newlib/winsup/cygwin/ntea.cc
Corinna Vinschen db1ff3b932 * ntea.cc (read_ea): Change left-over return to __leave. Fix
condition to close handle.  Call NtClose rather than CloseHandle.
	(write_ea): Fix condition to close handle.  Call NtClose rather than
	CloseHandle.
	* security.cc (get_file_sd): Call pc.init_reopen_attr if a valid
	incoming handle was given, pc.get_object_attr otherwise.
	(set_file_sd): Ditto.
2014-08-27 09:39:44 +00:00

560 lines
14 KiB
C++

/* ntea.cc: code for manipulating Extended Attributes
Copyright 1997, 1998, 2000, 2001, 2002, 2003, 2005, 2006, 2007, 2008, 2009,
2010, 2011, 2014 Red Hat, Inc.
This file is part of Cygwin.
This software is a copyrighted work licensed under the terms of the
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
details. */
#include "winsup.h"
#include "cygtls.h"
#include "security.h"
#include "path.h"
#include "fhandler.h"
#include "dtable.h"
#include "cygheap.h"
#include "ntdll.h"
#include "tls_pbuf.h"
#include <stdlib.h>
#include <attr/xattr.h>
#define MAX_EA_NAME_LEN 256
#define MAX_EA_VALUE_LEN 65536
/* At least one maximum sized entry fits.
CV 2014-04-04: NtQueryEaFile function chokes on buffers bigger than 64K
with STATUS_INVALID_PARAMETER if the handle points to a file
on a remote share, at least on Windows 7 and later.
In theory the buffer should have a size of
sizeof (FILE_FULL_EA_INFORMATION) + MAX_EA_NAME_LEN
+ MAX_EA_VALUE_LEN
(65804 bytes), but we're opting for simplicity here, and
a 64K buffer has the advantage that we can use a tmp_pathbuf
buffer, rather than having to alloca 64K from stack. */
#define EA_BUFSIZ MAX_EA_VALUE_LEN
#define NEXT_FEA(p) ((PFILE_FULL_EA_INFORMATION) (p->NextEntryOffset \
? (char *) p + p->NextEntryOffset : NULL))
ssize_t __reg3
read_ea (HANDLE hdl, path_conv &pc, const char *name, char *value, size_t size)
{
OBJECT_ATTRIBUTES attr;
NTSTATUS status;
IO_STATUS_BLOCK io;
ssize_t ret = -1;
HANDLE h = hdl;
ULONG glen = 0;
PFILE_GET_EA_INFORMATION gea = NULL;
PFILE_FULL_EA_INFORMATION fea;
tmp_pathbuf tp;
/* We have to store the latest EaName to compare with the next one, since
NtQueryEaFile has a bug when accessing files on a remote share. It
returns the last EA entry of the file infinitely. Even utilizing the
optional EaIndex only helps marginally. If you use that, the last
EA in the file is returned twice. */
char lastname[MAX_EA_NAME_LEN];
__try
{
pc.get_object_attr (attr, sec_none_nih);
debug_printf ("read_ea (%S, %s, %p, %lu)",
attr.ObjectName, name, value, size);
/* Early open if handle is NULL. This allows to return error codes like
ENOENT before we actually check for the correctness of the EA name and
stuff like that. */
if (!hdl)
{
status = NtOpenFile (&h, READ_CONTROL | FILE_READ_EA, &attr, &io,
FILE_SHARE_VALID_FLAGS,
FILE_OPEN_FOR_BACKUP_INTENT);
if (!NT_SUCCESS (status))
{
__seterrno_from_nt_status (status);
__leave;
}
}
fea = (PFILE_FULL_EA_INFORMATION) tp.w_get ();
if (name)
{
size_t nlen;
/* For compatibility with Linux, we only allow user xattrs and
return ENOTSUP otherwise. */
if (ascii_strncasematch (name, "user.", 5))
name += 5;
else
{
set_errno (ENOTSUP);
__leave;
}
if ((nlen = strlen (name)) >= MAX_EA_NAME_LEN)
{
set_errno (EINVAL);
__leave;
}
glen = sizeof (FILE_GET_EA_INFORMATION) + nlen;
gea = (PFILE_GET_EA_INFORMATION) alloca (glen);
gea->NextEntryOffset = 0;
gea->EaNameLength = nlen;
strcpy (gea->EaName, name);
}
while (true)
{
if (h)
{
status = NtQueryEaFile (h, &io, fea, EA_BUFSIZ, TRUE, gea, glen,
NULL, TRUE);
if (status != STATUS_ACCESS_DENIED || !hdl)
break;
pc.init_reopen_attr (attr, h);
}
status = NtOpenFile (&h, READ_CONTROL | FILE_READ_EA, &attr, &io,
FILE_SHARE_VALID_FLAGS,
FILE_OPEN_FOR_BACKUP_INTENT);
if (!NT_SUCCESS (status))
break;
hdl = NULL;
}
if (!NT_SUCCESS (status))
{
switch (status)
{
case STATUS_NO_EAS_ON_FILE:
ret = 0;
break;
case STATUS_INVALID_DEVICE_REQUEST:
set_errno (ENOTSUP);
break;
case STATUS_NOT_FOUND:
/* STATUS_NOT_FOUND is returned when calling NtQueryEaFile on NFS.
