5009 lines
132 KiB
C++
5009 lines
132 KiB
C++
/* syscalls.cc: syscalls
|
|
|
|
This file is part of Cygwin.
|
|
|
|
This software is a copyrighted work licensed under the terms of the
|
|
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
|
|
details. */
|
|
|
|
#include "winsup.h"
|
|
#include "miscfuncs.h"
|
|
#include <sys/stat.h>
|
|
#include <sys/vfs.h> /* needed for statfs */
|
|
#include <sys/statvfs.h> /* needed for statvfs */
|
|
#include <stdlib.h>
|
|
#include <stdio.h>
|
|
#include <process.h>
|
|
#include <utmp.h>
|
|
#include <utmpx.h>
|
|
#include <sys/uio.h>
|
|
#include <ctype.h>
|
|
#include <wctype.h>
|
|
#include <unistd.h>
|
|
#include <sys/wait.h>
|
|
#include <dirent.h>
|
|
#include <ntsecapi.h>
|
|
#include <iptypes.h>
|
|
#include "ntdll.h"
|
|
|
|
#include <cygwin/version.h>
|
|
#include "cygerrno.h"
|
|
#include "perprocess.h"
|
|
#include "security.h"
|
|
#include "path.h"
|
|
#include "fhandler.h"
|
|
#include "dtable.h"
|
|
#include "sigproc.h"
|
|
#include "pinfo.h"
|
|
#include "shared_info.h"
|
|
#include "cygheap.h"
|
|
#include "registry.h"
|
|
#include "environ.h"
|
|
#include "tls_pbuf.h"
|
|
#include "sync.h"
|
|
#include "child_info.h"
|
|
#include <cygwin/fs.h> /* needed for RENAME_NOREPLACE */
|
|
#include <sys/reent.h> /* needed for _fwalk_sglue() declaration */
|
|
|
|
static int mknod_worker (path_conv &, mode_t, _major_t, _minor_t);
|
|
|
|
/* Close all files and process any queued deletions.
|
|
Lots of unix style applications will open a tmp file, unlink it,
|
|
but never call close. This function is called by _exit to
|
|
ensure we don't leave any such files lying around. */
|
|
|
|
void
|
|
close_all_files (bool norelease)
|
|
{
|
|
cygheap->fdtab.lock ();
|
|
|
|
semaphore::terminate ();
|
|
|
|
HANDLE h = NULL;
|
|
|
|
for (int i = 0; i < (int) cygheap->fdtab.size; i++)
|
|
{
|
|
cygheap_fdget cfd (i, false, false);
|
|
if (cfd >= 0)
|
|
{
|
|
debug_only_printf ("closing fd %d", i);
|
|
if (i == 2 && cfd->get_dev () != FH_PIPEW)
|
|
DuplicateHandle (GetCurrentProcess (), cfd->get_output_handle (),
|
|
GetCurrentProcess (), &h,
|
|
0, false, DUPLICATE_SAME_ACCESS);
|
|
cfd->close_with_arch ();
|
|
if (!norelease)
|
|
cfd.release ();
|
|
}
|
|
}
|
|
|
|
if (!have_execed && cygheap->ctty)
|
|
cygheap->close_ctty ();
|
|
|
|
if (h)
|
|
SetStdHandle (STD_ERROR_HANDLE, h);
|
|
cygheap->fdtab.unlock ();
|
|
}
|
|
|
|
extern "C" int
|
|
dup (int fd)
|
|
{
|
|
int res;
|
|
cygheap_fdnew newfd;
|
|
if (newfd < 0)
|
|
res = -1;
|
|
else
|
|
res = cygheap->fdtab.dup3 (fd, newfd, 0);
|
|
syscall_printf ("%R = dup(%d)", res, fd);
|
|
return res;
|
|
}
|
|
|
|
inline int
|
|
dup_finish (int oldfd, int newfd, int flags)
|
|
{
|
|
int res;
|
|
if ((res = cygheap->fdtab.dup3 (oldfd, newfd, flags | O_EXCL)) == newfd)
|
|
{
|
|
cygheap_fdget (newfd)->inc_refcnt ();
|
|
cygheap->fdtab.unlock (); /* dup3 exits with lock set on success */
|
|
}
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
dup2 (int oldfd, int newfd)
|
|
{
|
|
int res;
|
|
if (newfd >= OPEN_MAX || newfd < 0)
|
|
{
|
|
set_errno (EBADF);
|
|
res = -1;
|
|
}
|
|
else if (newfd == oldfd)
|
|
{
|
|
cygheap_fdget cfd (oldfd);
|
|
res = (cfd >= 0) ? oldfd : -1;
|
|
}
|
|
else
|
|
res = dup_finish (oldfd, newfd, 0);
|
|
|
|
syscall_printf ("%R = dup2(%d, %d)", res, oldfd, newfd);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
dup3 (int oldfd, int newfd, int flags)
|
|
{
|
|
int res;
|
|
if (newfd >= OPEN_MAX)
|
|
{
|
|
set_errno (EBADF);
|
|
res = -1;
|
|
}
|
|
else if (newfd == oldfd)
|
|
{
|
|
cygheap_fdget cfd (oldfd, false, false);
|
|
set_errno (cfd < 0 ? EBADF : EINVAL);
|
|
res = -1;
|
|
}
|
|
else
|
|
res = dup_finish (oldfd, newfd, flags);
|
|
|
|
syscall_printf ("%R = dup3(%d, %d, %y)", res, oldfd, newfd, flags);
|
|
return res;
|
|
}
|
|
|
|
static const char desktop_ini[] =
|
|
"[.ShellClassInfo]\r\n"
|
|
"CLSID={645FF040-5081-101B-9F08-00AA002F954E}\r\n"
|
|
"LocalizedResourceName=@%SystemRoot%\\system32\\shell32.dll,-8964\r\n";
|
|
|
|
enum bin_status
|
|
{
|
|
dont_move,
|
|
move_to_bin,
|
|
has_been_moved,
|
|
dir_not_empty
|
|
};
|
|
|
|
/* Typically the recycler on drive C has been created at installation
|
|
time. The name is then written in camel back. On any other drive,
|
|
the recycler is created on first usage. shell32.dll then creates
|
|
the recycler in all upper case. That's only important if the entire
|
|
operation is running case sensitive. */
|
|
static WCHAR recycler_basename_drive_c[] = L"\\$Recycle.Bin\\";
|
|
static WCHAR recycler_basename_other[] = L"\\$RECYCLE.BIN\\";
|
|
|
|
static bin_status
|
|
try_to_bin (path_conv &pc, HANDLE &fh, ACCESS_MASK access, ULONG flags)
|
|
{
|
|
bin_status bin_stat = move_to_bin;
|
|
NTSTATUS status;
|
|
OBJECT_ATTRIBUTES attr;
|
|
IO_STATUS_BLOCK io;
|
|
HANDLE rootdir = NULL, recyclerdir = NULL, tmp_fh = NULL;
|
|
USHORT recycler_base_len = 0, recycler_user_len = 0;
|
|
UNICODE_STRING root, recycler, fname;
|
|
PWCHAR recycler_basename = NULL;
|
|
WCHAR recyclerbuf[NAME_MAX + 1]; /* Enough for recycler + SID + filename */
|
|
PFILE_NAME_INFORMATION pfni;
|
|
PFILE_INTERNAL_INFORMATION pfii;
|
|
PFILE_RENAME_INFORMATION pfri;
|
|
ULONG frisiz;
|
|
FILE_DISPOSITION_INFORMATION disp = { TRUE };
|
|
bool fs_has_per_user_recycler = pc.fs_is_ntfs () || pc.fs_is_refs ();
|
|
|
|
tmp_pathbuf tp;
|
|
PBYTE infobuf = (PBYTE) tp.w_get ();
|
|
|
|
pfni = (PFILE_NAME_INFORMATION) infobuf;
|
|
status = NtQueryInformationFile (fh, &io, pfni, NT_MAX_PATH * sizeof (WCHAR),
|
|
FileNameInformation);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtQueryInformationFile (%S, FileNameInformation) "
|
|
"failed, status = %y", pc.get_nt_native_path (), status);
|
|
goto out;
|
|
}
|
|
/* The filename could change, the parent dir not. So we split both paths
|
|
and take the prefix. However, there are two special cases:
|
|
- The handle refers to the root dir of the volume.
|
|
- The handle refers to the recycler or a subdir.
|
|
Both cases are handled by just returning and not even trying to move
|
|
them into the recycler. */
|
|
if (pfni->FileNameLength == 2) /* root dir. */
|
|
goto out;
|
|
/* Initialize recycler path. */
|
|
RtlInitEmptyUnicodeString (&recycler, recyclerbuf, sizeof recyclerbuf);
|
|
if (!pc.isremote ())
|
|
{
|
|
recycler_basename = wcsncmp (pc.get_nt_native_path ()->Buffer,
|
|
L"\\??\\C:\\", 7)
|
|
? recycler_basename_other
|
|
: recycler_basename_drive_c;
|
|
RtlAppendUnicodeToString (&recycler, recycler_basename);
|
|
RtlInitCountedUnicodeString(&fname, pfni->FileName, pfni->FileNameLength);
|
|
/* Is the file a subdir of the recycler? */
|
|
if (RtlEqualUnicodePathPrefix (&fname, &recycler, TRUE))
|
|
goto out;
|
|
/* Is fname the recycler? Temporarily hide trailing backslash. */
|
|
recycler.Length -= sizeof (WCHAR);
|
|
if (RtlEqualUnicodeString (&fname, &recycler, TRUE))
|
|
goto out;
|
|
/* Is fname really a subcomponent of the full path? If not, there's
|
|
a high probability we're accessing the file via a virtual drive
|
|
created with "subst". Check and accommodate it. Note that we
|
|
only get here if the virtual drive is really pointing to a local
|
|
drive. Otherwise pc.isremote () returns "true". */
|
|
if (!RtlEqualUnicodePathSuffix (pc.get_nt_native_path (), &fname, TRUE))
|
|
{
|
|
WCHAR drive[3] = { pc.get_nt_native_path ()->Buffer[4], ':', '\0' };
|
|
PWCHAR tgt = tp.w_get ();
|
|
|
|
if (QueryDosDeviceW (drive, tgt, NT_MAX_PATH)
|
|
&& !wcsncmp (tgt, L"\\??\\", 4))
|
|
{
|
|
UNICODE_STRING new_path;
|
|
|
|
wcsncpy (tgt + 6, fname.Buffer, fname.Length / sizeof (WCHAR));
|
|
RtlInitCountedUnicodeString(&new_path, tgt,
|
|
6 * sizeof (WCHAR) + fname.Length);
|
|
pc.set_nt_native_path (&new_path);
|
|
}
|
|
}
|
|
/* Create root dir path from file name information. */
|
|
RtlSplitUnicodePath (&fname, &fname, NULL);
|
|
RtlSplitUnicodePath (pc.get_nt_native_path (), &root, NULL);
|
|
root.Length -= fname.Length - sizeof (WCHAR);
|
|
|
|
/* Open root directory. All recycler bin ops are caseinsensitive. */
|
|
InitializeObjectAttributes (&attr, &root, OBJ_CASE_INSENSITIVE,
|
|
NULL, NULL);
|
|
status = NtOpenFile (&rootdir, FILE_TRAVERSE, &attr, &io,
|
|
FILE_SHARE_VALID_FLAGS, FILE_OPEN_FOR_BACKUP_INTENT);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtOpenFile (%S) failed, status = %y", &root, status);
|
|
goto out;
|
|
}
|
|
|
|
/* Strip leading backslash */
|
|
++recycler.Buffer;
|
|
recycler.Length -= sizeof (WCHAR);
|
|
/* Store length of recycler base dir, if it's necessary to create it. */
|
|
recycler_base_len = recycler.Length;
|
|
/* On NTFS or ReFS the recycler dir contains user specific subdirs, which
|
|
are the actual recycle bins per user. The name of this dir is the
|
|
string representation of the user SID. */
|
|
if (fs_has_per_user_recycler)
|
|
{
|
|
UNICODE_STRING sid;
|
|
WCHAR sidbuf[128];
|
|
/* Unhide trailing backslash. */
|
|
recycler.Length += sizeof (WCHAR);
|
|
RtlInitEmptyUnicodeString (&sid, sidbuf, sizeof sidbuf);
|
|
RtlConvertSidToUnicodeString (&sid, cygheap->user.sid (), FALSE);
|
|
RtlAppendUnicodeStringToString (&recycler, &sid);
|
|
recycler_user_len = recycler.Length;
|
|
}
|
|
RtlAppendUnicodeToString (&recycler, L"\\");
|
|
}
|
|
if (pc.file_attributes () & FILE_ATTRIBUTE_TEMPORARY)
|
|
{
|
|
UNICODE_STRING basename;
|
|
|
|
RtlSplitUnicodePath (pc.get_nt_native_path (), NULL, &basename);
|
|
RtlAppendUnicodeToString (&recycler, basename.Buffer);
|
|
}
|
|
else
|
|
{
|
|
/* Create unique filename. Start with a dot, followed by "cyg"
|
|
transposed into the Unicode low surrogate area (U+dc00) on file
|
|
systems supporting Unicode (except Samba), followed by the inode
|
|
number in hex, followed by a path hash in hex. The combination
|
|
allows to remove multiple hardlinks to the same file. */
|
|
RtlAppendUnicodeToString (&recycler,
|
|
(pc.fs_flags () & FILE_UNICODE_ON_DISK
|
|
&& !pc.fs_is_samba ())
|
|
? L".\xdc63\xdc79\xdc67" : L".cyg");
|
|
pfii = (PFILE_INTERNAL_INFORMATION) infobuf;
|
|
status = NtQueryInformationFile (fh, &io, pfii, sizeof *pfii,
|
|
FileInternalInformation);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtQueryInformationFile (%S, FileInternalInformation) "
|
|
"failed, status = %y",
|
|
pc.get_nt_native_path (), status);
|
|
goto out;
|
|
}
|
|
RtlInt64ToHexUnicodeString (pfii->IndexNumber.QuadPart, &recycler, TRUE);
|
|
RtlInt64ToHexUnicodeString (hash_path_name (0, pc.get_nt_native_path ()),
|
|
&recycler, TRUE);
|
|
}
|
|
/* Shoot. */
|
|
pfri = (PFILE_RENAME_INFORMATION) infobuf;
|
|
pfri->ReplaceIfExists = TRUE;
|
|
pfri->RootDirectory = rootdir;
|
|
pfri->FileNameLength = recycler.Length;
|
|
memcpy (pfri->FileName, recycler.Buffer, recycler.Length);
|
|
frisiz = sizeof *pfri + pfri->FileNameLength - sizeof (WCHAR);
|
|
|
|
status = NtSetInformationFile (fh, &io, pfri, frisiz, FileRenameInformation);
|
|
if (status == STATUS_OBJECT_PATH_NOT_FOUND && !pc.isremote ())
|
|
{
|
|
/* The recycler and/or the recycler/SID directory don't exist, or the
|
|
case of recycler dir has changed and the rename op is case sensitive.
|
|
First reopen root dir with permission to create subdirs. */
|
|
NtClose (rootdir);
|
|
InitializeObjectAttributes (&attr, &root, OBJ_CASE_INSENSITIVE,
|
|
NULL, NULL);
|
|
status = NtOpenFile (&rootdir, FILE_ADD_SUBDIRECTORY, &attr, &io,
|
|
FILE_SHARE_VALID_FLAGS, FILE_OPEN_FOR_BACKUP_INTENT);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtOpenFile (%S) failed, status = %y",
|
|
&recycler, status);
|
|
goto out;
|
|
}
|
|
/* Correct the rootdir HANDLE in pfri after reopening the dir. */
|
|
pfri->RootDirectory = rootdir;
|
|
/* Then check if recycler exists by opening and potentially creating it.
|
|
Yes, we can really do that. Typically the recycle bin is created
|
|
by the first user actually using the bin. */
|
|
InitializeObjectAttributes (&attr, &recycler, OBJ_CASE_INSENSITIVE,
|
|
rootdir, recycler_sd (true, true));
|
|
recycler.Length = recycler_base_len;
|
|
status = NtCreateFile (&recyclerdir,
|
|
READ_CONTROL
|
|
| (fs_has_per_user_recycler ? 0 : FILE_ADD_FILE),
|
|
&attr, &io, NULL,
|
|
FILE_ATTRIBUTE_DIRECTORY
|
|
| FILE_ATTRIBUTE_SYSTEM
|
|
| FILE_ATTRIBUTE_HIDDEN,
|
|
FILE_SHARE_VALID_FLAGS, FILE_OPEN_IF,
|
|
FILE_DIRECTORY_FILE, NULL, 0);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtCreateFile (%S) failed, status = %y",
|
|
&recycler, status);
|
|
goto out;
|
|
}
|
|
/* If we opened the recycler (in contrast to creating it) and our
|
|
rename op is case sensitive, fetch the actual case of the recycler
|
|
and store the name in recycler_basename, as well as in pfri->FileName
|
|
for the below 2nd try to rename the file. */
|
|
if (io.Information == FILE_OPENED && !pc.objcaseinsensitive ())
|
|
{
|
|
pfni = (PFILE_NAME_INFORMATION) tp.w_get ();
|
|
status = NtQueryInformationFile (recyclerdir, &io, pfni,
|
|
NT_MAX_PATH * sizeof (WCHAR),
|
|
FileNameInformation);
|
|
if (NT_SUCCESS (status))
|
|
{
|
|
size_t len = pfni->FileNameLength / sizeof (WCHAR) - 1;
|
|
PWCHAR p = pfni->FileName + 1;
|
|
p[len] = L'\0';
|
|
wcpncpy (pfri->FileName, p, len);
|
|
wcpncpy (recycler_basename + 1, p, len);
|
|
}
|
|
}
|
|
|
|
/* Next, if necessary, check if the recycler/SID dir exists and
|
|
create it if not. */
|
|
if (fs_has_per_user_recycler)
|
|
{
|
|
NtClose (recyclerdir);
|
|
recycler.Length = recycler_user_len;
|
|
InitializeObjectAttributes (&attr, &recycler, OBJ_CASE_INSENSITIVE,
|
|
rootdir, recycler_sd (false, true));
|
|
status = NtCreateFile (&recyclerdir, READ_CONTROL | FILE_ADD_FILE,
|
|
&attr, &io, NULL, FILE_ATTRIBUTE_DIRECTORY
|
|
| FILE_ATTRIBUTE_SYSTEM
|
|
| FILE_ATTRIBUTE_HIDDEN,
|
|
FILE_SHARE_VALID_FLAGS, FILE_OPEN_IF,
|
|
FILE_DIRECTORY_FILE, NULL, 0);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtCreateFile (%S) failed, status = %y",
|
|
&recycler, status);
|
|
goto out;
|
|
}
|
|
}
|
|
/* The desktop.ini file is expected by Windows Explorer. Otherwise,
|
|
the created bin is treated as corrupted */
|
|
if (io.Information == FILE_CREATED)
|
|
{
|
|
RtlInitUnicodeString (&fname, L"desktop.ini");
|
|
InitializeObjectAttributes (&attr, &fname, OBJ_CASE_INSENSITIVE,
|
|
recyclerdir, recycler_sd (false, false));
|
|
status = NtCreateFile (&tmp_fh, FILE_GENERIC_WRITE, &attr, &io, NULL,
|
|
FILE_ATTRIBUTE_SYSTEM | FILE_ATTRIBUTE_HIDDEN,
|
|
FILE_SHARE_VALID_FLAGS, FILE_CREATE,
|
|
FILE_SYNCHRONOUS_IO_NONALERT
|
|
| FILE_NON_DIRECTORY_FILE, NULL, 0);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtCreateFile (%S) failed, status = %y",
|
|
&recycler, status);
|
|
else
|
|
{
|
|
status = NtWriteFile (tmp_fh, NULL, NULL, NULL, &io,
|
|
(PVOID) desktop_ini, sizeof desktop_ini - 1,
|
|
NULL, NULL);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtWriteFile (%S) failed, status = %y",
|
|
&fname, status);
|
|
NtClose (tmp_fh);
|
|
}
|
|
}
|
|
NtClose (recyclerdir);
|
|
/* Shoot again. */
|
|
status = NtSetInformationFile (fh, &io, pfri, frisiz,
|
|
FileRenameInformation);
|
|
}
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("Move %S to %S failed, status = %y",
|
|
pc.get_nt_native_path (), &recycler, status);
|
|
goto out;
|
|
}
|
|
/* Moving to the bin worked. */
|
|
bin_stat = has_been_moved;
|
|
/* If we're only moving a just created O_TMPFILE, we're done here. */
|
|
if (pc.file_attributes () & FILE_ATTRIBUTE_TEMPORARY)
|
|
goto out;
|
|
/* Now we try to set the delete disposition. If that worked, we're done.
|
|
We try this here first, as long as we still have the open handle.
|
|
Otherwise the below code closes the handle to allow replacing the file. */
|
|
status = NtSetInformationFile (fh, &io, &disp, sizeof disp,
|
|
FileDispositionInformation);
|
|
switch (status)
|
|
{
|
|
case STATUS_SUCCESS:
|
|
break;
|
|
case STATUS_DIRECTORY_NOT_EMPTY:
|
|
/* Uh oh! This was supposed to be avoided by the check_dir_not_empty
|
|
test in unlink_nt, but given that the test isn't atomic, this *can*
|
|
happen. Try to move the dir back ASAP. */
|
|
pfri->RootDirectory = NULL;
|
|
pfri->FileNameLength = pc.get_nt_native_path ()->Length;
|
|
memcpy (pfri->FileName, pc.get_nt_native_path ()->Buffer,
|
|
pc.get_nt_native_path ()->Length);
|
|
frisiz = sizeof *pfri + pfri->FileNameLength - sizeof (WCHAR);
|
|
if (NT_SUCCESS (NtSetInformationFile (fh, &io, pfri, frisiz,
|
|
FileRenameInformation)))
|
|
{
|
|
/* Give notice to unlink_nt and leave immediately. This avoids
|
|
closing the handle, which might still be used if called from
|
|
the rm -r workaround code. */
|
|
bin_stat = dir_not_empty;
|
|
goto out;
|
|
}
|
|
debug_printf ("Renaming dir %S back to %S failed, status = %y",
|
|
&recycler, pc.get_nt_native_path (), status);
|
|
break;
|
|
case STATUS_FILE_RENAMED:
|
|
/* On NFS, the subsequent request to set the delete disposition fails
|
|
with STATUS_FILE_RENAMED. We have to reopen the file, close the
|
|
original handle, and set the delete disposition on the reopened
|
|
handle to make sure setting delete disposition works. */
|
|
InitializeObjectAttributes (&attr, &ro_u_empty, 0, fh, NULL);
|
|
status = NtOpenFile (&tmp_fh, access, &attr, &io,
|
|
FILE_SHARE_VALID_FLAGS, flags);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtOpenFile (%S) for reopening in renamed case failed, "
|
|
"status = %y", pc.get_nt_native_path (), status);
|
|
else
|
|
{
|
|
NtClose (fh);
|
|
fh = tmp_fh;
|
|
status = NtSetInformationFile (fh, &io, &disp, sizeof disp,
|
|
FileDispositionInformation);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("Setting delete disposition %S (%S) in renamed "
|
|
"case failed, status = %y",
|
|
&recycler, pc.get_nt_native_path (), status);
|
|
}
|
|
break;
|
|
default:
|
|
debug_printf ("Setting delete disposition on %S (%S) failed, status = %y",
|
|
&recycler, pc.get_nt_native_path (), status);
|
|
break;
|
|
}
|
|
/* In case of success, restore R/O attribute to accommodate hardlinks.
