4
0
mirror of git://sourceware.org/git/newlib-cygwin.git synced 2025-01-23 07:27:21 +08:00
Corinna Vinschen f4a1f8a1db * cygheap.cc (cygheap_init): Accomodate set_process_privilege change.
* cygheap.h (cygheap_user::curr_primary_token): New member.
	(cygheap_user::primary_token): New method.
	(cygheap_user::deimpersonate): Always revert to processes'
	impersonation token.
	(cygheap_user::reimpersonate): Set processes' or setuid token as
	necessary.
	(cygheap_user::has_impersonation_tokens): Look for curr_primary_token
	value.
	(cygheap_user::close_impersonation_tokens): Close curr_primary_token
	here if necessary.  Don't reset token values to NO_IMPERSONATION since
	that's done in uinfo_init anyway.
	(init_cygheap::luid): New LUID array keeping privilege LUIDs.
	* cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate.
	* dcrt0.cc (hProcToken): New global variable to keep process token.
	(hProcImpToken): Ditto for process impersonation token.
	(dll_crt0_0): Open process token here once.  Duplicate to create
	hProcImpToken.
	(dll_crt0_1): Call set_cygwin_privileges.
	* environ.cc (allow_ntea): Drop duplicate declaration.
	(allow_smbntsec): Ditto.
	(set_traverse): Only set allow_traverse here.
	(environ_init): Ditto.
	* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to
	enable_restore_privilege.
	(fhandler_disk_file::fchown): Ditto.
	(fhandler_disk_file::facl): Ditto.
	* fork.cc (fork_child): Move call to cygheap->user.reimpersonate after
	syn with parent. Call set_cygwin_privileges.
	* grp.cc (internal_getgroups): Use hProcImpToken instead of opening
	process token.
	* path.cc (fs_info::update): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges.
	* registry.cc (load_registry_hive): Drop setting restore privilege
	since it's already set if available.
	* sec_helper.cc: Include cygtls.h.
	(cygpriv): Privilege string array.
	(privilege_luid): New function, evaluate LUID from cygpriv_idx.
	(privilege_luid_by_name): New function, evaluate LUID from privilege
	string.
	(privilege_name): New function, evaluate privilege string from
	cygpriv_idx.
	(set_privilege): New static function called by set_process_privilege
	and set_thread_privilege.  Call privilege_luid to get privilege LUID.
	Fix bug in return value evaluation. Improve debug output.
	(set_cygwin_privileges): New function.
	(set_process_privilege): Remove.
	(enable_restore_privilege): Remove.
	* security.cc (allow_traverse): New global variable.
	(sys_privs): Change type to cygpriv_idx and store privilege indices
	instead of strings.
	(SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT.
	(get_system_priv_list): Don't use numerical constant in malloc call.
	Use privilege_luid to get privilege LUIDs.
	(get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve
	inner privilege LUID comparison loop.
	(create_token): Enable create token privilege using
	push/pop_self_privileges. Use hProcToken instead of opening process
	token. Use default DACL when duplicating token.
	(subauth): Enable tcb privilege using push/pop_self_privileges.
	Use sec_none instead of homw made security attributes when duplicating
	token.
	(check_file_access): Don't duplicate access token, use active
	impersonation token as is.
	* security.h (enum cygpriv_idx): New enumeration type enumerating
	possible privileges.
	(privilege_luid): Declare new function.
	(privilege_luid_by_name): Ditto.
	(privilege_name): Ditto.
	(allow_traverse): Declare.
	(set_privilege): Declare function.
	(set_process_privilege): Define as macro.
	(enable_restore_privilege): Remove declaration.
	(_push_thread_privilege): Define macro.
	(push_thread_privilege): Ditto.
	(pop_thread_privilege): Ditto.
	(pop_self_privilege): Ditto.
	* spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of
	cygheap->user.token.
	* syscalls.cc (statvfs): Bypass traverse checking when retrieving
	volume information using push/pop_thread_privileges. Rearrange code
	to simplify push/pop bracketing.
	(seteuid32): Use hProcToken instead of opening process token. Call
	cygheap->user.deimpersonate instead of RevertToSelf.  Create
	impersonation token from primary internal or external token.  Set
	cygheap->user.curr_primary_token and cygheap->user.current_token
	privileges once here.  Drop "failed" and "failed_ptok" labels.