In theory this should mean that the file just has no EAs, but
in fact NFS doesn't support EAs, other than the EAs which are
used for NFS requests. We're playing safe and convert
STATUS_NOT_FOUND to ENOATTR, unless we're on NFS, where we
convert it to ENOTSUP. */
set_errno (pc.fs_is_nfs () ? ENOTSUP : ENOATTR);
break;
case STATUS_NONEXISTENT_EA_ENTRY:
/* Actually STATUS_NONEXISTENT_EA_ENTRY is either never generated,
or it was only generated in some old and long forgotton NT
version. See below. For safty reasons, we handle it here,
nevertheless. */
set_errno (ENOATTR);
break;
default:
__seterrno_from_nt_status (status);
break;
}
__leave;
}
if (name)
{
/* Another weird behaviour of NtQueryEaFile. If you ask for a
specific EA which is not present in the file's EA list, you don't
get a useful error code like STATUS_NONEXISTENT_EA_ENTRY. Rather
NtQueryEaFile returns success with the entry's EaValueLength
set to 0. */
if (!fea->EaValueLength)
{
set_errno (ENOATTR);
__leave;
}
if (size > 0)
{
if (size < fea->EaValueLength)
{
set_errno (ERANGE);
__leave;
}
memcpy (value, fea->EaName + fea->EaNameLength + 1,
fea->EaValueLength);
}
ret = fea->EaValueLength;
}
else
{
ret = 0;
do
{
fea->EaNameLength += 5; /* "user." */
if (size > 0)
{
if ((size_t) ret + fea->EaNameLength + 1 > size)
{
set_errno (ERANGE);
__leave;
}
/* For compatibility with Linux, we always prepend "user." to
the attribute name, so effectively we only support user
attributes from a application point of view. */
char tmpbuf[MAX_EA_NAME_LEN * 2];
char *tp = stpcpy (tmpbuf, "user.");
stpcpy (tp, fea->EaName);
/* NTFS stores all EA names in uppercase unfortunately. To
keep compatibility with ext/xfs EA namespaces and
accompanying tools, which expect the namespaces to be
lower case, we return EA names in lowercase if the file
is on a native NTFS. */
if (pc.fs_is_ntfs ())
strlwr (tp);
tp = stpcpy (value, tmpbuf) + 1;
ret += tp - value;
value = tp;
}
else
ret += fea->EaNameLength + 1;
strcpy (lastname, fea->EaName);
status = NtQueryEaFile (h, &io, fea, EA_BUFSIZ, TRUE, NULL, 0,
NULL, FALSE);
}
while (NT_SUCCESS (status) && strcmp (lastname, fea->EaName) != 0);
}
}
__except (EFAULT) {}
__endtry
if (!hdl && h)
NtClose (h);
debug_printf ("%d = read_ea(%S, %s, %p, %lu)",
ret, attr.ObjectName, name, value, size);
return ret;
}
int __reg3
write_ea (HANDLE hdl, path_conv &pc, const char *name, const char *value,
size_t size, int flags)
{
OBJECT_ATTRIBUTES attr;
NTSTATUS status;
IO_STATUS_BLOCK io;
int ret = -1;
HANDLE h = hdl;
PFILE_FULL_EA_INFORMATION fea;
ULONG flen;
size_t nlen;
__try
{
pc.get_object_attr (attr, sec_none_nih);
debug_printf ("write_ea (%S, %s, %p, %lu, %d)",
attr.ObjectName, name, value, size, flags);
/* Early open if handle is NULL. This allows to return error codes like
ENOENT before we actually check for the correctness of the EA name and
stuff like that. */
if (!hdl)
{
status = NtOpenFile (&h, READ_CONTROL | FILE_WRITE_EA, &attr, &io,
