* sec_acl.cc (get_posix_access): Skip merging permissions if current
user has rwx permissions anywa, or if the sum of all group and other
permissions is less than or equal to the user's permissions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sec_acl.cc (get_posix_access): Fix computation of effective user
permissions to handle current user, not only the file owner.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_tty.cc (fhandler_pty_slave::open): Add S_IFCHR flag
in call to create_object_sd_from_attribute.
(fhandler_pty_slave::fstat): Ditto in call to get_object_attribute.
(fhandler_pty_slave::fchmod): Add an orig_mode flag and ditto for
both calls.
(fhandler_pty_master::setup): Ditto in call to
create_object_sd_from_attribute.
* security.cc (get_object_attribute): Never add S_IFCHR to mode
here. Let the caller decide.
(create_object_sd_from_attribute): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* security.h (authz_get_user_attribute): Declare bool.
* sec_helper.cc (authz_ctx::get_user_attribute): Make bool method.
Set S_IxOTH bits in returned attributes rather than S_IxUSR bits.
(authz_get_user_attribute): Make bool function.
* sec_acl.cc (get_posix_access): Introduce cygsid array to keep
track of all SIDs in the ACL. Move AuthZ calls into !new_style
permission post processing. When not using AuthZ, use
CheckTokenMembership to collect group permissions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Disable
deviation from POSIX 1003.1e in terms of GROUP_OBJ/CLASS_OBJ
permissions. Follow POSIX 1003.1e again. Keep old code in
for future reference.
* sec_acl.cc: Accommodate changes in ACE creation in leading
comment.
(set_posix_access): Fix user deny ACE creation. Split group
deny ACE creation into two steps, one to reflect CLASS_OBJ,
the other to reflect OTHER_OBJ.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
- New, unified implementation of POSIX permission and ACL handling. The
new ACLs now store the POSIX ACL MASK/CLASS_OBJ permission mask, and
they allow to inherit the S_ISGID bit. ACL inheritance now really
works as desired, in a limited, but theoretically equivalent fashion
even for non-Cygwin processes.
To accommodate Windows default ACLs, the new code ignores SYSTEM and
Administrators group permissions when computing the MASK/CLASS_OBJ
permission mask on old ACLs, and it doesn't deny access to SYSTEM and
Administrators group based on the value of MASK/CLASS_OBJ when
creating the new ACLs.
The new code now handles the S_ISGID bit on directories as on Linux:
Setting S_ISGID on a directory causes new files and subdirs created
within to inherit its group, rather than the primary group of the user
who created the file. This only works for files and directories
created by Cygwin processes.
2015-05-29 Corinna Vinschen <corinna@vinschen.de>
Reapply POSIX ACL changes.
* utils.xml (setfacl): Show new option output.
(getfacl): Show new option output.
* sec_acl.cc (get_posix_access): Check for Cygwin "standard" ACL.
Apply umask, if so. Align comments.
* security.cc (set_created_file_access): Fix permission masking by
incoming requested file mode.
* sec_acl.cc (set_posix_access): Apply mask only in terms of execute bit
for SYSTEM and Admins group.
* sec_acl.cc (set_posix_access): Don't create DENY ACEs for USER and
GROUP entries if they are the same as USER_OBJ or GROUP_OBJ.
* fhandler.h (fhandler_pty_slave::facl): Add prototype.
* fhandler_tty.cc (fhandler_pty_slave::facl): New method.
(fhandler_pty_slave::fchown): Fix uid/gid handling.
* sec_acl.cc (set_posix_access): Drop superfluous class_idx variable.
Simplify and move around code in a few places. To improve ACL
readability, add r/w permissions to Admins ACE appended to pty ACL.
Add comment to explain Windows ACE Mask filtering being in the way of
creating a real CLASS_OBJ.
(get_posix_access): Fake CLASS_OBJ for ptys. Explain why.
* security.cc (get_object_attribute): Add S_IFCHR flag to attributes
when calling get_posix_access.
* sec_acl.cc (set_posix_access): Move merging group perms into owner
perms in case of owner == group after mask has been computed. Take
mask into account when doing so to avoid unnecessary ACCESS_DENIED_ACE.