	Drop setting DefaultDacl of process token.
	(setegid32): Use hProcToken and hProcImpToken instead of opening
	process token. Always reimpersonate afterwards.
	* uinfo.cc (cygheap_user::init): Use hProcToken instead of opening
	process token.
	(internal_getlogin): Ditto. Set hProcImpToken, too.
	(uinfo_init): Initialize cygheap->user.curr_primary_token.
	* winsup.h (hProcToken): Declare.
	(hProcImpToken): Declare.
2005-04-03 13:06:43 +00:00

1073 lines
27 KiB
C++

/* spawn.cc
Copyright 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004,
2005 Red Hat, Inc.
This file is part of Cygwin.
This software is a copyrighted work licensed under the terms of the
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
details. */
#include "winsup.h"
#include <stdlib.h>
#include <stdarg.h>
#include <unistd.h>
#include <process.h>
#include <sys/wait.h>
#include <limits.h>
#include <wingdi.h>
#include <winuser.h>
#include <ctype.h>
#include "cygerrno.h"
#include <sys/cygwin.h>
#include "security.h"
#include "path.h"
#include "fhandler.h"
#include "dtable.h"
#include "sigproc.h"
#include "cygheap.h"
#include "child_info.h"
#include "shared_info.h"
#include "pinfo.h"
#include "registry.h"
#include "environ.h"
#include "cygthread.h"
#define LINE_BUF_CHUNK (CYG_MAX_PATH * 2)
static suffix_info std_suffixes[] =
{
suffix_info (".exe", 1), suffix_info ("", 1),
suffix_info (".com"), suffix_info (".cmd"),
suffix_info (".bat"), suffix_info (".dll"),
suffix_info (NULL)
};
HANDLE hExeced;
DWORD dwExeced;
/* Add .exe to PROG if not already present and see if that exists.
If not, return PROG (converted from posix to win32 rules if necessary).
The result is always BUF.
Returns (possibly NULL) suffix */
static const char *
perhaps_suffix (const char *prog, path_conv& buf)
{
char *ext;
debug_printf ("prog '%s'", prog);
buf.check (prog, PC_SYM_FOLLOW | PC_FULL, std_suffixes);
if (!buf.exists () || buf.isdir ())
ext = NULL;
else if (buf.known_suffix)
ext = (char *) buf + (buf.known_suffix - buf.get_win32 ());
else
ext = strchr (buf, '\0');
debug_printf ("buf %s, suffix found '%s'", (char *) buf, ext);
return ext;
}
/* Find an executable name, possibly by appending known executable
suffixes to it. The win32-translated name is placed in 'buf'.
Any found suffix is returned in known_suffix.
If the file is not found and !null_if_not_found then the win32 version
of name is placed in buf and returned. Otherwise the contents of buf
is undefined and NULL is returned. */
const char * __stdcall
find_exec (const char *name, path_conv& buf, const char *mywinenv,
unsigned opt, const char **known_suffix)
{
const char *suffix = "";
debug_printf ("find_exec (%s)", name);
const char *retval = buf;
char tmp[CYG_MAX_PATH];
const char *posix = (opt & FE_NATIVE) ? NULL : name;
bool has_slash = strchr (name, '/');
/* Check to see if file can be opened as is first.
Win32 systems always check . first, but PATH may not be set up to
do this. */
if ((has_slash || opt & FE_CWD)
&& (suffix = perhaps_suffix (name, buf)) != NULL)
{
if (posix && !has_slash)
{
tmp[0] = '.';
tmp[1] = '/';
strcpy (tmp + 2, name);
posix = tmp;
}
goto out;
}
win_env *winpath;
const char *path;
const char *posix_path;
/* Return the error condition if this is an absolute path or if there
is no PATH to search. */
if (has_slash || strchr (name, '\\') || isdrive (name)
|| !(winpath = getwinenv (mywinenv))
|| !(path = winpath->get_native ()) || *path == '\0')
goto errout;
debug_printf ("%s%s", mywinenv, path);
posix = (opt & FE_NATIVE) ? NULL : tmp;
posix_path = winpath->get_posix () - 1;
/* Iterate over the specified path, looking for the file with and
without executable extensions. */
do
{
posix_path++;
char *eotmp = strccpy (tmp, &path, ';');
/* An empty path or '.' means the current directory, but we've
already tried that. */
if (opt & FE_CWD && (tmp[0] == '\0' || (tmp[0] == '.' && tmp[1] == '\0')))
continue;
*eotmp++ = '\\';
strcpy (eotmp, name);
debug_printf ("trying %s", tmp);
if ((suffix = perhaps_suffix (tmp, buf)) != NULL)
{
if (posix == tmp)
{
eotmp = strccpy (tmp, &posix_path, ':');
if (eotmp == tmp)
*eotmp++ = '.';
*eotmp++ = '/';
strcpy (eotmp, name);
}
goto out;
}
}
while (*path && *++path && (posix_path = strchr (posix_path, ':')));
errout:
posix = NULL;
/* Couldn't find anything in the given path.
