forkables: Create forkable hardlinks, yet unused.
In preparation to protect fork() against dll- and exe-updates, create hardlinks to the main executable and each loaded dll in subdirectories of /var/run/cygfork/, if that one exists on the NTFS file system. The directory names consist of the user sid, the main executable's NTFS IndexNumber, and the most recent LastWriteTime of all involved binaries (dlls and main executable). Next to the main.exe hardlink we create the empty file main.exe.local to enable dll redirection. The name of the mutex to synchronize hardlink creation/cleanup also is assembled from these directory names, to allow for synchronized cleanup of even orphaned hardlink directories. The hardlink to each dynamically loaded dll goes into another directory, named using the NTFS IndexNumber of the dll's original directory. * Makefile.in (DLL_OFILES): Add forkable.o. * dll_init.h (struct dll): Declare member variables fbi, fii, forkable_ntname. Declare methods nominate_forkable, create_forkable. (struct dll_list): Declare enum forkables_needs. Declare member variables forkables_dirx_size, forkables_dirx_ntname, forkables_mutex_name, forkables_mutex. Declare private methods forkable_ntnamesize, prepare_forkables_nomination, update_forkables_needs, update_forkables, create_forkables, denominate_forkables, close_mutex, try_remove_forkables, set_forkables_inheritance, request_forkables. Declare public static methods ntopenfile, read_fii, read_fbi. Declare public methods release_forkables, cleanup_forkables. Define public inline method setup_forkables. * dll_init.cc (dll_list::alloc): Allocate memory to hold the name of the hardlink in struct dll member forkable_ntname. Initialize struct dll members fbi, fii. (dll_list::load_after_fork): Call release_forkables method. * fork.cc: Rename public fork function to static dofork, add with_forkables as bool pointer parameter. Add new fork function calling dofork. (struct frok): Add bool pointer member with_forkables, add as constructor parameter. (frok::parent): Call dlls.setup_forkables before CreateProcessW, dlls.release_forkables afterwards. * pinfo.cc (pinfo::exit): Call dlls.cleanup_forkables. * syscalls.cc (_unlink_nt): Rename public unlink_nt function to static _unlink_nt, with 'shareable' as additional argument. (unlink_nt): New, wrap _unlink_nt for original behaviour. (unlink_nt_shareable): New, wrap _unlink_nt to keep a binary file still loadable while removing one of its hardlinks. * forkable.cc: New file. Implement static functions mkdirs, rmdirs, rmdirs_synchronized, stat_real_file_once, format_IndexNumber, rootname, sidname, exename, lwtimename. Define static array forkable_nameparts. (struct dll): Implement nominate_forkable, create_forkable. (struct dll_list): Implement static methods ntopenfile, read_fii, read_fbi. Implement forkable_ntnamesize,
This commit is contained in:
Michael Haubenwallner
committed by
Corinna Vinschen
Corinna Vinschen
parent
dac0b6826b
commit
8ddb1f60c8
@@ -59,9 +59,15 @@ struct dll
|
||||
DWORD image_size;
|
||||
void* preferred_base;
|
||||
PWCHAR modname;
|
||||
FILE_BASIC_INFORMATION fbi;
|
||||
FILE_INTERNAL_INFORMATION fii;
|
||||
PWCHAR forkable_ntname;
|
||||
WCHAR ntname[1]; /* must be the last data member */
|
||||
|
||||
void detach ();
|
||||
int init ();
|
||||
void nominate_forkable (PCWCHAR);
|
||||
bool create_forkable ();
|
||||
void run_dtors ()
|
||||
{
|
||||
if (has_dtors)
|
||||
@@ -76,7 +82,32 @@ struct dll
|
||||
|
||||
class dll_list
|
||||
{
|
||||
/* forkables */
|
||||
enum
|
||||
{
|
||||
forkables_unknown,
|
||||
forkables_impossible,
|
||||
forkables_disabled,
|
||||
forkables_needless,
|
||||
forkables_needed,
|
||||
forkables_created,
|
||||
}
|
||||
forkables_needs;
|
||||
DWORD forkables_dirx_size;
|
||||
PWCHAR forkables_dirx_ntname;
|
||||
PWCHAR forkables_mutex_name;
|
||||
HANDLE forkables_mutex;
|
||||
void track_self ();
|
||||
size_t forkable_ntnamesize (dll_type, PCWCHAR fullntname, PCWCHAR modname);
|
||||
void prepare_forkables_nomination ();
|
||||
void update_forkables_needs ();
|
||||
bool update_forkables ();
|
||||
bool create_forkables ();
|
||||
void denominate_forkables ();
|
||||
bool close_mutex ();
|
||||
void try_remove_forkables (PWCHAR dirbuf, size_t dirlen, size_t dirbufsize);
|
||||
void set_forkables_inheritance (bool);
|
||||
void request_forkables ();
|
||||
|
||||
dll *end;
|
||||
dll *hold;
|
||||
@@ -85,6 +116,11 @@ class dll_list
|
||||
/* Use this buffer under loader lock conditions only. */
|
||||
static WCHAR NO_COPY nt_max_path_buffer[NT_MAX_PATH];
|
||||
public:
|
||||
static HANDLE ntopenfile (PCWCHAR ntname, NTSTATUS *pstatus = NULL,
|
||||
ULONG openopts = 0, ACCESS_MASK access = 0,
|
||||
HANDLE rootDir = NULL);
|
||||
static bool read_fii (HANDLE fh, PFILE_INTERNAL_INFORMATION pfii);
|
||||
static bool read_fbi (HANDLE fh, PFILE_BASIC_INFORMATION pfbi);
|
||||
static PWCHAR form_ntname (PWCHAR ntbuf, size_t bufsize, PCWCHAR name);
|
||||
static PWCHAR form_shortname (PWCHAR shortbuf, size_t bufsize, PCWCHAR name);
|
||||
static PWCHAR nt_max_path_buf ()
|
||||
@@ -115,6 +151,20 @@ public:
|
||||
void topsort_visit (dll* d, bool goto_tail);
|
||||
void append (dll* d);
|
||||
|
||||
void release_forkables ();
|
||||
void cleanup_forkables ();
|
||||
bool setup_forkables (bool with_forkables)
|
||||
{
|
||||
if (forkables_needs == forkables_impossible)
|
||||
return true; /* short cut to not retry fork */
|
||||
/* Once used, always use forkables in current process chain. */
|
||||
if (forkables_needs != forkables_unknown)
|
||||
with_forkables = true;
|
||||
if (with_forkables)
|
||||
request_forkables ();
|
||||
return with_forkables;
|
||||
}
|
||||
|
||||
dll *inext ()
|
||||
{
|
||||
while ((hold = hold->next))
|
||||
|
||||
Reference in New Issue
Block a user