Commit Graph

482 Commits

Author SHA1 Message Date
Corinna Vinschen c875ed3744 Cygwin: don't copy path_conv in fhandler_base::reset
There's a slim chance that duplicating fhandlers may end up duplicating
path_conv_handle handles twice ending up with a handle leak, due to
fhandler_base::reset calling path_conv::operator<< after the only
caller, fhandler::copyto, already called path_conv::operator=.

Just drop the call which basically duplicates what path_conv::operator=
already did.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2021-02-10 10:42:38 +01:00
Ken Brown 4b4fffe0f2 Cygwin: AF_UNIX: use FILE_OPEN_REPARSE_POINT when needed
The following Windows system calls currently fail with
STATUS_IO_REPARSE_TAG_NOT_HANDLED when called on an AF_UNIX socket:

- NtOpenFile in get_file_sd

- NtOpenFile in set_file_sd

- NtCreateFile in fhandler_base::open

Fix this by adding the FILE_OPEN_REPARSE_POINT flag to those calls
when the file is a known reparse point.
2020-10-04 12:53:04 -04:00
Corinna Vinschen 50ad198085 Cygwin: Add 'fallthrough' pseudo keyword for switch/case use
This patch has been inspired by the Linux kernel patch

  294f69e662d1 compiler_attributes.h: Add 'fallthrough' pseudo keyword for switch/case use

written by Joe Perches <joe AT perches DOT com> based on an idea from
Dan Carpenter <dan DOT carpenter AT oracle DOT com>.  The following text
is from the original log message:

Reserve the pseudo keyword 'fallthrough' for the ability to convert the
various case block /* fallthrough */ style comments to appear to be an
actual reserved word with the same gcc case block missing fallthrough
warning capability.

All switch/case blocks now should end in one of:

	break;
	fallthrough;
	goto <label>;
	return [expression];
	continue;

In C mode, GCC supports the __fallthrough__ attribute since 7.1,
the same time the warning and the comment parsing were introduced.

Cygwin-only: add an explicit -Wimplicit-fallthrough=5 to the build
flags.
2020-08-05 21:58:22 +02:00
Corinna Vinschen 5a7e130c31 Cygwin: file I/O: make sure to treat write return value as ssize_t
The return type of fhandler write methods is ssize_t.  Don't
use an int to store the return value, use ssize_t.  Use ptrdiff_t
for the buffer size.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2020-04-24 16:14:43 +02:00
Corinna Vinschen 464db253c4 Cygwin: move chmod_device declaration to winsup.h
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2020-01-28 15:33:05 +01:00
Takashi Yano 5ba41ad6e9 Cygwin: console: Share readahead buffer within the same process.
- The cause of the problem reported in
  https://www.cygwin.com/ml/cygwin/2020-01/msg00220.html is that the
  chars input before dup() cannot be read from the new file descriptor.
  This is because the readahead buffer (rabuf) in the console is newly
  created by dup(), and does not inherit from the parent. This patch
  fixes the issue.
2020-01-28 09:30:27 +01:00
Ken Brown d880e97ec9 Cygwin: device_access_denied: return false if O_PATH is set
If O_PATH is set in the flags argument of
fhandler_base::device_access_denied, return false.  No
read/write/execute access should be required in this case.