Take the appropriate action based on null_if_not_found. */
if (opt & FE_NNF)
retval = NULL;
else if (opt & FE_NATIVE)
buf.check (name);
else
retval = name;
out:
if (posix)
buf.set_path (posix);
debug_printf ("%s = find_exec (%s)", (char *) buf, name);
if (known_suffix)
*known_suffix = suffix ?: strchr (buf, '\0');
return retval;
}
/* Utility for spawn_guts. */
static HANDLE
handle (int n, int direction)
{
fhandler_base *fh = cygheap->fdtab[n];
if (!fh)
return INVALID_HANDLE_VALUE;
if (fh->close_on_exec ())
return INVALID_HANDLE_VALUE;
if (direction == 0)
return fh->get_handle ();
return fh->get_output_handle ();
}
int
iscmd (const char *argv0, const char *what)
{
int n;
n = strlen (argv0) - strlen (what);
if (n >= 2 && argv0[1] != ':')
return 0;
return n >= 0 && strcasematch (argv0 + n, what) &&
(n == 0 || isdirsep (argv0[n - 1]));
}
class linebuf
{
public:
size_t ix;
char *buf;
size_t alloced;
linebuf () : ix (0), buf (NULL), alloced (0) {}
~linebuf () {if (buf) free (buf);}
void add (const char *what, int len);
void add (const char *what) {add (what, strlen (what));}
void prepend (const char *what, int len);
};
void
linebuf::add (const char *what, int len)
{
size_t newix;
if ((newix = ix + len) >= alloced || !buf)
{
alloced += LINE_BUF_CHUNK + newix;
buf = (char *) realloc (buf, alloced + 1);
}
memcpy (buf + ix, what, len);
ix = newix;
buf[ix] = '\0';
}
void
linebuf::prepend (const char *what, int len)
{
int buflen;
size_t newix;
if ((newix = ix + len) >= alloced)
{
alloced += LINE_BUF_CHUNK + newix;
buf = (char *) realloc (buf, alloced + 1);
buf[ix] = '\0';
}
if ((buflen = strlen (buf)))
memmove (buf + len, buf, buflen + 1);
else
buf[newix] = '\0';
memcpy (buf, what, len);
ix = newix;
}
class av
{
char **argv;
int calloced;
public:
int error;
int argc;
av (int ac, const char * const *av) : calloced (0), error (false), argc (ac)
{
argv = (char **) cmalloc (HEAP_1_ARGV, (argc + 5) * sizeof (char *));
memcpy (argv, av, (argc + 1) * sizeof (char *));
}
~av ()
{
if (argv)
{
for (int i = 0; i < calloced; i++)
if (argv[i])
cfree (argv[i]);
cfree (argv);
}
}
int unshift (const char *what, int conv = 0);
operator char **() {return argv;}
void all_calloced () {calloced = argc;}
void replace0_maybe (const char *arg0)
{
/* Note: Assumes that argv array has not yet been "unshifted" */
if (!calloced
&& (argv[0] = cstrdup1 (arg0)))
calloced = true;
else
error = errno;
}
void dup_maybe (int i)
{
if (i >= calloced
&& !(argv[i] = cstrdup1 (argv[i])))
error = errno;
}
void dup_all ()
{
for (int i = calloced; i < argc; i++)
if (!(argv[i] = cstrdup1 (argv[i])))
error = errno;
}
};
int
av::unshift (const char *what, int conv)
{
char **av;
av = (char **) crealloc (argv, (argc + 2) * sizeof (char *));
if (!av)
return 0;
argv = av;
memmove (argv + 1, argv, (argc + 1) * sizeof (char *));
char buf[CYG_MAX_PATH];
if (conv)
{
cygwin_conv_to_posix_path (what, buf);
char *p = strchr (buf, '\0') - 4;
if (p > buf && strcasematch (p, ".exe"))
*p = '\0';
what = buf;
}
if (!(*argv = cstrdup1 (what)))
