Commit Graph

804 Commits

Author SHA1 Message Date
Ken Brown 5b8358e6ed Cygwin: remove the OPEN_MAX_MAX macro
Replace all occurrences of OPEN_MAX_MAX by OPEN_MAX, and define the
latter to be 3200, which was the value of the former.  In view of the
recent change to getdtablesize, there is no longer a need to
distinguish between these two macros.
2021-02-01 09:55:08 -05:00
Ken Brown 3d256e22e2 Cygwin: getdtablesize: always return OPEN_MAX_MAX
According to the Linux man page for getdtablesize(3), the latter is
supposed to return "the maximum number of files a process can have
open, one more than the largest possible value for a file descriptor."
The constant OPEN_MAX_MAX is the only limit enforced by Cygwin, so we
now return that.

Previously getdtablesize returned the current size of cygheap->fdtab,
Cygwin's internal file descriptor table.  But this is a dynamically
growing table, and its current size does not reflect an actual limit
on the number of open files.

With this change, gnulib now reports that getdtablesize and
fcntl(F_DUPFD) work on Cygwin.  Packages like GNU tar that use the
corresponding gnulib modules will no longer use gnulib replacements on
Cygwin.
2021-02-01 09:55:07 -05:00
Ken Brown 883abd9d7d Cygwin: fchmodat: add limited support for AT_SYMLINK_NOFOLLOW
Allow fchmodat with the AT_SYMLINK_NOFOLLOW flag to succeed on
non-symlinks.  Previously it always failed, as it does on Linux.  But
POSIX permits it to succeed on non-symlinks even if it fails on
symlinks.

The reason for following POSIX rather than Linux is to make gnulib
report that fchmodat works on Cygwin.  This improves the efficiency of
packages like GNU tar that use gnulib's fchmodat module.  Previously
such packages would use a gnulib replacement for fchmodat on Cygwin.
2021-01-29 11:50:53 -05:00
Corinna Vinschen 5b941f21b5 Cygwin: Align *utime*() with POSIX/glibc
Followup to previous patch, this time matching definitions in Cygwin

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2021-01-26 17:27:35 +01:00
Ben Wijen f4cac1217e syscalls.cc: Deduplicate remove
The remove code is already in the _remove_r function.
So, just call the _remove_r function.
2021-01-25 19:57:46 +01:00
Ben Wijen cb41c375a6 syscalls.cc: unlink_nt: Try FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE
I think we don't need an extra flag as we can utilize: access & FILE_WRITE_ATTRIBUTES
What do you think?

Ben Wijen (1):
  syscalls.cc: unlink_nt: Try FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE

 winsup/cygwin/ntdll.h     |  3 ++-
 winsup/cygwin/syscalls.cc | 22 +++++++--------
 winsup/cygwin/wincap.cc   | 11 ++++++++
 winsup/cygwin/wincap.h    | 56 ++++++++++++++++++++-------------------
 4 files changed, 53 insertions(+), 39 deletions(-)

--
2.30.0

>From 2d0ff6fec10d03c24d11c747852018b7bc1136ac Mon Sep 17 00:00:00 2001
In-Reply-To: <20210122105201.GD810271@calimero.vinschen.de>
References: <20210122105201.GD810271@calimero.vinschen.de>
From: Ben Wijen <ben@wijen.net>
Date: Tue, 17 Dec 2019 15:15:25 +0100
Subject: [PATCH v3 1/8] syscalls.cc: unlink_nt: Try
 FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE

Implement wincap.has_posix_unlink_semantics_with_ignore_readonly and when set
skip setting/clearing of READONLY attribute and instead use
FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE
2021-01-25 10:50:13 +01:00
Ken Brown a60a4501b7 Cygwin: ptsname_r: always return an error number on failure
Return EBADF on a bad file descriptor.  Previously 0 was returned, in
violation of the requirement in
https://man7.org/linux/man-pages/man3/ptsname_r.3.html that an error
number should be returned on failure.

We are intentionally deviating from Linux, on which ENOTTY is
returned.

Addresses: https://lists.gnu.org/archive/html/bug-gnulib/2021-01/msg00245.html
2021-01-22 10:36:43 -05:00
Ben Wijen 0c0ff5dc21 Cygwin: Move post-dir unlink check
Move post-dir unlink check from fhandler_disk_file::rmdir to
_unlink_nt_post_dir_check

If a directory is not removed through fhandler_disk_file::rmdir
we can now make sure the post dir check is performed.
2021-01-22 13:35:11 +01:00
Ben Wijen cbeb1009a9 syscalls.cc: Use EISDIR
This is the non-POSIX value returned by Linux since 2.1.132.
2021-01-18 12:04:42 +01:00
Ben Wijen 17ede0eae5 syscalls.cc: Fix num_links
NtQueryInformationFile on fh_ro needs FILE_READ_ATTRIBUTES
to succeed.
2021-01-18 12:01:19 +01:00
Ken Brown 9ad86f619c Cygwin: fstatat: call fstat64 instead of fstat
This fixes a bug on 32-bit Cygwin that was introduced in commit
84252946, "Cygwin: fstatat, fchownat: support the AT_EMPTY_PATH flag".

Add a comment explaining why fstat should not be called.

Addresses: https://cygwin.com/pipermail/cygwin/2021-January/247399.html
2021-01-12 14:41:53 -05:00
Corinna Vinschen 4bfa93f1a0 Cygwin: symlink/mknod: fix ACL handling
mknod32 actually creates a path_conv, just to call mknod_worker
with a win32 path.  This doesn't only require to create path_conv
twice, it also breaks permissions on filesystems supporting ACLs.

Fix this by passing the path_conv created in the caller down to
symlink_worker.  Also, while at it, simplify the handling of trailing
slashes and move it out of symlink_worker.  Especially use the
new PC_SYM_NOFOLLOW_DIR flag to avoid fiddeling with creating
a new path copy without the trailing slash.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2020-01-28 17:58:06 +01:00
Corinna Vinschen cf6c439b6d Cygwin: drop __stdcall from close_all_files
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2020-01-28 15:33:53 +01:00
Ken Brown 352dbd304b Cygwin: fstatat, fchownat: support the AT_EMPTY_PATH flag
Following Linux, allow the pathname argument to be an empty string if
the AT_EMPTY_PATH flag is specified.  In this case the dirfd argument
can refer to any type of file, not just a directory, and the call
operates on that file.  In particular, dirfd can refer to a symlink
that was opened with O_PATH | O_NOFOLLOW.
2020-01-20 09:47:15 -05:00
Ken Brown 6cc05784e1 Cygwin: readlinkat: allow pathname to be empty
Following Linux, allow the pathname argument to be an empty string,
provided the dirfd argument refers to a symlink opened with
O_PATH | O_NOFOLLOW.  The readlinkat call then operates on that
symlink.
2020-01-17 10:27:48 -05:00
Ken Brown 35a1a6dbdf Cygwin: allow opening a symlink with O_PATH | O_NOFOLLOW
Up to now, opening a symlink with O_NOFOLLOW fails with ELOOP.
Following Linux, allow this to succeed if O_PATH is also specified.
2020-01-17 07:43:02 -05:00
Anton Lavrentiev via cygwin-patches fe239aef1b Cygwin: getpriority() consistent with process priority
https://cygwin.com/ml/cygwin/2019-08/msg00122.html
2019-10-31 21:40:22 +01:00
Corinna Vinschen 8551226961 Cygwin: seteuid: do not verify lsaprivkeyauth token
We don't support setting groups via /etc/groups anymore.  Also, the
initgroups group list is created via S4U, so we have "Interactive" vs.
"Network" token, an artificial and entirely irrelevant difference.

