JehanneOS/newlib
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

* fork.cc (fork_parent): Use sec_user_nih to control process/thread

Browse Source 
inheritance/permission.
* spawn.cc (spawn_guts): Ditto.
* security.cc (create_token): Initialize token so that it is not tested for
bogus value later.  Use sec_user to control process/thread creation.
* security.h (__sec_user): Rename declaration from sec_user.
(sec_user_nih): Declare here as inline function wrapper for __sec_user.
(sec_user): Ditto.
* sigproc.cc (czombies): Allocate a character array for zombies to avoid
constructor overhead
(extremely hackish, I know).
(cpchildren): Ditto.
(pchildren): New define.
(zombies): Ditto.
(getsem): Use sec_user_nih to control semaphore inheritance/permission.
This commit is contained in:
Christopher Faylor 2002-02-19 05:58:44 +00:00
parent dda54ada03
commit cecb74ae47
7 changed files with 47 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
winsup/cygwin/ChangeLog
View File

@ -1,3 +1,22 @@
2002-02-19 Christopher Faylor <cgf@redhat.com>
* fork.cc (fork_parent): Use sec_user_nih to control process/thread
inheritance/permission.
* spawn.cc (spawn_guts): Ditto.
* security.cc (create_token): Initialize token so that it is not tested
for bogus value later. Use sec_user to control process/thread
creation.
* security.h (__sec_user): Rename declaration from sec_user.
(sec_user_nih): Declare here as inline function wrapper for __sec_user.
(sec_user): Ditto.
* sigproc.cc (czombies): Allocate a character array for zombies to
avoid constructor overhead
(extremely hackish, I know).
(cpchildren): Ditto.
(pchildren): New define.
(zombies): Ditto.
(getsem): Use sec_user_nih to control semaphore inheritance/permission.
2002-02-16 Christopher Faylor <cgf@redhat.com> 2002-02-16 Christopher Faylor <cgf@redhat.com>
* times.cc (hires::prime): Restore thread priority on failure * times.cc (hires::prime): Restore thread priority on failure

4
winsup/cygwin/fork.cc
View File

@ -470,8 +470,8 @@ fork_parent (HANDLE& hParent, dll *&first_dll,
newheap = cygheap_setup_for_child (&ch,cygheap->fdtab.need_fixup_before ()); newheap = cygheap_setup_for_child (&ch,cygheap->fdtab.need_fixup_before ());
rc = CreateProcess (myself->progname, /* image to run */ rc = CreateProcess (myself->progname, /* image to run */
myself->progname, /* what we send in arg0 */ myself->progname, /* what we send in arg0 */
allow_ntsec ? sec_user (sa_buf) : &sec_none_nih, sec_user_nih (sa_buf),
allow_ntsec ? sec_user (sa_buf) : &sec_none_nih, sec_user_nih (sa_buf),
TRUE, /* inherit handles from parent */ TRUE, /* inherit handles from parent */
c_flags, c_flags,
NULL, /* environment filled in later */ NULL, /* environment filled in later */

2
winsup/cygwin/security.cc
View File

@ -726,7 +726,7 @@ create_token (cygsid &usersid, cygsid &pgrpsid)
source.SourceIdentifier.HighPart = 0; source.SourceIdentifier.HighPart = 0;
source.SourceIdentifier.LowPart = 0x0101; source.SourceIdentifier.LowPart = 0x0101;
HANDLE token; HANDLE token = INVALID_HANDLE_VALUE;
HANDLE primary_token = INVALID_HANDLE_VALUE; HANDLE primary_token = INVALID_HANDLE_VALUE;
HANDLE my_token = INVALID_HANDLE_VALUE; HANDLE my_token = INVALID_HANDLE_VALUE;

16
winsup/cygwin/security.h
View File

@ -199,8 +199,20 @@ SECURITY_DESCRIPTOR *__stdcall get_null_sd (void);
/* Various types of security attributes for use in Create* functions. */ /* Various types of security attributes for use in Create* functions. */
extern SECURITY_ATTRIBUTES sec_none, sec_none_nih, sec_all, sec_all_nih; extern SECURITY_ATTRIBUTES sec_none, sec_none_nih, sec_all, sec_all_nih;
extern SECURITY_ATTRIBUTES *__stdcall sec_user (PVOID sa_buf, PSID sid2 = NULL, BOOL inherit = TRUE); extern SECURITY_ATTRIBUTES *__stdcall __sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
extern SECURITY_ATTRIBUTES *__stdcall sec_user_nih (PVOID sa_buf, PSID sid2 = NULL); __attribute__ ((regparm (3)));
int __stdcall NTReadEA (const char *file, const char *attrname, char *buf, int len); int __stdcall NTReadEA (const char *file, const char *attrname, char *buf, int len);
BOOL __stdcall NTWriteEA (const char *file, const char *attrname, const char *buf, int len); BOOL __stdcall NTWriteEA (const char *file, const char *attrname, const char *buf, int len);
extern inline SECURITY_ATTRIBUTES *
sec_user_nih (char sa_buf[], PSID sid = NULL)
{
return allow_ntsec ? __sec_user (sa_buf, sid, FALSE) : &sec_none_nih;
}
extern inline SECURITY_ATTRIBUTES *
sec_user (char sa_buf[], PSID sid = NULL)
{
return allow_ntsec ? __sec_user (sa_buf, sid, TRUE) : &sec_none_nih;
}

