPT("skip-file-rwx-check", &opts.skip_file_rwx_check), { "lsm-mount-context", required_argument, 0, 1099 }, { "network-lock", required_argument, 0, 1100 }, BOOL_OPT("mntns-compat-mode", &opts.mntns_compat_mode), diff --git a/criu/cr-service.c b/criu/cr-service.c index a6eb9ebd3..1d9f0aca3 100644 --- a/criu/cr-service.c +++ b/criu/cr-service.c @@ -464,6 +464,9 @@ static int setup_opts_from_req(int sk, CriuOpts *req) if (req->has_shell_job) opts.shell_job = req->shell_job; + if (req->has_skip_file_rwx_check) + opts.skip_file_rwx_check = req->skip_file_rwx_check; + if (req->has_file_locks) opts.handle_file_locks = req->file_locks; diff --git a/criu/crtools.c b/criu/crtools.c index cc8d9179f..8bcbe8e38 100644 --- a/criu/crtools.c +++ b/criu/crtools.c @@ -504,6 +504,9 @@ usage: " --file-validation METHOD\n" " pass the validation method to be used; argument\n" " can be 'filesize' or 'buildid' (default).\n" + " --skip-file-rwx-check\n" + " Skip checking file permissions\n" + " (r/w/x for u/g/o) on restore.\n" "\n" "Check options:\n" " Without options, \"criu check\" checks availability of absolutely required\n" diff --git a/criu/files-reg.c b/criu/files-reg.c index 0249063c2..ce8788637 100644 --- a/criu/files-reg.c +++ b/criu/files-reg.c @@ -2199,9 +2199,21 @@ ext: if (!validate_file(tmp, &st, rfi)) goto err; - if (rfi->rfe->has_mode && (st.st_mode != rfi->rfe->mode)) { - pr_err("File %s has bad mode 0%o (expect 0%o)\n", rfi->path, (int)st.st_mode, rfi->rfe->mode); - goto err; + if (rfi->rfe->has_mode) { + mode_t curr_mode = st.st_mode; + mode_t saved_mode = rfi->rfe->mode; + + if (opts.skip_file_rwx_check) { + curr_mode &= ~(S_IRWXU | S_IRWXG | S_IRWXO); + saved_mode &= ~(S_IRWXU | S_IRWXG | S_IRWXO); + } + + if (curr_mode != saved_mode) { + pr_err("File %s has bad mode 0%o (expect 0%o)\n" + "File r/w/x checks can be skipped with the --skip-file-rwx-check option\n", + rfi->path, (int)curr_mode, saved_mode); + goto err; + } } /* diff --git a/criu/include/cr_options.h b/criu/include/cr_options.h index bf1a762cc..e544a2d9a 100644 --- a/criu/include/cr_options.h +++ b/criu/include/cr_options.h @@ -179,6 +179,7 @@ struct cr_options { bool lazy_pages; char *work_dir; int network_lock_method; + int skip_file_rwx_check; /* * When we scheduler for removal some functionality we first |