So,  "verifying" the lsaprivkeyauth token may lead to rejecting a prefectly
valid token.  Just remove the verify_token call.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-03-04 20:36:26 +01:00
Corinna Vinschen 5c4ce731ac Cygwin: Revert attempting to unload user profile after use
Revert "Cywin: user profile: unload impersonation user profile on exit"
Revert "Cygwin: seteuid: allow inheriting impersonation user profile handle"
Revert "Cygwin: user profile: add debug output to unload_user_profile"
Revert "Cygwin: user profile: Make an effort to unload unused user profiles"

This reverts commit bcb33dc4f0.
This reverts commit dd3730ed9c.
This reverts commit 8eee25241e.
This reverts commit 71b8777a71.

This patchset actually results in the following problem:

- After a couple of ssh logon/logoff attempts, an interactive session
  of the same user loging in, is broken.

Apparently UnloadUserProfile manages to unload the user's profile
even while a parallel interactive session still uses the user's
profile.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-03-04 17:31:27 +01:00
Corinna Vinschen dd3730ed9c Cygwin: seteuid: allow inheriting impersonation user profile handle
The child process needs access to the handle to be able to
unload it when switching user context.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-23 20:48:59 +01:00
Corinna Vinschen 71b8777a71 Cygwin: user profile: Make an effort to unload unused user profiles
Does this work?  There's not much feedback given.

TODO: We might want to try unloading the user profile at process
exit as well, FWIW.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-23 17:30:44 +01:00
Corinna Vinschen 13b1f9c0d1 Cygwin: seteuid32: don't use INVALID_HANDLE_VALUE
NULL is the natural state of an unused handle

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-23 17:24:05 +01:00
Corinna Vinschen 105fbdebdd Cygwin: s4uauth: allow to be called for identification only
s4uath was only callable to create an impersonation token so
far.  Rework the function to allow creating an identification
token for informational purposes even from untrusted processes.

Take domainname and username instead of a passwd pointer to be
more multi-purpose.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-22 21:58:51 +01:00
Corinna Vinschen e53373bbdb Cygwin: re-enable create_token for older systems
Under WOW64 on 64 bit Windows 7, MsV1_0S4ULogon appears to be
unimplemented, probably under Vista as well.  Re-enable
create_token method, to allow basic seteuid on W7 WOW64 and
Vista as well.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-18 21:00:59 +01:00
Michael Haubenwallner 8ddb1f60c8 forkables: Create forkable hardlinks, yet unused.
In preparation to protect fork() against dll- and exe-updates, create
hardlinks to the main executable and each loaded dll in subdirectories
of /var/run/cygfork/, if that one exists on the NTFS file system.

The directory names consist of the user sid, the main executable's NTFS
IndexNumber, and the most recent LastWriteTime of all involved binaries
(dlls and main executable).  Next to the main.exe hardlink we create the
empty file main.exe.local to enable dll redirection.

The name of the mutex to synchronize hardlink creation/cleanup also is
assembled from these directory names, to allow for synchronized cleanup
of even orphaned hardlink directories.

The hardlink to each dynamically loaded dll goes into another directory,
named using the NTFS IndexNumber of the dll's original directory.

	* Makefile.in (DLL_OFILES): Add forkable.o.
	* dll_init.h (struct dll): Declare member variables fbi, fii,
	forkable_ntname.  Declare methods nominate_forkable,
	create_forkable.
	(struct dll_list): Declare enum forkables_needs.  Declare member
	variables forkables_dirx_size, forkables_dirx_ntname,
	forkables_mutex_name, forkables_mutex.  Declare private methods
	forkable_ntnamesize, prepare_forkables_nomination,
	update_forkables_needs, update_forkables, create_forkables,
	denominate_forkables, close_mutex, try_remove_forkables,
	set_forkables_inheritance, request_forkables.  Declare public
	static methods ntopenfile, read_fii, read_fbi.  Declare public
	methods release_forkables, cleanup_forkables.  Define public
	inline method setup_forkables.
	* dll_init.cc (dll_list::alloc): Allocate memory to hold the
	name of the hardlink in struct dll member forkable_ntname.
	Initialize struct dll members fbi, fii.
	(dll_list::load_after_fork): Call release_forkables method.
	* fork.cc: Rename public fork function to static dofork, add
	with_forkables as bool pointer parameter.  Add new fork function
	calling dofork.  (struct frok): Add bool pointer member
	with_forkables, add as constructor parameter.
	(frok::parent): Call dlls.setup_forkables before CreateProcessW,
	dlls.release_forkables afterwards.
	* pinfo.cc (pinfo::exit): Call dlls.cleanup_forkables.
	* syscalls.cc (_unlink_nt): Rename public unlink_nt function to
	static _unlink_nt, with 'shareable' as additional argument.
	(unlink_nt): New, wrap _unlink_nt for original behaviour.
	(unlink_nt_shareable): New, wrap _unlink_nt to keep a binary
	file still loadable while removing one of its hardlinks.
	* forkable.cc: New file.
	Implement static functions mkdirs, rmdirs, rmdirs_synchronized,
	stat_real_file_once, format_IndexNumber, rootname, sidname,
	exename, lwtimename.  Define static array forkable_nameparts.
	(struct dll): Implement nominate_forkable, create_forkable.
	(struct dll_list): Implement static methods ntopenfile,
	read_fii, read_fbi.  Implement forkable_ntnamesize,
2019-02-07 15:58:02 +01:00
Corinna Vinschen 9fa22dba55 Cygwin: unlink: allow fallback from POSIX to default method
Trying to delete in-use executables and DLLs using
FILE_DISPOSITION_POSIX_SEMANTICS returns STATUS_CANNOT_DELETE.
Fall back to the former method if that error occurs to allow
unlinking these files.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-06 21:17:35 +01:00
Corinna Vinschen 5628399c84 Cygwin: proc fd: fix handling of pipes, sockets, etc
The symlink target of /proc/PID/fd files pointing to pipes and
sockets are just artificial filenames referencing the object using
some internal number.  The pipe open code expects a path specifying
process pid and the internal number so it access the right process
and pipe.

- Set the posix path of the pipe to the simple pipe name only,
  as it shows up in /proc/PID/fd.  A /proc/self prefix is just
  as wrong as a /dev/fd prefix.

- Revert thinko in fhandler_pipe::open expecting the name as
  /proc/self/fd/...  In fact this should never happen.