* sec_acl.cc (get_posix_access): Only set saw_group_obj flag if we saw
the ACCESS_ALLOWED_ACE.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Deliberatly
set GROUP_OBJ and CLASS_OBJ perms to new group perms. Add comment
to explain why.
* security.cc (set_created_file_access): Ditto.
* sec_acl.cc (set_posix_access): Replace previous patch. Return
EINVAL if uid and/or guid is invalid and not backed by an actual
Windows account.
* sec_acl.cc (set_posix_access): Workaround owner/group SIDs being NULL.
* sec_acl.cc (set_posix_access): Handle files with owner == group.
Rephrase switch statement checking against unfiltered a_type value.
(get_posix_access): Handle files with owner == group.
* sec_acl.cc (get_posix_access): Don't use GROUP_OBJ access to fix up
CLASS_OBJ mask on old-style ACLs. Fix a comment.
* sec_acl.cc (set_posix_access): Always make sure Admins have
WRITE_DAC and WRITE_OWNER permissions.
* security.h (create_object_sd_from_attribute): Drop handle parameter
from prototype.
* security.cc (create_object_sd_from_attribute): Drop handle parameter.
Just create the standard POSIXy security descriptor.
(set_object_attribute): Accommodate dropped paramter in call to
create_object_sd_from_attribute.
* fhandler_tty.cc: Ditto, throughout.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Fix typo in
mask computation.
* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
not umasked.
(fhandler_base::open): Explicitely umask mode on NFS here. Call new
set_created_file_access rather than set_file_attribute.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
setting permissions on filesystems supporting ACLs using the new
set_posix_access call.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::mkdir): Call new set_created_file_access rather
than set_file_attribute.
* fhandler_socket.cc (fhandler_socket::bind): Don't umask here. Add
WRITE_OWNER access to allow writing group in case of SGID bit set.
Call new set_created_file_access rather than set_file_attribute.
* path.cc (symlink_worker): Call new set_created_file_access rather
than set_file_attribute.
* sec_acl.cc (searchace): Un-staticize.
(set_posix_access): New, complementary functionality to
get_posix_access.
(setacl): Implement in terms of get_posix_access/set_posix_access.
(get_posix_access): Add handling for just created files requiring
their first Cygwin ACL. Fix new_style recognition. Handle SGID
bit. For old-style ACLs, ignore SYSTEM and Administrators when
computing the {DEF_}CLASS_OBJ perms.
* security.cc (get_file_sd): Revamp comment. Change and (hopefully)
speed up inheritance processing for just created files.
(alloc_sd): Remove.
(set_security_attribute): Call set_posix_access instead of alloc_sd.
(get_object_attribute): Fix return value.
(create_object_sd_from_attribute): Call set_posix_access instead of
alloc_sd.
(set_file_attribute): Remove.
(set_created_file_access): New function implemented in terms of
get_posix_access/set_posix_access.
* security.h (set_file_attribute): Remove prototype.
(set_created_file_access): Add prototype.
(searchace): Ditto.
(set_posix_access): Ditto.
* syscalls.cc (open): Call open_with_arch with mode not umasked.
* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
Describe how to generate deny ACEs in more detail. Accommodate the
fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
a special Cygwin ACE. Improve further comments.
(CYG_ACE_NEW_STYLE): Define.
(get_posix_access): Change from Cygwin ACE to NULL deny ACE. Fix
CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
NULL deny ACE if the inheritance flags say so.
* sec_helper.cc (well_known_cygwin_sid): Remove.
* security.h (well_known_cygwin_sid): Drop declaration.
* sec_acl.cc (CYG_ACE_ISBITS_TO_WIN): Fix typo.
(get_posix_access): Rename index variable from i to idx. Define only
once at top level.
* security.cc (add_access_allowed_ace): Drop unused parameter "offset".
Accommodate throughout.
(add_access_denied_ace): Ditto.
* sec_acl.cc: Accommodate above change throughout.
* security.h (add_access_allowed_ace): Adjust prototype to above change.
(add_access_denied_ace): Ditto.
* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
owner and primary group of the file. Handle the default primary
group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
set. Add comments. Minor code rearrangements.
Preliminary read side implementation of new permission handling.
* acl.h (MAX_ACL_ENTRIES): Raise to 2730. Add comment to explain.
* sec_acl.cc: Add leading comment to explain new ACL style.