Previously, the call to device_access_denied in open(2) would lead to
an attempt to open the file with read access even if the O_PATH flag
was set.
2020-01-24 11:24:18 +01:00
Ken Brown 674b4fe995 Revert "Cygwin: check for STATUS_PENDING in fhandler_base::raw_read"
This reverts commit 10bf30bebf.  It was
made because an incorrect implementation of duplex FIFOs.
2019-05-09 14:41:28 -04:00
Ken Brown 10bf30bebf Cygwin: check for STATUS_PENDING in fhandler_base::raw_read
If NtReadFile returns STATUS_PENDING, wait for the read to complete.
This can happen, for instance, in the case of a FIFO opened with
O_RDRW.
2019-04-16 12:54:43 +02:00
Takashi Yano a9c661a94d Cygwin: [gs]et_io_handle(): renamed to [gs]et_handle().
- Unify get_io_handle() and get_handle() to get_handle().
  Both of them returned same value; io_handle.
- Rename set_io_handle() to set_handle().
2019-03-30 20:08:36 +01:00
Corinna Vinschen 1f6340aa8b Cygwin: proc fd: pass along open mode when reopening file
The reopen code neglected to pass along the requested open
mode correctly.  This may end up reopening the file with
incorrect access mask, or duplicating the wrong pipe handle.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-02-05 15:20:13 +01:00
Corinna Vinschen e148aa62a7 Cygwin: procfd: improve debug output
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-28 10:24:39 +01:00
Corinna Vinschen b6f53617a7 Cygwin: signalfd: set st_mode in fhandler_signalfd::fstat
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-15 21:49:52 +01:00
Corinna Vinschen 9d13a2995c Cygwin: signal: implement signalfd
First cut of a signalfd implementation.

Still TODO: Non-polling select.

This should mostly work as on Linux except for missing support
for some members of struct signalfd_siginfo, namely ssi_fd,
ssi_band (both SIGIO/SIGPOLL, not fully implemented) and ssi_trapno
(HW exception, required HW support).

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-13 23:13:33 +01:00
Corinna Vinschen ec36c59f1a Cygwin: open: workaround reopen file w/ delete disposition set
On pre-W10 systems there's no way to reopen a file by handle if
the delete disposition is set.  We try to get around with
duplicating the handle.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-08 21:47:28 +01:00
Corinna Vinschen 0c545f3264 Cygwin: open: handle O_CLOEXEC when opening file from handle
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-08 21:47:28 +01:00
Corinna Vinschen b93022a82d Cygwin: open: support Linux-specific O_PATH flag
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-07 19:35:00 +01:00
Corinna Vinschen c90f4c0e27 Cygwin: Mark all O_TMPFILEs as deleted
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-06 20:30:14 +01:00
Corinna Vinschen 732613f30a Cygwin: implement /proc/PID/fd/DESCRIPTOR reopening by handle
Allows expressions along the lines of `cat /proc/self/fd/0 <<EOF'.
The problem here is that the temporary file used for the here script
has already been deleted by the shell.  Opening by filename, as
implemented so far, doesn't work because the file has been moved
to the bin.

Allow reopening files by handle the same way from another process
as long as we have sufficient permissions on the foreign process.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-06 20:30:14 +01:00
Corinna Vinschen c208ecd540 Cygwin: fhandler_base::open: allow to reopen file from handle
So far io_handle is NULL when calling fhandler_base::open to
open or create a file.  Add a check for io_handle to allow
priming the fhandler with a HANDLE value so we can reopen a
file from a HANDLE on file systems supporting it.  This allows
to open already deleted files for further action.  This will
be used by open("/proc/PID/fd/DESCRIPTOR") scenarios.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2019-01-06 20:30:14 +01:00
Corinna Vinschen 7148fbc496 Cygwin: Change /proc/$PID/fd/<fd> symlink target for deleted files
- As on Linux, print the file name with an attached " (deleted)"

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-12-26 22:16:24 +01:00
Yaakov Selkowitz 7e09931ad9 Cygwin: fpathconf: update _PC_ASYNC_IO return value
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
2018-07-25 15:00:43 -05:00
Mark Geisert 87253cbe38 POSIX Asynchronous I/O support: fhandler files
This code is where the AIO implementation is wired into existing Cygwin
mechanisms for file and device I/O: the fhandler* functions.  It makes
use of an existing internal routine prw_open to supply a "shadow fd"
that permits asynchronous operations on a file the user app accesses
via its own fd.  This allows AIO to read or write at arbitrary locations
within a file without disturbing the app's file pointer.  (This was
already the case with normal pread|pwrite; we're just adding "async"
to the mix.)
2018-07-25 09:36:24 +02:00
Corinna Vinschen 7ae89fe708 Cygwin: path_conv: rename is_rep_symlink to is_known_reparse_point
...in preparation of reusing this flag for other types of
reparse points, not only symlinks.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-03-01 16:41:45 +01:00
Corinna Vinschen b79018ee3a Cygwin: encapsulate Winsock based fhandler_socket classes
Insert another class fhandler_socket_wsock between fhandler_socket
and fhandler_socket_inet/fhandler_socket_local.