|
|
That leaves potentially hardlinks around with the R/O bit suddenly
|
|
off if setting the delete disposition failed, but please, keep in
|
|
mind this is really a border case only. */
|
|
if ((access & FILE_WRITE_ATTRIBUTES) && NT_SUCCESS (status) && !pc.isdir ())
|
|
NtSetAttributesFile (fh, pc.file_attributes ());
|
|
NtClose (fh);
|
|
fh = NULL; /* So unlink_nt doesn't close the handle twice. */
|
|
/* On success or when trying to unlink a directory we just return here.
|
|
The below code only works for files. It also fails on NFS. */
|
|
if (NT_SUCCESS (status) || pc.isdir () || pc.fs_is_nfs ())
|
|
goto out;
|
|
/* The final trick. We create a temporary file with delete-on-close
|
|
semantic and rename that file to the file just moved to the bin.
|
|
This typically overwrites the original file and we get rid of it,
|
|
even if neither setting the delete dispostion, nor setting
|
|
delete-on-close on the original file succeeds. There are still
|
|
cases in which this fails, for instance, when trying to delete a
|
|
hardlink to a DLL used by the unlinking application itself. */
|
|
if (pc.isremote ())
|
|
{
|
|
/* In the remote case we need the full path, but recycler is only
|
|
a relative path. Convert to absolute path. */
|
|
RtlInitEmptyUnicodeString (&fname, tp.w_get (),
|
|
(NT_MAX_PATH - 1) * sizeof (WCHAR));
|
|
RtlCopyUnicodeString (&fname, pc.get_nt_native_path ());
|
|
RtlSplitUnicodePath (&fname, &fname, NULL);
|
|
/* Reset max length, overwritten by RtlSplitUnicodePath. */
|
|
fname.MaximumLength = (NT_MAX_PATH - 1) * sizeof (WCHAR); /* reset */
|
|
RtlAppendUnicodeStringToString (&fname, &recycler);
|
|
}
|
|
else
|
|
fname = recycler;
|
|
RtlAppendUnicodeToString (&fname, L"X");
|
|
InitializeObjectAttributes (&attr, &fname, 0, rootdir, NULL);
|
|
status = NtCreateFile (&tmp_fh, DELETE, &attr, &io, NULL,
|
|
FILE_ATTRIBUTE_NORMAL, 0, FILE_SUPERSEDE,
|
|
FILE_NON_DIRECTORY_FILE | FILE_DELETE_ON_CLOSE,
|
|
NULL, 0);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("Creating file %S for overwriting %S (%S) failed, "
|
|
"status = %y", &fname, &recycler, pc.get_nt_native_path (),
|
|
status);
|
|
goto out;
|
|
}
|
|
status = NtSetInformationFile (tmp_fh, &io, pfri, frisiz,
|
|
FileRenameInformation);
|
|
NtClose (tmp_fh);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("Overwriting %S (%S) with %S failed, status = %y",
|
|
&recycler, pc.get_nt_native_path (), &fname, status);
|
|
|
|
out:
|
|
if (rootdir)
|
|
NtClose (rootdir);
|
|
debug_printf ("%S, return bin_status %d", pc.get_nt_native_path (), bin_stat);
|
|
return bin_stat;
|
|
}
|
|
|
|
static NTSTATUS
|
|
check_dir_not_empty (HANDLE dir, path_conv &pc)
|
|
{
|
|
IO_STATUS_BLOCK io;
|
|
const ULONG bufsiz = 3 * sizeof (FILE_NAMES_INFORMATION)
|
|
+ 3 * NAME_MAX * sizeof (WCHAR);
|
|
PFILE_NAMES_INFORMATION pfni = (PFILE_NAMES_INFORMATION)
|
|
alloca (bufsiz);
|
|
NTSTATUS status = NtQueryDirectoryFile (dir, NULL, NULL, 0, &io, pfni,
|
|
bufsiz, FileNamesInformation,
|
|
FALSE, NULL, TRUE);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("Checking if directory %S is empty failed, status = %y",
|
|
pc.get_nt_native_path (), status);
|
|
return status;
|
|
}
|
|
int cnt = 1;
|
|
do
|
|
{
|
|
while (pfni->NextEntryOffset)
|
|
{
|
|
if (++cnt > 2)
|
|
{
|
|
UNICODE_STRING fname;
|
|
OBJECT_ATTRIBUTES attr;
|
|
FILE_BASIC_INFORMATION fbi;
|
|
|
|
pfni = (PFILE_NAMES_INFORMATION)
|
|
((caddr_t) pfni + pfni->NextEntryOffset);
|
|
RtlInitCountedUnicodeString(&fname, pfni->FileName,
|
|
pfni->FileNameLength);
|
|
InitializeObjectAttributes (&attr, &fname, 0, dir, NULL);
|
|
status = NtQueryAttributesFile (&attr, &fbi);
|
|
/* Intensive testing shows that sometimes directories, for which
|
|
the delete disposition has already been set, and the deleting
|
|
handle is already closed, can linger in the parent dir for a
|
|
couple of ms for no apparent reason (Windows Defender or other
|
|
real-time scanners are suspect).
|
|
|
|
A fast rm -r is capable to exploit this problem. Setting the
|
|
delete disposition of the parent dir then fails with
|
|
STATUS_DIRECTORY_NOT_EMPTY. Examining the content of the
|
|
affected dir can then show either that the dir is empty, or it
|
|
can contain a lingering subdir. Calling NtQueryAttributesFile
|
|
on that subdir returns with STATUS_DELETE_PENDING, or it
|
|
disappeared before that call.
|
|
|
|
That's what we do here. If NtQueryAttributesFile succeeded,
|
|
or if the error code does not indicate an already deleted
|
|
entry, STATUS_DIRECTORY_NOT_EMPTY is returned.
|
|
|
|
Otherwise STATUS_SUCCESS is returned. Read on in unlink_nt. */
|
|
if (status != STATUS_DELETE_PENDING
|
|
&& status != STATUS_OBJECT_NAME_NOT_FOUND
|
|
&& status != STATUS_OBJECT_PATH_NOT_FOUND)
|
|
{
|
|
debug_printf ("Directory %S not empty, found file <%S>, "
|
|
"query status = %y",
|
|
pc.get_nt_native_path (), &fname, status);
|
|
return STATUS_DIRECTORY_NOT_EMPTY;
|
|
}
|
|
}
|
|
pfni = (PFILE_NAMES_INFORMATION) ((caddr_t) pfni + pfni->NextEntryOffset);
|
|
}
|
|
}
|
|
while (NT_SUCCESS (NtQueryDirectoryFile (dir, NULL, NULL, 0, &io, pfni,
|
|
bufsiz, FileNamesInformation,
|
|
FALSE, NULL, FALSE)));
|
|
return STATUS_SUCCESS;
|
|
}
|
|
|
|
static inline NTSTATUS
|
|
_unlink_nt_post_dir_check (NTSTATUS status, POBJECT_ATTRIBUTES attr, const path_conv &pc)
|
|
{
|
|
/* Check for existence of remote dirs after trying to delete them.
|
|
Two reasons:
|
|
- Sometimes SMB indicates failure when it really succeeds.
|
|
- Removing a directory on a Samba drive using an old Samba version
|
|
sometimes doesn't return an error, if the directory can't be removed
|
|
because it's not empty. */
|
|
if (pc.isremote ())
|
|
{
|
|
FILE_BASIC_INFORMATION fbi;
|
|
NTSTATUS q_status;
|
|
|
|
q_status = NtQueryAttributesFile (attr, &fbi);
|
|
if (!NT_SUCCESS (status) && q_status == STATUS_OBJECT_NAME_NOT_FOUND)
|
|
status = STATUS_SUCCESS;
|
|
else if (pc.fs_is_samba ()
|
|
&& NT_SUCCESS (status) && NT_SUCCESS (q_status))
|
|
status = STATUS_DIRECTORY_NOT_EMPTY;
|
|
}
|
|
return status;
|
|
}
|
|
|
|
NTSTATUS
|
|
unlink_nt (path_conv &pc, bool shareable)
|
|
{
|
|
NTSTATUS status;
|
|
HANDLE fh, fh_ro = NULL;
|
|
OBJECT_ATTRIBUTES attr;
|
|
IO_STATUS_BLOCK io;
|
|
ACCESS_MASK access = DELETE;
|
|
ULONG flags = FILE_OPEN_FOR_BACKUP_INTENT;
|
|
HANDLE old_trans = NULL, trans = NULL;
|
|
ULONG num_links = 1;
|
|
FILE_DISPOSITION_INFORMATION disp = { TRUE };
|
|
int reopened = 0;
|
|
bin_status bin_stat = dont_move;
|
|
|
|
syscall_printf ("Trying to delete %S, isdir = %d",
|
|
pc.get_nt_native_path (), pc.isdir ());
|
|
|
|
/* Add the reparse point flag to known reparse points, otherwise we remove
|
|
the target, not the reparse point. */
|
|
if (pc.is_known_reparse_point ())
|
|
flags |= FILE_OPEN_REPARSE_POINT;
|
|
|
|
pc.get_object_attr (attr, sec_none_nih);
|
|
|
|
/* First check if we can use POSIX unlink semantics: W10 1709+, local NTFS.
|
|
For the OPEN_BY_FILE_ID flag, see MINIMAL_WIN_NTFS_FLAGS comment in
|
|
fs_info::update. With POSIX unlink semantics the entire job gets MUCH
|
|
easier and faster. Just try to do it and if it fails, it fails. */
|
|
if (wincap.has_posix_unlink_semantics ()
|
|
&& !pc.isremote () && pc.fs_is_ntfs ()
|
|
&& pc.has_attribute (FILE_SUPPORTS_OPEN_BY_FILE_ID))
|
|
{
|
|
FILE_DISPOSITION_INFORMATION_EX fdie;
|
|
|
|
/* POSIX unlink semantics are nice, but they still fail if the file has
|
|
the R/O attribute set. If so, ignoring might be an option: W10 1809+
|
|
Removing the file is very much a safe bet afterwards, so, no
|
|
transaction. */
|
|
if ((pc.file_attributes () & FILE_ATTRIBUTE_READONLY)
|
|
&& !wincap.has_posix_unlink_semantics_with_ignore_readonly ())
|
|
access |= FILE_WRITE_ATTRIBUTES;
|
|
status = NtOpenFile (&fh, access, &attr, &io, FILE_SHARE_VALID_FLAGS,
|
|
flags);
|
|
if (!NT_SUCCESS (status))
|
|
goto out;
|
|
if (access & FILE_WRITE_ATTRIBUTES)
|
|
{
|
|
status = NtSetAttributesFile (fh, pc.file_attributes ()
|
|
& ~FILE_ATTRIBUTE_READONLY);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
NtClose (fh);
|
|
goto out;
|
|
}
|
|
}
|
|
fdie.Flags = FILE_DISPOSITION_DELETE | FILE_DISPOSITION_POSIX_SEMANTICS;
|
|
if (wincap.has_posix_unlink_semantics_with_ignore_readonly ())
|
|
fdie.Flags |= FILE_DISPOSITION_IGNORE_READONLY_ATTRIBUTE;
|
|
status = NtSetInformationFile (fh, &io, &fdie, sizeof fdie,
|
|
FileDispositionInformationEx);
|
|
/* Restore R/O attribute in case we have multiple hardlinks. */
|
|
if (access & FILE_WRITE_ATTRIBUTES)
|
|
NtSetAttributesFile (fh, pc.file_attributes ());
|
|
NtClose (fh);
|
|
/* Trying to delete in-use executables and DLLs using
|
|
FILE_DISPOSITION_POSIX_SEMANTICS returns STATUS_CANNOT_DELETE.
|
|
Fall back to the default method. */
|
|
/* Additionaly that returns STATUS_INVALID_PARAMETER
|
|
on a bind mounted fs in hyper-v container. Falling back too. */
|
|
if (status != STATUS_CANNOT_DELETE
|
|
&& status != STATUS_INVALID_PARAMETER)
|
|
{
|
|
debug_printf ("NtSetInformationFile returns %y "
|
|
"with posix semantics. Disable it and retry.", status);
|
|
goto out;
|
|
}
|
|
}
|
|
|
|
/* If the R/O attribute is set, we have to open the file with
|
|
FILE_WRITE_ATTRIBUTES to be able to remove this flags before trying
|
|
to delete it. We do this separately because there are filesystems
|
|
out there (MVFS), which refuse a request to open a file for DELETE
|
|
if the DOS R/O attribute is set for the file. After removing the R/O
|
|
attribute, just re-open the file for DELETE and go ahead. */
|
|
if (pc.file_attributes () & FILE_ATTRIBUTE_READONLY)
|
|
{
|
|
FILE_STANDARD_INFORMATION fsi;
|
|
|
|
/* If possible, hide the non-atomicity of the "remove R/O flag, remove
|
|
link to file" operation behind a transaction. */
|
|
if ((pc.fs_flags () & FILE_SUPPORTS_TRANSACTIONS))
|
|
start_transaction (old_trans, trans);
|
|
retry_open:
|
|
status = NtOpenFile (&fh_ro,
|
|
FILE_READ_ATTRIBUTES | FILE_WRITE_ATTRIBUTES,
|
|
&attr, &io, FILE_SHARE_VALID_FLAGS, flags);
|
|
if (NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("Opening %S for removing R/O succeeded",
|
|
pc.get_nt_native_path ());
|
|
NTSTATUS status2 = NtSetAttributesFile (fh_ro,
|
|
pc.file_attributes ()
|
|
& ~FILE_ATTRIBUTE_READONLY);
|
|
if (!NT_SUCCESS (status2))
|
|
debug_printf ("Removing R/O on %S failed, status = %y",
|
|
pc.get_nt_native_path (), status2);
|
|
pc.init_reopen_attr (attr, fh_ro);
|
|
}
|
|
else
|
|
{
|
|
debug_printf ("Opening %S for removing R/O failed, status = %y",
|
|
pc.get_nt_native_path (), status);
|
|
if (NT_TRANSACTIONAL_ERROR (status) && trans)
|
|
{
|
|
/* If NtOpenFile fails due to transactional problems, stop
|
|
transaction and go ahead without. */
|
|
stop_transaction (status, old_trans, trans);
|
|
debug_printf ("Transaction failure. Retry open.");
|
|
goto retry_open;
|
|
}
|
|
}
|
|
if (pc.is_lnk_symlink ())
|
|
{
|
|
status = NtQueryInformationFile (fh_ro, &io, &fsi, sizeof fsi,
|
|
FileStandardInformation);
|
|
if (NT_SUCCESS (status))
|
|
num_links = fsi.NumberOfLinks;
|
|
}
|
|
access |= FILE_WRITE_ATTRIBUTES;
|
|
}
|
|
/* First try to open the file with only allowing sharing for delete. If
|
|
the file has an open handle on it, other than just for deletion, this
|
|
will fail. That indicates that the file has to be moved to the recycle
|
|
bin so that it actually disappears from its directory even though its
|
|
in use. Otherwise, if opening doesn't fail, the file is not in use and
|
|
we can go straight to setting the delete disposition flag.
|
|
However, while we have the file open with FILE_SHARE_DELETE, using
|
|
this file via another hardlink for anything other than DELETE by
|
|
concurrent processes fails. The 'shareable' argument is to prevent this.
|
|
|
|
NOTE: The missing sharing modes FILE_SHARE_READ and FILE_SHARE_WRITE do
|
|
NOT result in a STATUS_SHARING_VIOLATION, if another handle is
|
|
opened for reading/writing metadata only. In other words, if
|
|
another handle is open, but does not have the file open with
|
|
FILE_READ_DATA or FILE_WRITE_DATA, the following NtOpenFile call
|
|
will succeed. So, apparently there is no reliable way to find out
|
|
if a file is already open elsewhere for other purposes than
|
|
reading and writing data. */
|
|
if (shareable)
|
|
status = STATUS_SHARING_VIOLATION;
|
|
else
|
|
status = NtOpenFile (&fh, access, &attr, &io, FILE_SHARE_DELETE, flags);
|
|
/* STATUS_SHARING_VIOLATION is what we expect. STATUS_LOCK_NOT_GRANTED can
|
|
be generated under not quite clear circumstances when trying to open a
|
|
file on NFS with FILE_SHARE_DELETE only. This has been observed with
|
|
SFU 3.5 if the NFS share has been mounted under a drive letter. It's
|
|
not generated for all files, but only for some. If it's generated once
|
|
for a file, it will be generated all the time. It looks as if wrong file
|
|
state information is stored within the NFS client which never times out.
|
|
Opening the file with FILE_SHARE_VALID_FLAGS will work, though, and it
|
|
is then possible to delete the file quite normally. */
|
|
if (status == STATUS_SHARING_VIOLATION || status == STATUS_LOCK_NOT_GRANTED)
|
|
{
|
|
debug_printf ("Sharing violation when opening %S",
|
|
pc.get_nt_native_path ());
|
|
/* We never call try_to_bin on NetApp. Netapp filesystems don't
|
|
understand the "move and delete" method at all and have all kinds
|
|
of weird effects. Just setting the delete dispositon usually
|
|
works fine, though.
|
|
|
|
NFS implements its own mechanism to remove in-use files, which looks
|
|
quite similar to what we do in try_to_bin for remote files. However,
|
|
apparently it doesn't work as desired in all cases. This has been
|
|
observed when running the gawk 4.1.62++ testcase "testext.awk" under
|
|
Windows 10. So for NFS we still call try_to_bin to rename the file,
|
|
at least to make room for subsequent creation of a file with the
|
|
same filename. */
|
|
if (!pc.fs_is_netapp ())
|
|
bin_stat = move_to_bin;
|
|
/* If the file is not a directory, of if we didn't set the move_to_bin
|
|
flag, just proceed with the FILE_SHARE_VALID_FLAGS set. */
|
|
if (!pc.isdir () || bin_stat == dont_move)
|
|
status = NtOpenFile (&fh, access, &attr, &io,
|
|
FILE_SHARE_VALID_FLAGS, flags);
|
|
else
|
|
{
|
|
/* Otherwise it's getting tricky. The directory is opened in some
|
|
process, so we're supposed to move it to the recycler and mark it
|
|
for deletion. But what if the directory is not empty? The move
|
|
will work, but the subsequent delete will fail. So we would
|
|
have to move it back. While we do that in try_to_bin, it's bad,
|
|
because the move results in a temporary inconsistent state.
|
|
So, we test first if the directory is empty. If not, we bail
|
|
out with STATUS_DIRECTORY_NOT_EMPTY. This avoids most of the
|
|
problems. */
|
|
status = NtOpenFile (&fh, access | FILE_LIST_DIRECTORY | SYNCHRONIZE,
|
|
&attr, &io, FILE_SHARE_VALID_FLAGS,
|
|
flags | FILE_SYNCHRONOUS_IO_NONALERT);
|
|
if (NT_SUCCESS (status))
|
|
{
|
|
status = check_dir_not_empty (fh, pc);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
NtClose (fh);
|
|
if (fh_ro)
|
|
NtClose (fh_ro);
|
|
goto out;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
if (fh_ro)
|
|
NtClose (fh_ro);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
if (status == STATUS_DELETE_PENDING)
|
|
{
|
|
debug_printf ("Delete %S already pending", pc.get_nt_native_path ());
|
|
status = STATUS_SUCCESS;
|
|
goto out;
|
|
}
|
|
debug_printf ("Opening %S for delete failed, status = %y",
|
|
pc.get_nt_native_path (), status);
|
|
goto out;
|
|
}
|
|
/* Try to move to bin if a sharing violation occured. If that worked,
|
|
we're done. */
|
|
if (bin_stat == move_to_bin
|
|
&& (bin_stat = try_to_bin (pc, fh, access, flags)) >= has_been_moved)
|
|
{
|
|
if (bin_stat == has_been_moved)
|
|
status = STATUS_SUCCESS;
|
|
else
|
|
{
|
|
status = STATUS_DIRECTORY_NOT_EMPTY;
|
|
NtClose (fh);
|
|
}
|
|
goto out;
|
|
}
|
|
|
|
try_again:
|
|
/* Try to set delete disposition. */
|
|
status = NtSetInformationFile (fh, &io, &disp, sizeof disp,
|
|
FileDispositionInformation);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("Setting delete disposition on %S failed, status = %y",
|
|
pc.get_nt_native_path (), status);
|
|
if (status == STATUS_DIRECTORY_NOT_EMPTY)
|
|
{
|
|
NTSTATUS status2 = STATUS_SUCCESS;
|
|
|
|
if (!reopened)
|
|
{
|
|
/* Have to close and reopen the file from scratch, otherwise
|
|
we collide with the delete-only sharing mode. */
|
|
pc.get_object_attr (attr, sec_none_nih);
|
|
NtClose (fh);
|
|
status2 = NtOpenFile (&fh, access | FILE_LIST_DIRECTORY
|
|
| SYNCHRONIZE,
|
|
&attr, &io, FILE_SHARE_VALID_FLAGS,
|
|
flags | FILE_SYNCHRONOUS_IO_NONALERT);
|
|
}
|
|
if (NT_SUCCESS (status2) && reopened < 20)
|
|
{
|
|
/* Workaround rm -r problem:
|
|
|
|
Sometimes a deleted directory lingers in its parent dir
|
|
after the deleting handle has already been closed. This
|
|
can break deleting the parent dir. See the comment in
|
|
check_dir_not_empty for more information.
|
|
|
|
What we do here is this: If check_dir_not_empty returns
|
|
STATUS_SUCCESS, the dir is either empty, or only inhabited
|
|
by already deleted entries. If so, we try to move the dir
|
|
into the bin. This usually works.
|
|
|
|
However, if we're on a filesystem which doesn't support
|
|
the try_to_bin method, or if moving to the bin doesn't work
|
|
for some reason, just try to delete the directory again,
|
|
with a very short grace period to free the CPU for a while.
|
|
This gives the OS time to clean up. 5ms is enough in my
|
|
testing to make sure that we don't have to try more than
|
|
once in practically all cases.