error = errno;
argc++;
calloced++;
return 1;
}
struct pthread_cleanup
{
_sig_func_ptr oldint;
_sig_func_ptr oldquit;
sigset_t oldmask;
pthread_cleanup (): oldint (NULL), oldquit (NULL), oldmask ((sigset_t) -1) {}
};
static void
do_cleanup (void *args)
{
# define cleanup ((pthread_cleanup *) args)
if (cleanup->oldmask != (sigset_t) -1)
{
signal (SIGINT, cleanup->oldint);
signal (SIGQUIT, cleanup->oldquit);
sigprocmask (SIG_SETMASK, &(cleanup->oldmask), NULL);
}
# undef cleanup
}
static int __stdcall
spawn_guts (const char * prog_arg, const char *const *argv,
const char *const envp[], int mode)
{
bool rc;
pid_t cygpid;
MALLOC_CHECK;
if (prog_arg == NULL)
{
syscall_printf ("prog_arg is NULL");
set_errno (EINVAL);
return -1;
}
syscall_printf ("spawn_guts (%d, %.9500s)", mode, prog_arg);
if (argv == NULL)
{
syscall_printf ("argv is NULL");
set_errno (EINVAL);
return -1;
}
path_conv real_path;
linebuf one_line;
STARTUPINFO si = {0, NULL, NULL, NULL, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, NULL, NULL, NULL, NULL};
child_info_types chtype;
if (mode != _P_OVERLAY)
chtype = PROC_SPAWN;
else
chtype = PROC_EXEC;
child_info_spawn ciresrv (chtype);
si.lpReserved2 = (LPBYTE) &ciresrv;
si.cbReserved2 = sizeof (ciresrv);
ciresrv.moreinfo = (cygheap_exec_info *) ccalloc (HEAP_1_EXEC, 1, sizeof (cygheap_exec_info));
ciresrv.moreinfo->old_title = NULL;
/* CreateProcess takes one long string that is the command line (sigh).
We need to quote any argument that has whitespace or embedded "'s. */
int ac;
for (ac = 0; argv[ac]; ac++)
/* nothing */;
av newargv (ac, argv);
int null_app_name = 0;
if (ac == 3 && argv[1][0] == '/' && argv[1][1] == 'c' &&
(iscmd (argv[0], "command.com") || iscmd (argv[0], "cmd.exe")))
{
real_path.check (prog_arg);
one_line.add ("\"");
if (!real_path.error)
one_line.add (real_path);
else
one_line.add (argv[0]);
one_line.add ("\"");
one_line.add (" ");
one_line.add (argv[1]);
one_line.add (" ");
one_line.add (argv[2]);
strcpy (real_path, argv[0]);
null_app_name = 1;
goto skip_arg_parsing;
}
const char *ext;
if ((ext = perhaps_suffix (prog_arg, real_path)) == NULL)
{
set_errno (ENOENT);
return -1;
}
MALLOC_CHECK;
/* If the file name ends in either .exe, .com, .bat, or .cmd we assume
that it is NOT a script file */
while (*ext == '\0')
{
HANDLE hnd = CreateFile (real_path, GENERIC_READ,
FILE_SHARE_READ | FILE_SHARE_WRITE,
&sec_none_nih, OPEN_EXISTING,
FILE_ATTRIBUTE_NORMAL, 0);
if (hnd == INVALID_HANDLE_VALUE)
{
__seterrno ();
return -1;
}
DWORD done;
char buf[2 * CYG_MAX_PATH];
buf[0] = buf[1] = buf[2] = buf[sizeof (buf) - 1] = '\0';
if (!ReadFile (hnd, buf, sizeof (buf) - 1, &done, 0))
{
CloseHandle (hnd);
__seterrno ();
return -1;
}
CloseHandle (hnd);
if (buf[0] == 'M' && buf[1] == 'Z')
break;
debug_printf ("%s is a script", (char *) real_path);
if (real_path.has_acls () && allow_ntsec
&& check_file_access (real_path, X_OK))
{
debug_printf ("... but not executable");
break;
}
char *pgm, *arg1;
if (buf[0] != '#' || buf[1] != '!')