Also, add a new method fhandler::is_wsock_socket to allow asking
for sockets in general (is_socket) vs. Winsock-based sockets
(is_wsock_socket).

This allows to develop a new handler_socket_unix class as derived
class from fhandler_socket without any trace of wsock code left
in fhandler_socket.

While this is basically a temporary measure at this time, it may
prove useful for later interoperability with the upcoming Windows 10
AF_UNIX implementation at one point.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-02-23 15:24:18 +01:00
Corinna Vinschen 7ae73be141 Cygwin: improve O_TMPFILE handling
Windows does not remove FILE_ATTRIBUTE_TEMPORARY by itself after a
file has been closed.  It's just some attribute which can be set or
removed at will, despite its purpose.

Apparently there are tools out there which use FILE_ATTRIBUTE_TEMPORARY
accidentally or wrongly, even Microsoft's own tools are affected.  In
the end, the filesystem is potentially full of files with this attribute
set.

Implement O_TMPFILE files with FILE_ATTRIBUTE_TEMPORARY and
FILE_ATTRIBUTE_HIDDEN set.  This combination is pretty unlikely.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2018-02-14 12:55:24 +01:00
Corinna Vinschen 0d57ef9de5 Cygwin: open: Remove unused code to handle HIDDEN and SYSTEM files
Commit 603ef545bd broke this snippet and
commit 5b312b4747 didn't help at all since
FILE_CREATE is exactly *not* the situation the test was originally
supposed to handle.

In fact, none of the open flags used by fhandler_base::open actually
hits this problem anymore, so just drop the code.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-14 21:50:32 +01:00
Corinna Vinschen 0aa99373c1 Cygwin: fcntl.h: Define O_TMPFILE and implement it
Difference to Linux: We can't create files which don't show up
in the filesystem due to OS restrictions.  As a kludge, make a
(half-hearted) attempt to hide the file in the filesystem.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-11-14 21:45:25 +01:00
Erik M. Bray 94854321bb posix_fallocate() *returns* error codes but does not set errno
Also updates the fhandler_*::ftruncate implementations to adhere to the same
semantics.  The error handling semantics of those syscalls that use
fhandler_*::ftruncate are moved to the implementations of those syscalls (
in particular ftruncate() and friends still set errno and return -1 on error
but that logic is handled in the syscall implementation).
2017-11-02 18:01:01 +01:00
Corinna Vinschen dd757cc43a Implement fhandler_dev_null::write to workaround a problem with NUL
Windows NUL device returns only the lower 32 bit of the number of
bytes written.  Implement a fake write function to ignore the underlying
NUL device.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-03-12 12:17:43 +01:00
Corinna Vinschen a3f297d3c2 Return value from write is ssize_t, not int
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-03-12 12:16:23 +01:00
Corinna Vinschen 095cac4b8d Cygwin: Add IUTF8 termios iflag
The termios code doesn't handle erasing of multibyte characters
in canonical mode, it always erases a single byte.  When entering
a multibyte character and then pressing VERASE, the input ends up
with an invalid character.

Following Linux we introduce the IUTF8 input flag now, set by
default.  When this flag is set, VERASE or VWERASE will check
if the just erased input byte is a UTF-8 continuation byte.  If
so, it erases another byte and checks again until the entire
UTF-8 character has been removed from the input buffer.

Note that this (just as on Linux) does NOT work with arbitrary
multibyte codesets.  This only works with UTF-8.

