- The autoload feature is used rather than GetModuleHandle(),
GetProcAddress() for CreatePseudoConsole(), ResizePseudoConsole()
and ClosePseudoConsole().
- Since calling system __loadlocale() caused execution error,
PTY used its own NLS function. The cause of the error has been
found, the corresponding code has been rewritten using system
function.
- Previously, input and output pipes were switched together between
the traditional pty and the pseudo console. However, for example,
if stdin is redirected to another device, it is better to leave
input pipe traditional pty side even for non-cygwin program. This
patch realizes such behaviour.
- If screen alternated while pseudo console switching, it sometimes
failed. This might happen when the output of the non-cygwin program
is piped to less. This patch fixes this issue.
- When the I/O pipe is switched to the pseudo console side, the
behaviour of Ctrl-C was unstable. This rarely happens, however,
for example, shell sometimes crashes by Ctrl-C in that situation.
Furthermore, Ctrl-C was ignored if output of non-cygwin program
is redirected to pipe. This patch fixes these issues.
- Forcibly attach to pseudo console in advance so that the error
messages by system_printf() are displayed to screen reliably.
This is needed when stdout is redirected to another pty. In this
case, process has two ptys opened. However, process can attach
to only one console. So it is necessary to change console attached.
- select() did not work correctly when both read and except are
polled simultaneously for the same fd and the r/w pipe is switched
to pseudo console side. This patch fixes this isseu.
- Pseudo console support introduced by commit
169d65a577 shows garbage ^[[H^[[J in
some of emacs screens. These screens do not handle ANSI escape
sequences. Therefore, clear screen is disabled on these screens.
- API hook used for pseudo console support causes slow down.
This patch limits API hook to only program which is linked
with the corresponding APIs. Normal cygwin program is not
linked with such APIs (such as WriteFile, etc...) directly,
therefore, no slow down occurs. However, console access by
cygwin.dll itself cannot switch the r/w pipe to pseudo console
side. Therefore, the code to switch it forcely to pseudo
console side is added to smallprint.cc and strace.cc.
- Pseudo console support introduced by commit
169d65a577 has some bugs which
cause mismatch between state variables and real pseudo console
state regarding console attaching and r/w pipe switching. This
patch fixes this issue by redesigning the state management.
- PTY uses Win32 API hook for pseudo console suppot. The function
hook_api() is used for this purpose and defined in fhandler_tty.cc
previously. This patch moves it into hookapi.cc.
- Support pseudo console in PTY. Pseudo console is a new feature
in Windows 10 1809, which provides console APIs on virtual
terminal. With this patch, native console applications can work
in PTYs such as mintty, ssh, gnu screen or tmux.
This code is where the AIO implementation is wired into existing Cygwin
mechanisms for file and device I/O: the fhandler* functions. It makes
use of an existing internal routine prw_open to supply a "shadow fd"
that permits asynchronous operations on a file the user app accesses
via its own fd. This allows AIO to read or write at arbitrary locations
within a file without disturbing the app's file pointer. (This was
already the case with normal pread|pwrite; we're just adding "async"
to the mix.)
This new function returns the name of the calling thread; works for both
cygthreads and pthreads. All calls to cygthread::name(/*void*/) replaced
by calls to mythreadname(/*void*/).
Bump GPLv2+ to GPLv3+ for some files, clarify BSD 2-clause.
Everything else stays under GPLv3+.
New Linking Exception exempts resulting executables from LGPLv3 section 4.
Add CONTRIBUTORS file to keep track of licensing.
Remove 'Copyright Red Hat Inc' comments.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
'man termios' says:
"A read(2) returns at most one line of input" in canonical mode.
On cygwin 2.5.1, read(2) returns all data in buffer if the buffer
size specified is large enough. This behaviour is correct in
noncanonical mode, but is not correct in canonical mode.
While checking this problem, I found a bug of tcflush(). tcflush()
flushes only partial data in the buffer. The patch also fixes this bug.
The patch has also been tested against the problem reported in
https://cygwin.com/ml/cygwin/2016-05/msg00318.html.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Makefile.in (DLL_OFILES): Add sec_posixacl.o.
(SUBLIBS): Add libacl.a
(libacl.a): New rule to create libacl.a.
