When using RFC2307 uid/gid-mapping on Samba shares, the POSIX ACL contains
the Windows SIDs. When writing back such an ACL we have to map the
Windows SIDs back to the corresponding Samba SIDs representing the UNIX
uid/gid value. When reading Samba SIDs, make sure never to evaluate a
UNIX user account as group.
* sec_acl.cc (set_posix_access): Convert Windows SIDs to
RFC2307-mapped Sambe UNIX SIDs.
* sec_helper.cc (cygpsid::get_id): Skip UNIX user accounts when
trying to evaluate a SID as group. Skip UNIX group accounts when
trying to evaluate a SID as user.
* cygheap.h (cygheap_ugid_cache::reverse_get): New method to
get nfs id from cygwin id.
(cygheap_ugid_cache::reverse_get_uid): Wrapper for uids.
(cygheap_ugid_cache::reverse_get_gid): Wrapper for gids.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
So far creating cygsids requires to generate an "S-1-..." string
which is then converted to a SID by cygsid::getfromstr.
Add two new methods:
- cygsid::create (DWORD auth, DWORD subauth_count, ...)
... is a variable length list of subauth_count DWORD values being
the actual subauths.
- cygsid::append (DWORD rid)
allows to append a single RID to an alreaday constituted SID.
* security.h (cygsid::create): Declare public.
(cygsid::append): Ditto.
* sec_helper.cc (cygsid::create): Implement.
(cygsid::append): Implement.
* uinfo.cc (pwdgrp::fetch_account_from_windows): Use both new
methods as appropriate. Drop setting csid from string. Create
SID strings for printing SIDs only.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
gmonparam::state is used in calls to Win32 Interlocked functions.
Having this defined as int breaks the build on i686. Redefine as
LONG (same size and correct type on all platforms) to make gcc happy.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Hi.
I have noticed that Cygwin's spinlock goes into heavy sleeping code
for each spin. It seems it would be a good idea to actually try to
spin a bit first. There is this 'pause' instruction which let's the
CPU make such busy loops be less busy. Here is a patch to do this.
--
VH
This patch set modifies Cygwin's profiling support to sample PC values
of all an app's threads, not just the main thread. There is no change
to how profiling is requested: just compile and link the app with "-pg"
as usual. The profiling info is dumped into file gmon.out as always.
A new facility enabled via the environment variable GMON_OUT_PREFIX.
This facility is intended to match an undocumented Linux glibc feature.
Exporting the variable with a non-empty value such as "foo" causes the
profiling info to go to a file named foo.$pid instead of the default.
With that, both resulting processes of a fork() can have their profiling
data captured in separate files. gprof already knows how to accumulate
data from multiple files if they all pertain to the same app.
There is no change to the normal Cygwin execution paths if profiling is
not enabled. And when it is enabled, only the one profiling thread per
profiled app is doing more work than it used to.
* include/sys/cygwin.h: Add CW_CYGHEAP_PROFTHR_ALL.
* cygheap.cc (cygheap_profthr_all): New C-callable function that
runs cygheap's threadlist handing each pthread's thread handle in
turn to profthr_byhandle().
* external.cc (cygwin_internal): Add case CW_CYGHEAP_PROFTHR_ALL.
* gmon.c (_mcleanup): Add support for multiple simultaneous
gmon.out* files named via environment variable GMON_OUT_PREFIX.
* gmon.h (struct gmonparam): Make state decl volatile.
* mcount.c (_MCOUNT_DECL): Change stores into gmonparam.state to use
Interlocked operations. Add #include "winsup.h", update commentary.
* profil.c (profthr_byhandle): New function abstracting out the
updating of profile counters based on a thread handle.
(profthr_func): Update to call profthr_byhandle() to sample the main
thread then call cygheap_profthr_all() indirectly through
cygwin_internal(CW_CYGHEAP_PROFTHR_ALL) to sample all other threads.
(profile_off): Zero targthr to indicate profiling was turned off.
(profile_on): Fix handle leak on failure path.
(profile_child): New callback func to restart profiling in child
process after a fork if the parent was being profiled.