{
pgm = (char *) "/bin/sh";
arg1 = NULL;
}
else
{
char *ptr;
pgm = buf + 2;
pgm += strspn (pgm, " \t");
for (ptr = pgm, arg1 = NULL;
*ptr && *ptr != '\r' && *ptr != '\n';
ptr++)
if (!arg1 && (*ptr == ' ' || *ptr == '\t'))
{
/* Null terminate the initial command and step over
any additional white space. If we've hit the
end of the line, exit the loop. Otherwise, we've
found the first argument. Position the current
pointer on the last known white space. */
*ptr = '\0';
char *newptr = ptr + 1;
newptr += strspn (newptr, " \t");
if (!*newptr || *newptr == '\r' || *newptr == '\n')
break;
arg1 = newptr;
ptr = newptr - 1;
}
*ptr = '\0';
}
/* Replace argv[0] with the full path to the script if this is the
first time through the loop. */
newargv.replace0_maybe (prog_arg);
/* pointers:
* pgm interpreter name
* arg1 optional string
*/
if (arg1)
newargv.unshift (arg1);
/* FIXME: This should not be using FE_NATIVE. It should be putting
the posix path on the argv list. */
find_exec (pgm, real_path, "PATH=", FE_NATIVE, &ext);
newargv.unshift (real_path, 1);
}
if (real_path.iscygexec ())
newargv.dup_all ();
else
{
for (int i = 0; i < newargv.argc; i++)
{
char *p = NULL;
const char *a;
newargv.dup_maybe (i);
a = i ? newargv[i] : (char *) real_path;
int len = strlen (a);
if (len != 0 && !strpbrk (a, " \t\n\r\""))
one_line.add (a, len);
else
{
one_line.add ("\"", 1);
/* Handle embedded special characters " and \.
A " is always preceded by a \.
A \ is not special unless it precedes a ". If it does,
then all preceding \'s must be doubled to avoid having
the Windows command line parser interpret the \ as quoting
the ". This rule applies to a string of \'s before the end
of the string, since cygwin/windows uses a " to delimit the
argument. */
for (; (p = strpbrk (a, "\"\\")); a = ++p)
{
one_line.add (a, p - a);
/* Find length of string of backslashes */
int n = strspn (p, "\\");
if (!n)
one_line.add ("\\\"", 2); /* No backslashes, so it must be a ".
The " has to be protected with a backslash. */
else
{
one_line.add (p, n); /* Add the run of backslashes */
/* Need to double up all of the preceding
backslashes if they precede a quote or EOS. */
if (!p[n] || p[n] == '"')
one_line.add (p, n);
p += n - 1; /* Point to last backslash */
}
}
if (*a)
one_line.add (a);
one_line.add ("\"", 1);
}
MALLOC_CHECK;
one_line.add (" ", 1);
MALLOC_CHECK;
}
MALLOC_CHECK;
if (one_line.ix)
one_line.buf[one_line.ix - 1] = '\0';
else
one_line.add ("", 1);
MALLOC_CHECK;
if (one_line.ix > 32767)
{
debug_printf ("Command line too long (>32K), return E2BIG");
set_errno (E2BIG);
return -1;
}
}
char *envblock;
newargv.all_calloced ();
if (newargv.error)
{
set_errno (newargv.error);
return -1;
}
ciresrv.moreinfo->argc = newargv.argc;
ciresrv.moreinfo->argv = newargv;
if (mode != _P_OVERLAY ||
!DuplicateHandle (hMainProc, myself.shared_handle (), hMainProc,
&ciresrv.moreinfo->myself_pinfo, 0,
TRUE, DUPLICATE_SAME_ACCESS))
ciresrv.moreinfo->myself_pinfo = NULL;
else
VerifyHandle (ciresrv.moreinfo->myself_pinfo);
skip_arg_parsing:
PROCESS_INFORMATION pi = {NULL, 0, 0, 0};
si.lpReserved = NULL;
si.lpDesktop = NULL;
si.dwFlags = STARTF_USESTDHANDLES;
si.hStdInput = handle (0, 0); /* Get input handle */
si.hStdOutput = handle (1, 1); /* Get output handle */
si.hStdError = handle (2, 1); /* Get output handle */
si.cb = sizeof (si);
int flags = CREATE_DEFAULT_ERROR_MODE | GetPriorityClass (hMainProc);
if (mode == _P_DETACH || !set_console_state_for_spawn ())
flags |= DETACHED_PROCESS;
bool reset_sendsig = false;
if (mode != _P_OVERLAY)
myself->exec_sendsig = NULL;
else
{
/* Reset sendsig so that any process which wants to send a signal
to this pid will wait for the new process to become active.
