diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 425930b079..5e11108335 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -21,10 +21,8 @@ jobs: shell: msys2 {0} run: | # XXX: cygwin still uses gcc v11 so we get new warnings with v13, - # resulting in errors. We can't selectively disable warnigns since our - # cross compiler is also too old and doesn't understand the new - # warning flags, so we need to disable all errors for now. - export CXXFLAGS="-Wno-error -Wno-narrowing" + # resulting in errors due to -Werror. Disable them for now. + export CXXFLAGS="-Wno-error=stringop-truncation -Wno-error=array-bounds -Wno-error=overloaded-virtual -Wno-narrowing -Wno-use-after-free" (cd winsup && ./autogen.sh) ./configure --disable-dependency-tracking make -j8 diff --git a/winsup/cygwin/autoload.cc b/winsup/cygwin/autoload.cc index cdf6e75de6..c579befec9 100644 --- a/winsup/cygwin/autoload.cc +++ b/winsup/cygwin/autoload.cc @@ -477,6 +477,7 @@ LoadDLLfuncEx (SetThreadDescription, 8, KernelBase, 1) LoadDLLfunc (VirtualAlloc2, 28, KernelBase) LoadDLLfunc (NtMapViewOfSectionEx, 36, ntdll) +LoadDLLfuncEx (RtlSetProcessPlaceholderCompatibilityMode, 4, ntdll, 1) LoadDLLfunc (ldap_bind_s, 0, wldap32) LoadDLLfunc (ldap_count_entries, 0, wldap32) diff --git a/winsup/cygwin/dcrt0.cc b/winsup/cygwin/dcrt0.cc index 84a1cda498..f4d79b97df 100644 --- a/winsup/cygwin/dcrt0.cc +++ b/winsup/cygwin/dcrt0.cc @@ -821,6 +821,9 @@ dll_crt0_1 (void *) if (dynamically_loaded) sigproc_init (); + /* Call this before accessing any files. */ + RtlSetProcessPlaceholderCompatibilityMode (PHCM_EXPOSE_PLACEHOLDERS); + check_sanity_and_sync (user_data); /* Initialize malloc and then call user_shared_initialize since it relies diff --git a/winsup/cygwin/exceptions.cc b/winsup/cygwin/exceptions.cc index b8430633f8..1faeda2c66 100644 --- a/winsup/cygwin/exceptions.cc +++ b/winsup/cygwin/exceptions.cc @@ -1646,7 +1646,10 @@ _cygtls::call_signal_handler () context, unwind to the caller and in case we're called from sigdelayed, fix the instruction pointer accordingly. */ context.uc_mcontext.ctxflags = CONTEXT_FULL; +#pragma GCC diagnostic push +#pragma GCC diagnostic ignored "-Wmaybe-uninitialized" RtlCaptureContext ((PCONTEXT) &context.uc_mcontext); +#pragma GCC diagnostic pop __unwind_single_frame ((PCONTEXT) &context.uc_mcontext); if (stackptr > stack) { diff --git a/winsup/cygwin/fhandler/console.cc b/winsup/cygwin/fhandler/console.cc index 1fe72fc8b8..f9a6946d9f 100644 --- a/winsup/cygwin/fhandler/console.cc +++ b/winsup/cygwin/fhandler/console.cc @@ -4344,8 +4344,6 @@ fhandler_console::need_console_handler () void fhandler_console::set_disable_master_thread (bool x, fhandler_console *cons) { - if (con.disable_master_thread == x) - return; if (cons == NULL) { if (cygheap->ctty && cygheap->ctty->get_major () == DEV_CONS_MAJOR) diff --git a/winsup/cygwin/fhandler/disk_file.cc b/winsup/cygwin/fhandler/disk_file.cc index 470e9d4305..40e7143ffd 100644 --- a/winsup/cygwin/fhandler/disk_file.cc +++ b/winsup/cygwin/fhandler/disk_file.cc @@ -175,7 +175,9 @@ readdir_check_reparse_point (POBJECT_ATTRIBUTES attr, bool remote) bool ret = false; status = NtOpenFile (&reph, READ_CONTROL, attr, &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT | FILE_OPEN_REPARSE_POINT); + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT + | FILE_OPEN_REPARSE_POINT); if (NT_SUCCESS (status)) { PREPARSE_DATA_BUFFER rp = (PREPARSE_DATA_BUFFER) tp.c_get (); @@ -609,7 +611,8 @@ fhandler_disk_file::fstatvfs (struct statvfs *sfs) opened = NT_SUCCESS (NtOpenFile (&fh, READ_CONTROL, pc.get_object_attr (attr, sec_none_nih), &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT)); + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT)); if (!opened) { /* Can't open file. Try again with parent dir. */ @@ -618,7 +621,8 @@ fhandler_disk_file::fstatvfs (struct statvfs *sfs) attr.ObjectName = &dirname; opened = NT_SUCCESS (NtOpenFile (&fh, READ_CONTROL, &attr, &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT)); + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT)); if (!opened) goto out; } @@ -2054,7 +2058,8 @@ readdir_get_ino (const char *path, bool dot_dot) || NT_SUCCESS (NtOpenFile (&hdl, READ_CONTROL, pc.get_object_attr (attr, sec_none_nih), &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT | (pc.is_known_reparse_point () ? FILE_OPEN_REPARSE_POINT : 0))) ) @@ -2103,8 +2108,9 @@ fhandler_disk_file::readdir_helper (DIR *dir, dirent *de, DWORD w32_err, Mountpoints and unknown or unhandled reparse points will be treated as normal file/directory/unknown. In all cases, returning the INO of the reparse point (not of the target) matches behavior of posix systems. + Unless the file is OFFLINE. *. */ - if (attr & FILE_ATTRIBUTE_REPARSE_POINT) + if ((attr & FILE_ATTRIBUTE_REPARSE_POINT) && !isoffline (attr)) { OBJECT_ATTRIBUTES oattr; @@ -2345,7 +2351,8 @@ fhandler_disk_file::readdir (DIR *dir, dirent *de) &nfs_aol_ffei, sizeof nfs_aol_ffei) : NtOpenFile (&hdl, READ_CONTROL, &attr, &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT | FILE_OPEN_REPARSE_POINT); if (NT_SUCCESS (f_status)) { diff --git a/winsup/cygwin/fhandler/pipe.cc b/winsup/cygwin/fhandler/pipe.cc index 283319cce8..8daae8d192 100644 --- a/winsup/cygwin/fhandler/pipe.cc +++ b/winsup/cygwin/fhandler/pipe.cc @@ -18,6 +18,7 @@ details. */ #include "pinfo.h" #include "shared_info.h" #include "tls_pbuf.h" +#include "sigproc.h" #include /* This is only to be used for writing. When reading, @@ -587,6 +588,17 @@ fhandler_pipe::fixup_after_fork (HANDLE parent) ReleaseMutex (hdl_cnt_mtx); } +void +fhandler_pipe::fixup_after_exec () +{ + /* Set read pipe itself always non-blocking for cygwin process. + Blocking/non-blocking is simulated in raw_read(). For write + pipe, follow is_nonblocking(). */ + bool mode = get_device () == FH_PIPEW ? is_nonblocking () : true; + set_pipe_non_blocking (mode); + fhandler_base::fixup_after_exec (); +} + int fhandler_pipe::dup (fhandler_base *child, int flags) { @@ -1207,53 +1219,24 @@ HANDLE fhandler_pipe::get_query_hdl_per_process (WCHAR *name, OBJECT_NAME_INFORMATION *ntfn) { - NTSTATUS status; - ULONG len; - DWORD n_process = 256; - PSYSTEM_PROCESS_INFORMATION spi; - do - { /* Enumerate processes */ - DWORD nbytes = n_process * sizeof (SYSTEM_PROCESS_INFORMATION); - spi = (PSYSTEM_PROCESS_INFORMATION) HeapAlloc (GetProcessHeap (), - 0, nbytes); - if (!spi) - return NULL; - status = NtQuerySystemInformation (SystemProcessInformation, - spi, nbytes, &len); - if (NT_SUCCESS (status)) - break; - HeapFree (GetProcessHeap (), 0, spi); - n_process *= 2; - } - while (n_process < (1L<<20) && status == STATUS_INFO_LENGTH_MISMATCH); - if (!NT_SUCCESS (status)) - return NULL; + winpids pids ((DWORD) 0); - /* In most cases, it is faster to check the processes in reverse order. - To do this, store PIDs into an array. */ - DWORD *proc_pids = (DWORD *) HeapAlloc (GetProcessHeap (), 0, - n_process * sizeof (DWORD)); - if (!proc_pids) + /* In most cases, it is faster to check the processes in reverse order. */ + for (LONG i = (LONG) pids.npids - 1; i >= 0; i--) { - HeapFree (GetProcessHeap (), 0, spi); - return NULL; - } - PSYSTEM_PROCESS_INFORMATION p = spi; - n_process = 0; - while (true) - { - proc_pids[n_process++] = (DWORD)(intptr_t) p->UniqueProcessId; - if (!p->NextEntryOffset) - break; - p = (PSYSTEM_PROCESS_INFORMATION) ((char *) p + p->NextEntryOffset); - } - HeapFree (GetProcessHeap (), 0, spi); + NTSTATUS status; + ULONG len; + + /* Non-cygwin app may call ReadFile() for empty pipe, which makes + NtQueryObject() for ObjectNameInformation block. Therefore, do + not try to get query_hdl for non-cygwin apps. */ + _pinfo *p = pids[i]; + if (!p || ISSTATE (p, PID_NOTCYGWIN)) + continue; - for (LONG i = (LONG) n_process - 1; i >= 0; i--) - { HANDLE proc = OpenProcess (PROCESS_DUP_HANDLE | PROCESS_QUERY_INFORMATION, - 0, proc_pids[i]); + 0, p->dwProcessId); if (!proc) continue; @@ -1317,7 +1300,6 @@ fhandler_pipe::get_query_hdl_per_process (WCHAR *name, query_hdl_proc = proc; query_hdl_value = (HANDLE)(intptr_t) phi->Handles[j].HandleValue; HeapFree (GetProcessHeap (), 0, phi); - HeapFree (GetProcessHeap (), 0, proc_pids); return h; } close_handle: @@ -1327,7 +1309,6 @@ fhandler_pipe::get_query_hdl_per_process (WCHAR *name, close_proc: CloseHandle (proc); } - HeapFree (GetProcessHeap (), 0, proc_pids); return NULL; } @@ -1401,3 +1382,54 @@ fhandler_pipe::get_query_hdl_per_system (WCHAR *name, HeapFree (GetProcessHeap (), 0, shi); return NULL; } + +void +fhandler_pipe::spawn_worker (int fileno_stdin, int fileno_stdout, + int fileno_stderr) +{ + bool need_send_noncygchld_sig = false; + + /* spawn_worker() is called from spawn.cc only when non-cygwin app + is started. Set pipe mode blocking for the non-cygwin process. */ + int fd; + cygheap_fdenum cfd (false); + while ((fd = cfd.next ()) >= 0) + if (cfd->get_dev () == FH_PIPEW + && (fd == fileno_stdout || fd == fileno_stderr)) + { + fhandler_pipe *pipe = (fhandler_pipe *)(fhandler_base *) cfd; + pipe->set_pipe_non_blocking (false); + + /* Setup for query_ndl stuff. Read the comment below. */ + if (pipe->request_close_query_hdl ()) + need_send_noncygchld_sig = true; + } + else if (cfd->get_dev () == FH_PIPER && fd == fileno_stdin) + { + fhandler_pipe *pipe = (fhandler_pipe *)(fhandler_base *) cfd; + pipe->set_pipe_non_blocking (false); + } + + /* If multiple writers including non-cygwin app exist, the non-cygwin + app cannot detect pipe closure on the read side when the pipe is + created by system account or the pipe creator is running as service. + This is because query_hdl which is held in write side also is a read + end of the pipe, so the pipe is still alive for the non-cygwin app + even after the reader is closed. + + To avoid this problem, let all processes in the same process + group close query_hdl using internal signal __SIGNONCYGCHLD when + non-cygwin app is started. */ + if (need_send_noncygchld_sig) + { + tty_min dummy_tty; + dummy_tty.ntty = (fh_devices) myself->ctty; + dummy_tty.pgid = myself->pgid; + tty_min *t = cygwin_shared->tty.get_cttyp (); + if (!t) /* If tty is not allocated, use dummy_tty instead. */ + t = &dummy_tty; + /* Emit __SIGNONCYGCHLD to let all processes in the + process group close query_hdl. */ + t->kill_pgrp (__SIGNONCYGCHLD); + } +} diff --git a/winsup/cygwin/local_includes/fhandler.h b/winsup/cygwin/local_includes/fhandler.h index 649a431844..15b19f7643 