* common.din: Export POSIX ACL functions as well as most libacl.a
extensions.
* fhandler.h (fhander_base::acl_get): New prototype.
(fhander_base::acl_set): Ditto.
(fhandler_disk_file::acl_get): Ditto.
(fhandler_disk_file::acl_set): Ditto.
* include/acl/libacl.h: New file.
* include/cygwin/version.h: Bump API minor version.
* include/sys/acl.h: Drop including cygwin/acl.h. Accommodate
throughout Cygwin. Add POSIX ACL definitions.
* sec_acl.cc: Include sec_posixacl.h. Replace ILLEGAL_UID and
ILLEGAL_GID with ACL_UNDEFINED_ID where sensible.
(__aclcheck): New internal acl check function to be used for
Solaris and POSIX ACLs.
(aclcheck32): Call __aclcheck.
(__aclcalcmask): New function to compute ACL_MASK value.
(__aclsort): New internal acl sort function to be used for Solaris
and POSIX ACLs.
(aclsort32): Call __aclsort.
(permtostr): Work directly on provided buffer.
(__acltotext): New internal acltotext function to be used for
Solaris and POSIX ACLs.
(acltotext32): Call __acltotext.
(__aclfromtext): New internal aclfromtext function to be used for
Solaris and POSIX ACLs.
(aclfromtext32): Call __aclfromtext.
* sec_posixacl.cc: New file implemeting POSIX ACL functions.
* sec_posixacl.h: New internal header.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag
in call to create_object_sd_from_attribute.
(fhandler_pty_slave::fstat): Ditto in call to get_object_attribute.
(fhandler_pty_slave::fchmod): Add an orig_mode flag and ditto for
both calls.
(fhandler_pty_master::setup): Ditto in call to
create_object_sd_from_attribute.
* security.cc (get_object_attribute): Never add S_IFCHR to mode
here. Let the caller decide.
(create_object_sd_from_attribute): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- New, unified implementation of POSIX permission and ACL handling. The
new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
they allow to inherit the S_ISGID bit. ACL inheritance now really
works as desired, in a limited, but theoretically equivalent fashion
even for non-Cygwin processes.
To accommodate Windows default ACLs, the new code ignores SYSTEM and
Administrators group permissions when computing the MASK/CLASS_OBJ
permission mask on old ACLs, and it doesn't deny access to SYSTEM and
Administrators group based on the value of MASK/CLASS_OBJ when
creating the new ACLs.
The new code now handles the S_ISGID bit on directories as on Linux:
Setting S_ISGID on a directory causes new files and subdirs created
within to inherit its group, rather than the primary group of the user
who created the file. This only works for files and directories
created by Cygwin processes.
2015-05-29 Corinna Vinschen <corinna@vinschen.de>
Reapply POSIX ACL changes.
* utils.xml (setfacl): Show new option output.
(getfacl): Show new option output.
* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
Apply umask, if so. Align comments.
* security.cc (set_created_file_access): Fix permission masking by
incoming requested file mode.
* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
for SYSTEM and Admins group.
* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.
* fhandler.h (fhandler_pty_slave::facl): Add prototype.
* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
(fhandler_pty_slave::fchown): Fix uid/gid handling.
* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
Simplify and move around code in a few places. To improve ACL
readability, add r/w permissions to Admins ACE appended to pty ACL.
Add comment to explain Windows ACE Mask filtering being in the way of
creating a real CLASS_OBJ.
(get_posix_access): Fake CLASS_OBJ for ptys. Explain why.
* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
when calling get_posix_access.
* sec_acl.cc (set_posix_access): Move merging group perms into owner
perms in case of owner == group after mask has been computed. Take
mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
the ACCESS_ALLOWED_ACE.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
set GROUP_OBJ and CLASS_OBJ perms to new group perms. Add comment
to explain why.
* security.cc (set_created_file_access): Ditto.
* sec_acl.cc (set_posix_access): Replace previous patch. Return
EINVAL if uid and/or guid is invalid and not backed by an actual
Windows account.
* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.
* sec_acl.cc (set_posix_access): Handle files with owner == group.
Rephrase switch statement checking against unfiltered a_type value.
(get_posix_access): Handle files with owner == group.
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
* sec_acl.cc (set_posix_access): Always make sure Admins have
WRITE_DAC and WRITE_OWNER permissions.