Add definitions and macros to use for bits in new Cygwin ACL.
(DENY_RWX): New mask value for all temporary deny bits.
(getace): Add bool parameter to decide when leaving all bits intact,
rather than filtering them per the already set bits.
(get_posix_access): New function, taking over functionality to read
POSIX ACL from SECURITY_DESCRIPTOR.
(getacl): Just call get_posix_access.
* sec_helper.cc (well_known_cygwin_sid): Define.
* security.cc (get_attribute_from_acl): Remove.
(get_info_from_sd): Remove.
(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
(get_file_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h (well_known_cygwin_sid): Declare.
(get_posix_access): Add prototype.
* Throughout, use simpler ACE macros from Windows' accctrl.h.
* getfacl.c (main): Special-case SYSTEM and Admins group. Add comments.
* setfacl.c: Align more to Linux tool.
(delacl): New function to delete acl entries only.
(modacl): Drop delete functionality. Add handling of recomputing the
mask and default mask values.
(delallacl): Rename from delacl.
(setfacl): Call delacl in Delete case. Call delallacl in DeleteAll
and DeleteDef case.
(usage): Accommodate new options. Rearrange and rephrase slightly.
(longopts): Emit 'x' in --delete case. Add --no-mask and --mask
options.
(opts): Add -x and -n options.
(main): Handle -d and -x the same. Handle -n and --mask options.
Drop handling for -r option.
* getfacl.c (usage): Align more closely to Linux version. Add new
options -c, -e, -E. Change formatting to accommodate longer options.
(longopts): Rename --noname to --numeric. Keep --noname for backward
compatibility. Add --omit-header, --all-effective and --no-effective
options.
(opts): Add -c, -e and -E option.
(main): Handle new -c, -e, and -E options.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* path.cc (symlink_native): Don't generate native symlink targeting
Cygwin special file. Inform the caller.
(symlink_worker): Don;t bail out in WSYM_nativestrict case if the
target is a Cygwin special file.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* init.cc (munge_threadfunc): Don't call NtQueryInformationThread with
ThreadQuerySetWin32StartAddress info class on XP 64 and Server 2003 64.
It crashes.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* sigproc.cc (pending_signals::clear): Yet another fix to fix the fix.
Actually iterate over the list of pending signals even if there's a
signal which doesn't have to be cleared. Other than that, revert loop
to it's former self as a while loop.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* nlsfuncs.cc (__get_lcid_from_locale): Handle LocaleNameToLCID
returning LOCALE_CUSTOM_UNSPECIFIED instead of failing in case of
an unsupported locale on Windows 10.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* signal.cc (sigwait): Fix return value to reflect errno in case of
error according to POSIX. Never return EINTR.
* thread.cc (pthread_kill): Return errno if sig_send failed.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* init.cc (munge_threadfunc): Check that we're actually replacing
the correct original function address on the stack.
* ntdll.h (enum _THREADINFOCLASS): Add ThreadQuerySetWin32StartAddress.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* strfuncs.cc (sys_cp_wcstombs): Always return number of multibytes
without trailing NUL as the documentation implies. Throughout Cygwin,
fix usage to align to this pattern.
* fhandler_process.cc (format_process_winexename): Drop trailing NUL
and LF from output.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* thread.cc (pthread_getattr_np): Fix memory leak, remove usage of
malloc for small local buffer.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* flock.cc (lockf_t::create_lock_obj_attr): Add buffer parameter.
Call _everyone_sd with buffer argument from caller rather than
everyone_sd with locally allocated stack buffer.
(lockf_t::create_lock_obj): Call create_lock_obj_attr only once
outside the loop and with additional buffer argument.
(lockf_t::open_lock_obj): Call create_lock_obj_attr with additional
buffer argument.
* include/sys/unistd.h (_SC_LEVEL*): Add cache-related variables as
on Linux.
* fhandler_proc.cc (format_proc_cpuinfo): Fetch cache information
from new cache functions in sysconf.cc, get_cpu_cache_intel and
get_cpu_cache_amd.
* sysconf.cc (__nt_query_system): New local helper.
(get_nproc_values): Utilize __nt_query_system on pre-Windows 7 systems.