(profile_ctl): Call pthread_atfork() to set profile_child callback.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
According to https://cygwin.com/ml/cygwin/2016-03/msg00124.html it's a
problem to collect friendlyname info using AF_INET6 sockets. Fix problem
by exposing additional hardware info for all collected interfaces via the
pointer in the ifaddrs::ifa_data member.
* include/ifaddrs.h (struct ifaddrs_hwdata): Define as struct of
not yet exposed members of struct ifall, defined in net.cc.
* net.cc (struct ifall): Replace hardware dta members with struct
ifaddrs_hwdata. Accommodate throughout.
(get_ifs): Let ifaddrs ifa_data member point to ifall::ifa_hwdata
member.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Calling open from acl_extended_file{_nofollow} indiscriminately may hang
if the file is a FIFO. Ultimately the FIFO implementation needs a thorough
rewrite, but for the time being we better do what stat(2) and friends do:
Just create an fhandler directly.
* sec_posixacl.cc (__acl_extended_fh): New static function calling
fhandler::facl.
(acl_extended_fd): Just call __acl_extended_fh.
(__acl_extended_file): Take just a path_conv as parameter and
create temporary fhandler to call __acl_extended_fh.
(acl_extended_file): Create path_conv from incoming path and
call __acl_extended_file on it.
(acl_extended_file_nofollow): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* ntdll.h (RtlGetNtVersionNumbers): Declare.
* wincap.cc (wincapc::init): Overwrite kernel version info
returned by RtlGetVersion with correct info returnd by
RtlGetNtVersionNumbers. Add comment.
Originally, using RtlGetVersion instead of GetVersionEx was supposed to
fix the fact that GetVersionInfo returns the wrong kernel version if the
executable has been built with an old manifest (or none at all), starting
with Windows 8.1. Either this never really worked as desired and our
testing was flawed, or this has been changed again with Windows 10, so
that RtlGetVersion does the kernel faking twist as well. Since we're
only reading the value in the first process in a process tree. the entire
process tree is running with a wrong OS version information in that case.
Fortunately, the (undocumented) RtlGetNtVersionNumbers function is not
affected by this nonsense, so we simply override the OS version info
fields with the correct values now.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The problem this patch fixes showed up after updating to gcc-5.3.0. The
cuplrit is a change in gcc when emitting section attributes. It only
shows up when building without optimization. Effect in Cygwin: ws2_32
functions failed to load.
In the original code the definition of "NO_COPY wsadata" was preceeding
an __asm__ block (the definition of the _wsock_init wrapper), while the
definition of "NO_COPY here" immediately follows the same assembler
block. When gcc-5.3.0 emits assembler code for the wsadata definition,
it emits the .data_cygwin_nocopy section attribute.
Next it emits the assembler output for the __asm_ block, entirely ignoring
its content. The __asm__ block adds a .text section definition.
Eventually gcc emits assembler code for the here definition. However,
apparently gcc still "knows" that it just emitted the .data_cygwin_nocopy
section attribute and so doesn't redefine it. Remember the __asm__? It
changed the section to .text.
So with gcc-4.9.3 we got:
.section .data_cygwin_nocopy,"w"
wsadata:
__asm__ block:
.text
.section .data_cygwin_nocopy,"w"
here:
With gcc 5.3.0 we now get:
.section .data_cygwin_nocopy,"w"
wsadata:
__asm__ block:
.text
here:
So "here" is now in the .text segment which is read-only. Hilarity ensues.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_posixacl .cc (__acl_dup): Remove.
(acl_dup): Fold __acl_dup functionality into this function.
(acl_create_entry): Don't create new acl_t. Just realloc
acl->entry to make room for new aclent_t.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* Makefile.in (DLL_OFILES): Add sec_posixacl.o.
(SUBLIBS): Add libacl.a
(libacl.a): New rule to create libacl.a.
* common.din: Export POSIX ACL functions as well as most libacl.a
extensions.
* fhandler.h (fhander_base::acl_get): New prototype.
(fhander_base::acl_set): Ditto.
(fhandler_disk_file::acl_get): Ditto.
(fhandler_disk_file::acl_set): Ditto.
* include/acl/libacl.h: New file.
* include/cygwin/version.h: Bump API minor version.