* security.h (create_object_sd_from_attribute): Drop handle parameter
from prototype.
* security.cc (create_object_sd_from_attribute): Drop handle parameter.
Just create the standard POSIXy security descriptor.
(set_object_attribute): Accommodate dropped paramter in call to
create_object_sd_from_attribute.
* fhandler_tty.cc: Ditto, throughout.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
mask computation.
* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
not umasked.
(fhandler_base::open): Explicitely umask mode on NFS here. Call new
set_created_file_access rather than set_file_attribute.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
setting permissions on filesystems supporting ACLs using the new
set_posix_access call.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::mkdir): Call new set_created_file_access rather
than set_file_attribute.
* fhandler_socket.cc (fhandler_socket::bind): Don't umask here. Add
WRITE_OWNER access to allow writing group in case of SGID bit set.
Call new set_created_file_access rather than set_file_attribute.
* path.cc (symlink_worker): Call new set_created_file_access rather
than set_file_attribute.
* sec_acl.cc (searchace): Un-staticize.
(set_posix_access): New, complementary functionality to
get_posix_access.
(setacl): Implement in terms of get_posix_access/set_posix_access.
(get_posix_access): Add handling for just created files requiring
their first Cygwin ACL. Fix new_style recognition. Handle SGID
bit. For old-style ACLs, ignore SYSTEM and Administrators when
computing the {DEF_}CLASS_OBJ perms.
* security.cc (get_file_sd): Revamp comment. Change and (hopefully)
speed up inheritance processing for just created files.
(alloc_sd): Remove.
(set_security_attribute): Call set_posix_access instead of alloc_sd.
(get_object_attribute): Fix return value.
(create_object_sd_from_attribute): Call set_posix_access instead of
alloc_sd.
(set_file_attribute): Remove.
(set_created_file_access): New function implemented in terms of
get_posix_access/set_posix_access.
* security.h (set_file_attribute): Remove prototype.
(set_created_file_access): Add prototype.
(searchace): Ditto.
(set_posix_access): Ditto.
* syscalls.cc (open): Call open_with_arch with mode not umasked.
* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
Describe how to generate deny ACEs in more detail. Accommodate the
fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
a special Cygwin ACE. Improve further comments.
(CYG_ACE_NEW_STYLE): Define.
(get_posix_access): Change from Cygwin ACE to NULL deny ACE. Fix
CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
NULL deny ACE if the inheritance flags say so.
* sec_helper.cc (well_known_cygwin_sid): Remove.
* security.h (well_known_cygwin_sid): Drop declaration.
* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
(get_posix_access): Rename index variable from i to idx. Define only
once at top level.
* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
Accommodate throughout.
(add_access_denied_ace): Ditto.
* sec_acl.cc: Accommodate above change throughout.
* security.h (add_access_allowed_ace): Adjust prototype to above change.
(add_access_denied_ace): Ditto.
* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
owner and primary group of the file. Handle the default primary
group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
set. Add comments. Minor code rearrangements.
Preliminary read side implementation of new permission handling.
* acl.h (MAX_ACL_ENTRIES): Raise to 2730. Add comment to explain.
* sec_acl.cc: Add leading comment to explain new ACL style.
Add definitions and macros to use for bits in new Cygwin ACL.
(DENY_RWX): New mask value for all temporary deny bits.
(getace): Add bool parameter to decide when leaving all bits intact,
rather than filtering them per the already set bits.
(get_posix_access): New function, taking over functionality to read
POSIX ACL from SECURITY_DESCRIPTOR.
(getacl): Just call get_posix_access.
* sec_helper.cc (well_known_cygwin_sid): Define.
* security.cc (get_attribute_from_acl): Remove.
(get_info_from_sd): Remove.
(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
(get_file_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h (well_known_cygwin_sid): Declare.
(get_posix_access): Add prototype.
* Throughout, use simpler ACE macros from Windows' accctrl.h.
* getfacl.c (main): Special-case SYSTEM and Admins group. Add comments.
* setfacl.c: Align more to Linux tool.
(delacl): New function to delete acl entries only.
(modacl): Drop delete functionality. Add handling of recomputing the
mask and default mask values.
(delallacl): Rename from delacl.