|
|
While this is an extrem bordercase, we don't want to hang
|
|
infinitely in case a file in the directory is in the "delete
|
|
pending" state but an application holds an open handle to it
|
|
for a longer time. So we don't try this more than 20 times,
|
|
which means a process time of 100-120ms. */
|
|
if (check_dir_not_empty (fh, pc) == STATUS_SUCCESS)
|
|
{
|
|
if (bin_stat == dont_move)
|
|
{
|
|
bin_stat = move_to_bin;
|
|
if (!pc.fs_is_nfs () && !pc.fs_is_netapp ())
|
|
{
|
|
debug_printf ("Try-to-bin %S",
|
|
pc.get_nt_native_path ());
|
|
bin_stat = try_to_bin (pc, fh, access, flags);
|
|
}
|
|
}
|
|
/* Do NOT handle bin_stat == dir_not_empty here! */
|
|
if (bin_stat == has_been_moved)
|
|
status = STATUS_SUCCESS;
|
|
else
|
|
{
|
|
debug_printf ("Try %S again", pc.get_nt_native_path ());
|
|
++reopened;
|
|
Sleep (5L);
|
|
goto try_again;
|
|
}
|
|
}
|
|
}
|
|
else if (status2 != STATUS_OBJECT_PATH_NOT_FOUND
|
|
&& status2 != STATUS_OBJECT_NAME_NOT_FOUND)
|
|
{
|
|
fh = NULL;
|
|
debug_printf ("Opening dir %S for check_dir_not_empty failed, "
|
|
"status = %y", pc.get_nt_native_path (), status2);
|
|
}
|
|
else /* Directory disappeared between NtClose and NtOpenFile. */
|
|
status = STATUS_SUCCESS;
|
|
}
|
|
/* Trying to delete a hardlink to a file in use by the system in some
|
|
way (for instance, font files) by setting the delete disposition fails
|
|
with STATUS_CANNOT_DELETE. Strange enough, deleting these hardlinks
|
|
using delete-on-close semantic works... most of the time.
|
|
|
|
Don't use delete-on-close on remote shares. If two processes
|
|
have open handles on a file and one of them calls unlink, the
|
|
file is removed from the remote share even though the other
|
|
process still has an open handle. That process than gets Win32
|
|
error 59, ERROR_UNEXP_NET_ERR when trying to access the file.
|
|
Microsoft KB 837665 describes this problem as a bug in 2K3, but
|
|
I have reproduced it on other systems. */
|
|
else if (status == STATUS_CANNOT_DELETE
|
|
&& (!pc.isremote () || pc.fs_is_ncfsd ()))
|
|
{
|
|
HANDLE fh2;
|
|
|
|
debug_printf ("Cannot delete %S, try delete-on-close",
|
|
pc.get_nt_native_path ());
|
|
/* Re-open from handle so we open the correct file no matter if it
|
|
has been moved to the bin or not. */
|
|
status = NtOpenFile (&fh2, DELETE,
|
|
pc.init_reopen_attr (attr, fh), &io,
|
|
bin_stat == move_to_bin ? FILE_SHARE_VALID_FLAGS
|
|
: FILE_SHARE_DELETE,
|
|
flags | FILE_DELETE_ON_CLOSE);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("Setting delete-on-close on %S failed, status = %y",
|
|
pc.get_nt_native_path (), status);
|
|
/* This is really the last chance. If it hasn't been moved
|
|
to the bin already, try it now. If moving to the bin
|
|
succeeds, we got rid of the file in some way, even if
|
|
unlinking didn't work. */
|
|
if (bin_stat == dont_move)
|
|
bin_stat = try_to_bin (pc, fh, access, flags);
|
|
if (bin_stat >= has_been_moved)
|
|
status = bin_stat == has_been_moved
|
|
? STATUS_SUCCESS
|
|
: STATUS_DIRECTORY_NOT_EMPTY;
|
|
}
|
|
else
|
|
NtClose (fh2);
|
|
}
|
|
}
|
|
if (fh)
|
|
{
|
|
if (access & FILE_WRITE_ATTRIBUTES)
|
|
{
|
|
/* Restore R/O attribute if setting the delete disposition failed. */
|
|
if (!NT_SUCCESS (status))
|
|
NtSetAttributesFile (fh, pc.file_attributes ());
|
|
/* If we succeeded, restore R/O attribute to accommodate hardlinks.
|
|
Only ever try to do this for our own winsymlinks, because there's
|
|
a problem with setting the delete disposition:
|
|
http://msdn.microsoft.com/en-us/library/ff545765%28VS.85%29.aspx
|
|
"Subsequently, the only legal operation by such a caller is
|
|
to close the open file handle."
|
|
|
|
FIXME? We could use FILE_HARD_LINK_INFORMATION to find all
|
|
hardlinks and use one of them to restore the R/O bit, after the
|
|
NtClose, but before we stop the transaction. This avoids the
|
|
aforementioned problem entirely . */
|
|
else if (pc.is_lnk_symlink () && num_links > 1)
|
|
NtSetAttributesFile (fh, pc.file_attributes ());
|
|
}
|
|
|
|
NtClose (fh);
|
|
|
|
}
|
|
out:
|
|
/* Stop transaction if we started one. */
|
|
if (trans)
|
|
stop_transaction (status, old_trans, trans);
|
|
|
|
if (pc.isdir ())
|
|
status = _unlink_nt_post_dir_check (status, &attr, pc);
|
|
|
|
syscall_printf ("%S, return status = %y", pc.get_nt_native_path (), status);
|
|
return status;
|
|
}
|
|
|
|
extern "C" int
|
|
unlink (const char *ourname)
|
|
{
|
|
int res = -1;
|
|
dev_t devn;
|
|
NTSTATUS status;
|
|
|
|
path_conv win32_name (ourname, PC_SYM_NOFOLLOW, stat_suffixes);
|
|
|
|
if (win32_name.error)
|
|
{
|
|
set_errno (win32_name.error);
|
|
goto done;
|
|
}
|
|
|
|
devn = win32_name.get_device ();
|
|
if (isproc_dev (devn))
|
|
{
|
|
set_errno (EROFS);
|
|
goto done;
|
|
}
|
|
if (isdevfd_dev (devn) || (win32_name.isdevice () && !win32_name.issocket ()))
|
|
{
|
|
set_errno (EPERM);
|
|
goto done;
|
|
}
|
|
if (!win32_name.exists ())
|
|
{
|
|
debug_printf ("unlinking a nonexistent file");
|
|
set_errno (ENOENT);
|
|
goto done;
|
|
}
|
|
else if (win32_name.isdir ())
|
|
{
|
|
debug_printf ("unlinking a directory");
|
|
set_errno (EISDIR);
|
|
goto done;
|
|
}
|
|
|
|
status = unlink_nt (win32_name, false);
|
|
if (NT_SUCCESS (status))
|
|
res = 0;
|
|
else
|
|
__seterrno_from_nt_status (status);
|
|
|
|
done:
|
|
syscall_printf ("%R = unlink(%s)", res, ourname);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
_remove_r (struct _reent *, const char *ourname)
|
|
{
|
|
path_conv win32_name (ourname, PC_SYM_NOFOLLOW);
|
|
|
|
if (win32_name.error)
|
|
{
|
|
set_errno (win32_name.error);
|
|
syscall_printf ("%R = remove(%s)",-1, ourname);
|
|
return -1;
|
|
}
|
|
|
|
int res = win32_name.isdir () ? rmdir (ourname) : unlink (ourname);
|
|
syscall_printf ("%R = remove(%s)", res, ourname);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
remove (const char *ourname)
|
|
{
|
|
return _remove_r (_REENT, ourname);
|
|
}
|
|
|
|
extern "C" pid_t
|
|
getpid ()
|
|
{
|
|
syscall_printf ("%d = getpid()", myself->pid);
|
|
return myself->pid;
|
|
}
|
|
|
|
extern "C" pid_t
|
|
_getpid_r (struct _reent *)
|
|
{
|
|
return getpid ();
|
|
}
|
|
|
|
/* getppid: POSIX 4.1.1.1 */
|
|
extern "C" pid_t
|
|
getppid ()
|
|
{
|
|
syscall_printf ("%d = getppid()", myself->ppid);
|
|
return myself->ppid;
|
|
}
|
|
|
|
/* setsid: POSIX 4.3.2.1 */
|
|
extern "C" pid_t
|
|
setsid (void)
|
|
{
|
|
if (myself->pgid == myself->pid)
|
|
syscall_printf ("hmm. pgid %d pid %d", myself->pgid, myself->pid);
|
|
else
|
|
{
|
|
myself->ctty = CTTY_RELEASED;
|
|
myself->sid = myself->pid;
|
|
myself->pgid = myself->pid;
|
|
if (cygheap->ctty)
|
|
cygheap->close_ctty ();
|
|
syscall_printf ("sid %d, pgid %d, %s", myself->sid, myself->pgid, myctty ());
|
|
return myself->sid;
|
|
}
|
|
|
|
set_errno (EPERM);
|
|
return -1;
|
|
}
|
|
|
|
extern "C" pid_t
|
|
getsid (pid_t pid)
|
|
{
|
|
pid_t res;
|
|
if (!pid)
|
|
res = myself->sid;
|
|
else
|
|
{
|
|
pinfo p (pid);
|
|
if (p)
|
|
res = p->sid;
|
|
else
|
|
{
|
|
set_errno (ESRCH);
|
|
res = -1;
|
|
}
|
|
}
|
|
syscall_printf ("%R = getsid(%d)", pid);
|
|
return res;
|
|
}
|
|
|
|
extern "C" ssize_t
|
|
read (int fd, void *ptr, size_t len)
|
|
{
|
|
size_t res = (size_t) -1;
|
|
|
|
pthread_testcancel ();
|
|
|
|
__try
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
__leave;
|
|
|
|
if ((cfd->get_flags () & O_PATH)
|
|
|| (cfd->get_flags () & O_ACCMODE) == O_WRONLY)
|
|
{
|
|
set_errno (EBADF);
|
|
__leave;
|
|
}
|
|
|
|
/* Could block, so let user know we at least got here. */
|
|
syscall_printf ("read(%d, %p, %d) %sblocking",
|
|
fd, ptr, len, cfd->is_nonblocking () ? "non" : "");
|
|
|
|
cfd->read (ptr, len);
|
|
res = len;
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
syscall_printf ("%lR = read(%d, %p, %d)", res, fd, ptr, len);
|
|
return (ssize_t) res;
|
|
}
|
|
|
|
EXPORT_ALIAS (read, _read)
|
|
|
|
extern "C" ssize_t
|
|
readv (int fd, const struct iovec *const iov, const int iovcnt)
|
|
{
|
|
ssize_t res = -1;
|
|
|
|
pthread_testcancel ();
|
|
|
|
__try
|
|
{
|
|
const ssize_t tot = check_iovec_for_read (iov, iovcnt);
|
|
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
__leave;
|
|
|
|
if (tot <= 0)
|
|
{
|
|
res = tot;
|
|
__leave;
|
|
}
|
|
|
|
if ((cfd->get_flags () & O_PATH)
|
|
|| (cfd->get_flags () & O_ACCMODE) == O_WRONLY)
|
|
{
|
|
set_errno (EBADF);
|
|
__leave;
|
|
}
|
|
|
|
/* Could block, so let user know we at least got here. */
|
|
syscall_printf ("readv(%d, %p, %d) %sblocking",
|
|
fd, iov, iovcnt, cfd->is_nonblocking () ? "non" : "");
|
|
|
|
res = cfd->readv (iov, iovcnt, tot);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
syscall_printf ("%lR = readv(%d, %p, %d)", res, fd, iov, iovcnt);
|
|
return res;
|
|
}
|
|
|
|
extern "C" ssize_t
|
|
pread (int fd, void *ptr, size_t len, off_t off)
|
|
{
|
|
ssize_t res;
|
|
|
|
pthread_testcancel ();
|
|
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
res = -1;
|
|
else if (cfd->get_flags () & O_PATH)
|
|
{
|
|
set_errno (EBADF);
|
|
res = -1;
|
|
}
|
|
else
|
|
res = cfd->pread (ptr, len, off);
|
|
|
|
syscall_printf ("%lR = pread(%d, %p, %d, %d)", res, fd, ptr, len, off);
|
|
return res;
|
|
}
|
|
|
|
extern "C" ssize_t
|
|
write (int fd, const void *ptr, size_t len)
|
|
{
|
|
ssize_t res = -1;
|
|
|
|
pthread_testcancel ();
|
|
|
|
__try
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
__leave;
|
|
|
|
if ((cfd->get_flags () & O_PATH)
|
|
|| (cfd->get_flags () & O_ACCMODE) == O_RDONLY)
|
|
{
|
|
set_errno (EBADF);
|
|
__leave;
|
|
}
|
|
|
|
/* Could block, so let user know we at least got here. */
|
|
if (fd == 1 || fd == 2)
|
|
paranoid_printf ("write(%d, %p, %d)", fd, ptr, len);
|
|
else
|
|
syscall_printf ("write(%d, %p, %d)", fd, ptr, len);
|
|
|
|
res = cfd->write (ptr, len);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
syscall_printf ("%lR = write(%d, %p, %d)", res, fd, ptr, len);
|
|
return res;
|
|
}
|
|
|
|
EXPORT_ALIAS (write, _write)
|
|
|
|
extern "C" ssize_t
|
|
writev (const int fd, const struct iovec *const iov, const int iovcnt)
|
|
{
|
|
ssize_t res = -1;
|
|
|
|
pthread_testcancel ();
|
|
|
|
__try
|
|
{
|
|
const ssize_t tot = check_iovec_for_write (iov, iovcnt);
|
|
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
__leave;
|
|
|
|
if (tot <= 0)
|
|
{
|
|
res = tot;
|
|
__leave;
|
|
}
|
|
|
|
if ((cfd->get_flags () & O_PATH)
|
|
|| (cfd->get_flags () & O_ACCMODE) == O_RDONLY)
|
|
{
|
|
set_errno (EBADF);
|
|
__leave;
|
|
}
|
|
|
|
/* Could block, so let user know we at least got here. */
|
|
if (fd == 1 || fd == 2)
|
|
paranoid_printf ("writev(%d, %p, %d)", fd, iov, iovcnt);
|
|
else
|
|
syscall_printf ("writev(%d, %p, %d)", fd, iov, iovcnt);
|
|
|
|
res = cfd->writev (iov, iovcnt, tot);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
if (fd == 1 || fd == 2)
|
|
paranoid_printf ("%lR = writev(%d, %p, %d)", res, fd, iov, iovcnt);
|
|
else
|
|
syscall_printf ("%lR = writev(%d, %p, %d)", res, fd, iov, iovcnt);
|
|
return res;
|
|
}
|
|
|
|
extern "C" ssize_t
|
|
pwrite (int fd, const void *ptr, size_t len, off_t off)
|
|
{
|
|
pthread_testcancel ();
|
|
|
|
ssize_t res;
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
res = -1;
|
|
else if (cfd->get_flags () & O_PATH)
|
|
{
|
|
set_errno (EBADF);
|
|
res = -1;
|
|
}
|
|
else
|
|
res = cfd->pwrite (const_cast<void *> (ptr), len, off);
|
|
|
|
syscall_printf ("%lR = pwrite(%d, %p, %d, %d)", res, fd, ptr, len, off);
|
|
return res;
|
|
}
|
|
|
|
/* _open */
|
|
/* newlib's fcntl.h defines _open as taking variable args so we must
|
|
correspond. The third arg if it exists is: mode_t mode. */
|
|
extern "C" int
|
|
open (const char *unix_path, int flags, ...)
|
|
{
|
|
int res = -1;
|
|
va_list ap;
|
|
mode_t mode = 0;
|
|
fhandler_base *fh = NULL;
|
|
fhandler_base *fh_file = NULL;
|
|
|
|
pthread_testcancel ();
|
|
|
|
__try
|
|
{
|
|
syscall_printf ("open(%s, %y)", unix_path, flags);
|
|
if (!*unix_path)
|
|
{
|
|
set_errno (ENOENT);
|
|
__leave;
|
|
}
|
|
|
|
/* check for optional mode argument */
|
|
va_start (ap, flags);
|
|
mode = va_arg (ap, mode_t);
|
|
va_end (ap);
|
|
|
|
cygheap_fdnew fd;
|
|
|
|
if (fd < 0)
|
|
__leave; /* errno already set */
|
|
|
|
/* When O_PATH is specified in flags, flag bits other than O_CLOEXEC,
|
|
O_DIRECTORY, and O_NOFOLLOW are ignored. */
|
|
if (flags & O_PATH)
|
|
flags &= (O_PATH | O_CLOEXEC | O_DIRECTORY | O_NOFOLLOW);
|
|
|
|
int opt = PC_OPEN | PC_SYM_NOFOLLOW_PROCFD;
|
|
opt |= (flags & (O_NOFOLLOW | O_EXCL)) ? PC_SYM_NOFOLLOW
|
|
: PC_SYM_FOLLOW;
|
|
|
|
/* If we're opening a FIFO, we will call device_access_denied
|
|
below. This leads to a call to fstat, which can use the
|
|
path_conv handle. */
|
|
opt |= PC_KEEP_HANDLE;
|
|
if (!(fh = build_fh_name (unix_path, opt, stat_suffixes)))
|
|
__leave; /* errno already set */
|
|
opt &= ~PC_KEEP_HANDLE;
|
|
if (!fh->isfifo ())
|
|
fh->pc.close_conv_handle ();
|
|
if ((flags & O_NOFOLLOW) && fh->issymlink () && !(flags & O_PATH))
|
|
{
|
|
set_errno (ELOOP);
|
|
__leave;
|
|
}
|
|
if ((flags & O_DIRECTORY) && fh->exists () && !fh->pc.isdir ())
|
|
{
|
|
set_errno (ENOTDIR);
|
|
__leave;
|
|
}
|
|
if (((flags & (O_CREAT | O_EXCL)) == (O_CREAT | O_EXCL)) && fh->exists ())
|
|
{
|
|
set_errno (EEXIST);
|
|
__leave;
|
|
}
|
|
if (flags & O_TMPFILE)
|
|
{
|
|
if ((flags & O_ACCMODE) != O_WRONLY && (flags & O_ACCMODE) != O_RDWR)
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
if (!fh->pc.isdir ())
|
|
{
|
|
set_errno (fh->exists () ? ENOTDIR : ENOENT);
|
|
__leave;
|
|
}
|
|
/* Unfortunately Windows does not allow to create a nameless file.
|
|
So create unique filename instead. It starts with ".cyg_tmp_",
|
|
followed by an 8 byte unique hex number, followed by an 8 byte
|
|
random hex number. */
|
|
int64_t rnd;
|
|
char *new_path;
|
|
|
|
new_path = (char *) malloc (strlen (fh->get_name ())
|
|
+ 1 /* slash */
|
|
+ 10 /* prefix */
|
|
+ 16 /* 64 bit unique id as hex*/
|
|
+ 16 /* 64 bit random number as hex */
|
|
+ 1 /* trailing NUL */);
|
|
if (!new_path)
|
|
__leave;
|
|
fh->set_unique_id ();
|
|
RtlGenRandom (&rnd, sizeof rnd);
|
|
__small_sprintf (new_path, "%s/%s%016X%016X",
|
|
fh->get_name (), ".cyg_tmp_",
|
|
fh->get_unique_id (), rnd);
|
|
|
|
if (!(fh_file = build_fh_name (new_path, opt, NULL)))
|
|
{
|
|
free (new_path);
|
|
__leave; /* errno already set */
|
|
}
|
|
delete fh;
|
|
fh = fh_file;
|
|
}
|
|
|
|
if (fh->dev () == FH_PROCESSFD && fh->pc.follow_fd_symlink ())
|
|
{
|
|
/* Reopen file by descriptor */
|
|
fh_file = fh->fd_reopen (flags, mode & 07777);
|
|
if (!fh_file)
|
|
__leave;
|
|
delete fh;
|
|
fh = fh_file;
|
|
}
|
|
else
|
|
{
|
|
if (fh->is_fs_special ())
|
|
{
|
|
if (fh->device_access_denied (flags))
|
|
__leave; /* errno already set */
|
|
else if (fh->isfifo ())
|
|
fh->pc.close_conv_handle ();
|
|
}
|
|
if (!fh->open_with_arch (flags, mode & 07777))
|
|
__leave; /* errno already set */
|
|
}
|
|
/* Move O_TMPFILEs to the bin to avoid blocking the parent dir. */
|
|
if ((flags & O_TMPFILE) && !fh->pc.isremote ())
|
|
try_to_bin (fh->pc, fh->get_handle (), DELETE,
|
|
FILE_OPEN_FOR_BACKUP_INTENT);
|
|
fd = fh;
|
|
if (fd <= 2)
|
|
set_std_handle (fd);
|
|
res = fd;
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
if (res < 0 && fh)
|
|
delete fh;
|
|
syscall_printf ("%R = open(%s, %y)", res, unix_path, flags);
|
|
return res;
|
|
}
|
|
|
|
EXPORT_ALIAS (open, _open )
|
|
|
|
extern "C" off_t
|
|
lseek (int fd, off_t pos, int dir)
|
|
{
|
|
off_t res;
|
|
|
|
if (dir != SEEK_SET && dir != SEEK_CUR && dir != SEEK_END)
|
|
{
|
|
set_errno (EINVAL);
|
|
res = -1;
|
|
}
|
|
else
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd >= 0)
|
|
res = cfd->lseek (pos, dir);
|
|
else
|
|
res = -1;
|
|
}
|
|
/* Can't use %R/%lR here since res is always 8 bytes */
|
|
syscall_printf (res == -1 ? "%D = lseek(%d, %D, %d), errno %d"
|
|
: "%D = lseek(%d, %D, %d)",
|
|
res, fd, pos, dir, get_errno ());
|
|
|
|
return res;
|
|
}
|
|
|
|
EXPORT_ALIAS (lseek, _lseek)
|
|
|
|
extern "C" int
|
|
close (int fd)
|
|
{
|
|
int res;
|
|
|
|
syscall_printf ("close(%d)", fd);
|
|
|
|
pthread_testcancel ();
|
|
|
|
cygheap_fdget cfd (fd, true);
|
|
if (cfd < 0)
|
|
res = -1;
|
|
else
|
|
{
|
|
cfd->isclosed (true);
|
|
res = cfd->close_with_arch ();
|
|
cfd.release ();
|
|
}
|
|
|
|
syscall_printf ("%R = close(%d)", res, fd);
|
|
return res;
|
|
}
|
|
|
|
EXPORT_ALIAS (close, _close)
|
|
|
|
extern "C" int
|
|
isatty (int fd)
|
|
{
|
|
int res;
|
|
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
res = 0;
|
|
else
|
|
res = cfd->is_tty ();
|
|
syscall_printf ("%R = isatty(%d)", res, fd);
|
|
return res;
|
|
}
|
|
EXPORT_ALIAS (isatty, _isatty)
|
|
|
|
extern "C" int
|
|
link (const char *oldpath, const char *newpath)
|
|
{
|
|
int res = -1;
|
|
fhandler_base *fh;
|
|
|
|
if (!(fh = build_fh_name (oldpath, PC_SYM_NOFOLLOW | PC_KEEP_HANDLE,
|
|
stat_suffixes)))
|
|
goto error;
|
|
|
|
if (fh->error ())
|
|
{
|
|
debug_printf ("got %d error from build_fh_name", fh->error ());
|
|
set_errno (fh->error ());
|
|
}
|
|
else if (fh->pc.isdir ())
|
|
set_errno (EPERM); /* We do not permit linking directories. */
|
|
else if (!fh->pc.exists ())
|
|
set_errno (ENOENT);
|
|
else
|
|
res = fh->link (newpath);
|
|
|
|
delete fh;
|
|
error:
|
|
syscall_printf ("%R = link(%s, %s)", res, oldpath, newpath);
|
|
return res;
|
|
}
|
|
|
|
/* chown: POSIX 5.6.5.1 */
|
|
/*
|
|
* chown () is only implemented for Windows NT. Under other operating
|
|
* systems, it is only a stub that always returns zero.