* include/sys/acl.h: Drop including cygwin/acl.h. Accommodate
throughout Cygwin. Add POSIX ACL definitions.
* sec_acl.cc: Include sec_posixacl.h. Replace ILLEGAL_UID and
ILLEGAL_GID with ACL_UNDEFINED_ID where sensible.
(__aclcheck): New internal acl check function to be used for
Solaris and POSIX ACLs.
(aclcheck32): Call __aclcheck.
(__aclcalcmask): New function to compute ACL_MASK value.
(__aclsort): New internal acl sort function to be used for Solaris
and POSIX ACLs.
(aclsort32): Call __aclsort.
(permtostr): Work directly on provided buffer.
(__acltotext): New internal acltotext function to be used for
Solaris and POSIX ACLs.
(acltotext32): Call __acltotext.
(__aclfromtext): New internal aclfromtext function to be used for
Solaris and POSIX ACLs.
(aclfromtext32): Call __aclfromtext.
* sec_posixacl.cc: New file implemeting POSIX ACL functions.
* sec_posixacl.h: New internal header.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_auth.cc (get_token_group_sidlist): Drop auth_luid and
auth_pos parameter. Remove code adding a logon SID.
(get_initgroups_sidlist): Drop auth_luid and auth_pos parameter.
Drop in call to get_token_group_sidlist. Accommodate in callers.
(get_setgroups_sidlist): Ditto.
(create_token): Explicitely set auth_luid to ANONYMOUS_LOGON_LUID
or LOCALSERVICE_LUID depending on OS. Explain why.
Remove handling of logon SID since we don't generate one anymore.
(lsaauth): Drop now unused local variable auth_luid and auth_pos.
* wincap.h (wincaps::has_broken_whoami): New element.
* wincap.cc: Implement above element throughout.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This follows up from my msg re GMP-ECM failing its 'make check' on the
main list https://cygwin.com/ml/cygwin/2016-02/msg00147.html .
There's an error that ought to be reported during dynamic linking if the
linked-to address is too far from the relocation site. However the error
is not reported if __OPTIMIZE__ was #defined when building the Cygwin DLL.
I can't see why optimization settings should affect this.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* mount.cc (mount_info::conv_to_posix_path): Account for scenarios
where the path is identical to a mount point in terms of preserving
the trailing slash in the output.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
GCC 5 adds #line directives (and hence extra newlines) for macros
expansions, which confuses cygmagic. Using the -P flag avoids
them entirely.
https://cygwin.com/ml/cygwin-patches/2016-q1/msg00016.html
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
GCC 5 switched from C89 to C11 by default. This implies a change from
GNU to C99 inline by default, which have very different meanings of
extern inline vs. static inline:
https://gcc.gnu.org/onlinedocs/gcc/Inline.html
Marking these as gnu_inline retains the previous behaviour.
winsup/cygwin/
* exceptions.cc (exception::handle): Change debugging to int to fix
an always-true boolean comparison warning.
* include/cygwin/config.h (__getreent): Mark gnu_inline.
* winbase.h (ilockcmpexch, ilockcmpexch64): Ditto.
Signed-off-by: Yaakov Selkowitz <yselkowi@redhat.com>
POSIX.1e requires that chmod changes the MASK rather than the
GROUP_OBJ value if the ACL is non-trivial.
On Windows, especially on home machines, a standard ACL often
consists of entries for the user, maybe the group, and additional
entries for SYSTEM and the Administrators group. A user calling
chmod on a file with bog standard Windows perms usually expects
that chmod changes the GROUP_OBJ perms, but given the rules from
POSIX.1e we can't do that.
However, since we already treat Admins and SYSTEM special in a
ACL (they are not used in MASK computations) we go a step in the
Windows direction to follow user expectations. If an ACL only
consists of the three POSIX permissions, plus entries for Admins
and SYSTEM *only*, then we change the permissions of the GROUP_OBJ
entry *and* the MASK entry.
* fhandler_disk_file.cc (fhandler_disk_file::chmod): Drop unused
code. Add special handling for a "standard" Windows ACL. Add
comment to explain.