Save the old value in case the exec fails. */
if (!myself->exec_sendsig)
{
myself->exec_sendsig = myself->sendsig;
myself->exec_dwProcessId = myself->dwProcessId;
myself->sendsig = NULL;
reset_sendsig = true;
}
/* Save a copy of a handle to the current process around the first time we
exec so that the pid will not be reused. Why did I stop cygwin from
generating its own pids again? */
if (cygheap->pid_handle)
/* already done previously */;
else if (DuplicateHandle (hMainProc, hMainProc, hMainProc, &cygheap->pid_handle,
PROCESS_QUERY_INFORMATION, TRUE, 0))
ProtectHandle (cygheap->pid_handle);
else
system_printf ("duplicate to pid_handle failed, %E");
}
/* Some file types (currently only sockets) need extra effort in the parent
after CreateProcess and before copying the datastructures to the child.
So we have to start the child in suspend state, unfortunately, to avoid
a race condition. */
if (wincap.start_proc_suspended () || mode != _P_OVERLAY
|| cygheap->fdtab.need_fixup_before ())
flags |= CREATE_SUSPENDED;
const char *runpath = null_app_name ? NULL : (const char *) real_path;
syscall_printf ("null_app_name %d (%s, %.9500s)", null_app_name, runpath, one_line.buf);
void *newheap;
cygbench ("spawn-guts");
cygheap->fdtab.set_file_pointers_for_exec ();
cygheap->user.deimpersonate ();
/* When ruid != euid we create the new process under the current original
account and impersonate in child, this way maintaining the different
effective vs. real ids.
FIXME: If ruid != euid and ruid != saved_uid we currently give
up on ruid. The new process will have ruid == euid. */
if (!cygheap->user.issetuid ()
|| (cygheap->user.saved_uid == cygheap->user.real_uid
&& cygheap->user.saved_gid == cygheap->user.real_gid
&& !cygheap->user.groups.issetgroups ()))
{
ciresrv.moreinfo->envp = build_env (envp, envblock, ciresrv.moreinfo->envc,
real_path.iscygexec ());
newheap = cygheap_setup_for_child (&ciresrv, cygheap->fdtab.need_fixup_before ());
rc = CreateProcess (runpath, /* image name - with full path */
one_line.buf, /* what was passed to exec */
&sec_none_nih,/* process security attrs */
&sec_none_nih,/* thread security attrs */
TRUE, /* inherit handles from parent */
flags,
envblock, /* environment */
0, /* use current drive/directory */
&si,
&pi);
}
else
{
/* Give access to myself */
if (mode == _P_OVERLAY)
myself.set_acl();
/* allow the child to interact with our window station/desktop */
HANDLE hwst, hdsk;
SECURITY_INFORMATION dsi = DACL_SECURITY_INFORMATION;
DWORD n;
char wstname[1024];
char dskname[1024];
hwst = GetProcessWindowStation ();
SetUserObjectSecurity (hwst, &dsi, get_null_sd ());
GetUserObjectInformation (hwst, UOI_NAME, wstname, 1024, &n);
hdsk = GetThreadDesktop (GetCurrentThreadId ());
SetUserObjectSecurity (hdsk, &dsi, get_null_sd ());
GetUserObjectInformation (hdsk, UOI_NAME, dskname, 1024, &n);
strcat (wstname, "\\");
strcat (wstname, dskname);
si.lpDesktop = wstname;
ciresrv.moreinfo->envp = build_env (envp, envblock, ciresrv.moreinfo->envc,
real_path.iscygexec ());
newheap = cygheap_setup_for_child (&ciresrv, cygheap->fdtab.need_fixup_before ());
rc = CreateProcessAsUser (cygheap->user.primary_token (),
runpath, /* image name - with full path */
one_line.buf, /* what was passed to exec */
&sec_none_nih, /* process security attrs */
&sec_none_nih, /* thread security attrs */
TRUE, /* inherit handles from parent */
flags,
envblock, /* environment */
0, /* use current drive/directory */