|
|
*/
|
|
static int
|
|
chown_worker (const char *name, unsigned fmode, uid_t uid, gid_t gid)
|
|
{
|
|
int res = -1;
|
|
fhandler_base *fh;
|
|
|
|
if (!(fh = build_fh_name (name, fmode, stat_suffixes)))
|
|
goto error;
|
|
|
|
if (fh->error ())
|
|
{
|
|
debug_printf ("got %d error from build_fh_name", fh->error ());
|
|
set_errno (fh->error ());
|
|
}
|
|
else
|
|
res = fh->fchown (uid, gid);
|
|
|
|
delete fh;
|
|
error:
|
|
syscall_printf ("%R = %schown(%s,...)",
|
|
res, (fmode & PC_SYM_NOFOLLOW) ? "l" : "", name);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
chown (const char * name, uid_t uid, gid_t gid)
|
|
{
|
|
return chown_worker (name, PC_SYM_FOLLOW, uid, gid);
|
|
}
|
|
|
|
extern "C" int
|
|
lchown (const char * name, uid_t uid, gid_t gid)
|
|
{
|
|
return chown_worker (name, PC_SYM_NOFOLLOW, uid, gid);
|
|
}
|
|
|
|
extern "C" int
|
|
fchown (int fd, uid_t uid, gid_t gid)
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
{
|
|
syscall_printf ("-1 = fchown (%d,...)", fd);
|
|
return -1;
|
|
}
|
|
else if (cfd->get_flags () & O_PATH)
|
|
{
|
|
set_errno (EBADF);
|
|
return -1;
|
|
}
|
|
|
|
int res = cfd->fchown (uid, gid);
|
|
|
|
syscall_printf ("%R = fchown(%s,...)", res, cfd->get_name ());
|
|
return res;
|
|
}
|
|
|
|
/* umask: POSIX 5.3.3.1 */
|
|
extern "C" mode_t
|
|
umask (mode_t mask)
|
|
{
|
|
mode_t oldmask;
|
|
|
|
oldmask = cygheap->umask;
|
|
cygheap->umask = mask & 0777;
|
|
return oldmask;
|
|
}
|
|
|
|
#define FILTERED_MODE(m) ((m) & (S_ISUID | S_ISGID | S_ISVTX \
|
|
| S_IRWXU | S_IRWXG | S_IRWXO))
|
|
|
|
int
|
|
chmod_device (path_conv& pc, mode_t mode)
|
|
{
|
|
return mknod_worker (pc, (pc.dev.mode () & S_IFMT) | FILTERED_MODE (mode),
|
|
pc.dev.get_major (), pc.dev.get_minor ());
|
|
}
|
|
|
|
/* chmod: POSIX 5.6.4.1 */
|
|
extern "C" int
|
|
chmod (const char *path, mode_t mode)
|
|
{
|
|
int res = -1;
|
|
fhandler_base *fh;
|
|
if (!(fh = build_fh_name (path, PC_SYM_FOLLOW, stat_suffixes)))
|
|
goto error;
|
|
|
|
if (fh->error ())
|
|
{
|
|
debug_printf ("got %d error from build_fh_name", fh->error ());
|
|
set_errno (fh->error ());
|
|
}
|
|
else
|
|
res = fh->fchmod (FILTERED_MODE (mode));
|
|
|
|
delete fh;
|
|
error:
|
|
syscall_printf ("%R = chmod(%s, 0%o)", res, path, mode);
|
|
return res;
|
|
}
|
|
|
|
/* fchmod: P96 5.6.4.1 */
|
|
|
|
extern "C" int
|
|
fchmod (int fd, mode_t mode)
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
{
|
|
syscall_printf ("-1 = fchmod (%d, 0%o)", fd, mode);
|
|
return -1;
|
|
}
|
|
else if (cfd->get_flags () & O_PATH)
|
|
{
|
|
set_errno (EBADF);
|
|
return -1;
|
|
}
|
|
|
|
return cfd->fchmod (FILTERED_MODE (mode));
|
|
}
|
|
|
|
static struct stat dev_st;
|
|
static bool dev_st_inited;
|
|
|
|
void
|
|
fhandler_base::stat_fixup (struct stat *buf)
|
|
{
|
|
/* For devices, set inode number to device number. This gives us a valid,
|
|
unique inode number without having to call hash_path_name. /dev/tty needs
|
|
a bit of persuasion to get the same st_ino value in stat and fstat. */
|
|
if (!buf->st_ino)
|
|
{
|
|
if (get_major () == DEV_VIRTFS_MAJOR)
|
|
buf->st_ino = get_ino ();
|
|
else if (dev () == FH_TTY ||
|
|
((get_major () == DEV_PTYS_MAJOR
|
|
|| get_major () == DEV_CONS_MAJOR)
|
|
&& !strcmp (get_name (), "/dev/tty")))
|
|
buf->st_ino = FH_TTY;
|
|
else
|
|
buf->st_ino = get_device ();
|
|
}
|
|
/* For /dev-based devices, st_dev must be set to the device number of /dev,
|
|
not it's own device major/minor numbers. What we do here to speed up
|
|
the process is to fetch the device number of /dev only once, liberally
|
|
assuming that /dev doesn't change over the lifetime of a process. */
|
|
if (!buf->st_dev)
|
|
{
|
|
if (dev ().is_dev_resident ())
|
|
{
|
|
if (!dev_st_inited)
|
|
{
|
|
stat ("/dev", &dev_st);
|
|
dev_st_inited = true;
|
|
}
|
|
buf->st_dev = dev_st.st_dev;
|
|
}
|
|
else
|
|
buf->st_dev = get_device ();
|
|
}
|
|
/* Only set st_rdev if it's a device. */
|
|
if (!buf->st_rdev && get_major () != DEV_VIRTFS_MAJOR)
|
|
{
|
|
buf->st_rdev = get_device ();
|
|
/* consX, console, conin, and conout point to the same device.
|
|
Make sure the link count is correct. */
|
|
if (buf->st_rdev == (dev_t) myself->ctty && iscons_dev (myself->ctty))
|
|
buf->st_nlink = 4;
|
|
/* CD-ROM drives have two links, /dev/srX and /dev/scdX. */
|
|
else if (gnu_dev_major (buf->st_rdev) == DEV_CDROM_MAJOR)
|
|
buf->st_nlink = 2;
|
|
}
|
|
}
|
|
|
|
extern "C" int
|
|
fstat (int fd, struct stat *buf)
|
|
{
|
|
int res;
|
|
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
res = -1;
|
|
else
|
|
{
|
|
memset (buf, 0, sizeof (struct stat));
|
|
res = cfd->fstat (buf);
|
|
if (!res)
|
|
cfd->stat_fixup (buf);
|
|
}
|
|
|
|
syscall_printf ("%R = fstat(%d, %p)", res, fd, buf);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
_fstat_r (struct _reent *ptr, int fd, struct stat *buf)
|
|
{
|
|
int ret;
|
|
|
|
if ((ret = fstat (fd, buf)) == -1)
|
|
_REENT_ERRNO(ptr) = get_errno ();
|
|
return ret;
|
|
}
|
|
|
|
/* fsync: P96 6.6.1.1 */
|
|
extern "C" int
|
|
fsync (int fd)
|
|
{
|
|
pthread_testcancel ();
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
{
|
|
syscall_printf ("-1 = fsync (%d)", fd);
|
|
return -1;
|
|
}
|
|
return cfd->fsync ();
|
|
}
|
|
|
|
EXPORT_ALIAS (fsync, fdatasync)
|
|
|
|
static void
|
|
sync_worker (HANDLE dir, USHORT len, LPCWSTR vol)
|
|
{
|
|
NTSTATUS status;
|
|
HANDLE fh;
|
|
IO_STATUS_BLOCK io;
|
|
OBJECT_ATTRIBUTES attr;
|
|
UNICODE_STRING uvol = { len, len, (WCHAR *) vol };
|
|
|
|
InitializeObjectAttributes (&attr, &uvol, OBJ_CASE_INSENSITIVE, dir, NULL);
|
|
status = NtOpenFile (&fh, GENERIC_WRITE, &attr, &io,
|
|
FILE_SHARE_VALID_FLAGS, 0);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtOpenFile (%S), status %y", &uvol, status);
|
|
else
|
|
{
|
|
status = NtFlushBuffersFile (fh, &io);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtFlushBuffersFile (%S), status %y", &uvol, status);
|
|
NtClose (fh);
|
|
}
|
|
}
|
|
|
|
/* sync: SUSv3 */
|
|
extern "C" void
|
|
sync ()
|
|
{
|
|
OBJECT_ATTRIBUTES attr;
|
|
NTSTATUS status;
|
|
HANDLE devhdl;
|
|
UNICODE_STRING device;
|
|
|
|
/* Open \Device object directory. */
|
|
RtlInitUnicodeString (&device, L"\\Device");
|
|
InitializeObjectAttributes (&attr, &device, OBJ_CASE_INSENSITIVE, NULL, NULL);
|
|
status = NtOpenDirectoryObject (&devhdl, DIRECTORY_QUERY, &attr);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtOpenDirectoryObject, status %y", status);
|
|
return;
|
|
}
|
|
/* Traverse \Device directory ... */
|
|
tmp_pathbuf tp;
|
|
PDIRECTORY_BASIC_INFORMATION dbi_buf = (PDIRECTORY_BASIC_INFORMATION)
|
|
tp.w_get ();
|
|
BOOLEAN restart = TRUE;
|
|
bool last_run = false;
|
|
ULONG context = 0;
|
|
while (!last_run)
|
|
{
|
|
status = NtQueryDirectoryObject (devhdl, dbi_buf, 65536, FALSE, restart,
|
|
&context, NULL);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("NtQueryDirectoryObject, status %y", status);
|
|
break;
|
|
}
|
|
if (status != STATUS_MORE_ENTRIES)
|
|
last_run = true;
|
|
restart = FALSE;
|
|
for (PDIRECTORY_BASIC_INFORMATION dbi = dbi_buf;
|
|
dbi->ObjectName.Length > 0;
|
|
dbi++)
|
|
{
|
|
/* ... and call sync_worker for each HarddiskVolumeX entry. */
|
|
if (dbi->ObjectName.Length >= 15 * sizeof (WCHAR)
|
|
&& !wcsncasecmp (dbi->ObjectName.Buffer, L"HarddiskVolume", 14)
|
|
&& iswdigit (dbi->ObjectName.Buffer[14]))
|
|
sync_worker (devhdl, dbi->ObjectName.Length,
|
|
dbi->ObjectName.Buffer);
|
|
}
|
|
}
|
|
NtClose (devhdl);
|
|
}
|
|
|
|
/* Cygwin internal */
|
|
int
|
|
stat_worker (path_conv &pc, struct stat *buf)
|
|
{
|
|
int res = -1;
|
|
|
|
__try
|
|
{
|
|
if (pc.error)
|
|
{
|
|
debug_printf ("got %d error from path_conv", pc.error);
|
|
set_errno (pc.error);
|
|
}
|
|
else if (pc.exists ())
|
|
{
|
|
fhandler_base *fh;
|
|
|
|
if (!(fh = build_fh_pc (pc)))
|
|
__leave;
|
|
|
|
debug_printf ("(%S, %p, %p), file_attributes %d",
|
|
pc.get_nt_native_path (), buf, fh, (DWORD) *fh);
|
|
memset (buf, 0, sizeof (*buf));
|
|
res = fh->fstat (buf);
|
|
if (!res)
|
|
fh->stat_fixup (buf);
|
|
delete fh;
|
|
}
|
|
else
|
|
set_errno (ENOENT);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
syscall_printf ("%d = (%S,%p)", res, pc.get_nt_native_path (), buf);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
stat (const char *__restrict name, struct stat *__restrict buf)
|
|
{
|
|
syscall_printf ("entering");
|
|
path_conv pc (name, PC_SYM_FOLLOW | PC_POSIX | PC_KEEP_HANDLE
|
|
| PC_SYM_NOFOLLOW_PROCFD,
|
|
stat_suffixes);
|
|
return stat_worker (pc, buf);
|
|
}
|
|
|
|
extern "C" int
|
|
_stat_r (struct _reent *__restrict ptr, const char *__restrict name,
|
|
struct stat *buf)
|
|
{
|
|
int ret;
|
|
|
|
if ((ret = stat (name, buf)) == -1)
|
|
_REENT_ERRNO(ptr) = get_errno ();
|
|
return ret;
|
|
}
|
|
|
|
/* lstat: Provided by SVR4 and 4.3+BSD, POSIX? */
|
|
extern "C" int
|
|
lstat (const char *__restrict name, struct stat *__restrict buf)
|
|
{
|
|
syscall_printf ("entering");
|
|
path_conv pc (name, PC_SYM_NOFOLLOW | PC_POSIX | PC_KEEP_HANDLE,
|
|
stat_suffixes);
|
|
return stat_worker (pc, buf);
|
|
}
|
|
|
|
extern "C" int
|
|
access (const char *fn, int flags)
|
|
{
|
|
// flags were incorrectly specified
|
|
int res = -1;
|
|
if (flags & ~(F_OK|R_OK|W_OK|X_OK))
|
|
set_errno (EINVAL);
|
|
else
|
|
{
|
|
fhandler_base *fh = build_fh_name (fn, PC_SYM_FOLLOW | PC_KEEP_HANDLE,
|
|
stat_suffixes);
|
|
if (fh)
|
|
{
|
|
res = fh->fhaccess (flags, false);
|
|
delete fh;
|
|
}
|
|
}
|
|
debug_printf ("returning %d", res);
|
|
return res;
|
|
}
|
|
|
|
/* Linux provides this extension; it is basically a wrapper around the
|
|
POSIX:2008 faccessat (AT_FDCWD, fn, flags, AT_EACCESS). We also
|
|
provide eaccess as an alias for this, in cygwin.din. */
|
|
extern "C" int
|
|
euidaccess (const char *fn, int flags)
|
|
{
|
|
// flags were incorrectly specified
|
|
int res = -1;
|
|
if (flags & ~(F_OK|R_OK|W_OK|X_OK))
|
|
set_errno (EINVAL);
|
|
else
|
|
{
|
|
fhandler_base *fh = build_fh_name (fn, PC_SYM_FOLLOW | PC_KEEP_HANDLE,
|
|
stat_suffixes);
|
|
if (fh)
|
|
{
|
|
res = fh->fhaccess (flags, true);
|
|
delete fh;
|
|
}
|
|
}
|
|
debug_printf ("returning %d", res);
|
|
return res;
|
|
}
|
|
|
|
static void
|
|
rename_append_suffix (path_conv &pc, const char *path, size_t len,
|
|
const char *suffix)
|
|
{
|
|
char buf[len + 5];
|
|
|
|
if (ascii_strcasematch (path + len - 4, ".lnk")
|
|
|| ascii_strcasematch (path + len - 4, ".exe"))
|
|
len -= 4;
|
|
stpcpy (stpncpy (buf, path, len), suffix);
|
|
pc.check (buf, PC_SYM_NOFOLLOW);
|
|
}
|
|
|
|
/* This function tests if a filename has one of the "approved" executable
|
|
suffix. This list is probably not complete... */
|
|
static inline bool
|
|
nt_path_has_executable_suffix (PUNICODE_STRING upath)
|
|
{
|
|
static const PUNICODE_STRING blessed_executable_suffixes[] =
|
|
{
|
|
&ro_u_exe,
|
|
&ro_u_scr,
|
|
&ro_u_sys,
|
|
NULL
|
|
};
|
|
|
|
USHORT pos = upath->Length / sizeof (WCHAR);
|
|
PWCHAR path;
|
|
UNICODE_STRING usuf;
|
|
const PUNICODE_STRING *suf;
|
|
|
|
/* Too short for a native path? */
|
|
if (pos < 8)
|
|
return false;
|
|
/* Assumption: All executable suffixes have a length of three. */
|
|
path = upath->Buffer + pos - 4;
|
|
if (*path != L'.')
|
|
return false;
|
|
RtlInitCountedUnicodeString (&usuf, path, 4 * sizeof (WCHAR));
|
|
for (suf = blessed_executable_suffixes; *suf; ++suf)
|
|
if (RtlEqualUnicodeString (&usuf, *suf, TRUE))
|
|
return true;
|
|
return false;
|
|
}
|
|
|
|
inline int
|
|
set_same_file_return (bool noreplace)
|
|
{
|
|
if (!noreplace)
|
|
return 0;
|
|
set_errno (EEXIST);
|
|
return -1;
|
|
}
|
|
/* If newpath names an existing file and the RENAME_NOREPLACE flag is
|
|
specified, fail with EEXIST. Exception: Don't fail if the purpose
|
|
of the rename is just to change the case of oldpath on a
|
|
case-insensitive file system. */
|
|
static int
|
|
rename2 (const char *oldpath, const char *newpath, unsigned int at2flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
int res = -1;
|
|
path_conv oldpc, newpc, new2pc, *dstpc, *removepc = NULL;
|
|
bool old_dir_requested = false, new_dir_requested = false;
|
|
bool old_explicit_suffix = false, new_explicit_suffix = false;
|
|
bool use_posix_semantics;
|
|
bool noreplace = at2flags & RENAME_NOREPLACE;
|
|
size_t olen, nlen;
|
|
bool equal_path;
|
|
NTSTATUS status = STATUS_SUCCESS;
|
|
HANDLE fh = NULL, nfh;
|
|
HANDLE old_trans = NULL, trans = NULL;
|
|
OBJECT_ATTRIBUTES attr;
|
|
IO_STATUS_BLOCK io;
|
|
FILE_STANDARD_INFORMATION ofsi;
|
|
PFILE_RENAME_INFORMATION pfri;
|
|
|
|
__try
|
|
{
|
|
if (at2flags & ~RENAME_NOREPLACE)
|
|
/* RENAME_NOREPLACE is the only flag currently supported. */
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
if (!*oldpath || !*newpath)
|
|
{
|
|
/* Reject rename("","x"), rename("x",""). */
|
|
set_errno (ENOENT);
|
|
__leave;
|
|
}
|
|
if (has_dot_last_component (oldpath, true))
|
|
{
|
|
/* Reject rename("dir/.","x"). */
|
|
oldpc.check (oldpath, PC_SYM_NOFOLLOW, stat_suffixes);
|
|
set_errno (oldpc.isdir () ? EINVAL : ENOTDIR);
|
|
__leave;
|
|
}
|
|
if (has_dot_last_component (newpath, true))
|
|
{
|
|
/* Reject rename("dir","x/."). */
|
|
newpc.check (newpath, PC_SYM_NOFOLLOW, stat_suffixes);
|
|
set_errno (!newpc.exists () ? ENOENT
|
|
: newpc.isdir () ? EINVAL : ENOTDIR);
|
|
__leave;
|
|
}
|
|
|
|
/* A trailing slash requires that the pathname points to an existing
|
|
directory. If it's not, it's a ENOTDIR condition. The same goes
|
|
for newpath a bit further down this function. */
|
|
olen = strlen (oldpath);
|
|
if (isdirsep (oldpath[olen - 1]))
|
|
{
|
|
char *buf;
|
|
char *p = stpcpy (buf = tp.c_get (), oldpath) - 1;
|
|
oldpath = buf;
|
|
while (p >= oldpath && isdirsep (*p))
|
|
*p-- = '\0';
|
|
olen = p + 1 - oldpath;
|
|
if (!olen)
|
|
{
|
|
/* The root directory cannot be renamed. This also rejects
|
|
the corner case of rename("/","/"), even though it is the
|
|
same file. */
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
old_dir_requested = true;
|
|
}
|
|
oldpc.check (oldpath, PC_SYM_NOFOLLOW, stat_suffixes);
|
|
if (oldpc.error)
|
|
{
|
|
set_errno (oldpc.error);
|
|
__leave;
|
|
}
|
|
if (!oldpc.exists ())
|
|
{
|
|
set_errno (ENOENT);
|
|
__leave;
|
|
}
|
|
if (oldpc.isspecial () && !oldpc.issocket () && !oldpc.is_fs_special ())
|
|
{
|
|
/* No renames from virtual FS */
|
|
set_errno (EROFS);
|
|
__leave;
|
|
}
|
|
if (oldpc.has_attribute (FILE_ATTRIBUTE_REPARSE_POINT)
|
|
&& !oldpc.issymlink ())
|
|
{
|
|
/* Volume mount point. If we try to rename a volume mount point, NT
|
|
returns STATUS_NOT_SAME_DEVICE ==> Win32 ERROR_NOT_SAME_DEVICE ==>
|
|
errno EXDEV. That's bad since mv(1) will now perform a
|
|
cross-device move. So what we do here is to treat the volume
|
|
mount point just like Linux treats a mount point. */
|
|
set_errno (EBUSY);
|
|
__leave;
|
|
}
|
|
if (old_dir_requested && !oldpc.isdir ())
|
|
{
|
|
/* Reject rename("file/","x"). */
|
|
set_errno (ENOTDIR);
|
|
__leave;
|
|
}
|
|
if (oldpc.known_suffix ()
|
|
&& (ascii_strcasematch (oldpath + olen - 4, ".lnk")
|
|
|| ascii_strcasematch (oldpath + olen - 4, ".exe")))
|
|
old_explicit_suffix = true;
|
|
|
|
nlen = strlen (newpath);
|
|
if (isdirsep (newpath[nlen - 1]))
|
|
{
|
|
char *buf;
|
|
char *p = stpcpy (buf = tp.c_get (), newpath) - 1;
|
|
newpath = buf;
|
|
while (p >= newpath && isdirsep (*p))
|
|
*p-- = '\0';
|
|
nlen = p + 1 - newpath;
|
|
if (!nlen) /* The root directory is never empty. */
|
|
{
|
|
set_errno (ENOTEMPTY);
|
|
__leave;
|
|
}
|
|
new_dir_requested = true;
|
|
}
|
|
newpc.check (newpath, PC_SYM_NOFOLLOW, stat_suffixes);
|
|
if (newpc.error)
|
|
{
|
|
set_errno (newpc.error);
|
|
__leave;
|
|
}
|
|
if (newpc.isspecial () && !newpc.issocket ())
|
|
{
|
|
/* No renames to virtual FSes */
|
|
set_errno (EROFS);
|
|
__leave;
|
|
}
|
|
if (new_dir_requested && !(newpc.exists ()
|
|
? newpc.isdir () : oldpc.isdir ()))
|
|
{
|
|
/* Reject rename("file1","file2/"), but allow rename("dir","d/"). */
|
|
set_errno (newpc.exists () ? ENOTDIR : ENOENT);
|
|
__leave;
|
|
}
|
|
if (newpc.exists ()
|
|
&& (oldpc.isdir () ? !newpc.isdir () : newpc.isdir ()))
|
|
{
|
|
/* Reject rename("file","dir") and rename("dir","file"). */
|
|
set_errno (newpc.isdir () ? EISDIR : ENOTDIR);
|
|
__leave;
|
|
}
|
|
if (newpc.known_suffix ()
|
|
&& (ascii_strcasematch (newpath + nlen - 4, ".lnk")
|
|
|| ascii_strcasematch (newpath + nlen - 4, ".exe")))
|
|
new_explicit_suffix = true;
|
|
|
|
/* This test is necessary in almost every case, so do it once here. */
|
|
equal_path = RtlEqualUnicodeString (oldpc.get_nt_native_path (),
|
|
newpc.get_nt_native_path (),
|
|
oldpc.objcaseinsensitive ());
|
|
|
|
/* First check if oldpath and newpath only differ by case. If so, it's
|
|
just a request to change the case of the filename. By simply setting
|
|
the file attributes to INVALID_FILE_ATTRIBUTES (which translates to
|
|
"file doesn't exist"), all later tests are skipped. */
|
|
if (oldpc.objcaseinsensitive () && newpc.exists () && equal_path
|
|
&& old_explicit_suffix == new_explicit_suffix)
|
|
{
|
|
if (RtlEqualUnicodeString (oldpc.get_nt_native_path (),
|
|
newpc.get_nt_native_path (),
|
|
FALSE))
|
|
{
|
|
res = set_same_file_return (noreplace);
|
|
__leave;
|
|
}
|
|
newpc.file_attributes (INVALID_FILE_ATTRIBUTES);
|
|
}
|
|
else if (oldpc.isdir ())
|
|
{
|
|
/* Check for newpath being identical or a subdir of oldpath. */
|
|
if (RtlPrefixUnicodeString (oldpc.get_nt_native_path (),
|
|
newpc.get_nt_native_path (),
|
|
oldpc.objcaseinsensitive ()))
|
|
{
|
|
if (newpc.get_nt_native_path ()->Length
|
|
== oldpc.get_nt_native_path ()->Length)
|
|
{
|
|
res = set_same_file_return (noreplace);
|
|
__leave;
|
|
}
|
|
if (*(PWCHAR) ((PBYTE) newpc.get_nt_native_path ()->Buffer
|
|
+ oldpc.get_nt_native_path ()->Length) == L'\\')
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
}
|
|
}
|
|
else if (!newpc.exists ())
|
|
{
|
|
if (equal_path && old_explicit_suffix != new_explicit_suffix)
|
|
{
|
|
newpc.check (newpath, PC_SYM_NOFOLLOW);
|
|
if (RtlEqualUnicodeString (oldpc.get_nt_native_path (),
|
|
newpc.get_nt_native_path (),
|
|
oldpc.objcaseinsensitive ()))
|
|
{
|
|
res = set_same_file_return (noreplace);
|
|
__leave;
|
|
}
|
|
}
|
|
else if (oldpc.is_lnk_special ()
|
|
&& !RtlEqualUnicodePathSuffix (newpc.get_nt_native_path (),
|
|
&ro_u_lnk, TRUE))
|
|
rename_append_suffix (newpc, newpath, nlen, ".lnk");
|
|
else if (oldpc.is_binary () && !old_explicit_suffix
|
|
&& oldpc.known_suffix ()
|
|
&& !nt_path_has_executable_suffix
|
|
(newpc.get_nt_native_path ()))
|
|
/* Never append .exe suffix if oldpath had .exe suffix given
|
|
explicitely, or if oldpath wasn't already a .exe file, or
|
|
if the destination filename has one of the blessed executable
|
|
suffixes.