* sec_acl.cc (get_posix_access): Allow to return "standard-ness"
of an ACL to the caller. Add preceeding comment to explain a bit.
* security.h (get_posix_access): Align prototype.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Handle additional ACE for primary group only as another GROUP
entry if it's an allow ACE. Deny ACEs don't qualify.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Observed running hexchat under X. For some reason the call to
LoadLibraryEx(..., LOAD_LIBRARY_SEARCH_SYSTEM32) in dll_load
hangs when trying to autoload MsgWaitForMultipleObjectsEx in
select.cc after hexchat forks to run DNS calls. Dropping the
call and just using full paths as in 2.3.1 fixes the issue.
* autoload.cc (dll_load): Drop call to LoadLibraryEx with
LOAD_LIBRARY_SEARCH_SYSTEM32 flag.
* wincap.h (wincaps::has_load_lib_search_flags): Remove.
* wincap.cc (wincaps::has_load_lib_search_flags): Drop handling
this flag.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Rename "res" to "wait_state" and change its type to
select_stuff::wait_states. Use select_stuff::wait_states
values instead of ints throughout. Rearrange a few comments.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If the calling process doesn't have sufficient privileges to
fetch the linked token of an admin-user token, cygwin_logon_user
fails. This patch changes that by returning the original,
unprivileged token of the admin user to allow authentication
and calling setuid for the current process.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (get_posix_access): Fix bracketing in expression
constructing POSIX group permissions so as not leaking deny bits
into POSIX file type bits.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (wsock_init): Use MAKEWORD macro to create requested
version rather than handcrafted expression.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (dll_load): Move safe loading from std_dll_init here.
Add code to handle systems supporting LOAD_LIBRARY_SEARCH flags.
Add comments to explain what the code is doing. Fix up comment
preceeding this function.
(std_dll_init): Move safe loading code to dll_load.
* wincap.h (wincaps::has_load_lib_search_flags): New element.
* wincap.cc: Implement above element throughout.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (fhandler_base::get_plain_ino): New inline method.
Add comment to explain what it's supposed to be used for.
* fhandler_socket.cc (fhandler_socket::get_proc_fd_name): Create
filename using inode number.
(fhandler_socket::fstat): Generate inode number from filename if
ino is not set (that's the case in a stat(2) call).
* pipe.cc: Throughout, use get_plain_ino when appropriate.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This reverts commit 4b104ce070.
The DLLs always guaranteed to be loaded from the system dir are only
those in the KnownDLLs list. We're using some DLLs not in that list on
all supported OSes, thus we need to make sure to use full paths.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler.h (class fhandler_base): Convert unique_id to int64_t.
(fhandler_base::set_ino): New protected inline method.
(fhandler_base::get_unique_id): Convert to int64_t.
(fhandler_base::set_unique_id): New inline method taking int64_t.
(fhandler_pipe::fstat): Declare.
(fhandler_pipe::init): Take extra parameter.
(fhandler_pipe::create): Ditto.
* fhandler_socket.cc (fhandler_socket::init_events): Set inode number
to serial number.
(fhandler_socket::fstat): Set device to DEV_TCP_MAJOR. Create st_ino
from get_ino.
* include/cygwin/signal.h (struct _sigcommune): Replace
_si_pipe_fhandler with _si_pipe_unique_id.
* pinfo.h (_pinfo::pipe_fhandler): Take unique id instead of HANDLE.
* pinfo.cc (commune_process): Accommodate change to _si_pipe_unique_id.
(_pinfo::commune_request): Ditto.
(_pinfo::pipe_fhandler): Ditto.
* pipe.cc (fhandler_pipe::init): Take unique id as argument and set
inode number and unique_id from there.
(fhandler_pipe::open): Rework to find any matching pipe from unique
id in filename.
(fhandler_pipe::get_proc_fd_name): Create filename using inode number.
(fhandler_pipe::create): Generate and return unique id from process pid
and pipe_unique_id. In outer method, call init with additional unique
id as parameter.
(fhandler_pipe::fstat): New method.
(pipe_worker): Accommodate using 64 bit inode number in filename.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Corinna Vinschen
Václav Haisman
Mark Geisert
Yaakov Selkowitz
John Hood