&si,
&pi);
}
/* Restore impersonation. In case of _P_OVERLAY this isn't
allowed since it would overwrite child data. */
if (mode != _P_OVERLAY || !rc)
cygheap->user.reimpersonate ();
MALLOC_CHECK;
if (envblock)
free (envblock);
MALLOC_CHECK;
/* Set errno now so that debugging messages from it appear before our
final debugging message [this is a general rule for debugging
messages]. */
if (!rc)
{
__seterrno ();
syscall_printf ("CreateProcess failed, %E");
/* If this was a failed exec, restore the saved sendsig. */
if (reset_sendsig)
{
myself->sendsig = myself->exec_sendsig;
myself->exec_sendsig = NULL;
}
cygheap_setup_for_child_cleanup (newheap, &ciresrv, 0);
return -1;
}
/* FIXME: There is a small race here */
int res;
pthread_cleanup cleanup;
if (mode == _P_SYSTEM)
{
sigset_t child_block;
cleanup.oldint = signal (SIGINT, SIG_IGN);
cleanup.oldquit = signal (SIGQUIT, SIG_IGN);
sigemptyset (&child_block);
sigaddset (&child_block, SIGCHLD);
(void) sigprocmask (SIG_BLOCK, &child_block, &cleanup.oldmask);
}
pthread_cleanup_push (do_cleanup, (void *) &cleanup);
/* Fixup the parent data structures if needed and resume the child's
main thread. */
if (!cygheap->fdtab.need_fixup_before ())
cygheap_setup_for_child_cleanup (newheap, &ciresrv, 0);
else
{
cygheap->fdtab.fixup_before_exec (pi.dwProcessId);
cygheap_setup_for_child_cleanup (newheap, &ciresrv, 1);
}
if (mode != _P_OVERLAY)
cygpid = cygwin_pid (pi.dwProcessId);
else
cygpid = myself->pid;
/* We print the original program name here so the user can see that too. */
syscall_printf ("%d = spawn_guts (%s, %.9500s)",
rc ? cygpid : (unsigned int) -1, prog_arg, one_line.buf);
/* Name the handle similarly to proc_subproc. */
ProtectHandle1 (pi.hProcess, childhProc);
bool synced;
if (mode == _P_OVERLAY)
{
myself->dwProcessId = dwExeced = pi.dwProcessId;
strace.execing = 1;
myself.hProcess = hExeced = pi.hProcess;
strcpy (myself->progname, real_path); // FIXME: race?
sigproc_printf ("new process name %s", myself->progname);
close_all_files ();
/* If wr_proc_pipe doesn't exist then this process was not started by a cygwin
process. So, we need to wait around until the process we've just "execed"
dies. Use our own wait facility to wait for our own pid to exit (there
is some minor special case code in proc_waiter and friends to accommodate
this).
If wr_proc_pipe exists, then it should be duplicated to the child.
If the child has exited already, that's ok. The parent will pick up
on this fact when we exit. dup_proc_pipe will close our end of the pipe.
Note that wr_proc_pipe may also be == INVALID_HANDLE_VALUE. That will make
dup_proc_pipe essentially a no-op. */
if (myself->wr_proc_pipe)
{
myself->sync_proc_pipe (); /* Make sure that we own wr_proc_pipe
just in case we've been previously
execed. */
myself.zap_cwd ();
(void) myself->dup_proc_pipe (pi.hProcess);
}
}
else
{
myself->set_has_pgid_children ();
ProtectHandle (pi.hThread);
pinfo child (cygpid, PID_IN_USE);
if (!child)
{
syscall_printf ("pinfo failed");
if (get_errno () != ENOMEM)
set_errno (EAGAIN);
res = -1;
goto out;
}
child->dwProcessId = pi.dwProcessId;
child.hProcess = pi.hProcess;
strcpy (child->progname, real_path);
/* FIXME: This introduces an unreferenced, open handle into the child.
The purpose is to keep the pid shared memory open so that all of
the fields filled out by child.remember do not disappear and so there
is not a brief period during which the pid is not available.
