The solution from commit 9a3cc77b2a
didn't work for foreign domain accounts. Rather than calling
LookupAccountSid we now use the info when we fetch it anyway
via LDAP or Net*GetInfo. Only in case of domain groups we have
to add an LDAP call explicitly.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Make sure a domain+username fits into the local name buffer.
The former buffer size didn't take adding a domain name to
a really_really_long_user_name into account.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When looking up valid accounts by name, LookupAccountName returns
a SID and a case-correct domain name. However, the name was input
and LookupAccountName is case-insensitive, so the name is not
necessarily written the same way as in SAM or AD.
Fix that by doing a reverse lookup on the just fetched SID. This
fetches the account name in the correct case. Override the
incoming name with the case correct name from LookupAccountSid.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This is a really old and crappy API, as the previous commit shows.
Use NtQueryInformationFile(FilePositionInformation) here instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
dtable::set_file_pointers_for_exec is called from
child_info_spawn::worker to move the file position of O_APPEND
files to EOF if the child is a native child.
However, this only works correctly for the first O_APPEND
file descriptor:
- set_file_pointers_for_exec calls SetFilePointer. The higher
4 bytes of the desired file offset are given to SetFilePointer
as pointer to a DWORD value. On return, SetFilePointer returns
the higher 4 bytes of the new file position in this DWORD.
- So for the second and subsequent descriptors the higher 4 byte
of the file position depend on what the actual file position
of the previous file has been set to:
- If the file is > 2 Gigs, the high offset will not be 0 anymore.
- If the desciptor points to a non-seekable file (i.e., a pipe
or socket), SetFilePosition returns an error and sets the high
position to -1.
Fix this by calling SetFilePointerEx instead, which does not
modify the incoming position value.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When calling spawnve, in contrast to execve, the parent has
to create the pid for the child. With the old technique
this was simply the Windows pid, but now we have to inform
the child about its new pid.
Add a cygpid member to class child_info_spawn. Set it in
child_info_spawn::worker, just prior to calling CreateProcess
rather than afterwards. Overwrite cygheap->pid in
child_info_spawn::handle_spawn before calling pinfo::thisproc.
Make sure pinfo::thisproc knows the pid is already set by
setting the handle argument to INVALID_HANDLE_VALUE.
Also set procinfo->dwProcessId to myself_initial.dwProcessId
instead of to myself_initial.pid for clarity.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When the current process has renamed (to bin) a readonly dll, we get
STATUS_TRANSACTION_NOT_ACTIVE for unknown reason when subsequently
creating the forkable hardlink. A workaround is to open the original
file with FILE_WRITE_ATTRIBUTES access, but that fails with permission
denied for users not owning the original file.
* forkable.cc (dll::create_forkable): Retry hardlink creation using the
original file's handle opened with FILE_WRITE_ATTRIBUTES access when the
first attempt fails with STATUS_TRANSACTION_NOT_ACTIVE.
* Rename cygwin_shared->prefer_forkable_hardlinks to
forkable_hardlink_support, with values
0 for Unknown, 1 for Supported, -1 for Unsupported.
Upon first dll loaded ever, dll_list::forkable_ntnamesize checks the
/var/run/cygfork directory to both exist and reside on NTFS, setting
cygwin_shared->forkable_hardlink_support accordingly.
* Replace enum forkables_needs by bool forkables_created: Set
to True by request_forkables after creating forkable hardlinks.
To avoid the need for each process to check the filesystem to detect
that hardlink creation is impossible or disabled, cache this fact in
shared memory. Removing cygfork directory while in use does disable
hardlinks creation. To (re-)enable hardlinks creation, the cygfork
directory has to exist before the first cygwin process does fork.
* forkable.cc (dll_list::forkable_ntnamesize): Short cut
forkables needs to impossible when disabled via shared memory.
(dll_list::update_forkables_needs): When detecting hardlink
creation as impossible (not on NTFS) while still (we are the
first one checking) enabled via shared memory, disable the
shared memory value.
