Description:
This update for criu fixes the following issues:
Update to criu 3.15:
see details at https://criu.org/Download/criu/3.15
New features:
* Introduced criu-image-streamer
* Added MIPS support
* Allow checkpointing out of existing PID namespace and restoring
into existing PID namespace
* Added additional file validation mechanisms
* Added support to checkpoint and restore BPF hash maps
(BPF_MAP_TYPE_HASH) and array maps (BPF_MAP_TYPE_ARRAY)
* Initial cgroups v2 support
Update to criu 3.14:
New features:
* C/R of memfd memory mappings and file descriptors
* Add time namespace support
* Add the read pre-dump mode which uses process_vm_readv
* Add --cgroup-yard option
* Add support of the cgroup v2 freezer
* Add support of opened O_PATH fds
Bugfixes:
* Fix C/R ia32 processes on AMD #398
* Fix cross-compilation
* Many fixes here and there
Improvements:
* Use clone3() with set_tid to restore processes
* Clean up compel headers
* Use the new mount API
Update to criu 3.13:
New features:
* VDSO: arm32 support
* Add TLS support for page server communications
* "Ignore" mode for --manage-cgroups
* Restore SO_BROADCAST option for inet sockets
Bugfixes:
* Auxiliary events were left in inotify queues
* Lazy-pages daemon didn't detect stack pages and surrounders
properly and marked them as "lazy"
* Memory and resource leakage were detected by coverity, cppcheck
and clang
Improvements:
* Use gettimeofday() directly from vdso for restore timings
* Reformat all .py code into pep8 style
Update to criu 3.12:
New features:
* build CRIU with Android NDK
* C/R of IP RAW sockets
* lsm: dump and restore any SELinux process label
* support restoring ghost files on readonly mounts
Bugfixes:
* Do not lock network if running in the host network namespace
* Fix RPC configuration file handling
* util: don't leak file descriprots to third-party tools
* small fixes here and there
Improvements:
* travis: switch to the Ubuntu Xenial
* travis-ci: Enable ia32 tests
* Many improvements and bug fixes in the libcriu
* Changes in the API and ABI (SONAME increased from 1 to 2)
- Updated to libcriu2 subpackage to follow SONAME 2
Update to criu 3.10:
New features:
* Support Python3 in ZDTM and CRIT
* Keep names for UNIX sockets, that are unlinked from the FS
* IPVv6 support for page server
* Set page server socket fd via CLI
* Large pages support for aarch64/ppc64
* C/R of Per-thread seccomp chains
Bugfixes:
* Failed non-container restore could kill random task on the host
* Failure to dump namespaces was erroneously ignored
* CRIT didn't show cpuinfo image file
* Tasks that got PID-reuse couldn't be dumped iteratively because
previous images were missing
Update to criu 3.11:
New features:
* cpuinfo: Detect compact frames and handle noxsaves
* Add support for configuration files
* Add support for external net namespaces
* Punch holes in input files when restoring anonymous non-shared
memory ( --auto-dedup )
* C/R of
+ epoll: Add support for duped targets
+ tun: Add support for multiple net ns
+ x86: Support extendable fpu frames
Bugfixes:
* mount: Better handling of mount points propagation
* nmk: Make collect-deps to be more precise about targets
* lazy-pages: Don't mark current stack page as lazy
* x86: CPU -- Rework feature testing
* files: Fix O(n^2) restore in terms of the number of fds
* fdstore: Unlimit fdstore queue on start
* mount: Fix regression where open_mountpoint failed on readonly fs
* page server: Handle partial splicing
* ... lots of small fixes here and there
Improvements:
* Remove all magic of service descriptors when it isn't required
update to criu 3.9:
New features
- C/R of
+ Tun-Tap devices in sub-netns
+ File descriptors which were opened with O_TMPFILE
Improvements
- Restore of inotify watchers
- Restore unix sockets in proper mount namespaces
- Print CRIU and kernel version also in RPC mode
Bugfixes
- Random memory corruptions during lazy restore
- Workaround the iptables issue
- Don't use standard descriptors when tar is running to dump
tmpfs mounts
- Fail dump if dump_one_file() fails
- Fill kerndat with zero-s before reading it from cache