- Fix up the path before re-opening the pipe instead.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-05 15:32:08 +01:00
Corinna Vinschen 1f6340aa8b Cygwin: proc fd: pass along open mode when reopening file
The reopen code neglected to pass along the requested open
mode correctly.  This may end up reopening the file with
incorrect access mask, or duplicating the wrong pipe handle.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-05 15:20:13 +01:00
Corinna Vinschen 0fb497165f Cygwin: seteuid: use Kerberos/MsV1_0 S4U authentication by default
- This simple and official method replaces cyglsa and "create token"
  methods.  No network share access, same as before.

- lsaauth and create_token are disabled now.  If problems crop up,
  they can be easily reactivated.  If no problems crop up, they
  can be removed in a while, together with the lsaauth subdir.

- Bump Cygwin version to 3.0.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-26 19:41:03 +01:00
Corinna Vinschen 0e3fd33321 Cygwin: create_token: Return NULL, not INVALID_HANDLE_VALUE
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-26 12:42:38 +01:00
Corinna Vinschen 3a1ed0ef70 Cygwin: syscalls.cc: fix formatting
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-26 12:42:38 +01:00
Corinna Vinschen 5275b3e3f2 Cygwin: wincap: split has_posix_file_info
While FileRenameInformationEx is defined starting with Windows
10 1709 per MSDN, it only starts working in W10 1809, apparently.
Users of 1803 report "Function not implemented".

Introduce wincap_10_1809 and change the version check in
wincapc::init accordingly.  Split has_posix_file_info into
has_posix_unlink_semantics and has_posix_rename_semantics.
Enable the latter only starting with W10 1809.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-14 20:38:24 +01:00
Corinna Vinschen fbd3835384 Cygwin: try_to_bin: don't check recycler filename all the time
So far we check the recycler name all the time, and the last interation
also only managed to handle two ways to write the recycler.  However,
an adventurous user might change the case of the recycler arbitrarily.

Fix this problem by keeping track of the name in a somewhat relaxed
fashion.  Use camel back on drive C by default, all upper case elsewhere.
Only if the rename op fails do we fix the recycler name on the fly
when trying to create it, and it turns out it already existed.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-09 21:48:43 +01:00
Corinna Vinschen b7a6d357ee Cygwin: try_to_bin: fix rootdir handle after reopening
If the first rename fails, we reopen the rootdir for creating a subdir.
The rootdir handle can change its value at this point, but the code
doesn't take this into account.  The subsequent rename then fails with
STATUS_INVALID_HANDLE.  Fix this by copying the new rootdir value to
pfri->RootDirectory.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-09 21:48:43 +01:00
Corinna Vinschen ec457e0351 Cygwin: rename: use FILE_RENAME_POSIX_SEMANTICS if available
starting with W10 1709 on local NTFS drives

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-09 15:47:43 +01:00
Corinna Vinschen 15094d5d01 Cygwin: rename: rename incoming flags argument to at2flags
Avoid name confusion with later used flags variable

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-09 14:45:37 +01:00
Corinna Vinschen dee6cb133a Cygwin: try_to_bin: don't reopen the file
So far we reopened the file if it was opened case sensitive to
workaround the problem that the recycler could be named in
camel back or all upper case, depending on who created it.
That's a problem for O_TMPFILE on pre-W10.  As soon as the
original HANDLE gets closed, delete-on-close is converted to full
delete disposition and all useful operations on the file cease to
work (STATUS_ACCESS_DENIED or STATUS_FILE_DELETED).

To avoid that problem drop the reopen code and check for the exact
recycler filename, either $Recycle.Bin or $RECYCLE.BIN, if the file
has been opened case sensitive.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-08 21:47:28 +01:00
Corinna Vinschen 9443efe099 Cygwin: linkat: support Linux-specific AT_EMPTY_PATH flag
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-07 19:36:37 +01:00
Corinna Vinschen b93022a82d Cygwin: open: support Linux-specific O_PATH flag
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-07 19:35:00 +01:00
Corinna Vinschen 91ca95ae4a Cygwin: rename pipe.cc to fhandler_pipe.cc
move pipe syscalls to syscalls.cc

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-07 12:31:28 +01:00
Corinna Vinschen 7aca27b4fe Cygwin: introduce fhandler_process_fd and add stat(2) handling
move special fd symlink code into own fhandler_process_fd class
to simplify further additions to /proc/PID/fd/DESCRIPTOR symlink
handling.

Add a method to handle stat(2) on such a proc fd symlink by handle.
This allows correct reply from stat(2) if the target file has been
deleted.  This eventually fixes `awk -f /dev/fd/3 3<<eof'.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-06 20:30:14 +01:00
Corinna Vinschen ba12614f79 Cygwin: path_conv: add PATH_RESOLVE_PROCFD path_types flag
path_conv now sets the PATH_RESOLVE_PROCFD flag in path_flags if
the PC_SYM_NOFOLLOW_PROCFD pathconv_arg flag has been set on input
*and* the file is actually a proc fd symlink.

Add matching path_conv::follow_fd_symlink method for checking and
use it in open(2).

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-06 20:30:14 +01:00
Corinna Vinschen 7dbe307e38 Cygwin: Move O_TMPFILE to bin and allow linkat by handle
Along the same lines as the previous patch: By reopening an
O_TMPFILE by handle, we can now move the file to the bin at
open time and thus free'ing up the parent dir and *still*
open the file as /proc/PID/fd/DESCRIPTOR by linkat(2).
2019-01-06 20:30:14 +01:00
Corinna Vinschen a1a750325e Cygwin: try_to_bin: allow to move O_TMPFILE files into bin
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-06 20:30:14 +01:00
Corinna Vinschen 732613f30a Cygwin: implement /proc/PID/fd/DESCRIPTOR reopening by handle
Allows expressions along the lines of `cat /proc/self/fd/0 <<EOF'.
The problem here is that the temporary file used for the here script
has already been deleted by the shell.  Opening by filename, as
implemented so far, doesn't work because the file has been moved
to the bin.

Allow reopening files by handle the same way from another process
as long as we have sufficient permissions on the foreign process.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-06 20:30:14 +01:00
Corinna Vinschen 36ff506ddc Cygwin: try_to_bin: fix typos in comments
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-05 11:32:23 +01:00
Corinna Vinschen 34d9bb7093 Cygwin: drop disabled O_TMPFILE POSIX unlink code
The commit message of commit 07e0a9584f
and the expectation set therein, are wrong.

There's no POSIX semantics allowing to link a file with a link
count of 0 and making it available in the file system again.
In fact, the Linux linkat extension AT_EMPTY_PATH explicitely
disallows to link a file descriptor to a file with a link count
of 0, except for O_TMPFILE without O_EXCL.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-04 11:01:47 +01:00
Corinna Vinschen 07e0a9584f Cygwin: open(2): Change comment in disabled O_TMPFILE POSIX unlink code
- Turns out, the definition of POSIX unlink semantics is half-hearted
  so far: It's not possible to link an open file HANDLE if it has
  been deleted with POSIX semantics, nor is it possible to remove
  the delete disposition.  This breaks linkat on an O_TMPFILE.