Use GetLogicalProcessorInformationEx otherwise to handle more than
64 CPUs. Only handle _SC_NPROCESSORS_CONF and _SC_NPROCESSORS_ONLN.
(get_phys_pages): New helper to handle _SC_PHYS_PAGES.
(cpuid2_cache_descriptor): New array to map Intel CPUID 2 descriptor
values to cache type, cache size, associativity and linesize.
(cpuid2_cache_desc_compar): Comparision function for bsearch over
cpuid2_cache_descriptor.
(get_cpu_cache_intel_cpuid2): New function to fetch cache info from
Intel CPUID 2.
(get_cpu_cache_intel_cpuid4): Ditto from Intel CPUID 4.
(get_cpu_cache_intel): New function as CPU-specific entry point.
(assoc): New array to map associativity values from AMD CPUID
0x80000006.
(get_cpu_cache_amd): New function to fetch cache info from AMD CPUIDs
0x80000005 and 0x80000006.
(get_cpu_cache): New function to fetch cache info.
(sca): Call get_phys_pages if _SC_PHYS_PAGES is requested. Call
get_cpu_cache for new _SC_* cache requests.
(SC_MAX): Set to _SC_LEVEL4_CACHE_LINESIZE.
(get_phys_pages(void)): Call get_phys_pages(int).
* include/cygwin/version.h (CYGWIN_VERSION_API_MINOR): Bump.
* new-features.xml (ov-new2.3): Document sysconf cache addition.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_proc.cc (format_proc_cpuinfo): Only fetch group relations,
we don't need anything else.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* winsup.h (_WIN32_WINNT): Set to 0x0a00 for Windows 10.
(WINVER): Ditto. Remove outdated comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
System DLLs are always first in the DLL search order so
http://www.microsoft.com/technet/security/advisory/2269637.mspx
doesn't apply for them.
* autoload.cc (std_dll_init): Revert using full paths to system DLLs.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This fixes a long-standing problem when GetProcAddress fails
to load a function. The noload code calls SetLastError on
i686 without saving the edx register. Starting with Windows 7,
SetLastError apparently uses $edx and the register is set to
0x00000000 on return. So the subsequent `jmp *$edx' in noload
supposed to return to the caller, actually jumps to address NULL,
which results in a SEGV.
* autoload.cc (noload): i686 only: Save and restore $edx when calling
SetLastError to avoid clobbering return address stating with Windows 7.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* grp.cc (internal_getgrfull): Drop asking caches. Explain why.
(internal_getgroups): In case we're not utilizing the Windows account
DBs, don't call LsaLookupSids but iterate over the group SIDs in the
token and call internal_getgrsid for each of them. Explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Rearrange
to fall back to myself uid/gid in case we don't utilize Windows
account DBs, just as prior to 1.7.34.
* sec_helper.cc (cygpsid::get_id): Disable Samba user/group mapping per
RFC2307 if we're not utilizing Windows account DBs.
* security.cc (convert_samba_sd): Revert previous patch.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
When globals.cc has CRLF line endings, winsup.h is not removed, and
compilation fails for duplicate definitions.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler.cc (fhandler_base_overlapped::raw_write): When performing
nonblocking I/O, copy user space data into own buffer. Add longish
comment to explain why.
* fhandler.h (fhandler_base_overlapped::atomic_write_buf): New member.
(fhandler_base_overlapped::fhandler_base_overlapped): Initialize
atomic_write_buf.
(fhandler_base_overlapped::fhandler_base_overlapped): New destructor,
free'ing atomic_write_buf.
(fhandler_base_overlapped::copyto): Set atomic_write_buf to NULL in
copied fhandler.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Only try
to map user and group info per RFC2307 if account info is fetched
from Windows account DB.
(convert_samba_sd): Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* security,cc (get_attribute_from_acl): Merge all group perms into
user perms if user is member of group.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (GetLogicalProcessorInformationEx): Import.
(SetThreadGroupAffinity): Import.
* fhandler_proc.cc (add_size): New macro.
(get_msb): New inline function.
(mask_bits): Ditto.
(format_proc_cpuinfo): Drop handling of old CPUs. Check if we're
running on a OS version supporting porcessor groups. If so, use
SetThreadGroupAffinity to set thread affinity. Improve cache info
to include 3rd level cache on Intel CPUs. Improve multi core info.
* wincap.h (wincaps::has_processor_groups): New element.