(setfacl): Call delacl in Delete case. Call delallacl in DeleteAll
and DeleteDef case.
(usage): Accommodate new options. Rearrange and rephrase slightly.
(longopts): Emit 'x' in --delete case. Add --no-mask and --mask
options.
(opts): Add -x and -n options.
(main): Handle -d and -x the same. Handle -n and --mask options.
Drop handling for -r option.
* getfacl.c (usage): Align more closely to Linux version. Add new
options -c, -e, -E. Change formatting to accommodate longer options.
(longopts): Rename --noname to --numeric. Keep --noname for backward
compatibility. Add --omit-header, --all-effective and --no-effective
options.
(opts): Add -c, -e and -E option.
(main): Handle new -c, -e, and -E options.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_tty.cc (fhandler_pty_slave::fch_close_handles): Don't close
handles not opened via fhandler_pty_slave::fch_open_handles.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_base): Add virtual function
get_io_handle_cyg() to get handle from which OPOST-processed output is
read on PTY master.
(class fhandler_pty_slave): Add variable output_handle_cyg to store a
handle to which OPOST-processed output is written. Add two functions,
i.e., set_output_handle_cyg() and get_output_handle_cyg(), regarding
variable output_handle_cyg. Now, output_handle is used only by native
windows program. The data before OPOST-processing is written to
output_handle and OPOST-processing is applied in the master-side. For a
cygwin process, OPOST-processing is applied in the slave-side, and the
data after OPOST-processing is written to output_handle_cyg.
(class fhandler_pty_master): Add two variables, i.e., io_handle_cyg and
to_master_cyg, to store handles of a pipe through which OPOST-processed
output passes. Add pty_master_fwd_thread and function
pty_master_fwd_thread() for a thread which applies OPOST-processing
and forwards data from io_handle to to_master_cyg. Add function
get_io_handle_cyg() regarding variable io_handle_cyg. Now, the pipe
between io_handle and to_master are used only by native windows program
for applying OPOST-processing in the master-side. For a cygwin process,
the pipe between io_handle_cyg and to_master_cyg is used for passing
through the data which is applied OPOST-processing in the slave-side.
* fhandler_tty.cc (struct pipe_reply): Add member to_master_cyg.
(fhandler_pty_master::process_slave_output): Read slave output from
io_handle_cyg rather than io_handle.
(fhandler_pty_slave::fhandler_pty_salve): Initialize output_handle_cyg.
(fhandler_pty_slave::open): Set output_handle_cyg by duplicating handle
to_master_cyg on PTY master.
(fhandler_pty_slave::close): Close handle output_handle_cyg.
(fhandler_pty_slave::write): Write data to output_handle_cyg rather
than output_handle.
(fhandler_pty_slave::fch_close_handles): Close handle output_handle_cyg.
(fhandler_pty_master::fhandler_pty_master): Initialize io_handle_cyg,
to_master_cyg and master_fwd_thread.
(fhandler_pty_master::cleanup): Clean up to_master_cyg as well.
(fhandler_pty_master::close): Print to_master_cyg as well in debug
message. Terminate master forwarding thread. Close handles
to_master_cyg and io_handle_cyg.
(fhandler_pty_master::ioctl): Use io_handle_cyg rather than to_master.
(fhandler_pty_master::pty_master_thread): Add code for duplicating
handle to_master_cyg.
(fhandler_pty_master::pty_master_fwd_thread): New function for a thread
to forward OPOST-processed data from io_handle to to_master_cyg. This
thread applies OPOST-processing to the output of native windows program.
(::pty_master_fwd_thread): Ditto.
(fhandler_pty_master::setup): Create a new pipe to pass thruegh OPOST-
processed output. Create new thread to forward data from io_handle to
to_master_cyg. Set handle to_master_cyg to tty. Print io_handle_cyg as
well in debug message. Close handles io_handle_cyg and to_master_cyg in
case of error.
(fhandler_pty_master::fixup_after_fork): Set handle to_master_cyg to
tty. Copy handle to_master_cyg from arch->to_master_cyg.
(fhandler_pty_master::fixup_after_exec): Clean up to_master_cyg.
* select.cc: Check handle returned by get_io_handle_cyg() rather than
get_handle().