  Tested with W10 1809.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-12-26 22:16:59 +01:00
Corinna Vinschen a7f392686b Cygwin: utilize FILE_DISPOSITION_POSIX_SEMANTICS
- short-circuit most code in unlink_nt since it's not necessary
  anymore if FILE_DISPOSITION_POSIX_SEMANTICS is supported.

- Immediately remove O_TMPFILE from filesystem after creation.
  Disable code for now because we have to implement /proc/self/fd
  opening by handle first, lest linkat fails.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-12-23 21:36:42 +01:00
Corinna Vinschen 65267a9a34 Cygwin: move transaction helpers into ntdll.h
We'll need them elsewhere in future.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de
2018-03-01 16:51:12 +01:00
Corinna Vinschen 7ae89fe708 Cygwin: path_conv: rename is_rep_symlink to is_known_reparse_point
...in preparation of reusing this flag for other types of
reparse points, not only symlinks.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-03-01 16:41:45 +01:00
Corinna Vinschen 76f06705be cygwin: convert most #ifndef __x86_64__ to #ifdef __i386__
Address the real offender

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-27 14:36:06 +01:00
Corinna Vinschen 0aa99373c1 Cygwin: fcntl.h: Define O_TMPFILE and implement it
Difference to Linux: We can't create files which don't show up
in the filesystem due to OS restrictions.  As a kludge, make a
(half-hearted) attempt to hide the file in the filesystem.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-14 21:45:25 +01:00
Corinna Vinschen f94fe74aad Cygwin: open: cleanup code in preparation of O_TMPFILE
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-14 16:30:44 +01:00
Corinna Vinschen ad15b8ccee cygwin: ftruncate64: add missing braces
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-02 19:13:09 +01:00
Erik M. Bray 94854321bb posix_fallocate() *returns* error codes but does not set errno
Also updates the fhandler_*::ftruncate implementations to adhere to the same
semantics.  The error handling semantics of those syscalls that use
fhandler_*::ftruncate are moved to the implementations of those syscalls (
in particular ftruncate() and friends still set errno and return -1 on error
but that logic is handled in the syscall implementation).
2017-11-02 18:01:01 +01:00
Erik M. Bray 8c8cdd9ad7 posix_fadvise() *returns* error codes but does not set errno
Also updates the fhandler_*::fadvise implementations to adhere to the same
semantics.
2017-11-02 17:58:18 +01:00
Corinna Vinschen 88cfcda06b cygwin: unlink: workaround NFS non-ability to move file in certain cases
Under some not quite clear conditions, NFS fails to use its
unlink workaround to rename a file to ".nfsXYZ".  The problem has been
reproduced with the GAWK testext.awk testcase.  To workaround this in
Cygwin, we now call try_to_bin on NFS, too.  For some reason NFS doesn't
fail to rename the .cygXYZ file to .nfsXYZ after this Cygwin rename.
Fix comment in unlink_nt accordingly.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-10-18 16:27:17 +02:00
Corinna Vinschen 5b7921523d cygwin: unlink: don't try "final trick" in try_to_bin on NFS
Doesn't work.  Just another STATUS_SHARING_VIOLATION.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-10-18 16:22:14 +02:00
Corinna Vinschen e6c79e7a2a cygwin: unlink: fix "final trick" overwrite method on remote drives
The "final trick" code in try_to_bin accidentally never worked on
remote drives because it relies on rootdir.  Which isn't set for
remote unlinks.  The code now creates a full path for remote files.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-10-18 16:21:12 +02:00
Corinna Vinschen 3dda58f157 cygwin: unlink: improve debug messages in try_to_bin
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-10-18 16:18:12 +02:00
Corinna Vinschen 9ac4c0325f cygwin: unlink: simplify rootdir handling
In try_to_bin, rootdir is NULL for remote drives anyway.  No extra
check required.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-10-18 16:15:08 +02:00
Corinna Vinschen 5224eb7517 cygwin: unlink: drop redundant check for netapp FS
The try_to_bin function isn't called for netapp FSes anyway, so testing
for this FS type in the function is moot.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-10-18 16:13:48 +02:00
Corinna Vinschen 7127e8ef3b cygwin: unlink: Fix typos in comments
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-10-18 16:12:42 +02:00
Ken Brown f665b1cef3 cygwin: Implement renameat2
Define the RENAME_NOREPLACE flag in <cygwin/fs.h> as defined on Linux
in <linux/fs.h>.  The other RENAME_* flags defined on Linux are not
supported.
2017-08-19 18:06:49 +02:00
Sebastian Huber 461152e4eb Add ffsl(), ffsll(), fls(), flsl(), flsll()
Use compiler builtin for ffs().  Remove duplicate implementation from
Cygwin.

Signed-off-by: Sebastian Huber <sebastian.huber@embedded-brains.de>
2017-07-05 13:49:48 +02:00
Corinna Vinschen 1a942680bf cygwin: scandirat: fix path given to scandir
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-07-04 15:11:06 +02:00
Corinna Vinschen fa4fcf7373 cygwin: Do not generate surrogate chars on netapp
Just like Samba, Netapp FSes seem to dislike invalid surrogate usage in
filenames.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-03-24 20:52:25 +01:00
Corinna Vinschen 6ed4753e77 rename: Refactor "new file already exists and rename fails" case
If newfile already exists and is in use, trying to overwrite it with
NtSetInformationFile(FileRenameInformation) fails exactly as if we
don't have the permissions to delete it.  Unfortunately the return code
is the same STATUS_ACCESS_DENIED, so we have no way to distinguish
these cases.  What we do here so far is to start a transaction to delete
newfile.  If this open fails with a transactional error we stop the
transaction and retry opening the file without transaction.

But, here's the problem: If newfile is in use, NtOpenFile(oldfile)
naturally does NOT fail with a transactional error.  Rather, the
subsequent call to unlink_nt(newfile) does, because there's another
handle open to newfile outside a transaction.  However, the code does
not check if unlink_nt fails with a transactional error and so fails
to retry without transaction.

This patch recifies the problem and checks unlink_nt's status as well.

Refactor code to get rid of goto into another code block.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-01-12 22:42:11 +01:00
Corinna Vinschen e3ccb68610 Don't check directories always case-insensitive in rename(2)
Long-standing problem in one of the corner cases of rename(2):
If we rename a directory a check is performed to see if newpath is
identical to oldpath or a subdir of oldpath. This check is
(accidentally? no hints anywhere in ChangeLogs or code) performed
case-insensitive for as long as we use Unicode paths and NT functions.
This leads to the problems described in
https://cygwin.com/ml/cygwin/2016-09/msg00264.html

Change this to be conditional case-sensitive as all other checks but
let's take this with a grain of salt.  There may be corner-cases in
this corner-case which require to chek parts of the path always
case-insensitive.  Off the top of my head I can't construct such a
case but that's no proof they don't exist :}

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-10-19 13:26:03 +02:00
Corinna Vinschen 7c84bfdb5f syscalls.cc: Merge desktop_ini_ext into desktop_ini 2016-06-24 23:34:33 +02:00
Corinna Vinschen 00e9bf2bb3 Fix various OS-related comments
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-24 23:32:39 +02:00
Corinna Vinschen 9aab8eb5b6 Drop has_transactions flag 2016-06-24 13:12:20 +02:00
Corinna Vinschen 2fb0813caa Drop has_recycle_dot_bin 2016-06-23 22:01:14 +02:00
Corinna Vinschen b2867a68b9 Handle up to 63 partitions per drive
Revamp device parsing code.  Introducing support for more partitions
into the shilka-generated parser has the unfortunate side-effect of
raising the size of the DLL by almost 2 Megs.  Therefore we split out
the handling for /dev/sdXY devices into a tiny bit of hand-written
code.