11
winsup/cygwin/shared.cc
View File

@ -237,11 +237,8 @@ get_null_sd ()
} }
PSECURITY_ATTRIBUTES __stdcall PSECURITY_ATTRIBUTES __stdcall
sec_user (PVOID sa_buf, PSID sid2, BOOL inherit) __sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
{ {
if (!sa_buf)
return inherit ? &sec_none : &sec_none_nih;
PSECURITY_ATTRIBUTES psa = (PSECURITY_ATTRIBUTES) sa_buf; PSECURITY_ATTRIBUTES psa = (PSECURITY_ATTRIBUTES) sa_buf;
PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR) PSECURITY_DESCRIPTOR psd = (PSECURITY_DESCRIPTOR)
((char *) sa_buf + sizeof (*psa)); ((char *) sa_buf + sizeof (*psa));
@ -314,9 +311,3 @@ sec_user (PVOID sa_buf, PSID sid2, BOOL inherit)
psa->bInheritHandle = inherit; psa->bInheritHandle = inherit;
return psa; return psa;
} }
SECURITY_ATTRIBUTES *__stdcall
sec_user_nih (PVOID sa_buf, PSID sid2)
{
return sec_user (sa_buf, sid2, FALSE);
}

11
winsup/cygwin/sigproc.cc
View File

@ -103,11 +103,14 @@ Static HANDLE wait_sig_inited = NULL; // Control synchronization of
*/ */
Static HANDLE events[PSIZE + 1] = {0}; // All my children's handles++ Static HANDLE events[PSIZE + 1] = {0}; // All my children's handles++
#define hchildren (events + 1) // Where the children handles begin #define hchildren (events + 1) // Where the children handles begin
Static pinfo pchildren[PSIZE]; // All my children info Static char cpchildren[PSIZE * sizeof (pinfo)]; // All my children info
Static int nchildren = 0; // Number of active children Static int nchildren = 0; // Number of active children
Static pinfo zombies[NZOMBIES]; // All my deceased children info Static char czombies[NZOMBIES * sizeof (pinfo)]; // All my deceased children info
Static int nzombies = 0; // Number of deceased children Static int nzombies = 0; // Number of deceased children
#define pchildren ((pinfo *) cpchildren)
#define zombies ((pinfo *) czombies)
Static waitq waitq_head = {0, 0, 0, 0, 0, 0, 0};// Start of queue for wait'ing threads Static waitq waitq_head = {0, 0, 0, 0, 0, 0, 0};// Start of queue for wait'ing threads
Static waitq waitq_main; // Storage for main thread Static waitq waitq_main; // Storage for main thread
@ -939,8 +942,8 @@ getsem (_pinfo *p, const char *str, int init, int max)
char sa_buf[1024]; char sa_buf[1024];
DWORD winpid = GetCurrentProcessId (); DWORD winpid = GetCurrentProcessId ();
h = CreateSemaphore (allow_ntsec ? sec_user_nih (sa_buf) : &sec_none_nih, h = CreateSemaphore (sec_user_nih (sa_buf), init, max,
init, max, str = shared_name (str, winpid)); str = shared_name (str, winpid));
p = myself; p = myself;
if (!h) if (!h)
{ {

8
winsup/cygwin/spawn.cc
View File

@ -635,9 +635,9 @@ spawn_guts (HANDLE hToken, const char * prog_arg, const char *const *argv,
rc = CreateProcess (runpath, /* image name - with full path */ rc = CreateProcess (runpath, /* image name - with full path */
one_line.buf, /* what was passed to exec */ one_line.buf, /* what was passed to exec */
/* process security attrs */ /* process security attrs */
allow_ntsec ? sec_user (sa_buf) : &sec_all_nih, sec_user_nih (sa_buf),
/* thread security attrs */ /* thread security attrs */
allow_ntsec ? sec_user (sa_buf) : &sec_all_nih, sec_user_nih (sa_buf),
TRUE, /* inherit handles from parent */ TRUE, /* inherit handles from parent */
flags, flags,
envblock,/* environment */ envblock,/* environment */
@ -656,9 +656,7 @@ spawn_guts (HANDLE hToken, const char * prog_arg, const char *const *argv,
} }
/* Retrieve security attributes before setting psid to NULL /* Retrieve security attributes before setting psid to NULL
since it's value is needed by `sec_user'. */ since it's value is needed by `sec_user'. */
PSECURITY_ATTRIBUTES sec_attribs = allow_ntsec && sid PSECURITY_ATTRIBUTES sec_attribs = sec_user_nih (sa_buf, sid);
? sec_user (sa_buf, sid)
: &sec_all_nih;
/* Remove impersonation */ /* Remove impersonation */
if (cygheap->user.impersonated if (cygheap->user.impersonated