* tty.h (class tty): Add variable _to_master_cyg to store a handle to
which OPOST-processed data is written. Add two functions,
to_master_cyg() and set_to_master_cyg(), regarding _to_master_cyg.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_tty.cc (fhandler_pty_slave::read): Change calculation of
"readlen" not to use "bytes_in_pipe" value directly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* tty.h (class tty_min): Remove variable "write_error" to which any
errors are not currently set at anywhere.
(class tty): Add variable "column" for handling ONOCR.
* tty.cc (tty::init): Add initialization code for variable "column".
* fhandler.h (class fhandler_pty_master): Remove variable "need_nl"
which is not necessary any more. "need_nl" was needed by OPOST process
in fhandler_pty_master::process_slave_output().
(class fhandler_pty_common): Add function process_opost_output() for
handling post processing for OPOST in write process.
* fhandler_tty.cc (fhandler_pty_master::process_slave_output): Count
TIOCPKT control byte into length to be read in TIOCPKT mode. Move
post processing for OPOST to write process. Remove code related to
variable "write_error". Return with EIO error if slave is already
closed.
(fhandler_pty_master::fhandler_pty_master): Remove initialization
code for variable "need_nl".
(fhandler_pty_common::process_opost_output): Add this function for
handling of OPOST in write process. Add code to avoid blocking in
non-blocking mode when output is suspended by ^S.
(fhandler_pty_slave::write): Call fhandler_pty_common::
process_opost_output() instead of WriteFile(). Remove code related to
variable "write_error".
(fhandler_pty_master::doecho): Call fhandler_pty_common::
process_opost_output() instead of WriteFile().
* select.cc (peek_pipe): Remove code related to variable "need_nl".
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
(tty::is_master_closed): Drop method.
* fhandler_tty.cc (fhandler_pty_slave::open): Remove code prematurely
bailing out if master control thread is not running.
(fhandler_pty_slave::read): Don't generate SIGHUP if master control
thread is not running.
(fhandler_pty_master::close): Rearrange code to avoid stopping master
control thread twice in multi-threaded scenarios.
(class fhandler_pty_master): Add echo_r and echo_w handles constituting
read and write side of new echo pipe.
* select.cc (peek_pipe): On pty masters, check additionally if input
from the echo pipe is available.
* fhandler_tty.cc (fhandler_pty_master::doecho): Drop output_mutex
locking. Write output to echo pipe.
(fhandler_pty_master::process_slave_output): Check if input is available
in echo pipe and prefer to read from it, if so.
(fhandler_pty_slave::write): Drop output_mutex locking.
(fhandler_pty_master::fhandler_pty_master): Initialize echo pipe
handles to NULL.
(fhandler_pty_master::close): Close and NULL echo pipe handles.
(fhandler_pty_master::setup): Create echo pipe, close in case of error.
written bytes.
* fhandler_termios.cc (fhandler_termios::tcinit): Fix formatting.
(fhandler_termios::line_edit): Return bytes actually written. Write
in 32 byte chunks in non-canonical mode to reduce number of WriteFile
calls. Don't just eat unwritten bytes in case of an error condition.
Especially, don't report them back to the caller as written.
* fhandler_tty.cc (fhandler_pty_slave::read): Disable code reducing
the number of bytes read from the pipe to vmin. Add comment.
(fhandler_pty_master::write): Convert ret to ssize_t type. Just call
line_edit once, not in a loop once for each byte. Return bytes written
as returned by line_edit.
to declaration.
* fhandler_tty.cc (fhandler_pty_slave::fch_open_handles): Add bool
parameter "chown". Only request WRITE_OWNER access when opening pty
synchronization objects if "chown" is set.
(fhandler_pty_slave::fchmod): Call fch_open_handles with new bool
parameter set to false.
(fhandler_pty_slave::fchown): Call fch_open_handles with new bool
parameter set to true.
* kernel32.cc (CreateFileMappingW): Fix default standard rights for
file mappings from READ_CONTROL to STANDARD_RIGHTS_REQUIRED to allow
changing the DACL (fixes "access denied" error in pinfo::set_acl).
* fhandler_disk_file.cc (fhandler_base::fstat_helper): Change debug
output to print mode bits in octal.
* security.cc (alloc_sd): Ditto.
(set_file_attribute): Ditto.