For a discussion what happens, see
https://cygwin.com/ml/cygwin/2017-01/msg00299.html

Sidenote: The eat_readahead function is now member of fhandler_termios,
not fhandler_base.  That's necessary to get access to the terminal's
termios flags.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-01-31 15:36:24 +01:00
Corinna Vinschen 688d943a52 Always try to write complete incoming buffer on pipes and fifos
This patch fixes the following problem:

Commit 9636c426 refactored the pipe code especially to make sure
to call WriteFile only with chunks matching the maximum atomic write
count.  This accidentally introduced a small change in behaviour
on blocking pipes due to the success case falling through into the
error case.  Rather then writing atomic chunks until all bytes are
written, the code immediately broke from the loop after writing
the first chunk, basically the same as in case of non-blocking
writes.  This behaviour is not compliant to POSIX which requires

 "Write requests to a pipe or FIFO [...]

  * If the O_NONBLOCK flag is clear, a write request may cause the
    thread to block, but on normal completion it shall return nbyte."

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2017-01-14 16:29:06 +01:00
Ken Brown dda82d1a7b Add _PC_CASE_INSENSITIVE to [f]pathconf
Update the getconf utility to support the new flag as well as
_PC_POSIX_PERMISSIONS and _PC_POSIX_SECURITY.  These were previously
unsupported, probably as an oversight.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-10-21 13:39:02 +02:00
Corinna Vinschen b2867a68b9 Handle up to 63 partitions per drive
Revamp device parsing code.  Introducing support for more partitions
into the shilka-generated parser has the unfortunate side-effect of
raising the size of the DLL by almost 2 Megs.  Therefore we split out
the handling for /dev/sdXY devices into a tiny bit of hand-written
code.

While at it, remove some unused cruft from devices.* and generally
clean up the device class to provide access methods instead of direct
access to members.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-23 16:56:41 +02:00
Corinna Vinschen 6e623e9320 Switching the Cygwin DLL to LGPLv3+, dropping commercial buyout option
Bump GPLv2+ to GPLv3+ for some files, clarify BSD 2-clause.

Everything else stays under GPLv3+.

New Linking Exception exempts resulting executables from LGPLv3 section 4.

Add CONTRIBUTORS file to keep track of licensing.

Remove 'Copyright Red Hat Inc' comments.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-06-23 10:09:17 +02:00
Corinna Vinschen bf0f4baf95 Revert "Debug printfs."
This reverts commit 9f82de59a0.

Revert accidental push
2016-03-20 21:59:43 +01:00
John Hood 9f82de59a0 Debug printfs.
* fhandler.cc (fhandler_base::get_readahead): Add debug code.
	* fhandler_console.cc (fhandler_console::read): Add debug code.
	* select.cc (pselect): Add debug code.
	(peek_console): Add debug code.
2016-03-20 15:26:31 +01:00
Corinna Vinschen 9ddf063921 Implement POSIX.1e ACL functions
* Makefile.in (DLL_OFILES): Add sec_posixacl.o.
	(SUBLIBS): Add libacl.a
	(libacl.a): New rule to create libacl.a.
	* common.din: Export POSIX ACL functions as well as most libacl.a
	extensions.
	* fhandler.h (fhander_base::acl_get): New prototype.
	(fhander_base::acl_set): Ditto.
	(fhandler_disk_file::acl_get): Ditto.
	(fhandler_disk_file::acl_set): Ditto.
	* include/acl/libacl.h: New file.
	* include/cygwin/version.h: Bump API minor version.
	* include/sys/acl.h: Drop including cygwin/acl.h.  Accommodate
	throughout Cygwin.  Add POSIX ACL definitions.
	* sec_acl.cc: Include sec_posixacl.h.  Replace ILLEGAL_UID and
	ILLEGAL_GID with ACL_UNDEFINED_ID where sensible.
	(__aclcheck): New internal acl check function to be used for
	Solaris and POSIX ACLs.
	(aclcheck32): Call __aclcheck.
	(__aclcalcmask): New function to compute ACL_MASK value.
	(__aclsort): New internal acl sort function to be used for Solaris
	and POSIX ACLs.
	(aclsort32): Call __aclsort.
	(permtostr): Work directly on provided buffer.
	(__acltotext): New internal acltotext function to be used for
	Solaris and POSIX ACLs.
	(acltotext32): Call __acltotext.
	(__aclfromtext): New internal aclfromtext function to be used for
	Solaris and POSIX ACLs.
	(aclfromtext32): Call __aclfromtext.
	* sec_posixacl.cc: New file implemeting POSIX ACL functions.
	* sec_posixacl.h: New internal header.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2016-03-08 13:56:40 +01:00
Corinna Vinschen bc444e5aa4 Reapply POSIX ACL changes.
- New, unified implementation of POSIX permission and ACL handling.  The
    new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
    they allow to inherit the S_ISGID bit.  ACL inheritance now really
    works as desired, in a limited, but theoretically equivalent fashion
    even for non-Cygwin processes.