* wincap.cc: Implement above element throughout.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
https://cygwin.com/ml/cygwin/2015-07/msg00344.html:
RtlFillMemory and RtlCopyMemory only work for size values
up to 2GB. Fix this problem by using NetBSD code for
memset and memcpy. Add entry points for memmove, wmemset,
wmemmove, wmemcpy. Thanks to Roman Petrovski
<RPetrovski@illumina.com> for pointing this out.
* miscfuncs.cc (memset): x86_64 only: Implement in assembler.
(memmove,memcpy): x86_64 only: Ditto.
(wmemmove,wmemcpy): x86_64 only: Ditto.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* cygtls.h: Include cygtls_padsize.h and define CYGTLS_PADSIZE there.
* cygtls_padsize.h: New file. Define CYGTLS_PADSIZE.
* environ.cc (parse_options): Fix NULL pointer access.
* init.cc (threadfunc_fe): Do not force stack align on x86_64.
* strace.cc (main2): Rename from main.
(main): Make room for _cygtls area on stack and just call main2. Add
comment to explain why.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
glibc's tst-makecontext2 testcase uncovered a bug in
__cont_link_context. If the function misses to reserve
shadow space for the calls to setcontext/cygwin_exit,
both functions could overwrite memory beyond the stack
configured in uc_stack.
* exceptions.cc (__cont_link_context): x86_64: align stack and reserve
shadow space for subsequent function calls, otherwise suffer potential
buffer overflow.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* uinfo.cc (cygheap_user::ontherange): Ignore $HOME if it's not
starting with a slash (aka, absolute POSIX Path).
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* libc/include/machine/setjmp.h (siglongjmp): Declare as function on
Cygwin.
(sigsetjmp): Ditto.
(_longjmp): Mark as noreturn function on Cygwin.
* common.din (siglongjmp): Export.
(sigsetjmp): Export.
* gendef: Change formatting of some comments.
(sigsetjmp): Implement.
(siglongjmp): Implement.
(__setjmpex): x86_64 only: Drop entry point.
(setjmp): x86_64 only: Store tls stackptr in Frame now, store MXCSR
and FPUCW registers in Spare, as MSVCRT does.
(longjmp): x86_64 only: Restore tls stackptr from Frame now, restore
MXCSR and FPUCW registers from Spare.
* include/cygwin/version.h (CYGWIN_VERSION_API_MINOR): Bump.
* new-features.xml (ov-new2.2): Document sigsetjmp, siglongjmp.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* dcrt0.cc (initial_env): Reduce size of local path buffers to
PATH_MAX. Allocate debugger_command from process heap.
(init_windows_system_directory): Very early initialize new global
variable global_progname.
* dll_init.cc (dll_list::alloc): Make path buffer static. Explain why.
(dll_list::populate_deps): Use tmp_pathbuf for local path buffer.
* exceptions.cc (debugger_command): Convert to PWCHAR.
(error_start_init): Allocate debugger_command and fill with wide char
strings. Only allocate if NULL.
(try_to_debug): Just check if debugger_command is a NULL pointer to
return. Drop conversion from char to WCHAR and drop local variable
dbg_cmd.
* globals.cc (global_progname): New global variable to store Windows
application path.
* pinfo.cc (pinfo_basic::pinfo_basic): Just copy progname over from
global_progname.
(pinfo::status_exit): Let path_conv create the POSIX path to
avoid local buffer.
* pseudo_reloc.cc (__report_error): Utilize global_progname, drop local
buffer.
* smallprint.cc (__small_vsprintf): Just utilize global_progname for
%P format specifier.
(__small_vswprintf): Ditto.
* strace.cc (PROTECT): Change to reflect x being a pointer. Reformat.
(CHECK): Ditto. Reformat.
(strace::activate): Utilize global_progname, drop local buffer.
Fix formatting.
(strace::vsprntf): Reduce size of local progname buffer to NAME_MAX.
Copy and, if necessary, convert only the last path component to
progname.
(strace_buf_guard): New muto.
(buf): New static pointer.
(strace::vprntf): Use buf under strace_buf_guard lock only. Allocate
buffer space for buf on Windows heap.
* wow64.cc (wow64_respawn_process): Utilize global_progname, drop
local path buffer.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (__unwind_single_frame): Define empty macro on i686.