However, we should try to find another way to do this eventually. */
(void) DuplicateHandle (hMainProc, child.shared_handle (), pi.hProcess,
NULL, 0, 0, DUPLICATE_SAME_ACCESS);
child->start_time = time (NULL); /* Register child's starting time. */
child->nice = myself->nice;
if (!child.remember (mode == _P_DETACH))
{
/* FIXME: Child in strange state now */
CloseHandle (pi.hProcess);
ForceCloseHandle (pi.hThread);
res = -1;
goto out;
}
}
/* Start the child running */
if (flags & CREATE_SUSPENDED)
ResumeThread (pi.hThread);
ForceCloseHandle (pi.hThread);
sigproc_printf ("spawned windows pid %d", pi.dwProcessId);
synced = ciresrv.sync (myself, INFINITE);
switch (mode)
{
case _P_OVERLAY:
if (!synced)
/* let myself.exit handle this */;
else if (myself->wr_proc_pipe)
myself.hProcess = NULL;
else
{
extern bool is_toplevel_proc;
is_toplevel_proc = true;
myself.remember (false);
waitpid (myself->pid, &res, 0);
}
myself.exit (EXITCODE_NOSET);
break;
case _P_WAIT:
case _P_SYSTEM:
if (waitpid (cygpid, &res, 0) != cygpid)
res = -1;
break;
case _P_DETACH:
res = 0; /* Lost all memory of this child. */
break;
case _P_NOWAIT:
case _P_NOWAITO:
case _P_VFORK:
res = cygpid;
break;
default:
break;
}
out:
pthread_cleanup_pop (1);
return (int) res;
}
extern "C" int
cwait (int *result, int pid, int)
{
return waitpid (pid, result, 0);
}
/*
* Helper function for spawn runtime calls.
* Doesn't search the path.
*/
extern "C" int
spawnve (int mode, const char *path, const char *const *argv,
const char *const *envp)
{
int ret;
#ifdef NEWVFORK
vfork_save *vf = vfork_storage.val ();
if (vf != NULL && (vf->pid < 0) && mode == _P_OVERLAY)
mode = _P_NOWAIT;
else
vf = NULL;
#endif
syscall_printf ("spawnve (%s, %s, %x)", path, argv[0], envp);
switch (mode)
{
case _P_OVERLAY:
/* We do not pass _P_SEARCH_PATH here. execve doesn't search PATH.*/
/* Just act as an exec if _P_OVERLAY set. */
spawn_guts (path, argv, envp, mode);
/* Errno should be set by spawn_guts. */
ret = -1;
break;
case _P_VFORK:
case _P_NOWAIT:
case _P_NOWAITO:
case _P_WAIT:
case _P_DETACH:
case _P_SYSTEM:
ret = spawn_guts (path, argv, envp, mode);
#ifdef NEWVFORK
if (vf)
{
if (ret > 0)
{
debug_printf ("longjmping due to vfork");
vf->restore_pid (ret);
}
}
#endif
break;
default:
set_errno (EINVAL);
ret = -1;
break;
}
return ret;
}
/*
* spawn functions as implemented in the MS runtime library.
* Most of these based on (and copied from) newlib/libc/posix/execXX.c
*/
extern "C" int
spawnl (int mode, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char *argv[256];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
va_end (args);
return spawnve (mode, path, (char * const *) argv, cur_environ ());
}
extern "C" int
spawnle (int mode, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char * const *envp;
const char *argv[256];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
envp = va_arg (args, const char * const *);
va_end (args);
return spawnve (mode, path, (char * const *) argv, (char * const *) envp);
}
extern "C" int
spawnlp (int mode, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char *argv[256];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
va_end (args);
return spawnvpe (mode, path, (char * const *) argv, cur_environ ());
}
extern "C" int
spawnlpe (int mode, const char *path, const char *arg0, ...)
{
int i;
va_list args;
const char * const *envp;
const char *argv[256];
va_start (args, arg0);
argv[0] = arg0;
i = 1;
do
argv[i] = va_arg (args, const char *);
while (argv[i++] != NULL);
envp = va_arg (args, const char * const *);
va_end (args);
return spawnvpe (mode, path, (char * const *) argv, envp);
}
extern "C" int
spawnv (int mode, const char *path, const char * const *argv)
{
return spawnve (mode, path, argv, cur_environ ());
}
extern "C" int
spawnvp (int mode, const char *path, const char * const *argv)
{
return spawnvpe (mode, path, argv, cur_environ ());
}
extern "C" int
spawnvpe (int mode, const char *file, const char * const *argv,
const char * const *envp)
{
path_conv buf;
return spawnve (mode, find_exec (file, buf), argv, envp);
}