While at it, remove some unused cruft from devices.* and generally
clean up the device class to provide access methods instead of direct
access to members.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-23 16:56:41 +02:00
Corinna Vinschen 6e623e9320 Switching the Cygwin DLL to LGPLv3+, dropping commercial buyout option
Bump GPLv2+ to GPLv3+ for some files, clarify BSD 2-clause.

Everything else stays under GPLv3+.

New Linking Exception exempts resulting executables from LGPLv3 section 4.

Add CONTRIBUTORS file to keep track of licensing.

Remove 'Copyright Red Hat Inc' comments.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-23 10:09:17 +02:00
Corinna Vinschen 8e732f7f7f Remove MALLOC_CHECK and calls to it entirely
MALLOC_CHECK got useless with commit b259af5.  Remove it throughout.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-04-01 14:04:09 +02:00
Peter Foley b259af51b8 Remove remnants of never-defined MALLOC_DEBUG and NEWVFORK
MALLOC_DEBUG and NEWVFORK haven't been defined since 2008 (4616253751).
Remove all references to tem.

winsup/cygwin/ChangeLog:
acconfig.h: delete
dcrt0.cc (dll_crt0_1): remove NEWVFORK code.
dcrt0.cc (do_exit): ditto.
debug.h: ditto.
dtable.h: ditto.
winsup.h: ditto.
globals.cc: ditto.
malloc_wrapper.cc: ditto.
malloc_wrapper.cc (malloc_init): ditto.
spawn.cc (spawnve): ditto.
syscalls.cc (setsid): ditto.

Signed-off-by: Peter Foley <pefoley2@pefoley.com>
2016-04-01 13:53:25 +02:00
Peter Foley 2f310e44c4 Remove misleading indentation
* syscalls.cc (getpriority): Fix misleading indentation.

Signed-off-by: Peter Foley <pefoley2@pefoley.com>
2016-03-20 11:58:57 +01:00
Corinna Vinschen 80a800978b Convert utmp{x}name to int, return useful value. Define _PATH_UTMPX
* syscalls.cc (utmpname): Convert to int.  Return 0 if strdup
	worked, -1 otherwise.
	* include/utmpx.h (_PATH_UTMPX): Define as _PATH_UTMP.
	(utmpxname): Declare as int function.
	* include/sys/utmp.h (utmpname): Ditto.
	* include/cygwin/version.h: Bump API minor version.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-01-07 15:40:40 +01:00
Corinna Vinschen d0f5f4c422 Rename FileId to IndexNumber in NT structures to align with upstream
* ntdll.h (FILE_ID_BOTH_DIR_INFORMATION): Rename FileId to IndexNumber
        to align with Microsoft naming scheme.
        (FILE_INTERNAL_INFORMATION): Ditto.
        * fhandler_disk_file.cc: Rename FileId to IndexNumber throughout.
        * syscalls.cc: Ditto.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-12-08 14:33:07 +01:00
Corinna Vinschen bc444e5aa4 Reapply POSIX ACL changes.
- New, unified implementation of POSIX permission and ACL handling.  The
    new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
    they allow to inherit the S_ISGID bit.  ACL inheritance now really
    works as desired, in a limited, but theoretically equivalent fashion
    even for non-Cygwin processes.

    To accommodate Windows default ACLs, the new code ignores SYSTEM and
    Administrators group permissions when computing the MASK/CLASS_OBJ
    permission mask on old ACLs, and it doesn't deny access to SYSTEM and
    Administrators group based on the value of MASK/CLASS_OBJ when
    creating the new ACLs.

    The new code now handles the S_ISGID bit on directories as on Linux:
    Setting S_ISGID on a directory causes new files and subdirs created
    within to inherit its group, rather than the primary group of the user
    who created the file.  This only works for files and directories
    created by Cygwin processes.

2015-05-29  Corinna Vinschen  <corinna@vinschen.de>

	Reapply POSIX ACL changes.

	* utils.xml (setfacl): Show new option output.
	(getfacl): Show new option output.

	* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
	Apply umask, if so.  Align comments.
	* security.cc (set_created_file_access): Fix permission masking by
	incoming requested file mode.

	* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
	for SYSTEM and Admins group.

	* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
	GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.

	* fhandler.h (fhandler_pty_slave::facl): Add prototype.
	* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
	(fhandler_pty_slave::fchown): Fix uid/gid handling.
	* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
	Simplify and move around code in a few places.  To improve ACL
	readability, add r/w permissions to Admins ACE appended to pty ACL.
	Add comment to explain Windows ACE Mask filtering being in the way of
	creating a real CLASS_OBJ.
	(get_posix_access): Fake CLASS_OBJ for ptys.  Explain why.
	* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
	when calling get_posix_access.

	* sec_acl.cc (set_posix_access): Move merging group perms into owner
	perms in case of owner == group after mask has been computed.  Take
	mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.

	* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
	the ACCESS_ALLOWED_ACE.

	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
	set GROUP_OBJ and CLASS_OBJ perms to new group perms.  Add comment
	to explain why.
	* security.cc (set_created_file_access): Ditto.

	* sec_acl.cc (set_posix_access): Replace previous patch.  Return
	EINVAL if uid and/or guid is invalid and not backed by an actual
	Windows account.

	* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.

	* sec_acl.cc (set_posix_access): Handle files with owner == group.
	Rephrase switch statement checking against unfiltered a_type value.
	(get_posix_access): Handle files with owner == group.

	* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
	CLASS_OBJ mask on old-style ACLs.  Fix a comment.

	* sec_acl.cc (set_posix_access): Always make sure Admins have
	WRITE_DAC and WRITE_OWNER permissions.
	* security.h (create_object_sd_from_attribute): Drop handle parameter
	from prototype.
	* security.cc (create_object_sd_from_attribute): Drop handle parameter.
	Just create the standard POSIXy security descriptor.
	(set_object_attribute): Accommodate dropped paramter in call to
	create_object_sd_from_attribute.
	* fhandler_tty.cc: Ditto, throughout.

	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
	mask computation.

	* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
	not umasked.
	(fhandler_base::open): Explicitely umask mode on NFS here.  Call new
	set_created_file_access rather than set_file_attribute.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
	setting permissions on filesystems supporting ACLs using the new
	set_posix_access call.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::mkdir): Call new set_created_file_access rather
	than set_file_attribute.
	* fhandler_socket.cc (fhandler_socket::bind): Don't umask here.  Add
	WRITE_OWNER access to allow writing group in case of SGID bit set.
	Call new set_created_file_access rather than set_file_attribute.
	* path.cc (symlink_worker): Call new set_created_file_access rather
	than set_file_attribute.
	* sec_acl.cc (searchace): Un-staticize.
	(set_posix_access): New, complementary functionality to
	get_posix_access.
	(setacl): Implement in terms of get_posix_access/set_posix_access.
	(get_posix_access): Add handling for just created files requiring
	their first Cygwin ACL.  Fix new_style recognition.  Handle SGID
	bit.  For old-style ACLs, ignore SYSTEM and Administrators when
	computing the {DEF_}CLASS_OBJ perms.
	* security.cc (get_file_sd): Revamp comment.  Change and (hopefully)
	speed up inheritance processing for just created files.
	(alloc_sd): Remove.
	(set_security_attribute): Call set_posix_access instead of alloc_sd.
	(get_object_attribute): Fix return value.
	(create_object_sd_from_attribute): Call set_posix_access instead of
	alloc_sd.
	(set_file_attribute): Remove.
	(set_created_file_access): New function implemented in terms of
	get_posix_access/set_posix_access.
	* security.h (set_file_attribute): Remove prototype.
	(set_created_file_access): Add prototype.
	(searchace): Ditto.
	(set_posix_access): Ditto.
	* syscalls.cc (open): Call open_with_arch with mode not umasked.

	* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
	Describe how to generate deny ACEs in more detail.  Accommodate the
	fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
	a special Cygwin ACE.  Improve further comments.
	(CYG_ACE_NEW_STYLE): Define.
	(get_posix_access): Change from Cygwin ACE to NULL deny ACE.  Fix
	CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
	NULL deny ACE if the inheritance flags say so.
	* sec_helper.cc (well_known_cygwin_sid): Remove.
	* security.h (well_known_cygwin_sid): Drop declaration.

	* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
	(get_posix_access): Rename index variable from i to idx.  Define only
	once at top level.

	* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
	Accommodate throughout.
	(add_access_denied_ace): Ditto.
	* sec_acl.cc: Accommodate above change throughout.
	* security.h (add_access_allowed_ace): Adjust prototype to above change.
	(add_access_denied_ace): Ditto.

	* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
	owner and primary group of the file.  Handle the default primary
	group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
	set.  Add comments.  Minor code rearrangements.

	Preliminary read side implementation of new permission handling.
	* acl.h (MAX_ACL_ENTRIES): Raise to 2730.  Add comment to explain.
	* sec_acl.cc:  Add leading comment to explain new ACL style.
	Add definitions and macros to use for bits in new Cygwin ACL.
	(DENY_RWX): New mask value for all temporary deny bits.
	(getace): Add bool parameter to decide when leaving all bits intact,
	rather than filtering them per the already set bits.
	(get_posix_access): New function, taking over functionality to read
	POSIX ACL from SECURITY_DESCRIPTOR.
	(getacl): Just call get_posix_access.
	* sec_helper.cc (well_known_cygwin_sid): Define.
	* security.cc (get_attribute_from_acl): Remove.
	(get_info_from_sd): Remove.
	(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
	(get_file_attribute): Ditto.
	(get_object_attribute): Ditto.
	* security.h (well_known_cygwin_sid): Declare.
	(get_posix_access): Add prototype.

	* Throughout, use simpler ACE macros from Windows' accctrl.h.

	* getfacl.c (main): Special-case SYSTEM and Admins group.  Add comments.

	* setfacl.c: Align more to Linux tool.
	(delacl): New function to delete acl entries only.
	(modacl): Drop delete functionality.  Add handling of recomputing the
	mask and default mask values.
	(delallacl): Rename from delacl.
	(setfacl): Call delacl in Delete case.  Call delallacl in DeleteAll
	and DeleteDef case.
	(usage): Accommodate new options.  Rearrange and rephrase slightly.
	(longopts): Emit 'x' in --delete case.  Add --no-mask and --mask
	options.
	(opts): Add -x and -n options.
	(main): Handle -d and -x the same.  Handle -n and --mask options.
	Drop handling for -r option.