|
|
Note: To rename an executable foo.exe to bar-without-suffix,
|
|
the .exe suffix must be given explicitly in oldpath. */
|
|
rename_append_suffix (newpc, newpath, nlen, ".exe");
|
|
}
|
|
else
|
|
{
|
|
if (equal_path && old_explicit_suffix != new_explicit_suffix)
|
|
{
|
|
newpc.check (newpath, PC_SYM_NOFOLLOW);
|
|
if (RtlEqualUnicodeString (oldpc.get_nt_native_path (),
|
|
newpc.get_nt_native_path (),
|
|
oldpc.objcaseinsensitive ()))
|
|
{
|
|
res = set_same_file_return (noreplace);
|
|
__leave;
|
|
}
|
|
}
|
|
else if (oldpc.is_lnk_special ())
|
|
{
|
|
if (!newpc.is_lnk_special ()
|
|
&& !RtlEqualUnicodePathSuffix (newpc.get_nt_native_path (),
|
|
&ro_u_lnk, TRUE))
|
|
{
|
|
rename_append_suffix (new2pc, newpath, nlen, ".lnk");
|
|
removepc = &newpc;
|
|
}
|
|
}
|
|
else if (oldpc.is_binary ())
|
|
{
|
|
/* Never append .exe suffix if oldpath had .exe suffix given
|
|
explicitely, or if newfile is a binary (in which case the given
|
|
name probably makes sense as it is), or if the destination
|
|
filename has one of the blessed executable suffixes. */
|
|
if (!old_explicit_suffix && oldpc.known_suffix ()
|
|
&& !newpc.is_binary ()
|
|
&& !nt_path_has_executable_suffix
|
|
(newpc.get_nt_native_path ()))
|
|
{
|
|
rename_append_suffix (new2pc, newpath, nlen, ".exe");
|
|
removepc = &newpc;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
/* If the new path is an existing .lnk symlink or a .exe file,
|
|
but the new path has not been specified with explicit suffix,
|
|
rename to the new name without suffix, as expected, but also
|
|
remove the clashing symlink or executable. Did I ever mention
|
|
how I hate the file suffix idea? */
|
|
if ((newpc.is_lnk_special ()
|
|
|| RtlEqualUnicodePathSuffix (newpc.get_nt_native_path (),
|
|
&ro_u_exe, TRUE))
|
|
&& !new_explicit_suffix)
|
|
{
|
|
new2pc.check (newpath, PC_SYM_NOFOLLOW, stat_suffixes);
|
|
newpc.get_nt_native_path ()->Length -= 4 * sizeof (WCHAR);
|
|
if (new2pc.is_binary () || new2pc.is_lnk_special ())
|
|
removepc = &new2pc;
|
|
}
|
|
}
|
|
}
|
|
dstpc = (removepc == &newpc) ? &new2pc : &newpc;
|
|
|
|
/* Check cross-device before touching anything. Otherwise we might end
|
|
up with an unlinked target dir even if the actual rename didn't work.*/
|
|
if (oldpc.fs_type () != dstpc->fs_type ()
|
|
|| oldpc.fs_serial_number () != dstpc->fs_serial_number ())
|
|
{
|
|
set_errno (EXDEV);
|
|
__leave;
|
|
}
|
|
|
|
/* Should we replace an existing file? */
|
|
if ((removepc || dstpc->exists ()) && noreplace)
|
|
{
|
|
set_errno (EEXIST);
|
|
__leave;
|
|
}
|
|
|
|
/* POSIX semantics only on local NTFS drives. For the OPEN_BY_FILE_ID
|
|
flag, see MINIMAL_WIN_NTFS_FLAGS comment in fs_info::update. */
|
|
use_posix_semantics = wincap.has_posix_rename_semantics ()
|
|
&& !oldpc.isremote ()
|
|
&& oldpc.fs_is_ntfs ()
|
|
&& oldpc.has_attribute (FILE_SUPPORTS_OPEN_BY_FILE_ID);
|
|
|
|
ignore_posix_semantics_retry:
|
|
/* Opening the file must be part of the transaction. It's not sufficient
|
|
to call only NtSetInformationFile under the transaction. Therefore we
|
|
have to start the transaction here, if necessary. Don't start
|
|
transaction on W10 1709 or later on local NTFS. Use POSIX semantics
|
|
instead. */
|
|
if (!use_posix_semantics
|
|
&& (dstpc->fs_flags () & FILE_SUPPORTS_TRANSACTIONS)
|
|
&& (dstpc->isdir ()
|
|
|| (!removepc && dstpc->has_attribute (FILE_ATTRIBUTE_READONLY))))
|
|
start_transaction (old_trans, trans);
|
|
|
|
int retry_count;
|
|
retry_count = 0;
|
|
retry:
|
|
/* Talking about inconsistent behaviour...
|
|
- DELETE is required to rename a file. So far, so good.
|
|
- At least one cifs FS (Tru64) needs FILE_READ_ATTRIBUTE, otherwise the
|
|
FileRenameInformation call fails with STATUS_ACCESS_DENIED. However,
|
|
on NFS we get a STATUS_ACCESS_DENIED if FILE_READ_ATTRIBUTE is used
|
|
and the file we try to rename is a symlink. Urgh.
|
|
- Samba (only some versions?) doesn't like the FILE_SHARE_DELETE
|
|
mode if the file has the R/O attribute set and returns
|
|
STATUS_ACCESS_DENIED in that case. */
|
|
{
|
|
ULONG access = DELETE
|
|
| (oldpc.fs_is_cifs () ? FILE_READ_ATTRIBUTES : 0);
|
|
ULONG sharing = FILE_SHARE_READ | FILE_SHARE_WRITE
|
|
| (oldpc.fs_is_samba () ? 0 : FILE_SHARE_DELETE);
|
|
ULONG flags = FILE_OPEN_FOR_BACKUP_INTENT
|
|
| (oldpc.is_known_reparse_point ()
|
|
? FILE_OPEN_REPARSE_POINT : 0);
|
|
status = NtOpenFile (&fh, access,
|
|
oldpc.get_object_attr (attr, sec_none_nih),
|
|
&io, sharing, flags);
|
|
}
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
debug_printf ("status %y", status);
|
|
if (status == STATUS_SHARING_VIOLATION
|
|
&& cygwait (10L) != WAIT_SIGNALED)
|
|
{
|
|
/* Typical BLODA problem. Some virus scanners check newly
|
|
generated files and while doing that disallow DELETE access.
|
|
That's really bad because it breaks applications which copy
|
|
files by creating a temporary filename and then rename the
|
|
temp filename to the target filename. This renaming fails due
|
|
to the jealous virus scanner and the application fails to
|
|
create the target file.
|
|
|
|
This kludge tries to work around that by yielding until the
|
|
sharing violation goes away, or a signal arrived, or after
|
|
about a second, give or take. */
|
|
if (++retry_count < 40)
|
|
{
|
|
yield ();
|
|
goto retry;
|
|
}
|
|
}
|
|
else if (NT_TRANSACTIONAL_ERROR (status) && trans)
|
|
{
|
|
/* If NtOpenFile fails due to transactional problems, stop
|
|
transaction and go ahead without. */
|
|
stop_transaction (status, old_trans, trans);
|
|
debug_printf ("Transaction failure. Retry open.");
|
|
goto retry;
|
|
}
|
|
__seterrno_from_nt_status (status);
|
|
__leave;
|
|
}
|
|
|
|
if (use_posix_semantics)
|
|
goto skip_pre_W10_checks;
|
|
|
|
/* Renaming a dir to another, existing dir fails always, even if
|
|
ReplaceIfExists is set to TRUE and the existing dir is empty. So
|
|
we have to remove the destination dir first. This also covers the
|
|
case that the destination directory is not empty. In that case,
|
|
unlink_nt returns with STATUS_DIRECTORY_NOT_EMPTY. */
|
|
if (dstpc->isdir ())
|
|
{
|
|
status = unlink_nt (*dstpc, false);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
__seterrno_from_nt_status (status);
|
|
__leave;
|
|
}
|
|
}
|
|
/* You can't copy a file if the destination exists and has the R/O
|
|
attribute set. Remove the R/O attribute first. But first check
|
|
if a removepc exists. If so, dstpc points to a non-existing file
|
|
due to a mangled suffix. */
|
|
else if (!removepc && dstpc->has_attribute (FILE_ATTRIBUTE_READONLY))
|
|
{
|
|
status = NtOpenFile (&nfh, FILE_WRITE_ATTRIBUTES,
|
|
dstpc->get_object_attr (attr, sec_none_nih),
|
|
&io, FILE_SHARE_VALID_FLAGS,
|
|
FILE_OPEN_FOR_BACKUP_INTENT
|
|
| (dstpc->is_known_reparse_point ()
|
|
? FILE_OPEN_REPARSE_POINT : 0));
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
__seterrno_from_nt_status (status);
|
|
__leave;
|
|
}
|
|
status = NtSetAttributesFile (nfh, dstpc->file_attributes ()
|
|
& ~FILE_ATTRIBUTE_READONLY);
|
|
NtClose (nfh);
|
|
if (!NT_SUCCESS (status))
|
|
{
|
|
__seterrno_from_nt_status (status);
|
|
__leave;
|
|
}
|
|
}
|
|
|
|
skip_pre_W10_checks:
|
|
|
|
/* SUSv3: If the old argument and the new argument resolve to the same
|
|
existing file, rename() shall return successfully and perform no
|
|
other action.
|
|
The test tries to be as quick as possible. Due to the above cross
|
|
device check we already know both files are on the same device. So
|
|
it just tests if oldpath has more than 1 hardlink, then it opens
|
|
newpath and tests for identical file ids. If so, oldpath and newpath
|
|
refer to the same file. */
|
|
if ((removepc || dstpc->exists ())
|
|
&& !oldpc.isdir ()
|
|
&& NT_SUCCESS (NtQueryInformationFile (fh, &io, &ofsi, sizeof ofsi,
|
|
FileStandardInformation))
|
|
&& ofsi.NumberOfLinks > 1
|
|
&& NT_SUCCESS (NtOpenFile (&nfh, READ_CONTROL,
|
|
(removepc ?: dstpc)->get_object_attr (attr, sec_none_nih),
|
|
&io, FILE_SHARE_VALID_FLAGS,
|
|
FILE_OPEN_FOR_BACKUP_INTENT
|
|
| ((removepc ?: dstpc)->is_known_reparse_point ()
|
|
? FILE_OPEN_REPARSE_POINT : 0))))
|
|
{
|
|
FILE_INTERNAL_INFORMATION ofii, nfii;
|
|
|
|
if (NT_SUCCESS (NtQueryInformationFile (fh, &io, &ofii, sizeof ofii,
|
|
FileInternalInformation))
|
|
&& NT_SUCCESS (NtQueryInformationFile (nfh, &io, &nfii,
|
|
sizeof nfii,
|
|
FileInternalInformation))
|
|
&& ofii.IndexNumber.QuadPart == nfii.IndexNumber.QuadPart)
|
|
{
|
|
debug_printf ("%s and %s are the same file", oldpath, newpath);
|
|
NtClose (nfh);
|
|
res = set_same_file_return (noreplace);
|
|
__leave;
|
|
}
|
|
NtClose (nfh);
|
|
}
|
|
/* Create FILE_RENAME_INFORMATION struct. Using a tmp_pathbuf area
|
|
allows for paths of up to 32757 chars. This test is just for
|
|
paranoia's sake. */
|
|
if (dstpc->get_nt_native_path ()->Length
|
|
> NT_MAX_PATH * sizeof (WCHAR) - sizeof (FILE_RENAME_INFORMATION))
|
|
{
|
|
debug_printf ("target filename too long");
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
pfri = (PFILE_RENAME_INFORMATION) tp.w_get ();
|
|
if (use_posix_semantics)
|
|
pfri->Flags = noreplace ? 0
|
|
: (FILE_RENAME_REPLACE_IF_EXISTS
|
|
| FILE_RENAME_POSIX_SEMANTICS
|
|
| FILE_RENAME_IGNORE_READONLY_ATTRIBUTE);
|
|
else
|
|
pfri->ReplaceIfExists = !noreplace;
|
|
pfri->RootDirectory = NULL;
|
|
pfri->FileNameLength = dstpc->get_nt_native_path ()->Length;
|
|
memcpy (&pfri->FileName, dstpc->get_nt_native_path ()->Buffer,
|
|
pfri->FileNameLength);
|
|
/* If dstpc points to an existing file and RENAME_NOREPLACE has
|
|
been specified, then we should get NT error
|
|
STATUS_OBJECT_NAME_COLLISION ==> Win32 error
|
|
ERROR_ALREADY_EXISTS ==> Cygwin error EEXIST. */
|
|
status = NtSetInformationFile (fh, &io, pfri,
|
|
sizeof *pfri + pfri->FileNameLength,
|
|
use_posix_semantics
|
|
? FileRenameInformationEx
|
|
: FileRenameInformation);
|
|
/* This happens if the access rights don't allow deleting the destination.
|
|
Even if the handle to the original file is opened with BACKUP
|
|
and/or RECOVERY, these flags don't apply to the destination of the
|
|
rename operation. So, a privileged user can't rename a file to an
|
|
existing file, if the permissions of the existing file aren't right.
|
|
Like directories, we have to handle this separately by removing the
|
|
destination before renaming. */
|
|
if (status == STATUS_ACCESS_DENIED && dstpc->exists ()
|
|
&& !dstpc->isdir ())
|
|
{
|
|
bool need_open = false;
|
|
|
|
if ((dstpc->fs_flags () & FILE_SUPPORTS_TRANSACTIONS) && !trans)
|
|
{
|
|
/* As mentioned earlier, opening the file must be part of the
|
|
transaction. Therefore we have to reopen the file here if the
|
|
transaction hasn't been started already. Unfortunately we
|
|
can't use the NT "reopen file from existing handle" feature.
|
|
In that case NtOpenFile returns STATUS_TRANSACTIONAL_CONFLICT.
|
|
We *have* to close the handle to the file first, *then* we can
|
|
re-open it. Fortunately nothing has happened yet, so the
|
|
atomicity of the rename functionality is not spoiled. */
|
|
NtClose (fh);
|
|
start_transaction (old_trans, trans);
|
|
need_open = true;
|
|
}
|
|
while (true)
|
|
{
|
|
status = STATUS_SUCCESS;
|
|
if (need_open)
|
|
status = NtOpenFile (&fh, DELETE,
|
|
oldpc.get_object_attr (attr, sec_none_nih),
|
|
&io, FILE_SHARE_VALID_FLAGS,
|
|
FILE_OPEN_FOR_BACKUP_INTENT
|
|
| (oldpc.is_known_reparse_point ()
|
|
? FILE_OPEN_REPARSE_POINT : 0));
|
|
if (NT_SUCCESS (status))
|
|
{
|
|
status = unlink_nt (*dstpc, false);
|
|
if (NT_SUCCESS (status))
|
|
break;
|
|
}
|
|
if (!NT_TRANSACTIONAL_ERROR (status) || !trans)
|
|
break;
|
|
/* If NtOpenFile or unlink_nt fail due to transactional problems,
|
|
stop transaction and retry without. */
|
|
NtClose (fh);
|
|
stop_transaction (status, old_trans, trans);
|
|
debug_printf ("Transaction failure %y. Retry open.", status);
|
|
}
|
|
if (NT_SUCCESS (status))
|
|
status = NtSetInformationFile (fh, &io, pfri,
|
|
sizeof *pfri + pfri->FileNameLength,
|
|
FileRenameInformation);
|
|
}
|
|
if (NT_SUCCESS (status))
|
|
{
|
|
if (removepc)
|
|
unlink_nt (*removepc, false);
|
|
res = 0;
|
|
}
|
|
else if (use_posix_semantics && status == STATUS_INVALID_PARAMETER)
|
|
{
|
|
/* NtSetInformationFile returns STATUS_INVALID_PARAMETER
|
|
on a bind mounted file system in hyper-v container
|
|
with FILE_RENAME_POSIX_SEMANTICS.