    To accommodate Windows default ACLs, the new code ignores SYSTEM and
    Administrators group permissions when computing the MASK/CLASS_OBJ
    permission mask on old ACLs, and it doesn't deny access to SYSTEM and
    Administrators group based on the value of MASK/CLASS_OBJ when
    creating the new ACLs.

    The new code now handles the S_ISGID bit on directories as on Linux:
    Setting S_ISGID on a directory causes new files and subdirs created
    within to inherit its group, rather than the primary group of the user
    who created the file.  This only works for files and directories
    created by Cygwin processes.

2015-05-29  Corinna Vinschen  <corinna@vinschen.de>

	Reapply POSIX ACL changes.

	* utils.xml (setfacl): Show new option output.
	(getfacl): Show new option output.

	* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
	Apply umask, if so.  Align comments.
	* security.cc (set_created_file_access): Fix permission masking by
	incoming requested file mode.

	* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
	for SYSTEM and Admins group.

	* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
	GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.

	* fhandler.h (fhandler_pty_slave::facl): Add prototype.
	* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
	(fhandler_pty_slave::fchown): Fix uid/gid handling.
	* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
	Simplify and move around code in a few places.  To improve ACL
	readability, add r/w permissions to Admins ACE appended to pty ACL.
	Add comment to explain Windows ACE Mask filtering being in the way of
	creating a real CLASS_OBJ.
	(get_posix_access): Fake CLASS_OBJ for ptys.  Explain why.
	* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
	when calling get_posix_access.

	* sec_acl.cc (set_posix_access): Move merging group perms into owner
	perms in case of owner == group after mask has been computed.  Take
	mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.

	* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
	the ACCESS_ALLOWED_ACE.

	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
	set GROUP_OBJ and CLASS_OBJ perms to new group perms.  Add comment
	to explain why.
	* security.cc (set_created_file_access): Ditto.

	* sec_acl.cc (set_posix_access): Replace previous patch.  Return
	EINVAL if uid and/or guid is invalid and not backed by an actual
	Windows account.

	* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.

	* sec_acl.cc (set_posix_access): Handle files with owner == group.
	Rephrase switch statement checking against unfiltered a_type value.
	(get_posix_access): Handle files with owner == group.

	* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
	CLASS_OBJ mask on old-style ACLs.  Fix a comment.

	* sec_acl.cc (set_posix_access): Always make sure Admins have
	WRITE_DAC and WRITE_OWNER permissions.
	* security.h (create_object_sd_from_attribute): Drop handle parameter
	from prototype.
	* security.cc (create_object_sd_from_attribute): Drop handle parameter.
	Just create the standard POSIXy security descriptor.
	(set_object_attribute): Accommodate dropped paramter in call to
	create_object_sd_from_attribute.
	* fhandler_tty.cc: Ditto, throughout.

	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
	mask computation.

	* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
	not umasked.
	(fhandler_base::open): Explicitely umask mode on NFS here.  Call new
	set_created_file_access rather than set_file_attribute.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
	setting permissions on filesystems supporting ACLs using the new
	set_posix_access call.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::mkdir): Call new set_created_file_access rather
	than set_file_attribute.
	* fhandler_socket.cc (fhandler_socket::bind): Don't umask here.  Add
	WRITE_OWNER access to allow writing group in case of SGID bit set.
	Call new set_created_file_access rather than set_file_attribute.
	* path.cc (symlink_worker): Call new set_created_file_access rather
	than set_file_attribute.
	* sec_acl.cc (searchace): Un-staticize.
	(set_posix_access): New, complementary functionality to
	get_posix_access.
	(setacl): Implement in terms of get_posix_access/set_posix_access.
	(get_posix_access): Add handling for just created files requiring
	their first Cygwin ACL.  Fix new_style recognition.  Handle SGID
	bit.  For old-style ACLs, ignore SYSTEM and Administrators when
	computing the {DEF_}CLASS_OBJ perms.
	* security.cc (get_file_sd): Revamp comment.  Change and (hopefully)
	speed up inheritance processing for just created files.
	(alloc_sd): Remove.
	(set_security_attribute): Call set_posix_access instead of alloc_sd.
	(get_object_attribute): Fix return value.
	(create_object_sd_from_attribute): Call set_posix_access instead of
	alloc_sd.
	(set_file_attribute): Remove.
	(set_created_file_access): New function implemented in terms of
	get_posix_access/set_posix_access.
	* security.h (set_file_attribute): Remove prototype.
	(set_created_file_access): Add prototype.
	(searchace): Ditto.
	(set_posix_access): Ditto.
	* syscalls.cc (open): Call open_with_arch with mode not umasked.

	* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
	Describe how to generate deny ACEs in more detail.  Accommodate the
	fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
	a special Cygwin ACE.  Improve further comments.
	(CYG_ACE_NEW_STYLE): Define.
	(get_posix_access): Change from Cygwin ACE to NULL deny ACE.  Fix
	CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
	NULL deny ACE if the inheritance flags say so.
	* sec_helper.cc (well_known_cygwin_sid): Remove.
	* security.h (well_known_cygwin_sid): Drop declaration.

	* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
	(get_posix_access): Rename index variable from i to idx.  Define only
	once at top level.

	* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
	Accommodate throughout.
	(add_access_denied_ace): Ditto.
	* sec_acl.cc: Accommodate above change throughout.
	* security.h (add_access_allowed_ace): Adjust prototype to above change.
	(add_access_denied_ace): Ditto.

	* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
	owner and primary group of the file.  Handle the default primary
	group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
	set.  Add comments.  Minor code rearrangements.

	Preliminary read side implementation of new permission handling.
	* acl.h (MAX_ACL_ENTRIES): Raise to 2730.  Add comment to explain.
	* sec_acl.cc:  Add leading comment to explain new ACL style.
	Add definitions and macros to use for bits in new Cygwin ACL.
	(DENY_RWX): New mask value for all temporary deny bits.
	(getace): Add bool parameter to decide when leaving all bits intact,
	rather than filtering them per the already set bits.
	(get_posix_access): New function, taking over functionality to read
	POSIX ACL from SECURITY_DESCRIPTOR.
	(getacl): Just call get_posix_access.
	* sec_helper.cc (well_known_cygwin_sid): Define.
	* security.cc (get_attribute_from_acl): Remove.
	(get_info_from_sd): Remove.
	(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
	(get_file_attribute): Ditto.
	(get_object_attribute): Ditto.
	* security.h (well_known_cygwin_sid): Declare.
	(get_posix_access): Add prototype.

	* Throughout, use simpler ACE macros from Windows' accctrl.h.

	* getfacl.c (main): Special-case SYSTEM and Admins group.  Add comments.

	* setfacl.c: Align more to Linux tool.
	(delacl): New function to delete acl entries only.
	(modacl): Drop delete functionality.  Add handling of recomputing the
	mask and default mask values.
	(delallacl): Rename from delacl.
	(setfacl): Call delacl in Delete case.  Call delallacl in DeleteAll
	and DeleteDef case.
	(usage): Accommodate new options.  Rearrange and rephrase slightly.
	(longopts): Emit 'x' in --delete case.  Add --no-mask and --mask
	options.
	(opts): Add -x and -n options.
	(main): Handle -d and -x the same.  Handle -n and --mask options.
	Drop handling for -r option.