(_cygtls::call_signal_handler): Try to make sure signal context makes
sense in case we're generating context here. Add comment to explain.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* exceptions.cc (__unwind_single_frame): Move up in file to be
accessible from other places. Move comment to getcontext.
(stack_info::walk): Call __unwind_single_frame in 64 bit case. Fix
preceeding comment.
(myfault_altstack_handler): Call __unwind_single_frame.
(getcontext): Give comment from __unwind_single_frame a new home.
(swapcontext): Fix comment.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
x86_64 only:
* cygtls.cc (san::leave): Restore _my_tls.andreas.
* cygtls.h (class san): Add _clemente as in 32 bit case. Add ret and
frame members.
(san::san): Handle _my_tls.andreas as on 32 bit. Take parameter and
write it to new member ret. Store current stack pointer in frame.
(san::~san): New destructor to restore _my_tls.andreas.
(__try): Use __l_except address as parameter to san::san.
* dcrt0.cc (dll_crt0_0): Add myfault_altstack_handler as vectored
continuation handler.
* exception.h (myfault_altstack_handler): Declare.
* exceptions.cc (myfault_altstack_handler): New function. Explain what
it's good for.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* miscfuncs.cc (struct pthread_wrapper_arg): Add member guardsize.
(pthread_wrapper): Set thread stack guarantee according to guardsize.
Tweak assembler code so that $rax/$eax is not required by GCC to
prepare the wrapper_arg value.
(CygwinCreateThread): Fix deadzone handling. Drop setting a "POSIX"
guardpage (aka page w/ PAGE_NOACCESS). Always use Windows guard
pages instead. On post-XP systems (providing SetThreadStackGuarantee)
always set up stack Windows like with reserved/commited areas and
movable guard pages. Only on XP set up stack fully commited if the
guardpage size is not the default system guardpage size.
Fill out pthread_wrapper_arg::guardsize. Improve comments.
* resource.cc: Implement RSTACK_LIMIT Linux-like.
(DEFAULT_STACKSIZE): New macro.
(DEFAULT_STACKGUARD): Ditto.
(rlimit_stack_guard): New muto.
(rlimit_stack): New global variable holding current RSTACK_LIMIT values.
(__set_rlimit_stack): Set rlimit_stack under lock.
(__get_rlimit_stack): Initialize rlimit_stack from executable header
and return rlimit_stack values under lock.
(get_rlimit_stack): Filtering function to return useful default
stacksize from rlimit_stack.rlim_cur value.
(getrlimit): Call __get_rlimit_stack in RLIMIT_STACK case.
(setrlimit): Call __set_rlimit_stack in RLIMIT_STACK case.
* thread.cc (pthread::create): Fetch default stacksize calling
get_rlimit_stack.
(pthread_attr::pthread_attr): Fetch default guardsize calling
wincap.def_guard_page_size.
(pthread_attr_getstacksize): Fetch default stacksize calling
get_rlimit_stack.
* thread.h (PTHREAD_DEFAULT_STACKSIZE): Remove.
(PTHREAD_DEFAULT_GUARDSIZE): Remove.
(get_rlimit_stack): Declare.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
* autoload.cc (SetThreadStackGuarantee): Import.
* cygtls.h (struct _cygtls): Replace thread_context with a ucontext_t
called context.
* exceptions.cc (exception::handle): Exit from process via signal_exit
in case sig_send returns from handling a stack overflow SIGSEGV.
Explain why.
(dumpstack_overflow_wrapper): Thread wrapper to create a stackdump
from another thread.
(signal_exit): Fix argument list to reflect three-arg signal handler.
In case we have to create a stackdump for a stack overflow condition,
do so from a separate thread. Explain why.
(sigpacket::process): Don't run signal_exit on alternate stack.
(altstack_wrapper): Wrapper function to do stack correction when
calling the signal handler on an alternate stack to handle a stack
overflow. Make sure to have lots of comments.
(_cygtls::call_signal_handler): Drop local context variable to reduce
stack pressure. Use this->context instead. Change inline assembler
to call altstack_wrapper.
(_cygtls::signal_debugger): Accommodate aforementioned change to
struct _cygtls.
* tlsoffset.h: Regenerate.
* tlsoffset64.h: Regenerate.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>