FILE_SHARE_VALID_FLAGS,
FILE_OPEN_FOR_BACKUP_INTENT);
if (!NT_SUCCESS (status))
{
__seterrno_from_nt_status (status);
__leave;
}
}
/* For compatibility with Linux, we only allow user xattrs and
return ENOTSUP otherwise. */
if (!ascii_strncasematch (name, "user.", 5))
{
set_errno (ENOTSUP);
__leave;
}
/* removexattr is supposed to fail with ENOATTR if the requested EA is
not available. This is equivalent to XATTR_REPLACE for setxattr. */
if (!value)
flags = XATTR_REPLACE;
if (flags)
{
if (flags != XATTR_CREATE && flags != XATTR_REPLACE)
{
set_errno (EINVAL);
__leave;
}
ssize_t rret = read_ea (hdl, pc, name, NULL, 0);
if (flags == XATTR_CREATE && rret > 0)
{
set_errno (EEXIST);
__leave;
}
if (flags == XATTR_REPLACE && rret < 0)
__leave;
}
/* Skip "user." prefix. */
name += 5;
if ((nlen = strlen (name)) >= MAX_EA_NAME_LEN)
{
set_errno (EINVAL);
__leave;
}
flen = sizeof (FILE_FULL_EA_INFORMATION) + nlen + 1 + size;
fea = (PFILE_FULL_EA_INFORMATION) alloca (flen);
fea->NextEntryOffset = 0;
fea->Flags = 0;
fea->EaNameLength = nlen;
fea->EaValueLength = size;
strcpy (fea->EaName, name);
if (value)
memcpy (fea->EaName + fea->EaNameLength + 1, value, size);
while (true)
{
if (h)
{
status = NtSetEaFile (h, &io, fea, flen);
if (status != STATUS_ACCESS_DENIED || !hdl)
break;
pc.init_reopen_attr (attr, h);
}
status = NtOpenFile (&h, READ_CONTROL | FILE_WRITE_EA, &attr, &io,
FILE_SHARE_VALID_FLAGS,
FILE_OPEN_FOR_BACKUP_INTENT);
if (!NT_SUCCESS (status))
break;
hdl = NULL;
}
if (!NT_SUCCESS (status))
{
switch (status)
{
case STATUS_EA_TOO_LARGE:
/* STATUS_EA_TOO_LARGE has a matching Win32 error code
ERROR_EA_TABLE_FULL. For some reason RtlNtStatusToDosError
does not translate STATUS_EA_TOO_LARGE to ERROR_EA_TABLE_FULL,
but instead to ERROR_EA_LIST_INCONSISTENT. This error code is
also returned for STATUS_EA_LIST_INCONSISTENT, which means the
incoming EA list is... inconsistent. For obvious reasons we
translate ERROR_EA_LIST_INCONSISTENT to EINVAL, so we have to
handle STATUS_EA_TOO_LARGE explicitely here, to get the correct
mapping to ENOSPC. */
set_errno (ENOSPC);
break;
case STATUS_INVALID_DEVICE_REQUEST:
set_errno (ENOTSUP);
break;
default:
__seterrno_from_nt_status (status);
break;
}
}
else
ret = 0;
}
__except (EFAULT) {}
__endtry
if (!hdl && h)
NtClose (h);
debug_printf ("%d = write_ea(%S, %s, %p, %lu, %d)",
ret, attr.ObjectName, name, value, size, flags);
return ret;
}
static ssize_t __stdcall
getxattr_worker (path_conv &pc, const char *name, void *value, size_t size)
{
int res = -1;
if (pc.error)
{
debug_printf ("got %d error from path_conv", pc.error);
set_errno (pc.error);
}
else if (pc.exists ())
{
fhandler_base *fh;
if (!(fh = build_fh_pc (pc)))
return -1;
res = fh->fgetxattr (name, value, size);
delete fh;
}
else
set_errno (ENOENT);
return res;
}
extern "C" ssize_t
getxattr (const char *path, const char *name, void *value, size_t size)
{
if (!name)
{
set_errno (EINVAL);