	* getfacl.c (usage): Align more closely to Linux version.  Add new
	options -c, -e, -E.  Change formatting to accommodate longer options.
	(longopts): Rename --noname to --numeric.  Keep --noname for backward
	compatibility.  Add --omit-header, --all-effective and --no-effective
	options.
	(opts): Add -c, -e and -E option.
	(main): Handle new -c, -e, and -E options.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-11-18 22:27:54 +01:00
Corinna Vinschen 344860a104 Cygwin: Try to fix potential data corruption in pipe write
* fhandler.cc (fhandler_base_overlapped::raw_write): When performing
        nonblocking I/O, copy user space data into own buffer.  Add longish
        comment to explain why.
        * fhandler.h (fhandler_base_overlapped::atomic_write_buf): New member.
        (fhandler_base_overlapped::fhandler_base_overlapped): Initialize
        atomic_write_buf.
        (fhandler_base_overlapped::fhandler_base_overlapped): New destructor,
        free'ing atomic_write_buf.
        (fhandler_base_overlapped::copyto): Set atomic_write_buf to NULL in
        copied fhandler.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2015-08-15 12:30:09 +02:00
Corinna Vinschen 59076540bc * fhandler.h (class fhandler_base): Add was_nonblocking status flag.
* fhandler.cc (fhandler_base::set_flags): Set was_nonblocking if the
	O_NONBLOCK flag has been specified.
	(fhandler_base_overlapped::close): Check for was_nonblocking instead
	of for is_nonblocking.  Explain why.
	(fhandler_base::set_nonblocking): Set was_nonblocking if noblocking
	mode gets enabled.
2015-02-24 11:05:02 +00:00
Corinna Vinschen 1a33a5c6d3 * fhandler.cc (fhandler_base::facl): Drop CLASS_OBJ entry.
* fhandler_disk_file.cc (fhandler_disk_file::facl): Ditto in noacl case.
	* sec_acl.cc (getacl): Compute useful fake CLASS_OBJ and DEF_CLASS_OBJ
	permission bits based on how these values are generated on Linux.
	Add commants to explain what the code is doing.
	* security.cc (get_attribute_from_acl): Compute group permission based
	on the actual primary group permissions and all secondary user and group
	ACCESS_ALLOWED_ACEs to emulate Linux' behaviour more closely.
	(check_access): Fix typos im comment.
	* include/cygwin/acl.h (MIN_ACL_ENTRIES): Redefine as 3.
2014-08-28 12:38:52 +00:00
Corinna Vinschen 5b312b4747 * devices.in (dev_cygdrive_storage): Revert mapping to \Device\Null.
(dev_storage): Ditto for /dev.
	* devices.cc: Regenerate.
	* fhandler.cc (fhandler_base::open_null): New method to open a fake
	\Device\Null handler.
	(fhandler_base::open): Fix formatting.  Change O_ACCMODE test to a
	switch statement.  Simplify a test which still tested for a now unused
	create_disposition.
	* fhandler.h (fhandler_base::open_null): Declare.
	(fhandler_netdrive::close): Declare.
	* fhandler_dev.cc (fhandler_dev::open): Open fake \Device\Null handle
	by just calling new open_null method.
	* fhandler_disk_file.cc (fhandler_cygdrive::open): Ditto.
	* fhandler_netdrive.cc (fhandler_netdrive::open): Call open_null
	rather than setting nohandle.
	(fhandler_netdrive::close): New method.
	* fhandler_registry.cc (fetch_hkey): Fix token in RegOpenUserClassesRoot
	call.  Create valid key for HKEY_CURRENT_CONFIG by mapping to real key
	HKEY_LOCAL_MACHINE\System\CurrentControlSet\Hardware Profiles\Current.
	(fhandler_registry::open): Set nohandle only when using pseudo registry
	handle.
	* fhandler_virtual.cc (fhandler_virtual::opendir): Call open rather