(dll_list::request_forkables): Disable the shared memory value
when hardlinks creation became disabled, that is when the
cygfork directory was removed.
* include/cygwin/version.h: Bump CYGWIN_VERSION_SHARED_DATA 6.
* shared_info.h (struct shared_info): Add member
prefer_forkable_hardlinks. Update CURR_SHARED_MAGIC.
* shared.cc (shared_info::initialize): Initialize
prefer_forkable_hardlinks to 1 (Yes).
To support in-cygwin package managers, the fork() implementation must
not rely on .exe and .dll files to stay in their original location, as
the package manager's job is to replace these files. Instead, when the
first fork try fails, and we have NTFS, we use hardlinks to the original
binaries in /var/run/cygfork/ to create the child process during the
second fork try, along the main.exe.local file to enable the "DotLocal
Dll Redirection" feature for the dlls.
The (probably few) users that need an update-safe fork manually have to
create the /var/run/cygfork/ directory for now, using:
mkdir --mode=a=rwxt /var/run/cygfork
* child_info.h: Bump CURR_CHILD_INFO_MAGIC.
(enum child_status): Add _CI_SILENTFAIL flag.
(struct child_info): Add silentfail setter and getter.
* winsup.h (child_copy): Add bool silentfail parameter.
* cygheap.cc: Pass silentfail parameter to child_copy.
* dcrt0.cc: Ditto.
* dll_init.h (struct dll): Define public inline method forkedntname.
(struct dll_list): Declare private method find_by_forkedntname.
* dll_init.cc (struct dll_list): Implement find_by_forkedntname.
(dll_list::alloc): Use find_by_forkedntname when in load after fork.
(dll_list::load_after_fork_impl): Load dlls using dll::forkedntname.
* fork.cc (frok::parent): Set silentfail child info flag. Pass
silentfail parameter to child_copy. Use forkedntname of
dlls.main_executable.
(fork): When first dofork run failed and did not use forkables,
run dofork again with_forkables set to true.
(child_copy): Use debug_printf if silentfail is true,
system_printf otherwise.
In preparation to protect fork() against dll- and exe-updates, create
hardlinks to the main executable and each loaded dll in subdirectories
of /var/run/cygfork/, if that one exists on the NTFS file system.
The directory names consist of the user sid, the main executable's NTFS
IndexNumber, and the most recent LastWriteTime of all involved binaries
(dlls and main executable). Next to the main.exe hardlink we create the
empty file main.exe.local to enable dll redirection.
The name of the mutex to synchronize hardlink creation/cleanup also is
assembled from these directory names, to allow for synchronized cleanup
of even orphaned hardlink directories.
The hardlink to each dynamically loaded dll goes into another directory,
named using the NTFS IndexNumber of the dll's original directory.
* Makefile.in (DLL_OFILES): Add forkable.o.
* dll_init.h (struct dll): Declare member variables fbi, fii,
forkable_ntname. Declare methods nominate_forkable,
create_forkable.
(struct dll_list): Declare enum forkables_needs. Declare member
variables forkables_dirx_size, forkables_dirx_ntname,
forkables_mutex_name, forkables_mutex. Declare private methods
forkable_ntnamesize, prepare_forkables_nomination,
update_forkables_needs, update_forkables, create_forkables,
denominate_forkables, close_mutex, try_remove_forkables,
set_forkables_inheritance, request_forkables. Declare public
static methods ntopenfile, read_fii, read_fbi. Declare public
methods release_forkables, cleanup_forkables. Define public
inline method setup_forkables.
* dll_init.cc (dll_list::alloc): Allocate memory to hold the
name of the hardlink in struct dll member forkable_ntname.
Initialize struct dll members fbi, fii.
(dll_list::load_after_fork): Call release_forkables method.
* fork.cc: Rename public fork function to static dofork, add
with_forkables as bool pointer parameter. Add new fork function
calling dofork. (struct frok): Add bool pointer member
with_forkables, add as constructor parameter.