|
|
Disable the use_posix semntics flag and retry. */
|
|
debug_printf ("NtSetInformationFile failed with posix semantics. "
|
|
"Disable it and retry.");
|
|
use_posix_semantics = 0;
|
|
goto ignore_posix_semantics_retry;
|
|
}
|
|
else
|
|
__seterrno_from_nt_status (status);
|
|
}
|
|
__except (EFAULT)
|
|
{
|
|
res = -1;
|
|
}
|
|
__endtry
|
|
if (fh)
|
|
NtClose (fh);
|
|
/* Stop transaction if we started one. */
|
|
if (trans)
|
|
stop_transaction (status, old_trans, trans);
|
|
if (get_errno () != EFAULT)
|
|
syscall_printf ("%R = rename(%s, %s)", res, oldpath, newpath);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
rename (const char *oldpath, const char *newpath)
|
|
{
|
|
return rename2 (oldpath, newpath, 0);
|
|
}
|
|
|
|
extern "C" int
|
|
system (const char *cmdstring)
|
|
{
|
|
pthread_testcancel ();
|
|
|
|
if (cmdstring == NULL)
|
|
return 1;
|
|
|
|
int res = -1;
|
|
const char* command[4];
|
|
|
|
__try
|
|
{
|
|
command[0] = "sh";
|
|
command[1] = "-c";
|
|
command[2] = cmdstring;
|
|
command[3] = (const char *) NULL;
|
|
|
|
if ((res = spawnvp (_P_SYSTEM, "/bin/sh", command)) == -1)
|
|
{
|
|
// when exec fails, return value should be as if shell
|
|
// executed exit (127)
|
|
res = 127;
|
|
}
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
setdtablesize (int size)
|
|
{
|
|
if (size < 0)
|
|
{
|
|
set_errno (EINVAL);
|
|
return -1;
|
|
}
|
|
|
|
if (size <= (int) cygheap->fdtab.size
|
|
|| cygheap->fdtab.extend (size - cygheap->fdtab.size, OPEN_MAX))
|
|
return 0;
|
|
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
getdtablesize ()
|
|
{
|
|
return OPEN_MAX;
|
|
}
|
|
|
|
extern "C" int
|
|
getpagesize ()
|
|
{
|
|
return (size_t) wincap.allocation_granularity ();
|
|
}
|
|
|
|
/* FIXME: not all values are correct... */
|
|
extern "C" long int
|
|
fpathconf (int fd, int v)
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
return -1;
|
|
return cfd->fpathconf (v);
|
|
}
|
|
|
|
extern "C" long int
|
|
pathconf (const char *file, int v)
|
|
{
|
|
fhandler_base *fh = NULL;
|
|
long ret = -1;
|
|
|
|
__try
|
|
{
|
|
if (!*file)
|
|
{
|
|
set_errno (ENOENT);
|
|
return -1;
|
|
}
|
|
if (!(fh = build_fh_name (file, PC_SYM_FOLLOW, stat_suffixes)))
|
|
return -1;
|
|
if (!fh->exists ())
|
|
set_errno (ENOENT);
|
|
else
|
|
ret = fh->fpathconf (v);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
delete fh;
|
|
return ret;
|
|
}
|
|
|
|
extern "C" int
|
|
ttyname_r (int fd, char *buf, size_t buflen)
|
|
{
|
|
int ret = 0;
|
|
|
|
__try
|
|
{
|
|
cygheap_fdget cfd (fd, true);
|
|
if (cfd < 0)
|
|
ret = EBADF;
|
|
else if (!cfd->is_tty ())
|
|
ret = ENOTTY;
|
|
else if (buflen < strlen (cfd->ttyname ()) + 1)
|
|
ret = ERANGE;
|
|
else
|
|
strcpy (buf, cfd->ttyname ());
|
|
debug_printf ("returning %d tty: %s", ret, ret ? "NULL" : buf);
|
|
}
|
|
__except (NO_ERROR)
|
|
{
|
|
ret = EFAULT;
|
|
}
|
|
__endtry
|
|
return ret;
|
|
}
|
|
|
|
extern "C" char *
|
|
ttyname (int fd)
|
|
{
|
|
static char name[TTY_NAME_MAX];
|
|
int ret = ttyname_r (fd, name, TTY_NAME_MAX);
|
|
if (ret)
|
|
{
|
|
set_errno (ret);
|
|
return NULL;
|
|
}
|
|
return name;
|
|
}
|
|
|
|
extern "C" char *
|
|
ctermid (char *str)
|
|
{
|
|
if (str == NULL)
|
|
str = _my_tls.locals.ttybuf;
|
|
if (!CTTY_IS_VALID (myself->ctty))
|
|
strcpy (str, "no tty");
|
|
else
|
|
{
|
|
device d;
|
|
d.parse (myself->ctty);
|
|
strcpy (str, d.name ());
|
|
}
|
|
return str;
|
|
}
|
|
|
|
/* Tells stdio if it should do the cr/lf conversion for this file */
|
|
extern "C" int
|
|
_cygwin_istext_for_stdio (int fd)
|
|
{
|
|
cygheap_fdget cfd (fd, false, false);
|
|
if (cfd < 0)
|
|
{
|
|
syscall_printf ("fd %d: not open", fd);
|
|
return 0;
|
|
}
|
|
|
|
#if 0
|
|
if (cfd->get_device () != FH_FS)
|
|
{
|
|
syscall_printf ("fd not disk file. Defaulting to binary.");
|
|
return 0;
|
|
}
|
|
#endif
|
|
|
|
if (cfd->wbinary () || cfd->rbinary ())
|
|
{
|
|
syscall_printf ("fd %d: opened as binary", fd);
|
|
return 0;
|
|
}
|
|
|
|
syscall_printf ("fd %d: defaulting to text", fd);
|
|
return 1;
|
|
}
|
|
|
|
static int
|
|
setmode_helper (struct _reent *ptr __unused, FILE *f)
|
|
{
|
|
if (fileno (f) != _my_tls.locals.setmode_file)
|
|
{
|
|
syscall_printf ("improbable, but %d != %d", fileno (f), _my_tls.locals.setmode_file);
|
|
return 0;
|
|
}
|
|
syscall_printf ("file was %s now %s", f->_flags & __SCLE ? "text" : "binary",
|
|
_my_tls.locals.setmode_mode & O_TEXT ? "text" : "binary");
|
|
if (_my_tls.locals.setmode_mode & O_TEXT)
|
|
f->_flags |= __SCLE;
|
|
else
|
|
f->_flags &= ~__SCLE;
|
|
return 0;
|
|
}
|
|
|
|
extern "C" int
|
|
getmode (int fd)
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
return -1;
|
|
|
|
return cfd->get_flags () & (O_BINARY | O_TEXT);
|
|
}
|
|
|
|
/* Set a file descriptor into text or binary mode, returning the
|
|
previous mode. */
|
|
|
|
extern "C" int
|
|
_setmode (int fd, int mode)
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
return -1;
|
|
if (mode != O_BINARY && mode != O_TEXT && mode != 0)
|
|
{
|
|
set_errno (EINVAL);
|
|
return -1;
|
|
}
|
|
|
|
/* Note that we have no way to indicate the case that writes are
|
|
binary but not reads, or vice-versa. These cases can arise when
|
|
using the tty or console interface. People using those
|
|
interfaces should not use setmode. */
|
|
|
|
int res;
|
|
if (cfd->wbinary () && cfd->rbinary ())
|
|
res = O_BINARY;
|
|
else if (cfd->wbinset () && cfd->rbinset ())
|
|
res = O_TEXT; /* Specifically set O_TEXT */
|
|
else
|
|
res = 0;
|
|
|
|
if (!mode)
|
|
cfd->reset_to_open_binmode ();
|
|
else
|
|
cfd->set_flags ((cfd->get_flags () & ~(O_TEXT | O_BINARY)) | mode);
|
|
|
|
syscall_printf ("(%d<%S>, %p) returning %s", fd,
|
|
cfd->pc.get_nt_native_path (), mode,
|
|
res & O_TEXT ? "text" : "binary");
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
cygwin_setmode (int fd, int mode)
|
|
{
|
|
int res = _setmode (fd, mode);
|
|
if (res != -1)
|
|
{
|
|
_my_tls.locals.setmode_file = fd;
|
|
if (_cygwin_istext_for_stdio (fd))
|
|
_my_tls.locals.setmode_mode = O_TEXT;
|
|
else
|
|
_my_tls.locals.setmode_mode = O_BINARY;
|
|
_fwalk_sglue (_GLOBAL_REENT, setmode_helper, &__sglue);
|
|
}
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
posix_fadvise (int fd, off_t offset, off_t len, int advice)
|
|
{
|
|
int res = -1;
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd >= 0)
|
|
res = cfd->fadvise (offset, len, advice);
|
|
else
|
|
res = EBADF;
|
|
syscall_printf ("%R = posix_fadvice(%d, %D, %D, %d)",
|
|
res, fd, offset, len, advice);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
posix_fallocate (int fd, off_t offset, off_t len)
|
|
{
|
|
int res = 0;
|
|
if (offset < 0 || len == 0)
|
|
res = EINVAL;
|
|
else
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd >= 0)
|
|
res = cfd->ftruncate (offset + len, false);
|
|
else
|
|
res = EBADF;
|
|
}
|
|
syscall_printf ("%R = posix_fallocate(%d, %D, %D)", res, fd, offset, len);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
ftruncate (int fd, off_t length)
|
|
{
|
|
int res = -1;
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd >= 0)
|
|
{
|
|
res = cfd->ftruncate (length, true);
|
|
if (res)
|
|
{
|
|
set_errno (res);
|
|
res = -1;
|
|
}
|
|
}
|
|
else
|
|
set_errno (EBADF);
|
|
syscall_printf ("%R = ftruncate(%d, %D)", res, fd, length);
|
|
return res;
|
|
}
|
|
|
|
/* truncate: Provided by SVR4 and 4.3+BSD. Not part of POSIX.1 or XPG3 */
|
|
extern "C" int
|
|
truncate (const char *pathname, off_t length)
|
|
{
|
|
int fd;
|
|
int res = -1;
|
|
|
|
fd = open (pathname, O_RDWR);
|
|
|
|
if (fd != -1)
|
|
{
|
|
res = ftruncate (fd, length);
|
|
close (fd);
|
|
}
|
|
syscall_printf ("%R = truncate(%s, %D)", res, pathname, length);
|
|
|
|
return res;
|
|
}
|
|
|
|
extern "C" long
|
|
_get_osfhandle (int fd)
|
|
{
|
|
long res;
|
|
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd >= 0)
|
|
res = (long) cfd->get_handle ();
|
|
else
|
|
res = -1;
|
|
|
|
syscall_printf ("%R = get_osfhandle(%d)", res, fd);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
fstatvfs (int fd, struct statvfs *sfs)
|
|
{
|
|
__try
|
|
{
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
__leave;
|
|
return cfd->fstatvfs (sfs);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
statvfs (const char *name, struct statvfs *sfs)
|
|
{
|
|
int res = -1;
|
|
fhandler_base *fh = NULL;
|
|
|
|
__try
|
|
{
|
|
if (!(fh = build_fh_name (name, PC_SYM_FOLLOW, stat_suffixes)))
|
|
__leave;
|
|
|
|
if (fh->error ())
|
|
{
|
|
debug_printf ("got %d error from build_fh_name", fh->error ());
|
|
set_errno (fh->error ());
|
|
}
|
|
else if (fh->exists ())
|
|
{
|
|
debug_printf ("(%s, %p), file_attributes %d", name, sfs, (DWORD) *fh);
|
|
res = fh->fstatvfs (sfs);
|
|
}
|
|
else
|
|
set_errno (ENOENT);
|
|
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
delete fh;
|
|
if (get_errno () != EFAULT)
|
|
syscall_printf ("%R = statvfs(%s,%p)", res, name, sfs);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
fstatfs (int fd, struct statfs *sfs)
|
|
{
|
|
struct statvfs vfs;
|
|
int ret = fstatvfs (fd, &vfs);
|
|
if (!ret)
|
|
{
|
|
sfs->f_type = vfs.f_flag;
|
|
sfs->f_bsize = vfs.f_bsize;
|
|
sfs->f_blocks = vfs.f_blocks;
|
|
sfs->f_bavail = vfs.f_bavail;
|
|
sfs->f_bfree = vfs.f_bfree;
|
|
sfs->f_files = -1;
|
|
sfs->f_ffree = -1;
|
|
sfs->f_fsid = vfs.f_fsid;
|
|
sfs->f_namelen = vfs.f_namemax;
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
extern "C" int
|
|
statfs (const char *fname, struct statfs *sfs)
|
|
{
|
|
struct statvfs vfs;
|
|
int ret = statvfs (fname, &vfs);
|
|
if (!ret)
|
|
{
|
|
sfs->f_type = vfs.f_flag;
|
|
sfs->f_bsize = vfs.f_bsize;
|
|
sfs->f_blocks = vfs.f_blocks;
|
|
sfs->f_bavail = vfs.f_bavail;
|
|
sfs->f_bfree = vfs.f_bfree;
|
|
sfs->f_files = -1;
|
|
sfs->f_ffree = -1;
|
|
sfs->f_fsid = vfs.f_fsid;
|
|
sfs->f_namelen = vfs.f_namemax;
|
|
}
|
|
return ret;
|
|
}
|
|
|
|
/* setpgid: POSIX 4.3.3.1 */
|
|
extern "C" int
|
|
setpgid (pid_t pid, pid_t pgid)
|
|
{
|
|
int res = -1;
|
|
if (pid == 0)
|
|
pid = getpid ();
|
|
if (pgid == 0)
|
|
pgid = pid;
|
|
|
|
if (pgid < 0)
|
|
set_errno (EINVAL);
|
|
else
|
|
{
|
|
pinfo p (pid, PID_MAP_RW);
|
|
if (!p)
|
|
set_errno (ESRCH);
|
|
else if (p->pgid == pgid)
|
|
res = 0;
|
|
/* A process may only change the process group of itself and its children */
|
|
else if (p != myself && p->ppid != myself->pid)
|
|
set_errno (EPERM);
|
|
else
|
|
{
|
|
p->pgid = pgid;
|
|
if (p->pid != p->pgid)
|
|
p->set_has_pgid_children (0);
|
|
res = 0;
|
|
}
|
|
}
|
|
|
|
syscall_printf ("pid %d, pgid %d, res %d", pid, pgid, res);
|
|
return res;
|
|
}
|
|
|
|
extern "C" pid_t
|
|
getpgid (pid_t pid)
|
|
{
|
|
if (pid == 0)
|
|
pid = getpid ();
|
|
|
|
pinfo p (pid);
|
|
if (!p)
|
|
{
|
|
set_errno (ESRCH);
|
|
return -1;
|
|
}
|
|
return p->pgid;
|
|
}
|
|
|
|
extern "C" int
|
|
setpgrp (void)
|
|
{
|
|
return setpgid (0, 0);
|
|
}
|
|
|
|
extern "C" pid_t
|
|
getpgrp (void)
|
|
{
|
|
return getpgid (0);
|
|
}
|
|
|
|
extern "C" char *
|
|
ptsname (int fd)
|
|
{
|
|
static char buf[TTY_NAME_MAX];
|
|
return ptsname_r (fd, buf, sizeof (buf)) == 0 ? buf : NULL;
|
|
}
|
|
|
|
extern "C" int
|
|
ptsname_r (int fd, char *buf, size_t buflen)
|
|
{
|
|
if (!buf)
|
|
{
|
|
set_errno (EINVAL);
|
|
return EINVAL;
|
|
}
|
|
|
|
cygheap_fdget cfd (fd);
|
|
if (cfd < 0)
|
|
return EBADF;
|
|
return cfd->ptsname_r (buf, buflen);
|
|
}
|
|
|
|
static int
|
|
mknod_worker (path_conv &pc, mode_t mode, _major_t major, _minor_t minor)
|
|
{
|
|
char buf[sizeof (":\\00000000:00000000:00000000") + PATH_MAX];
|
|
sprintf (buf, ":\\%x:%x:%x", major, minor, mode);
|
|
return symlink_worker (buf, pc, true);
|
|
}
|
|
|
|
extern "C" int
|
|
mknod (const char *path, mode_t mode, dev_t dev)
|
|
{
|
|
__try
|
|
{
|
|
if (!*path)
|
|
{
|
|
set_errno (ENOENT);
|
|
__leave;
|
|
}
|
|
|
|
if (strlen (path) >= PATH_MAX)
|
|
__leave;
|
|
|
|
/* Trailing dirsep is a no-no, only errno differs. */
|
|
bool has_trailing_dirsep = isdirsep (path[strlen (path) - 1]);
|
|
|
|
path_conv w32path (path, PC_SYM_NOFOLLOW | PC_SYM_NOFOLLOW_DIR
|
|
| PC_POSIX, stat_suffixes);
|
|
|
|
if (w32path.exists () || has_trailing_dirsep)
|
|
{
|
|
set_errno (w32path.exists () ? EEXIST : ENOENT);
|
|
__leave;
|
|
}
|
|
|
|
mode_t type = mode & S_IFMT;
|
|
_major_t major = _major (dev);
|
|
_minor_t minor = _minor (dev);
|
|
switch (type)
|
|
{
|
|
case S_IFCHR:
|
|
case S_IFBLK:
|
|
break;
|
|
|
|
case S_IFIFO:
|
|
major = _major (FH_FIFO);
|
|
minor = _minor (FH_FIFO);
|
|
break;
|
|
|
|
case 0:
|
|
case S_IFREG:
|
|
{
|
|
int fd = open (path, O_CREAT, mode);
|
|
if (fd < 0)
|
|
__leave;
|
|
close (fd);
|
|
return 0;
|
|
}
|
|
|
|
default:
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
|
|
return mknod_worker (w32path, mode, major, minor);
|
|
}
|
|
__except (EFAULT)
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
mkfifo (const char *path, mode_t mode)
|
|
{
|
|
return mknod (path, (mode & ~S_IFMT) | S_IFIFO, 0);
|
|
}
|
|
|
|
/* seteuid: standards? */
|
|
extern "C" int
|
|
seteuid (uid_t uid)
|
|
{
|
|
debug_printf ("uid: %u myself->uid: %u myself->gid: %u",
|
|
uid, myself->uid, myself->gid);
|
|
|
|
/* Same uid as we're just running under is usually a no-op.
|
|
|
|
Except we have an external token which is a restricted token. Or,
|
|
the external token is NULL, but the current impersonation token is
|
|
a restricted token. This allows to restrict user rights temporarily
|
|
like this:
|
|
|
|
cygwin_internal(CW_SET_EXTERNAL_TOKEN, restricted_token,
|
|
CW_TOKEN_RESTRICTED);
|
|
setuid (getuid ());
|
|
[...do stuff with restricted rights...]
|
|
cygwin_internal(CW_SET_EXTERNAL_TOKEN, INVALID_HANDLE_VALUE,
|
|
CW_TOKEN_RESTRICTED);
|
|
setuid (getuid ());
|
|
|
|
Note that using the current uid is a requirement! We have restricted
|
|
tokens galore (UAC), so this is really just a special case to restrict
|
|
your own processes to lesser rights. */
|
|
bool request_restricted_uid_switch = (uid == myself->uid
|
|
&& cygheap->user.ext_token_is_restricted);
|
|
if (uid == myself->uid && !cygheap->user.groups.ischanged
|
|
&& !request_restricted_uid_switch)
|
|
{
|
|
debug_printf ("Nothing happens");
|
|
return 0;
|
|
}
|
|
|
|
cygsid usersid;
|
|
user_groups &groups = cygheap->user.groups;
|
|
HANDLE new_token = NULL;
|
|
struct passwd * pw_new;
|
|
bool token_is_internal, issamesid = false;
|
|
|
|
pw_new = internal_getpwuid (uid);
|
|
if (!usersid.getfrompw (pw_new))
|
|
{
|
|
set_errno (EINVAL);
|
|
return -1;
|
|
}
|
|
|
|
cygheap->user.deimpersonate ();
|
|
|
|
/* Verify if the process token is suitable. */
|
|
/* First of all, skip all checks if a switch to a restricted token has been
|
|
requested, or if trying to switch back from it. */
|
|
if (request_restricted_uid_switch)
|
|
{
|
|
if (cygheap->user.external_token != NO_IMPERSONATION)
|
|
{
|
|
debug_printf ("Switch to restricted token");
|
|
new_token = cygheap->user.external_token;
|
|
}
|
|
else
|
|
{
|
|
debug_printf ("Switch back from restricted token");
|
|
new_token = hProcToken;
|
|
cygheap->user.ext_token_is_restricted = false;
|
|
}
|
|
}
|
|
/* TODO, CV 2008-11-25: The check against saved_sid is a kludge and a
|
|
shortcut. We must check if it's really feasible in the long run.
|
|
The reason to add this shortcut is this: sshd switches back to the
|
|
privileged user running sshd at least twice in the process of
|
|
authentication. It calls seteuid first, then setegid. Due to this
|
|
order, the setgroups group list is still active when calling seteuid
|
|
and verify_token treats the original token of the privileged user as
|
|
insufficient. This in turn results in creating a new user token for
|
|
the privileged user instead of using the original token. This can have
|
|
unfortunate side effects. The created token has different group
|
|
memberships, different user rights, and misses possible network
|
|
credentials.