	* getfacl.c (usage): Align more closely to Linux version.  Add new
	options -c, -e, -E.  Change formatting to accommodate longer options.
	(longopts): Rename --noname to --numeric.  Keep --noname for backward
	compatibility.  Add --omit-header, --all-effective and --no-effective
	options.
	(opts): Add -c, -e and -E option.
	(main): Handle new -c, -e, and -E options.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-11-18 22:27:54 +01:00
Corinna Vinschen 5abb0ed13c Handle unlinking in-use files on virtual drives
* path.cc (path_conv::set_nt_native_path): New function.
        * path.h (path_conv::set_nt_native_path): Add prototype.
        * syscall.cc (try_to_bin): Handle moving files to the recycler
        accessed via a local virtual drive (subst).  Fix a problem renaming
        the file to the unique replacement name on Samba.  Align comment.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-04-23 22:04:59 +02:00
Corinna Vinschen 1d91d469ee
Drop unneeded passwd argument from security functions
* sec_auth.cc (get_server_groups): Drop unused passwd argument.  Adjust
	calls throughout.
	(get_initgroups_sidlist): Ditto.
	(get_setgroups_sidlist): Ditto.
	(create_token): Ditto.
	(lsaauth): Ditto.
	* security.h (create_token): Adjust prototype to above change.
	(lsaauth): Ditto.
	(get_server_groups): Ditto.
	* grp.cc (get_groups): Adjust call to get_server_groups.
	* syscalls.cc (seteuid32): Adjust calls to lsaauth and create_token.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-03-18 16:54:19 +01:00
Corinna Vinschen d2bd82aa92 * path.h (path_conv): Make path_flags private. Rename known_suffix to
suffix and make private.  Rename normalized_path to posix_path and
	make privtae.  Accommodate name changes throughout in path_conv
	methods.
	(path_conv::known_suffix): New method.  Use throughout instead of
	accessing suffix directly.
	(path_conv::get_win32): Constify.
	(path_conv::get_posix): New method to read posix_path.  Use throughout
	instead of accessing normalized_path directly.
	(path_conv::set_posix): Rename from set_normalized_path.  Accommodate
	name change throughout.
	* spawn.cc (find_exec): Return POSIX path, not Win32 path.
2015-02-15 08:59:55 +00:00
Corinna Vinschen d260e92859 * syscalls.cc (fhandler_base::stat_fixup): Generate unique inode number
for /dev/tty under all circumstances.  Add to comment.
2015-02-10 20:41:16 +00:00
Corinna Vinschen 41f77e25f1 * autoload.cc (CreateProfile): Import.
(LoadUserProfileW): Import.
	* registry.cc (get_registry_hive_path): Move to sec_auth.cc.
	(load_registry_hive): Remove.
	* registry.h (get_registry_hive_path): Drop declaration.
	(load_registry_hive): Ditto.
	* sec_auth.cc (get_user_profile_directory): Moved from registry.cc and
	renamed.  Take third parameter with buffer length.
	(load_user_profile): New function taking over for load_registry_hive.
	Use official functions to load profile.  If profile is missing, create
	it on Vista and later.
	* security.h (get_user_profile_directory): Declare.
	(load_user_profile): Declare.
	* syscalls.cc (seteuid32): Replace call to load_registry_hive with call
	to load_user_profile.
	* uinfo.cc (cygheap_user::env_userprofile): Replace call to
	get_registry_hive_path with call to get_user_profile_directory.
2014-12-02 10:49:47 +00:00
Corinna Vinschen d326f841c3 * common.din (ffsl): Export.
(ffsll): Export.
	* syscalls.cc (ffs): Implement using GCC intrinsic.
	(ffsl): Ditto.
	(ffsll): Ditto.
	* include/cygwin/version.h (CYGWIN_VERSION_API_MINOR): Bump.
2014-10-08 21:03:40 +00:00
Corinna Vinschen 2fb56bbfaa * syscall.cc (ffs): Fix crash of ffs (0x80000000) on 64 bit. 2014-10-08 16:34:31 +00:00
Corinna Vinschen dc847e6b9e * path.h (path_conv::init_reopen_attr): Change from void to returning
POBJECT_ATTRIBUTES.  Take OBJECT_ATTRIBUTES reference as argument, not
	pointer.
	* fhandler_disk_file.cc: Throughout accommodate above change.
	* syscalls.cc: Ditto.
	* ntea.cc (read_ea): Don't set hdl to NULL if it's already NULL.  Set
	attr with pc.init_reopen_attr before trying to reopen file.
	(write_ea): Ditto.
	* security.cc (get_file_sd): Use pc.init_reopen_attr rather than
	pc.get_object_attr when trying to reopen file.
	(set_file_sd): Ditto.
2014-08-26 20:47:46 +00:00
Corinna Vinschen 3f3bd10104 * Throughout, use __try/__except/__endtry blocks, rather than myfault
handler.
	* cygtls.cc (_cygtls::remove): Accommodate the fact that pathbufs
	has been moved from _local_storage to _cygtls.
	* cygtls.h (class tls_pathbuf): Add comment to hint to gendef usage
	of counters.  Change type of counters to uint32_t for clarity.
	Remove _cygtls as friend class.
	(struct _local_storage): Move pathbufs from here...
	(struct _cygtls): ...to here, allowing to access it from _sigbe.
	(class san): Only define on 32 bit.  Remove errno, _c_cnt and _w_cnt
	members.
	(san::setup): Drop parameter.  Don't initialize removed members.
	(san::leave): Don't set removed members.
	(class myfault): Only define on 32 bit.
	(myfault::faulted): Only keep implementation not taking any parameter.
	Drop argument in call to sebastian.setup.
	(__try/__leave/__except/__endtry): Implement to support real SEH.  For
	now stick to SJLJ on 32 bit.
	* dcrt0.cc (dll_crt0_0): Drop 64 bit call to
	exception::install_myfault_handler.
	* exception.h (exception_handler): Define with EXCEPTION_DISPOSITION
	as return type.
	(PDISPATCHER_CONTEXT): Define as void * on 32 bit.  Define as pointer
	to _DISPATCHER_CONTEXT on 64 bit.
	(class exception): Define separately for 32 and 64 bit.
	(exception::myfault): Add handler for myfault SEH handling on 64 bit.
	(exception::exception): Fix mangled method name to account for change
	in type of last parameter.
	(exception::install_myfault_handler): Remove.
	* exceptions.cc (exception::myfault_handle): Remove.
	(exception::myfault): New SEH handler for 64 bit.
	* gendef (_sigbe): Set tls_pathbuf counters to 0 explicitely when
	returning to the caller.
	* ntdll.h: Move a comment to a better place.
	(struct _SCOPE_TABLE): Define on 64 bit.
	* thread.cc (verifyable_object_isvalid): Remove gcc 4.7 workaround.
	* tls_pbuf.cc (tls_pbuf): Fix to accommodate new place of pathbufs.
	(tls_pathbuf::destroy): Change type of loop variables to uint32_t.
	* tls_pbuf.h (class tmp_pathbuf): Change type of buffer counters to
	uint32_t.  Accommodate new place of pathbufs.
	* tlsoffsets.h: Regenerate.
	* tlsoffsets64.h: Regenerate.
2014-08-22 09:21:33 +00:00
Corinna Vinschen 5b4e301b36 * cpuid.h: Add missing copyright header. Fix formatting. Use uint32_t
instead of unsigned throughout.  Change functions to static inline and
	always inline.
	(cpuid): Add parameter to set ecx, allowing to request extended CPUID
	info.
	* fhandler_proc.cc (format_proc_cpuinfo): Use uint32_t instead of
	unsigned throughout.  Add fake decimal places to MHz info.  Handle more
	feature flags.
	* fhandler_random.cc (fhandler_dev_random::write): Allow up to 4K
	input to add entropy.
	* syscalls.cc: Drop including cpuid.h.
2014-08-11 12:03:18 +00:00
Corinna Vinschen 8431e478d2 * spawn.cc (find_exec): Initialize err (CID 60111).
* strace.cc (strace::activate): Fix potential buffer overrun (CID 59938)
	* syscalls.cc (popen): Close parent pipe descriptor via fclosing fp on