(frok::parent): Call dlls.setup_forkables before CreateProcessW,
dlls.release_forkables afterwards.
* pinfo.cc (pinfo::exit): Call dlls.cleanup_forkables.
* syscalls.cc (_unlink_nt): Rename public unlink_nt function to
static _unlink_nt, with 'shareable' as additional argument.
(unlink_nt): New, wrap _unlink_nt for original behaviour.
(unlink_nt_shareable): New, wrap _unlink_nt to keep a binary
file still loadable while removing one of its hardlinks.
* forkable.cc: New file.
Implement static functions mkdirs, rmdirs, rmdirs_synchronized,
stat_real_file_once, format_IndexNumber, rootname, sidname,
exename, lwtimename. Define static array forkable_nameparts.
(struct dll): Implement nominate_forkable, create_forkable.
(struct dll_list): Implement static methods ntopenfile,
read_fii, read_fbi. Implement forkable_ntnamesize,
Even for the main executable and cygwin1.dll store the file name as full
NT path. Create the child process using the main executable's file name
converted from the full NT path stored before.
* dll_init.cc (dll_list::alloc): Search for DLL_SELF type entry
with module name like for DLL_LINK, use full NT path to search
for DLL_LOAD type only. For DLL_SELF type do not indicate
having a destructor to be called.
(dll_list::find): Ignore DLL_SELF type entries.
(dll_list::init): Ditto. Call track_self method.
(dll_list::track_self): New.
(dll_list::load_after_fork): Call track_self method.
* dll_init.h (enum dll_type): Add DLL_SELF, for the main
executable and cygwin1.dll.
(struct dll_list): Declare private method track_self. Declare
member variable main_executable.
* fork.cc (frok::parent): Use ntname from dlls.main_executable
to create child process, converted to short path using
dll_list::buffered_shortname.
Store loaded dll's file name as full NT path.
* dll_init.h (struct dll): Rename member variable name to ntname.
(struct dll_list): Declare private static member variable
nt_max_path_buffer. Declare public static methods form_ntname,
form_shortname. Define public static methods nt_max_path_buf,
buffered_shortname.
(dll_list::operator []): Use PCWCHAR rather than const PWCHAR.
(dll_list::find_by_modname): Ditto.
* dll_init.cc (in_load_after_fork): Define earlier in file.
(struct dll_list): Rename member variable name to ntname.
Define nt_max_path_buffer variable.
Implement static methods form_ntname, form_shortname.
(dll_list::operator []): Use PCWCHAR rather than const PWCHAR.
(dll_list::find_by_modname): Ditto.
(reserve_at): Ditto.
(release_at): Ditto.
(dll_list::alloc): Use nt_max_path_buf method instead of local
buffer. Store module file name as full NT path, convert using
the form_ntname static method.
(dll_list::load_after_fork): Call load_after_fork_impl only when
reload_on_fork is set.
* fork.cc (frok::child): Call dlls.load_after_fork even without
need to dynamically load dlls.
(frok::parent): Move syscall_printf into the retry loop.
Trying to delete in-use executables and DLLs using
FILE_DISPOSITION_POSIX_SEMANTICS returns STATUS_CANNOT_DELETE.
Fall back to the former method if that error occurs to allow
unlinking these files.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The symlink target of /proc/PID/fd files pointing to pipes and
sockets are just artificial filenames referencing the object using
some internal number. The pipe open code expects a path specifying
process pid and the internal number so it access the right process
and pipe.
- Set the posix path of the pipe to the simple pipe name only,
as it shows up in /proc/PID/fd. A /proc/self prefix is just
as wrong as a /dev/fd prefix.
- Revert thinko in fhandler_pipe::open expecting the name as
/proc/self/fd/... In fact this should never happen.
- Fix up the path before re-opening the pipe instead.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The reopen code neglected to pass along the requested open
mode correctly. This may end up reopening the file with
incorrect access mask, or duplicating the wrong pipe handle.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Move TerminateProcess call into cleanup code to make sure child
doesn't linger in some border cases.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When fork finally fails although both CreateProcess and creating the
"cygpid.N" shared memory section succeeded, we have to release that
shared memory section as well - before releasing the process handle.