|
|
Therefore we try this shortcut now. When switching back to the
|
|
privileged user, we probably always want a correct (aka original)
|
|
user token for this privileged user, not only in sshd. */
|
|
else if ((uid == cygheap->user.saved_uid
|
|
&& usersid == cygheap->user.saved_sid ())
|
|
|| verify_token (hProcToken, usersid, groups))
|
|
new_token = hProcToken;
|
|
/* Verify if the external token is suitable */
|
|
else if (cygheap->user.external_token != NO_IMPERSONATION
|
|
&& verify_token (cygheap->user.external_token, usersid, groups))
|
|
new_token = cygheap->user.external_token;
|
|
/* Verify if the current token (internal or former external) is suitable */
|
|
else if (cygheap->user.curr_primary_token != NO_IMPERSONATION
|
|
&& cygheap->user.curr_primary_token != cygheap->user.external_token
|
|
&& verify_token (cygheap->user.curr_primary_token, usersid, groups,
|
|
&token_is_internal))
|
|
new_token = cygheap->user.curr_primary_token;
|
|
/* Verify if the internal token is suitable */
|
|
else if (cygheap->user.internal_token != NO_IMPERSONATION
|
|
&& cygheap->user.internal_token != cygheap->user.curr_primary_token
|
|
&& verify_token (cygheap->user.internal_token, usersid, groups,
|
|
&token_is_internal))
|
|
new_token = cygheap->user.internal_token;
|
|
|
|
debug_printf ("Found token %p", new_token);
|
|
|
|
/* If no impersonation token is available, try to authenticate using
|
|
LSA private data stored password, or, if that fails, S4U logon. */
|
|
if (new_token == NULL)
|
|
{
|
|
if (!(new_token = lsaprivkeyauth (pw_new)))
|
|
{
|
|
NTSTATUS status;
|
|
WCHAR domain[MAX_DOMAIN_NAME_LEN + 1];
|
|
WCHAR user[UNLEN + 1];
|
|
|
|
debug_printf ("lsaprivkeyauth failed, try s4uauth.");
|
|
extract_nt_dom_user (pw_new, domain, user);
|
|
if (!(new_token = s4uauth (true, domain, user, status)))
|
|
{
|
|
debug_printf ("s4uauth failed, bail out");
|
|
cygheap->user.reimpersonate ();
|
|
return -1;
|
|
}
|
|
}
|
|
|
|
/* Keep at most one internal token */
|
|
if (cygheap->user.internal_token != NO_IMPERSONATION)
|
|
CloseHandle (cygheap->user.internal_token);
|
|
cygheap->user.internal_token = new_token;
|
|
}
|
|
|
|
if (new_token != hProcToken)
|
|
{
|
|
NTSTATUS status;
|
|
|
|
if (!request_restricted_uid_switch)
|
|
load_user_profile (new_token, pw_new, usersid);
|
|
|
|
/* Try setting owner to same value as user. */
|
|
status = NtSetInformationToken (new_token, TokenOwner,
|
|
&usersid, sizeof usersid);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtSetInformationToken (user.token, TokenOwner), %y",
|
|
status);
|
|
/* Try setting primary group in token to current group */
|
|
status = NtSetInformationToken (new_token, TokenPrimaryGroup,
|
|
&groups.pgsid, sizeof (cygsid));
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtSetInformationToken (user.token, TokenPrimaryGroup),"
|
|
"%y", status);
|
|
/* Try setting default DACL */
|
|
PACL dacl_buf = (PACL) alloca (MAX_DACL_LEN (5));
|
|
if (sec_acl (dacl_buf, true, true, usersid))
|
|
{
|
|
TOKEN_DEFAULT_DACL tdacl = { dacl_buf };
|
|
status = NtSetInformationToken (new_token, TokenDefaultDacl,
|
|
&tdacl, sizeof (tdacl));
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtSetInformationToken (TokenDefaultDacl), %y",
|
|
status);
|
|
}
|
|
}
|
|
|
|
issamesid = (usersid == cygheap->user.sid ());
|
|
cygheap->user.set_sid (usersid);
|
|
cygheap->user.curr_primary_token = new_token == hProcToken ? NO_IMPERSONATION
|
|
: new_token;
|
|
cygheap->user.curr_token_is_restricted = false;
|
|
cygheap->user.setuid_to_restricted = false;
|
|
if (cygheap->user.curr_imp_token != NO_IMPERSONATION)
|
|
{
|
|
CloseHandle (cygheap->user.curr_imp_token);
|
|
cygheap->user.curr_imp_token = NO_IMPERSONATION;
|
|
}
|
|
if (cygheap->user.curr_primary_token != NO_IMPERSONATION)
|
|
{
|
|
/* HANDLE_FLAG_INHERIT may be missing in external token. */
|
|
if (!SetHandleInformation (cygheap->user.curr_primary_token,
|
|
HANDLE_FLAG_INHERIT, HANDLE_FLAG_INHERIT)
|
|
|| !DuplicateTokenEx (cygheap->user.curr_primary_token,
|
|
MAXIMUM_ALLOWED, &sec_none,
|
|
SecurityImpersonation, TokenImpersonation,
|
|
&cygheap->user.curr_imp_token))
|
|
{
|
|
__seterrno ();
|
|
cygheap->user.curr_primary_token = NO_IMPERSONATION;
|
|
return -1;
|
|
}
|
|
cygheap->user.curr_token_is_restricted = request_restricted_uid_switch;
|
|
set_cygwin_privileges (cygheap->user.curr_primary_token);
|
|
set_cygwin_privileges (cygheap->user.curr_imp_token);
|
|
}
|
|
if (!cygheap->user.reimpersonate ())
|
|
{
|
|
__seterrno ();
|
|
return -1;
|
|
}
|
|
|
|
cygheap->user.set_name (pw_new->pw_name);
|
|
myself->uid = uid;
|
|
groups.ischanged = FALSE;
|
|
if (!issamesid)
|
|
/* Recreate and fill out the user shared region for a new user. */
|
|
user_info::create (true);
|
|
return 0;
|
|
}
|
|
|
|
/* setuid: POSIX 4.2.2.1 */
|
|
extern "C" int
|
|
setuid (uid_t uid)
|
|
{
|
|
int ret = seteuid (uid);
|
|
if (!ret)
|
|
{
|
|
cygheap->user.real_uid = myself->uid;
|
|
/* If restricted token, forget original privileges on exec (). */
|
|
cygheap->user.setuid_to_restricted = cygheap->user.curr_token_is_restricted;
|
|
}
|
|
debug_printf ("real: %d, effective: %d", cygheap->user.real_uid, myself->uid);
|
|
return ret;
|
|
}
|
|
|
|
extern "C" int
|
|
setreuid (uid_t ruid, uid_t euid)
|
|
{
|
|
int ret = 0;
|
|
bool tried = false;
|
|
uid_t old_euid = myself->uid;
|
|
|
|
if (ruid != ILLEGAL_UID && cygheap->user.real_uid != ruid && euid != ruid)
|
|
tried = !(ret = seteuid (ruid));
|
|
if (!ret && euid != ILLEGAL_UID)
|
|
ret = seteuid (euid);
|
|
if (tried && (ret || euid == ILLEGAL_UID) && seteuid (old_euid))
|
|
system_printf ("Cannot restore original euid %u", old_euid);
|
|
if (!ret && ruid != ILLEGAL_UID)
|
|
cygheap->user.real_uid = ruid;
|
|
debug_printf ("real: %u, effective: %u", cygheap->user.real_uid, myself->uid);
|
|
return ret;
|
|
}
|
|
|
|
/* setegid: from System V. */
|
|
extern "C" int
|
|
setegid (gid_t gid)
|
|
{
|
|
debug_printf ("new egid: %u current: %u", gid, myself->gid);
|
|
|
|
if (gid == myself->gid)
|
|
{
|
|
myself->gid = gid;
|
|
return 0;
|
|
}
|
|
|
|
NTSTATUS status;
|
|
user_groups * groups = &cygheap->user.groups;
|
|
cygsid gsid;
|
|
struct group * gr = internal_getgrgid (gid);
|
|
|
|
if (!gsid.getfromgr (gr))
|
|
{
|
|
set_errno (EINVAL);
|
|
return -1;
|
|
}
|
|
myself->gid = gid;
|
|
|
|
groups->update_pgrp (gsid);
|
|
if (cygheap->user.issetuid ())
|
|
{
|
|
/* If impersonated, update impersonation token... */
|
|
status = NtSetInformationToken (cygheap->user.primary_token (),
|
|
TokenPrimaryGroup, &gsid, sizeof gsid);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtSetInformationToken (primary_token, "
|
|
"TokenPrimaryGroup), %y", status);
|
|
status = NtSetInformationToken (cygheap->user.imp_token (),
|
|
TokenPrimaryGroup, &gsid, sizeof gsid);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtSetInformationToken (token, TokenPrimaryGroup), %y",
|
|
status);
|
|
}
|
|
cygheap->user.deimpersonate ();
|
|
status = NtSetInformationToken (hProcToken, TokenPrimaryGroup,
|
|
&gsid, sizeof gsid);
|
|
if (!NT_SUCCESS (status))
|
|
debug_printf ("NtSetInformationToken (hProcToken, TokenPrimaryGroup), %y",
|
|
status);
|
|
clear_procimptoken ();
|
|
cygheap->user.reimpersonate ();
|
|
return 0;
|
|
}
|
|
|
|
/* setgid: POSIX 4.2.2.1 */
|
|
extern "C" int
|
|
setgid (gid_t gid)
|
|
{
|
|
int ret = setegid (gid);
|
|
if (!ret)
|
|
cygheap->user.real_gid = myself->gid;
|
|
return ret;
|
|
}
|
|
|
|
extern "C" int
|
|
setregid (gid_t rgid, gid_t egid)
|
|
{
|
|
int ret = 0;
|
|
bool tried = false;
|
|
gid_t old_egid = myself->gid;
|
|
|
|
if (rgid != ILLEGAL_GID && cygheap->user.real_gid != rgid && egid != rgid)
|
|
tried = !(ret = setegid (rgid));
|
|
if (!ret && egid != ILLEGAL_GID)
|
|
ret = setegid (egid);
|
|
if (tried && (ret || egid == ILLEGAL_GID) && setegid (old_egid))
|
|
system_printf ("Cannot restore original egid %u", old_egid);
|
|
if (!ret && rgid != ILLEGAL_GID)
|
|
cygheap->user.real_gid = rgid;
|
|
debug_printf ("real: %u, effective: %u", cygheap->user.real_gid, myself->gid);
|
|
return ret;
|
|
}
|
|
|
|
/* chroot: privileged Unix system call. */
|
|
/* FIXME: Not privileged here. How should this be done? */
|
|
extern "C" int
|
|
chroot (const char *newroot)
|
|
{
|
|
path_conv path (newroot, PC_SYM_FOLLOW | PC_POSIX);
|
|
|
|
int ret = -1;
|
|
if (path.error)
|
|
set_errno (path.error);
|
|
else if (!path.exists ())
|
|
set_errno (ENOENT);
|
|
else if (!path.isdir ())
|
|
set_errno (ENOTDIR);
|
|
else if (path.isspecial ())
|
|
set_errno (EPERM);
|
|
else
|
|
{
|
|
getwinenv("PATH="); /* Save the native PATH */
|
|
cygheap->root.set (path.get_posix (), path.get_win32 (),
|
|
!!path.objcaseinsensitive ());
|
|
ret = 0;
|
|
}
|
|
|
|
syscall_printf ("%R = chroot(%s)", ret, newroot ?: "NULL");
|
|
return ret;
|
|
}
|
|
|
|
extern "C" int
|
|
creat (const char *path, mode_t mode)
|
|
{
|
|
return open (path, O_WRONLY | O_CREAT | O_TRUNC, mode);
|
|
}
|
|
|
|
extern "C" void
|
|
__assertfail ()
|
|
{
|
|
exit (99);
|
|
}
|
|
|
|
extern "C" int
|
|
vhangup ()
|
|
{
|
|
set_errno (ENOSYS);
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
setpriority (int which, id_t who, int value)
|
|
{
|
|
DWORD prio = nice_to_winprio (value);
|
|
int error = 0;
|
|
|
|
switch (which)
|
|
{
|
|
case PRIO_PROCESS:
|
|
if (!who)
|
|
who = myself->pid;
|
|
if ((pid_t) who == myself->pid)
|
|
{
|
|
if (!SetPriorityClass (GetCurrentProcess (), prio))
|
|
{
|
|
set_errno (EACCES);
|
|
return -1;
|
|
}
|
|
myself->nice = value;
|
|
debug_printf ("Set nice to %d", myself->nice);
|
|
return 0;
|
|
}
|
|
break;
|
|
case PRIO_PGRP:
|
|
if (!who)
|
|
who = myself->pgid;
|
|
break;
|
|
case PRIO_USER:
|
|
if (!who)
|
|
who = myself->uid;
|
|
break;
|
|
default:
|
|
set_errno (EINVAL);
|
|
return -1;
|
|
}
|
|
winpids pids ((DWORD) PID_MAP_RW);
|
|
for (DWORD i = 0; i < pids.npids; ++i)
|
|
{
|
|
_pinfo *p = pids[i];
|
|
if (p)
|
|
{
|
|
switch (which)
|
|
{
|
|
case PRIO_PROCESS:
|
|
if ((pid_t) who != p->pid)
|
|
continue;
|
|
break;
|
|
case PRIO_PGRP:
|
|
if ((pid_t) who != p->pgid)
|
|
continue;
|
|
break;
|
|
case PRIO_USER:
|
|
if ((uid_t) who != p->uid)
|
|
continue;
|
|
break;
|
|
}
|
|
HANDLE proc_h = OpenProcess (PROCESS_SET_INFORMATION, FALSE,
|
|
p->dwProcessId);
|
|
if (!proc_h)
|
|
error = EPERM;
|
|
else
|
|
{
|
|
if (!SetPriorityClass (proc_h, prio))
|
|
error = EACCES;
|
|
else
|
|
p->nice = value;
|
|
CloseHandle (proc_h);
|
|
}
|
|
}
|
|
}
|
|
pids.reset ();
|
|
if (error)
|
|
{
|
|
set_errno (error);
|
|
return -1;
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
extern "C" int
|
|
getpriority (int which, id_t who)
|
|
{
|
|
int nice = NZERO * 2; /* Illegal value */
|
|
|
|
switch (which)
|
|
{
|
|
case PRIO_PROCESS:
|
|
if (!who)
|
|
who = myself->pid;
|
|
if ((pid_t) who == myself->pid)
|
|
{
|
|
DWORD winprio = GetPriorityClass(GetCurrentProcess());
|
|
if (winprio != nice_to_winprio(myself->nice))
|
|
myself->nice = winprio_to_nice(winprio);
|
|
return myself->nice;
|
|
}
|
|
break;
|
|
case PRIO_PGRP:
|
|
if (!who)
|
|
who = myself->pgid;
|
|
break;
|
|
case PRIO_USER:
|
|
if (!who)
|
|
who = myself->uid;
|
|
break;
|
|
default:
|
|
set_errno (EINVAL);
|
|
return -1;
|
|
}
|
|
winpids pids ((DWORD) 0);
|
|
for (DWORD i = 0; i < pids.npids; ++i)
|
|
{
|
|
_pinfo *p = pids[i];
|
|
if (p)
|
|
switch (which)
|
|
{
|
|
case PRIO_PROCESS:
|
|
if ((pid_t) who == p->pid)
|
|
{
|
|
nice = p->nice;
|
|
goto out;
|
|
}
|
|
break;
|
|
case PRIO_PGRP:
|
|
if ((pid_t) who == p->pgid && p->nice < nice)
|
|
nice = p->nice;
|
|
break;
|
|
case PRIO_USER:
|
|
if ((uid_t) who == p->uid && p->nice < nice)
|
|
nice = p->nice;
|
|
break;
|
|
}
|
|
}
|
|
out:
|
|
pids.reset ();
|
|
if (nice == NZERO * 2)
|
|
{
|
|
set_errno (ESRCH);
|
|
return -1;
|
|
}
|
|
return nice;
|
|
}
|
|
|
|
extern "C" int
|
|
nice (int incr)
|
|
{
|
|
return setpriority (PRIO_PROCESS, myself->pid, myself->nice + incr);
|
|
}
|
|
|
|
static void
|
|
locked_append (int fd, const void * buf, size_t size)
|
|
{
|
|
struct flock lock_buffer = {F_WRLCK, SEEK_SET, 0, 0, 0};
|
|
int count = 0;
|
|
|
|
do
|
|
if ((lock_buffer.l_start = lseek (fd, 0, SEEK_END)) != (off_t) -1
|
|
&& fcntl (fd, F_SETLKW, &lock_buffer) != -1)
|
|
{
|
|
if (lseek (fd, 0, SEEK_END) != (off_t) -1)
|
|
write (fd, buf, size);
|
|
lock_buffer.l_type = F_UNLCK;
|
|
fcntl (fd, F_SETLK, &lock_buffer);
|
|
break;
|
|
}
|
|
while (count++ < 1000
|
|
&& (errno == EACCES || errno == EAGAIN)
|
|
&& !usleep (1000));
|
|
}
|
|
|
|
extern "C" void
|
|
updwtmp (const char *wtmp_file, const struct utmp *ut)
|
|
{
|
|
int fd;
|
|
|
|
if ((fd = open (wtmp_file, O_WRONLY | O_BINARY, 0)) >= 0)
|
|
{
|
|
locked_append (fd, ut, sizeof *ut);
|
|
close (fd);
|
|
}
|
|
}
|
|
|
|
static int utmp_fd = -1;
|
|
static bool utmp_readonly = false;
|
|
static char *utmp_file = (char *) _PATH_UTMP;
|
|
|
|
static void
|
|
internal_setutent (bool force_readwrite)
|
|
{
|
|
if (force_readwrite && utmp_readonly)
|
|
endutent ();
|
|
if (utmp_fd < 0)
|
|
{
|
|
utmp_fd = open (utmp_file, O_RDWR | O_BINARY);
|
|
/* If open fails, we assume an unprivileged process (who?). In this
|
|
case we try again for reading only unless the process calls
|
|
pututline() (==force_readwrite) in which case opening just fails. */
|
|
if (utmp_fd < 0 && !force_readwrite)
|
|
{
|
|
utmp_fd = open (utmp_file, O_RDONLY | O_BINARY);
|
|
if (utmp_fd >= 0)
|
|
utmp_readonly = true;
|
|
}
|
|
}
|
|
else
|
|
lseek (utmp_fd, 0, SEEK_SET);
|
|
}
|
|
|
|
extern "C" void
|
|
setutent ()
|
|
{
|
|
internal_setutent (false);
|
|
}
|
|
|
|
extern "C" void
|
|
endutent ()
|
|
{
|
|
if (utmp_fd >= 0)
|
|
{
|
|
close (utmp_fd);
|
|
utmp_fd = -1;
|
|
utmp_readonly = false;
|
|
}
|
|
}
|
|
|
|
extern "C" int
|
|
utmpname (const char *file)
|
|
{
|
|
__try
|
|
{
|
|
if (*file)
|
|
{
|
|
endutent ();
|
|
utmp_file = strdup (file);
|
|
if (utmp_file)
|
|
{
|
|
debug_printf ("New UTMP file: %s", utmp_file);
|
|
return 0;
|
|
}
|
|
}
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
debug_printf ("Setting UTMP file failed");
|
|
return -1;
|
|
}
|
|
|
|
EXPORT_ALIAS (utmpname, utmpxname)
|
|
|
|
/* Note: do not make NO_COPY */
|
|
static struct utmp utmp_data_buf[16];
|
|
static unsigned utix = 0;
|
|
#define nutdbuf (sizeof (utmp_data_buf) / sizeof (utmp_data_buf[0]))
|
|
#define utmp_data ({ \
|
|
if (utix >= nutdbuf) \
|
|
utix = 0; \
|
|
utmp_data_buf + utix++; \
|
|
})
|
|
|
|
static struct utmpx *
|
|
copy_ut_to_utx (struct utmp *ut, struct utmpx *utx)
|
|
{
|
|
if (!ut)
|
|
return NULL;
|
|
memcpy (utx, ut, sizeof *ut);
|
|
utx->ut_tv.tv_sec = ut->ut_time;
|
|
utx->ut_tv.tv_usec = 0;
|
|
return utx;
|
|
}
|
|
|
|
extern "C" struct utmp *
|
|
getutent ()
|
|
{
|
|
if (utmp_fd < 0)
|
|
{
|
|
internal_setutent (false);
|
|
if (utmp_fd < 0)
|
|
return NULL;
|
|
}
|
|
|
|
utmp *ut = utmp_data;
|
|
if (read (utmp_fd, ut, sizeof *ut) != sizeof *ut)
|
|
return NULL;
|
|
return ut;
|
|
}
|
|
|
|
extern "C" struct utmp *
|
|
getutid (const struct utmp *id)
|
|
{
|
|
__try
|
|
{
|
|
if (utmp_fd < 0)
|
|
{
|
|
internal_setutent (false);
|
|
if (utmp_fd < 0)
|
|
__leave;
|
|
}
|
|
utmp *ut = utmp_data;
|
|
while (read (utmp_fd, ut, sizeof *ut) == sizeof *ut)
|
|
{
|
|
switch (id->ut_type)
|
|
{
|
|
case RUN_LVL:
|
|
case BOOT_TIME:
|
|
case OLD_TIME:
|
|
case NEW_TIME:
|
|
if (id->ut_type == ut->ut_type)
|
|
return ut;
|
|
break;
|
|
case INIT_PROCESS:
|
|
case LOGIN_PROCESS:
|
|
case USER_PROCESS:
|
|
case DEAD_PROCESS:
|
|
if (strncmp (id->ut_id, ut->ut_id, UT_IDLEN) == 0)
|
|
return ut;
|
|
break;
|
|
default:
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return NULL;
|
|
}
|
|
|
|
extern "C" struct utmp *
|
|
getutline (const struct utmp *line)
|
|
{
|
|
__try
|
|
{
|
|
if (utmp_fd < 0)
|
|
{
|
|
internal_setutent (false);
|
|
if (utmp_fd < 0)
|
|
__leave;
|
|
}
|
|
|
|
utmp *ut = utmp_data;
|
|
while (read (utmp_fd, ut, sizeof *ut) == sizeof *ut)
|
|
if ((ut->ut_type == LOGIN_PROCESS ||
|
|
ut->ut_type == USER_PROCESS) &&
|
|
!strncmp (ut->ut_line, line->ut_line, sizeof (ut->ut_line)))
|
|
return ut;
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return NULL;
|
|
}
|
|
|
|
extern "C" struct utmp *
|
|
pututline (const struct utmp *ut)
|
|
{
|
|
__try
|
|
{
|
|
internal_setutent (true);
|
|
if (utmp_fd < 0)
|
|
{
|
|
debug_printf ("error: utmp_fd %d", utmp_fd);
|
|
__leave;
|
|
}
|
|
debug_printf ("ut->ut_type %d, ut->ut_pid %d, ut->ut_line '%s', ut->ut_id '%s'\n",
|
|
ut->ut_type, ut->ut_pid, ut->ut_line, ut->ut_id);
|
|
debug_printf ("ut->ut_user '%s', ut->ut_host '%s'\n",
|
|
ut->ut_user, ut->ut_host);
|
|
|
|
struct utmp *u;
|
|
if ((u = getutid (ut)))
|
|
{
|
|
lseek (utmp_fd, -sizeof *ut, SEEK_CUR);
|
|
write (utmp_fd, ut, sizeof *ut);
|
|
}
|
|
else
|
|
locked_append (utmp_fd, ut, sizeof *ut);
|
|
/* The documentation says to return a pointer to this which implies that
|
|
this has to be cast from a const. That doesn't seem right but the
|
|
documentation seems pretty clear on this. */
|
|
return (struct utmp *) ut;
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return NULL;
|
|
}
|
|
|
|
extern "C" void
|
|
setutxent ()
|
|
{
|
|
internal_setutent (false);
|
|
}
|
|
|
|
extern "C" void
|
|
endutxent ()
|
|
{
|
|
endutent ();
|
|
}
|
|
|
|
extern "C" struct utmpx *
|
|
getutxent ()
|
|
{
|
|
/* POSIX: Not required to be thread safe. */
|
|
static struct utmpx utx;
|
|
return copy_ut_to_utx (getutent (), &utx);
|
|
}
|
|
|
|
extern "C" struct utmpx *
|
|
getutxid (const struct utmpx *id)
|
|
{
|
|
/* POSIX: Not required to be thread safe. */
|
|
static struct utmpx utx;
|
|
|
|
__try
|
|
{
|
|
((struct utmpx *)id)->ut_time = id->ut_tv.tv_sec;
|
|
return copy_ut_to_utx (getutid ((struct utmp *) id), &utx);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return NULL;
|
|
}
|
|
|
|
extern "C" struct utmpx *
|
|
getutxline (const struct utmpx *line)
|
|
{
|
|
/* POSIX: Not required to be thread safe. */
|
|
static struct utmpx utx;
|
|
|
|
__try
|
|
{
|
|
((struct utmpx *)line)->ut_time = line->ut_tv.tv_sec;
|
|
return copy_ut_to_utx (getutline ((struct utmp *) line), &utx);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return NULL;
|
|
}
|
|
|
|
extern "C" struct utmpx *
|
|
pututxline (const struct utmpx *utmpx)
|
|
{
|
|
/* POSIX: Not required to be thread safe. */
|
|
static struct utmpx utx;
|
|
|
|
__try
|
|
{
|
|
((struct utmpx *)utmpx)->ut_time = utmpx->ut_tv.tv_sec;
|
|
return copy_ut_to_utx (pututline ((struct utmp *) utmpx), &utx);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return NULL;
|
|
}
|
|
|
|
extern "C" void
|
|
updwtmpx (const char *wtmpx_file, const struct utmpx *utmpx)
|
|
{
|
|
((struct utmpx *)utmpx)->ut_time = utmpx->ut_tv.tv_sec;
|
|
updwtmp (wtmpx_file, (const struct utmp *) utmpx);
|
|
}
|
|
|
|
extern "C" long
|
|
gethostid (void)
|
|
{
|
|
/* Fetch the globally unique MachineGuid value from
|
|
HKLM/Software/Microsoft/Cryptography and hash it. */
|
|
int32_t hostid = 0x40291372; /* Choose a nice start value */
|
|
WCHAR wguid[38];
|
|
|
|
reg_key key (HKEY_LOCAL_MACHINE, KEY_READ,
|
|
L"SOFTWARE", L"Microsoft", L"Cryptography", NULL);
|
|
key.get_string (L"MachineGuid", wguid, 38,
|
|
L"00000000-0000-0000-0000-000000000000");
|
|
/* SDBM hash */
|
|
for (PWCHAR wp = wguid; *wp; ++wp)
|
|
hostid = *wp + (hostid << 6) + (hostid << 16) - hostid;
|
|
debug_printf ("hostid %08y from MachineGuid %W", hostid, wguid);
|
|
return (int32_t) hostid; /* Avoid sign extension. */
|
|
}
|
|
|
|
#define ETC_SHELLS "/etc/shells"
|
|
static int shell_index;
|
|
static FILE *shell_fp;
|
|
|
|
extern "C" char *
|
|
getusershell ()
|
|
{
|
|
/* List of default shells if no /etc/shells exists, defined as on Linux.