return -1;
}
path_conv pc (path, PC_SYM_FOLLOW | PC_POSIX, stat_suffixes);
return getxattr_worker (pc, name, value, size);
}
extern "C" ssize_t
lgetxattr (const char *path, const char *name, void *value, size_t size)
{
if (!name)
{
set_errno (EINVAL);
return -1;
}
path_conv pc (path, PC_SYM_NOFOLLOW | PC_POSIX, stat_suffixes);
return getxattr_worker (pc, name, value, size);
}
extern "C" ssize_t
fgetxattr (int fd, const char *name, void *value, size_t size)
{
int res;
if (!name)
{
set_errno (EINVAL);
return -1;
}
cygheap_fdget cfd (fd);
if (cfd < 0)
res = -1;
else
res = cfd->fgetxattr (name, value, size);
return res;
}
extern "C" ssize_t
listxattr (const char *path, char *list, size_t size)
{
path_conv pc (path, PC_SYM_FOLLOW | PC_POSIX, stat_suffixes);
return getxattr_worker (pc, NULL, list, size);
}
extern "C" ssize_t
llistxattr (const char *path, char *list, size_t size)
{
path_conv pc (path, PC_SYM_NOFOLLOW | PC_POSIX, stat_suffixes);
return getxattr_worker (pc, NULL, list, size);
}
extern "C" ssize_t
flistxattr (int fd, char *list, size_t size)
{
int res;
cygheap_fdget cfd (fd);
if (cfd < 0)
res = -1;
else
res = cfd->fgetxattr (NULL, list, size);
return res;
}
static int __stdcall
setxattr_worker (path_conv &pc, const char *name, const void *value,
size_t size, int flags)
{
int res = -1;
if (pc.error)
{
debug_printf ("got %d error from path_conv", pc.error);
set_errno (pc.error);
}
else if (pc.exists ())
{
fhandler_base *fh;
if (!(fh = build_fh_pc (pc)))
return -1;
res = fh->fsetxattr (name, value, size, flags);
delete fh;
}
else
set_errno (ENOENT);
return res;
}
extern "C" int
setxattr (const char *path, const char *name, const void *value, size_t size,
int flags)
{
if (!size)
{
set_errno (EINVAL);
return -1;
}
path_conv pc (path, PC_SYM_NOFOLLOW | PC_POSIX, stat_suffixes);
return setxattr_worker (pc, name, value, size, flags);
}
extern "C" int
lsetxattr (const char *path, const char *name, const void *value, size_t size,
int flags)
{
if (!size)
{
set_errno (EINVAL);
return -1;
}
path_conv pc (path, PC_SYM_NOFOLLOW | PC_POSIX, stat_suffixes);
return setxattr_worker (pc, name, value, size, flags);
}
extern "C" int
fsetxattr (int fd, const char *name, const void *value, size_t size, int flags)
{
int res;
if (!size)
{
set_errno (EINVAL);
return -1;
}
cygheap_fdget cfd (fd);
if (cfd < 0)
res = -1;
else
res = cfd->fsetxattr (name, value, size, flags);
return res;
}
extern "C" int
removexattr (const char *path, const char *name)
{
path_conv pc (path, PC_SYM_FOLLOW | PC_POSIX, stat_suffixes);
return setxattr_worker (pc, name, NULL, 0, 0);
}
extern "C" int
lremovexattr (const char *path, const char *name)
{
path_conv pc (path, PC_SYM_NOFOLLOW | PC_POSIX, stat_suffixes);
return setxattr_worker (pc, name, NULL, 0, 0);
}
extern "C" int
fremovexattr (int fd, const char *name)
{
int res;
cygheap_fdget cfd (fd);
if (cfd < 0)
res = -1;
else
res = cfd->fsetxattr (name, NULL, 0, 0);
return res;
}