	than just setting nohandle here.
	* fhandler_virtual::fstatvfs): Set ST_RDONLY fs flag.
	* globals.cc (ro_u_null): New readonly UNICODE_STRING for \Device\Null.
	* path.h (path_conv::set_path): Revert previous change caring for
	wide_path.
2013-10-31 14:26:42 +00:00
Christopher Faylor 4ae84b2251 * external.cc (fillout_pinfo): If start_time is 0, wait a while before
returning the pinfo structure.
* fhandler.cc (fhandler_base::open_setup): Convert from inline.
* fhandler.h (fhandler_base::open_setup): Declare.
* fhandler_console.cc (fhandler_console::open_setup): Always call
fhandler_base::open_setup.
* fhandler_tty.cc (fhandler_pty_slave::open_setup): Ditto.
(fhandler_pty_master::open_setup): Ditto.
2013-10-24 15:26:21 +00:00
Corinna Vinschen 95ff6fc6da * devices.in (dev_storage): Map /dev/zero and /dev/full to \Device\Null.
* devices.cc: Regenerate.
	* dtable.h (struct dtable): Make fhandler_base friend, rather
	than fhandler_disk_file.
	* fhandler.cc (fhandler_base::open_with_arch): Create unique id.
	(fhandler_base::cleanup): Call del_my_locks.
	(fhandler_base::fcntl): Handle F_GETLK, F_SETLK and F_SETLKW.
	* fhandler.h (fhandler_base::get_dev): Return real device number.
	(fhandler_base::set_unique_id): New inline method.
	(fhandler_disk_file::lock): Drop declaration.
	(fhandler_disk_file::get_dev): New method, return pc.fs_serial_number.
	(fhandler_dev_zero::open): Drop declaration.
	* fhandler_disk_file.cc (fhandler_disk_file::close): Move
	del_my_locks call to fhandler_base::open_with_arch.
	(fhandler_disk_file::fcntl): Move handling of locking commands to
	fhandler_base::fcntl.
	(fhandler_base::open_fs): Drop call to NtAllocateLocallyUniqueId.
	* fhandler_zero.cc (fhandler_dev_zero::open): Remove so that default
	fhandler_base::open is used to open \Device\Null.
	* flock.cc (fixup_lockf_after_exec): Finding a single fhandler is
	enough here.
	(fhandler_base::lock): Replace fhandler_disk_file::lock.  Refuse to lock
	nohandle devices.  Handle read/write test using POSIX flags.  Explain
	why.  Never fail on SEEK_CUR or SEEK_END, rather assume position 0,
	just as Linux.
	* net.cc (fdsock): Create unique id.
2013-10-24 09:41:17 +00:00
Corinna Vinschen 27f8495dd5 * fhandler.cc (fhandler_base::fstat): Drop FH_FULL case to align
/dev/full permissions to Linux.
2013-10-23 09:58:12 +00:00
Christopher Faylor 015566ed00 * fhandler.h (fhandler_base::cleanup): Mark as extern rather than inline.
* fhandler_base.cc (fhandler_base::cleanup): Define.
* fhandler_tty.cc (fhandler_pty_slave::cleanup): Call fhandler_base::cleanup.
(fhandler_pty_master::cleanup): Ditto.
2013-10-22 20:41:09 +00:00
Christopher Faylor 470b8544e8 * fhandler.cc (fhandler_base::close_with_arch): Make sure that the archetype is
deleted when close_with_arch is referenced *via* the archetype.
2013-07-03 20:26:44 +00:00
Corinna Vinschen edd73646f3 * fhandler.cc (fhandler_base::lock): Move to flock.cc.
(fhandler_base::fixup_after_exec): Reset mandatory_locking.
	* fhandler.h (class fhandler_base): Add mandatory_locking status flag.
	Add mandatory_locking accessor methods.  Accommodate change throughout.
	(fhandler_base::mand_lock): Declare.
	(class fhandler_disk_file): Drop in favor of new status flag.
	* (fhandler_disk_file::fcntl): Call need_fork_fixup if mandatory_locking
	flag gets set.
	* flock.cc (fhandler_base::lock): Define here.
	(flock): Handle mandatory_locking.
	(lockf): Ditto.
	(fhandler_base::mand_lock): Define.
2013-06-04 10:24:43 +00:00