|
|
FIXME: SunOS has a far longer list, containing all shells which
|
|
might be shipped with the OS. Should we do the same for the Cygwin
|
|
distro, adding bash, tcsh, ksh, pdksh and zsh? */
|
|
static const char *def_shells[] = {
|
|
"/bin/sh",
|
|
"/bin/csh",
|
|
"/usr/bin/sh",
|
|
"/usr/bin/csh",
|
|
NULL
|
|
};
|
|
static char buf[PATH_MAX];
|
|
int ch, buf_idx;
|
|
|
|
if (!shell_fp && !(shell_fp = fopen (ETC_SHELLS, "rt")))
|
|
{
|
|
if (def_shells[shell_index])
|
|
return strcpy (buf, def_shells[shell_index++]);
|
|
return NULL;
|
|
}
|
|
/* Skip white space characters. */
|
|
while ((ch = getc (shell_fp)) != EOF && isspace (ch))
|
|
;
|
|
/* Get each non-whitespace character as part of the shell path as long as
|
|
it fits in buf. */
|
|
for (buf_idx = 0;
|
|
ch != EOF && !isspace (ch) && buf_idx < (PATH_MAX - 1);
|
|
buf_idx++, ch = getc (shell_fp))
|
|
buf[buf_idx] = ch;
|
|
/* Skip any trailing non-whitespace character not fitting in buf. If the
|
|
path is longer than PATH_MAX, it's invalid anyway. */
|
|
while (ch != EOF && !isspace (ch))
|
|
ch = getc (shell_fp);
|
|
if (buf_idx)
|
|
{
|
|
buf[buf_idx] = '\0';
|
|
return buf;
|
|
}
|
|
return NULL;
|
|
}
|
|
|
|
extern "C" void
|
|
setusershell ()
|
|
{
|
|
if (shell_fp)
|
|
fseek (shell_fp, 0L, SEEK_SET);
|
|
shell_index = 0;
|
|
}
|
|
|
|
extern "C" void
|
|
endusershell ()
|
|
{
|
|
if (shell_fp)
|
|
{
|
|
fclose (shell_fp);
|
|
shell_fp = NULL;
|
|
}
|
|
shell_index = 0;
|
|
}
|
|
|
|
extern "C" void
|
|
flockfile (FILE *file)
|
|
{
|
|
_flockfile (file);
|
|
}
|
|
|
|
extern "C" int
|
|
ftrylockfile (FILE *file)
|
|
{
|
|
return _ftrylockfile (file);
|
|
}
|
|
|
|
extern "C" void
|
|
funlockfile (FILE *file)
|
|
{
|
|
_funlockfile (file);
|
|
}
|
|
|
|
extern "C" FILE *
|
|
popen (const char *command, const char *in_type)
|
|
{
|
|
const char *type = in_type;
|
|
char fdopen_flags[3] = "\0\0";
|
|
int pipe_flags = 0;
|
|
|
|
#define rw fdopen_flags[0]
|
|
#define bintext fdopen_flags[1]
|
|
|
|
/* Sanity check. GLibc allows any order and any number of repetition,
|
|
as long as the string doesn't contradict itself. We do the same here. */
|
|
while (*type)
|
|
{
|
|
if (*type == 'r' || *type == 'w')
|
|
{
|
|
if (rw && rw != *type)
|
|
break;
|
|
rw = *type++;
|
|
}
|
|
else if (*type == 'b' || *type == 't')
|
|
{
|
|
if (bintext && bintext != *type)
|
|
break;
|
|
bintext = *type++;
|
|
}
|
|
else if (*type == 'e')
|
|
{
|
|
pipe_flags = O_CLOEXEC;
|
|
++type;
|
|
}
|
|
else
|
|
break;
|
|
}
|
|
if ((rw != 'r' && rw != 'w') || (*type != '\0'))
|
|
{
|
|
set_errno (EINVAL);
|
|
return NULL;
|
|
}
|
|
|
|
int fds[2];
|
|
if (pipe2 (fds, pipe_flags) < 0)
|
|
return NULL;
|
|
|
|
int myix = rw == 'r' ? 0 : 1;
|
|
|
|
lock_process now;
|
|
FILE *fp = fdopen (fds[myix], fdopen_flags);
|
|
if (fp)
|
|
{
|
|
/* If fds are in the range of stdin/stdout/stderr, move them
|
|
out of the way (possibly temporarily). Otherwise, spawn_guts
|
|
will be confused. We do this here rather than adding logic to
|
|
spawn_guts because spawn_guts is likely to be a more frequently
|
|
used routine and having stdin/stdout/stderr closed and reassigned
|
|
to pipe handles is an unlikely event. */
|
|
int orig_fds[2] = {fds[0], fds[1]};
|
|
for (int i = 0; i < 2; i++)
|
|
if (fds[i] <= 2)
|
|
{
|
|
cygheap_fdnew newfd(3);
|
|
cygheap->fdtab.move_fd (fds[i], newfd);
|
|
fds[i] = newfd;
|
|
}
|
|
|
|
int myfd = fds[myix]; /* myfd - convenience variable for manipulation
|
|
of the "parent" end of the pipe. */
|
|
int stdchild = myix ^ 1; /* stdchild denotes the index into fd for the
|
|
handle which will be redirected to
|
|
stdin/stdout */
|
|
int __std[2];
|
|
__std[myix] = -1; /* -1 means don't pass this fd to the child
|
|
process */
|
|
__std[stdchild] = fds[stdchild]; /* Do pass this as the std handle */
|
|
|
|
const char *argv[4] =
|
|
{
|
|
"/bin/sh",
|
|
"-c",
|
|
command,
|
|
NULL
|
|
};
|
|
|
|
/* With 'e' flag given, we have to revert the close-on-exec on the child
|
|
end of the pipe. Otherwise don't pass our end of the pipe to the
|
|
child process. */
|
|
if (pipe_flags & O_CLOEXEC)
|
|
fcntl (__std[stdchild], F_SETFD, 0);
|
|
else
|
|
fcntl (myfd, F_SETFD, FD_CLOEXEC);
|
|
|
|
/* Also don't pass the file handle currently associated with stdin/stdout
|
|
to the child. This function may actually fail if the stdchild fd
|
|
is closed. But that's ok. */
|
|
int stdchild_state = fcntl (stdchild, F_GETFD, 0);
|
|
fcntl (stdchild, F_SETFD, stdchild_state | FD_CLOEXEC);
|
|
|
|
/* Start a shell process to run the given command without forking. */
|
|
pid_t pid = ch_spawn.worker ("/bin/sh", argv, environ, _P_NOWAIT,
|
|
__std[0], __std[1]);
|
|
|
|
/* Reinstate the close-on-exec state */
|
|
fcntl (stdchild, F_SETFD, stdchild_state);
|
|
|
|
/* If pid >= 0 then spawn_guts succeeded. */
|
|
if (pid >= 0)
|
|
{
|
|
close (fds[stdchild]); /* Close the child end of the pipe. */
|
|
/* Move the fd back to its original slot if it has been moved since
|
|
we're always supposed to open the lowest numbered available fd
|
|
and, if fds[mix] != orig_fds[myix] then orig_fds[myix] is
|
|
presumably lower. */
|
|
if (fds[myix] != orig_fds[myix])
|
|
cygheap->fdtab.move_fd (fds[myix], myfd = orig_fds[myix]);
|
|
fhandler_pipe *fh = (fhandler_pipe *) cygheap->fdtab[myfd];
|
|
/* Flag that this handle is associated with popen. */
|
|
fh->set_popen_pid (pid);
|
|
return fp;
|
|
}
|
|
}
|
|
|
|
/* If we reach here we've seen an error but the pipe handles are open.
|
|
Close them and return NULL. */
|
|
int save_errno = get_errno ();
|
|
if (fp)
|
|
{
|
|
/* Must fclose fp to avoid memory leak. */
|
|
fclose (fp);
|
|
close (fds[myix ^ 1]);
|
|
}
|
|
else
|
|
{
|
|
close (fds[0]);
|
|
close (fds[1]);
|
|
}
|
|
set_errno (save_errno);
|
|
|
|
#undef rw
|
|
#undef bintext
|
|
|
|
return NULL;
|
|
}
|
|
|
|
int
|
|
pclose (FILE *fp)
|
|
{
|
|
fhandler_pipe *fh = (fhandler_pipe *) cygheap->fdtab[fileno(fp)];
|
|
|
|
if (fh->get_device () != FH_PIPEW && fh->get_device () != FH_PIPER)
|
|
{
|
|
set_errno (EBADF);
|
|
return -1;
|
|
}
|
|
|
|
int pid = fh->get_popen_pid ();
|
|
if (!pid)
|
|
{
|
|
set_errno (ECHILD);
|
|
return -1;
|
|
}
|
|
|
|
if (fclose (fp))
|
|
return -1;
|
|
|
|
int status;
|
|
while (1)
|
|
if (waitpid (pid, &status, 0) == pid)
|
|
break;
|
|
else if (get_errno () == EINTR)
|
|
continue;
|
|
else
|
|
return -1;
|
|
|
|
return status;
|
|
}
|
|
|
|
/* Preliminary(?) implementation of the openat family of functions. */
|
|
|
|
static int
|
|
gen_full_path_at (char *path_ret, int dirfd, const char *pathname,
|
|
bool null_pathname_allowed = false)
|
|
{
|
|
/* Set null_pathname_allowed to true to allow GLIBC compatible behaviour
|
|
for NULL pathname. Only used by futimesat. */
|
|
if (!pathname && !null_pathname_allowed)
|
|
{
|
|
set_errno (EFAULT);
|
|
return -1;
|
|
}
|
|
if (pathname && isabspath_strict (pathname))
|
|
stpcpy (path_ret, pathname);
|
|
else
|
|
{
|
|
char *p;
|
|
|
|
if (dirfd == AT_FDCWD)
|
|
{
|
|
cwdstuff::acquire_read ();
|
|
p = stpcpy (path_ret, cygheap->cwd.get_posix ());
|
|
cwdstuff::release_read ();
|
|
}
|
|
else
|
|
{
|
|
cygheap_fdget cfd (dirfd);
|
|
if (cfd < 0)
|
|
return -1;
|
|
if (!cfd->pc.isdir ())
|
|
{
|
|
set_errno (ENOTDIR);
|
|
return -1;
|
|
}
|
|
p = stpcpy (path_ret, cfd->get_name ());
|
|
}
|
|
if (!p)
|
|
{
|
|
set_errno (ENOTDIR);
|
|
return -1;
|
|
}
|
|
if (pathname)
|
|
{
|
|
if (!*pathname)
|
|
{
|
|
set_errno (ENOENT);
|
|
return -1;
|
|
}
|
|
if (strlen (pathname) >= PATH_MAX)
|
|
{
|
|
set_errno (ENAMETOOLONG);
|
|
return -1;
|
|
}
|
|
if (p[-1] != '/')
|
|
*p++ = '/';
|
|
stpcpy (p, pathname);
|
|
}
|
|
}
|
|
return 0;
|
|
}
|
|
|
|
extern "C" int
|
|
openat (int dirfd, const char *pathname, int flags, ...)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
|
|
va_list ap;
|
|
mode_t mode;
|
|
|
|
va_start (ap, flags);
|
|
mode = va_arg (ap, mode_t);
|
|
va_end (ap);
|
|
return open (path, flags, mode);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
faccessat (int dirfd, const char *pathname, int mode, int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
int res = -1;
|
|
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (!gen_full_path_at (path, dirfd, pathname))
|
|
{
|
|
if ((mode & ~(F_OK|R_OK|W_OK|X_OK))
|
|
|| (flags & ~(AT_SYMLINK_NOFOLLOW|AT_EACCESS)))
|
|
set_errno (EINVAL);
|
|
else
|
|
{
|
|
fhandler_base *fh = build_fh_name (path,
|
|
(flags & AT_SYMLINK_NOFOLLOW
|
|
? PC_SYM_NOFOLLOW
|
|
: PC_SYM_FOLLOW)
|
|
| PC_KEEP_HANDLE,
|
|
stat_suffixes);
|
|
if (fh)
|
|
{
|
|
res = fh->fhaccess (mode, !!(flags & AT_EACCESS));
|
|
delete fh;
|
|
}
|
|
}
|
|
}
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
debug_printf ("returning %d", res);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
fchmodat (int dirfd, const char *pathname, mode_t mode, int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
if (flags & ~AT_SYMLINK_NOFOLLOW)
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
if (flags & AT_SYMLINK_NOFOLLOW)
|
|
{
|
|
/* BSD has lchmod, but Linux does not. POSIX says
|
|
AT_SYMLINK_NOFOLLOW is allowed to fail on symlinks.
|
|
Linux blindly fails even for non-symlinks, but we allow
|
|
it to succeed. */
|
|
path_conv pc (path, PC_SYM_NOFOLLOW, stat_suffixes);
|
|
if (pc.issymlink ())
|
|
{
|
|
set_errno (EOPNOTSUPP);
|
|
__leave;
|
|
}
|
|
}
|
|
return chmod (path, mode);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
fchownat (int dirfd, const char *pathname, uid_t uid, gid_t gid, int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
if (flags & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH))
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
char *path = tp.c_get ();
|
|
int res = gen_full_path_at (path, dirfd, pathname);
|
|
if (res)
|
|
{
|
|
if (!(errno == ENOENT && (flags & AT_EMPTY_PATH)))
|
|
__leave;
|
|
/* pathname is an empty string. Operate on dirfd. */
|
|
if (dirfd == AT_FDCWD)
|
|
{
|
|
cwdstuff::acquire_read ();
|
|
strcpy (path, cygheap->cwd.get_posix ());
|
|
cwdstuff::release_read ();
|
|
}
|
|
else
|
|
{
|
|
cygheap_fdget cfd (dirfd);
|
|
if (cfd < 0)
|
|
__leave;
|
|
strcpy (path, cfd->get_name ());
|
|
/* If dirfd refers to a symlink (which was necessarily
|
|
opened with O_PATH | O_NOFOLLOW), we must operate
|
|
directly on that symlink.. */
|
|
flags = AT_SYMLINK_NOFOLLOW;
|
|
}
|
|
}
|
|
return chown_worker (path, (flags & AT_SYMLINK_NOFOLLOW)
|
|
? PC_SYM_NOFOLLOW : PC_SYM_FOLLOW, uid, gid);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
fstatat (int dirfd, const char *__restrict pathname, struct stat *__restrict st,
|
|
int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
if (flags & ~(AT_SYMLINK_NOFOLLOW | AT_EMPTY_PATH))
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
char *path = tp.c_get ();
|
|
int res = gen_full_path_at (path, dirfd, pathname);
|
|
if (res)
|
|
{
|
|
if (!(errno == ENOENT && (flags & AT_EMPTY_PATH)))
|
|
__leave;
|
|
/* pathname is an empty string. Operate on dirfd. */
|
|
if (dirfd == AT_FDCWD)
|
|
{
|
|
cwdstuff::acquire_read ();
|
|
strcpy (path, cygheap->cwd.get_posix ());
|
|
cwdstuff::release_read ();
|
|
}
|
|
else
|
|
return fstat (dirfd, st);
|
|
}
|
|
path_conv pc (path, ((flags & AT_SYMLINK_NOFOLLOW)
|
|
? PC_SYM_NOFOLLOW : PC_SYM_FOLLOW)
|
|
| PC_POSIX | PC_KEEP_HANDLE, stat_suffixes);
|
|
return stat_worker (pc, st);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern int utimens_worker (path_conv &, const struct timespec *);
|
|
|
|
extern "C" int
|
|
utimensat (int dirfd, const char *pathname, const struct timespec *times,
|
|
int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (flags & ~AT_SYMLINK_NOFOLLOW)
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
path_conv win32 (path, PC_POSIX | ((flags & AT_SYMLINK_NOFOLLOW)
|
|
? PC_SYM_NOFOLLOW : PC_SYM_FOLLOW),
|
|
stat_suffixes);
|
|
return utimens_worker (win32, times);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
futimesat (int dirfd, const char *pathname, const struct timeval times[2])
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname, true))
|
|
__leave;
|
|
return utimes (path, times);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
linkat (int olddirfd, const char *oldpathname,
|
|
int newdirfd, const char *newpathname,
|
|
int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
fhandler_base *fh = NULL;
|
|
|
|
__try
|
|
{
|
|
if (flags & ~(AT_SYMLINK_FOLLOW | AT_EMPTY_PATH))
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
char *oldpath = tp.c_get ();
|
|
if ((flags & AT_EMPTY_PATH) && oldpathname && oldpathname[0] == '\0')
|
|
{
|
|
/* Operate directly on olddirfd, which can be anything
|
|
except a directory. */
|
|
if (olddirfd == AT_FDCWD)
|
|
{
|
|
set_errno (EPERM);
|
|
__leave;
|
|
}
|
|
cygheap_fdget cfd (olddirfd);
|
|
if (cfd < 0)
|
|
__leave;
|
|
if (cfd->pc.isdir ())
|
|
{
|
|
set_errno (EPERM);
|
|
__leave;
|
|
}
|
|
fh = cfd;
|
|
flags = 0; /* In case AT_SYMLINK_FOLLOW was set. */
|
|
}
|
|
else if (gen_full_path_at (oldpath, olddirfd, oldpathname))
|
|
__leave;
|
|
char *newpath = tp.c_get ();
|
|
if (gen_full_path_at (newpath, newdirfd, newpathname))
|
|
__leave;
|
|
if (flags & AT_SYMLINK_FOLLOW)
|
|
{
|
|
path_conv old_name (oldpath,
|
|
PC_SYM_FOLLOW | PC_SYM_NOFOLLOW_PROCFD | PC_POSIX,
|
|
stat_suffixes);
|
|
if (old_name.error)
|
|
{
|
|
set_errno (old_name.error);
|
|
__leave;
|
|
}
|
|
strcpy (oldpath, old_name.get_posix ());
|
|
}
|
|
if (fh)
|
|
return fh->link (newpath);
|
|
return link (oldpath, newpath);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
mkdirat (int dirfd, const char *pathname, mode_t mode)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
return mkdir (path, mode);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
mkfifoat (int dirfd, const char *pathname, mode_t mode)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
return mkfifo (path, mode);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
mknodat (int dirfd, const char *pathname, mode_t mode, dev_t dev)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
return mknod (path, mode, dev);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" ssize_t
|
|
readlinkat (int dirfd, const char *__restrict pathname, char *__restrict buf,
|
|
size_t bufsize)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
int save_errno = errno;
|
|
int res = gen_full_path_at (path, dirfd, pathname);
|
|
if (res)
|
|
{
|
|
if (errno != ENOENT && errno != ENOTDIR)
|
|
__leave;
|
|
/* pathname is an empty string. This is OK if dirfd refers
|
|
to a symlink that was opened with O_PATH | O_NOFOLLOW.
|
|
In this case, readlinkat operates on the symlink.
|
|
Don't propagate errors from gen_full_path_at after this point. */
|
|
errno = save_errno;
|
|
cygheap_fdget cfd (dirfd);
|
|
if (cfd < 0
|
|
|| (!(cfd->issymlink ()
|
|
&& cfd->get_flags () & O_PATH
|
|
&& cfd->get_flags () & O_NOFOLLOW)))
|
|
{
|
|
set_errno (ENOENT);
|
|
__leave;
|
|
}
|
|
strcpy (path, cfd->get_name ());
|
|
}
|
|
return readlink (path, buf, bufsize);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
renameat2 (int olddirfd, const char *oldpathname,
|
|
int newdirfd, const char *newpathname, unsigned int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *oldpath = tp.c_get ();
|
|
if (gen_full_path_at (oldpath, olddirfd, oldpathname))
|
|
__leave;
|
|
char *newpath = tp.c_get ();
|
|
if (gen_full_path_at (newpath, newdirfd, newpathname))
|
|
__leave;
|
|
return rename2 (oldpath, newpath, flags);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
renameat (int olddirfd, const char *oldpathname,
|
|
int newdirfd, const char *newpathname)
|
|
{
|
|
return renameat2 (olddirfd, oldpathname, newdirfd, newpathname, 0);
|
|
}
|
|
|
|
extern "C" int
|
|
scandirat (int dirfd, const char *pathname, struct dirent ***namelist,
|
|
int (*select) (const struct dirent *),
|
|
int (*compar) (const struct dirent **, const struct dirent **))
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
return scandir (path, namelist, select, compar);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
symlinkat (const char *oldpath, int newdirfd, const char *newpathname)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
char *newpath = tp.c_get ();
|
|
if (gen_full_path_at (newpath, newdirfd, newpathname))
|
|
__leave;
|
|
return symlink (oldpath, newpath);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
extern "C" int
|
|
unlinkat (int dirfd, const char *pathname, int flags)
|
|
{
|
|
tmp_pathbuf tp;
|
|
__try
|
|
{
|
|
if (flags & ~AT_REMOVEDIR)
|
|
{
|
|
set_errno (EINVAL);
|
|
__leave;
|
|
}
|
|
char *path = tp.c_get ();
|
|
if (gen_full_path_at (path, dirfd, pathname))
|
|
__leave;
|
|
return (flags & AT_REMOVEDIR) ? rmdir (path) : unlink (path);
|
|
}
|
|
__except (EFAULT) {}
|
|
__endtry
|
|
return -1;
|
|
}
|
|
|
|
static int
|
|
pipe_worker (int filedes[2], unsigned int psize, int mode)
|
|
{
|
|
fhandler_pipe *fhs[2];
|
|
int res = fhandler_pipe::create (fhs, psize, mode);
|
|
if (!res)
|
|
{
|
|
cygheap_fdnew fdin;
|
|
cygheap_fdnew fdout (fdin, false);
|
|
char buf[sizeof ("pipe:[9223372036854775807]")];
|
|
__small_sprintf (buf, "pipe:[%D]", fhs[0]->get_plain_ino ());
|
|
fhs[0]->pc.set_posix (buf);
|
|
__small_sprintf (buf, "pipe:[%D]", fhs[1]->get_plain_ino ());
|
|
fhs[1]->pc.set_posix (buf);
|
|
fdin = fhs[0];
|
|
fdout = fhs[1];
|
|
filedes[0] = fdin;
|
|
filedes[1] = fdout;
|
|
}
|
|
return res;
|
|
}
|
|
|
|
/* MS compatible version of pipe. Hopefully nobody is using it... */
|
|
extern "C" int
|
|
_pipe (int filedes[2], unsigned int psize, int mode)
|
|
{
|
|
int res = pipe_worker (filedes, psize, mode);
|
|
int read, write;
|
|
if (res != 0)
|
|
read = write = -1;
|
|
else
|
|
{
|
|
read = filedes[0];
|
|
write = filedes[1];
|
|
}
|
|
syscall_printf ("%R = _pipe([%d, %d], %u, %y)", res, read, write, psize, mode);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
pipe (int filedes[2])
|
|
{
|
|
int res = pipe_worker (filedes, DEFAULT_PIPEBUFSIZE, O_BINARY);
|
|
int read, write;
|
|
if (res != 0)
|
|
read = write = -1;
|
|
else
|
|
{
|
|
read = filedes[0];
|
|
write = filedes[1];
|
|
}
|
|
syscall_printf ("%R = pipe([%d, %d])", res, read, write);
|
|
return res;
|
|
}
|
|
|
|
extern "C" int
|
|
pipe2 (int filedes[2], int mode)
|
|
{
|
|
int res = pipe_worker (filedes, DEFAULT_PIPEBUFSIZE, mode);
|
|
int read, write;
|
|
if (res != 0)
|
|
read = write = -1;
|
|
else
|
|
{
|
|
read = filedes[0];
|
|
write = filedes[1];
|
|
}
|
|
syscall_printf ("%R = pipe2([%d, %d], %y)", res, read, write, mode);
|
|
return res;
|
|
}
|
|
|
|
extern "C" FILE *
|
|
tmpfile (void)
|
|
{
|
|
char *dir = getenv ("TMPDIR");
|
|
if (!dir)
|
|
dir = P_tmpdir;
|
|
int fd = open (dir, O_RDWR | O_BINARY | O_TMPFILE, S_IRUSR | S_IWUSR);
|
|
if (fd < 0)
|
|
return NULL;
|
|
FILE *fp = fdopen (fd, "wb+");
|
|
int e = errno;
|
|
if (!fp)
|
|
close (fd); // ..will remove tmp file
|
|
set_errno (e);
|
|
return fp;
|
|
}
|