Otherways we leave an orphan "cygpid.N" shared memory section, and any
subsequent cygwin process receiving the same PID fails to initialize.
* fork.cc (frok::parent): Call child.allow_remove in cleanup code.
- If the execve'ed process is a non-Cygwin process, we have to
create the matching winpid symlink and remove the old one
ourselves.
- If we spawn a child, the winpid symlink has to be maintained
by the child process, otherwise it disappears if the parent
process exits.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
The arguments are not used anyway, so drop them. When called,
procinfo->dwProcessId is already set right, so we don't have
to access myself_initial.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This may end up killing the wrong process. Only allow Cygwin PID.
Slightly clean up code: Remove outdated W95 considerations. Fix
a bug in commandline argument processing.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Since commit b5e1003722, native
Windows processes not started by Cygwin processes don't have a
Cygwin PID anymore. This breaks ps -W and kill -f <WINPID>.
Introduce MAX_PID (65536 for now).
Cygwin processes as well as native Windows processes started
from a Cygwin process get a PID < MAX_PID. All other native
Windows processes get a faked Cygwin PID >= MAX_PID.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Using the Windows PID as Cygwin PID has a few drawbacks:
- the PIDs on Windows get reused quickly. Some POSIX applications choke
on that, so we need extra code to avoid too quick PID reuse.
- The code to avoid PID reuse keeps parent process handles and
(depending on a build option) child processes open unnecessarily.
- After an execve, the process has a split personality: Its Windows PID
is a new PID, while its Cygwin PID is the PID of the execve caller
process. This requires to keep two procinfo shared sections open, the
second just to redirect process info requests to the first, correct
one.
This patch changes the way Cygwin PIDs are generated:
- Cygwin PIDs are generated independently of the Windows PID, in a way
expected by POSIX processes. The PIDs are created incrementally in
the range between 2 and 65535, round-robin.
- On startup of the first Cygwin process, choose a semi-random start PID
for the first process in the lower PID range to make the PIDs slightly
unpredictable. This may not be necessary but it seems kind of inviting
to know that the first Cygwin process always starts with PID 2.
- Every process not only creates the shared procinfo section, but also a
symlink in the NT namespace, symlinking the Windows PID to the Cygwin
PID. This drops the need for the extra procinfo section after execve.
- Don't keep other process handles around unnecessarily.
- Simplify the code creating/opening the shared procinfo section and
make a clear distinction between interfaces getting a Cygwin PID and
interfaces getting a Windows PID.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
If a process is just exiting, requesting memory info may fail
with STATUS_PROCESS_IS_TERMINATING. Right now the code just bails
out if fetching mem info fails. However, the rest of the info is
still valuable for procps, so just carry on.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
After creating a pthread, the stack gets moved to the desired memory
location. While the 32 bit thread wrapper copies the exception handler
information to the new stack (so we have at least *some* exception
handler present), the x86_64 code didn't perform any exception handler
magic. Fix that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
VirtualQueryEx, called by fixup_mmaps_after_fork, requires
PROCESS_QUERY_INFORMATION permissions per MSDN. However, testing
shows that PROCESS_QUERY_LIMITED_INFORMATION is sufficient when
running the same code on Windows 8.1 or Windows 10. Fix the code
to give the forked child always PROCESS_QUERY_INFORMATION perms
on Windows Vista/7 and respective server releases.
Revert now unneeded patch to check_token_membership as well.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
POSIX requires that raise(3) is equivalent to
pthread_kill(pthread_self(), sig);
in multi-threaded applications. Our raise just called kill(sig).
Fix that.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Keeping an inheritable handle open results in that handle being
spilled over into grandchild processes, which is not desired.
Duplicate original parent handle into a non-inheritable one with
minimal SYNCHRONIZE permissions and close the original handle.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>