	error to avoid resource leak (CID 59981).
	* thread.cc (pthread::exit): Avoid accessing cygtls member after
	deleting "this" (CID 60217).
2014-06-23 19:05:15 +00:00
Corinna Vinschen 8c14a5065d * syscalls.cc (getusershell): Fix buffer overrun (Coverity ID 59932). 2014-05-19 08:29:47 +00:00
Corinna Vinschen e1c519b41f * syscalls.cc (NT_TRANSACTIONAL_ERROR): Cover all status codes up to
STATUS_TRANSACTION_NOT_ENLISTED.
2014-04-25 14:43:13 +00:00
Corinna Vinschen 1ca20a1cd2 Introduce reading passwd/group entries from SAM/AD. Introduce
/etc/nsswitch.conf file to configure it.
	* Makefile.in (DLL_OFILES): Add ldap.o.
	* autoload.cc: Import ldap functions from wldap32.dll.
	(DsEnumerateDomainTrustsW): Import.
	(NetGroupGetInfo): Import.
	* cygheap.h (class cygheap_domain_info): New class to keep global
	domain info.
	(class cygheap_pwdgrp): New class to keep passwd/group caches and
	configuration info from /etc/nssswitch.conf.
	(struct init_cygheap): Add cygheap_domain_info member "dom" and
	cygheap_pwdgrp member "pg".
	* cygtls.h (struct _local_storage): Remove unused member "res".
	Rearrange slightly, Add members pwbuf and grbuf to implement non-caching
	passwd/group fetching from SAM/AD.  Make pw_pos and pw_pos unsigned.
	* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Add RFC 2307
	uid/gid mapping.
	* fhandler_process.cc: Drop including pwdgrp.h.
	* fhandler_procsysvipc.cc: Ditto.
	* fhandler_registry.cc (fhandler_registry::fstat): Set key uid/gid
	to ILLEGAL_UID/ILLEGAL_GID rather than UNKNOWN_UID/UNKNOWN_GID.
	* grp.cc (group_buf): Drop.
	(gr): Drop.
	(pwdgrp::parse_group): Fill pg_grp.
	(pwdgrp::read_group): Remove.
	(pwdgrp::init_grp): New method.
	(pwdgrp::prep_tls_grbuf): New method.
	(pwdgrp::find_group): New methods.
	(internal_getgrsid): Convert to call new pwdgrp methods.
	(internal_getgrnam): Ditto.
	(internal_getgrgid): Ditto.
	(getgrgid_r): Drop 2nd parameter from internal_getgrgid call.
	(getgrgid32): Ditto.
	(getgrnam_r): Ditto for internal_getgrnam.
	(getgrnam32): Ditto.
	(getgrent32): Convert to call new pwdgrp methods.
	(internal_getgrent): Remove.
	(internal_getgroups): Simplify, especially drop calls to
	internal_getgrent.
	* ldap.cc: New file implementing cyg_ldap class for LDAP access to AD
	and RFC 2307 server.
	* ldap.h: New header, declaring cyg_ldap class.
	* passwd.cc (passwd_buf): Drop.
	(pr): Drop.
	(pwdgrp::parse_passwd): Fill pg_pwd.
	(pwdgrp::read_passwd): Remove.
	(pwdgrp::init_pwd): New method.
	(pwdgrp::prep_tls_pwbuf): New method.
	(find_user): New methods.
	(internal_getpwsid): Convert to call new pwdgrp methods.
	(internal_getpwnam): Ditto.
	(internal_getpwuid): Ditto.
	(getpwuid32): Drop 2nd parameter from internal_getpwuid call.
	(getpwuid_r): Ditto.
	(getpwnam): Ditto for internal_getpwnam.
	(getpwnam_r): Ditto.
	(getpwent): Convert to call new pwdgrp methods.
	* path.cc (class etc): Remove all methods.
	* path.h (class etc): Drop.
	* pinfo.cc (pinfo_basic::pinfo_basic): Set gid to ILLEGAL_GID rather
	than UNKNOWN_GID.
	(pinfo_init): Ditto.
	* pwdgrp.h (internal_getpwnam): Drop 2nd parameter from declaration.
	(internal_getpwuid): Ditto.
	(internal_getgrgid): Ditto.
	(internal_getgrnam): Ditto.
	(internal_getgrent): Drop declaration.
	(enum fetch_user_arg_type_t): New type.
	(struct fetch_user_arg_t): New type.
	(struct pg_pwd): New type.
	(struct pg_grp): New type.
	(class pwdgrp): Rework to provide functions for file and db requests
	and caching.
	(class ugid_cache_t): New class to provide RFC 2307 uid map caching.
	(ugid_cache): Declare.
	* sec_acl.cc: Drop including pwdgrp.h.
	* sec_auth.cc: Drop including dsgetdc.h and pwdgrp.h.
	(get_logon_server): Convert third parameter to ULONG flags argument
	to allow arbitrary flags values in DsGetDcNameW call and change calls
	to this function throughout.  Use cached account domain name rather
	than calling GetComputerNameW.
	(get_unix_group_sidlist): Remove.
	(get_server_groups): Drop call to get_unix_group_sidlist.
	(verify_token): Rework token group check without calling
	internal_getgrent.
	* sec_helper.cc (cygpsid::pstring): New methods, like string() but
	return pointer to end of string.
	(cygsid::getfromstr): Add wide character implementation.
	(get_sids_info): Add RFC 2307 uid/gid mapping for Samba shares.
	* security.cc: Drop including pwdgrp.h.
	* security.h (DEFAULT_UID): Remove.
	(UNKNOWN_UID): Remove.
	(UNKNOWN_GID): Remove.
	(uinfo_init): Move here from winsup.h.
	(ILLEGAL_UID): Ditto.
	(ILLEGAL_GID): Ditto.
	(UNIX_POSIX_OFFSET): Define.  Add lengthy comment.
	(UNIX_POSIX_MASK): Ditto.
	(MAP_UNIX_TO_CYGWIN_ID): Ditto.
	(ILLEGAL_UID16): Move here from winsup.h.
	(ILLEGAL_GID16): Ditto.
	(uid16touid32): Ditto.
	(gid16togid32): Ditto.
	(sid_id_auth): New convenience macro for SID component access.
	(sid_sub_auth_count): Ditto.
	(sid_sub_auth): Ditto.
	(sid_sub_auth_rid): Ditto.
	(cygpsid::pstring): Declare.
	(cygsid::getfromstr): Declare wide character variant.
	(cygsid::operator=): Ditto.
	(cygsid::operator*=): Ditto.
	(get_logon_server): Change declaration according to source code.
	* setlsapwd.cc (setlsapwd): Drop 2nd parameter from internal_getpwnam
	call.
	* shared.cc (memory_init): Call cygheap->pg.init in first process.
	* syscalls.cc: Drop including pwdgrp.h.
	* tlsoffsets.h: Regenerate.
	* tlsoffsets64.h: Ditto.
	* uinfo.cc (internal_getlogin): Drop gratuitious internal_getpwuid
	call.  Fix debug output.  Overwrite user gid in border case of a
	missing passwd file while a group file exists.
	(pwdgrp::add_line): Allocate memory on cygheap.
	(pwdgrp::load): Remove.
	(ugid_cache): Define.
	(cygheap_pwdgrp::init): New method.
	(cygheap_pwdgrp::nss_init_line): New method.
	(cygheap_pwdgrp::_nss_init): New method.
	(cygheap_domain_info::init): New method.
	(logon_sid): Define.
	(get_logon_sid): New function.
	(pwdgrp::add_account_post_fetch): New method.
	(pwdgrp::add_account_from_file): New methods.
	(pwdgrp::add_account_from_windows): New methods.
	(pwdgrp::check_file): New method.
	(pwdgrp::fetch_account_from_line): New method.
	(pwdgrp::fetch_account_from_file): New method.
	(pwdgrp::fetch_account_from_windows): New method.
	* winsup.h: Move aforementioned macros and declarations to security.h.
2014-02-09 19:44:56 +00:00
Corinna Vinschen 3228065cea * include/netinet/ip6.h: New file, copied from FreeBSD vebatim. 2014-01-18 11:37:55 +00:00
Corinna Vinschen 3507271d6b * syscalls.cc (popen): Introduce Glibc 'e' flag to allow thread-safe
opening of the pipe with O_CLOEXEC flag.  Simplify FD_CLOEXEC handling.
2014-01-17 11:07:37 +00:00
Corinna Vinschen f51db32d8c * syscalls.cc (NT_TRANSACTIONAL_ERROR): Define.
(stop_transaction): Take "trans" HANDLE by reference and set it to
	NULL after closing it.
	(unlink_nt): If NtOpenFile fails due to a transactional error, stop
	transaction and retry NtOpenFile.  Simplify check for having to call
	stop_transaction.
	(rename): If NtOpenFile fails due to a transactional error, stop
	transaction and retry NtOpenFile in both affected cases.  Simplify check
	for having to call stop_transaction and add comment from unlink_nt.
2013-12-11 12:12:12 +00:00
Christopher Faylor 870f29b5c3 * syscalls.cc (dup): Use cygheap_fdnew properly. 2013-12-06 15:38:21 +00:00