100644 --- a/winsup/cygwin/local_includes/fhandler.h +++ b/winsup/cygwin/local_includes/fhandler.h @@ -1212,6 +1212,7 @@ class fhandler_pipe: public fhandler_pipe_fifo int open (int flags, mode_t mode = 0); bool open_setup (int flags); void fixup_after_fork (HANDLE); + void fixup_after_exec (); int dup (fhandler_base *child, int); void set_close_on_exec (bool val); int close (); @@ -1273,6 +1274,8 @@ class fhandler_pipe: public fhandler_pipe_fifo } return false; } + static void spawn_worker (int fileno_stdin, int fileno_stdout, + int fileno_stderr); }; #define CYGWIN_FIFO_PIPE_NAME_LEN 47 diff --git a/winsup/cygwin/local_includes/ntdll.h b/winsup/cygwin/local_includes/ntdll.h index a4e8b88557..aa1f3b90fd 100644 --- a/winsup/cygwin/local_includes/ntdll.h +++ b/winsup/cygwin/local_includes/ntdll.h @@ -159,6 +159,13 @@ extern GUID __cygwin_socket_guid; #define FILE_VC_QUOTAS_REBUILDING 0x00000200 #define FILE_VC_VALID_MASK 0x000003ff +#define PHCM_APPLICATION_DEFAULT 0 +#define PHCM_DISGUISE_PLACEHOLDER 1 +#define PHCM_EXPOSE_PLACEHOLDERS 2 +#define PHCM_MAX 2 +#define PHCM_ERROR_INVALID_PARAMETER -1 +#define PHCM_ERROR_NO_TEB -2 + /* IOCTL code to impersonate client of named pipe. */ #define FSCTL_PIPE_DISCONNECT CTL_CODE(FILE_DEVICE_NAMED_PIPE, 1, \ @@ -1605,6 +1612,7 @@ extern "C" BOOLEAN); NTSTATUS RtlSetGroupSecurityDescriptor (PSECURITY_DESCRIPTOR, PSID, BOOLEAN); NTSTATUS RtlSetOwnerSecurityDescriptor (PSECURITY_DESCRIPTOR, PSID, BOOLEAN); + CHAR RtlSetProcessPlaceholderCompatibilityMode (CHAR); PUCHAR RtlSubAuthorityCountSid (PSID); PULONG RtlSubAuthoritySid (PSID, ULONG); ULONG RtlUnicodeStringToAnsiSize (PUNICODE_STRING); diff --git a/winsup/cygwin/local_includes/path.h b/winsup/cygwin/local_includes/path.h index 74f831e53f..8c97c42547 100644 --- a/winsup/cygwin/local_includes/path.h +++ b/winsup/cygwin/local_includes/path.h @@ -23,6 +23,14 @@ has_attribute (DWORD attributes, DWORD attribs_to_test) && (attributes & attribs_to_test); } +extern inline bool +isoffline (DWORD attributes) +{ + return has_attribute (attributes, FILE_ATTRIBUTE_OFFLINE + | FILE_ATTRIBUTE_RECALL_ON_OPEN + | FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS); +} + enum executable_states { is_executable, @@ -230,6 +238,12 @@ class path_conv bool exists () const {return fileattr != INVALID_FILE_ATTRIBUTES;} bool has_attribute (DWORD x) const {return exists () && (fileattr & x);} int isdir () const {return has_attribute (FILE_ATTRIBUTE_DIRECTORY);} + bool isoffline () const + { + return has_attribute (FILE_ATTRIBUTE_OFFLINE + | FILE_ATTRIBUTE_RECALL_ON_OPEN + | FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS); + } executable_states exec_state () { extern int _check_for_executable; @@ -237,7 +251,7 @@ class path_conv return is_executable; if (mount_flags & MOUNT_NOTEXEC) return not_executable; - if (!_check_for_executable) + if (isoffline () || !_check_for_executable) return dont_care_if_executable; return dont_know_if_executable; } diff --git a/winsup/cygwin/local_includes/winlean.h b/winsup/cygwin/local_includes/winlean.h index 9b30b6557c..d4b4038658 100644 --- a/winsup/cygwin/local_includes/winlean.h +++ b/winsup/cygwin/local_includes/winlean.h @@ -74,6 +74,14 @@ details. */ #undef CRITICAL #endif +/* Filesystem flags not yet supported by Mingw-w64 headers. */ +#ifndef FILE_ATTRIBUTE_RECALL_ON_OPEN +#define FILE_ATTRIBUTE_RECALL_ON_OPEN 0x00040000 +#endif +#ifndef FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS +#define FILE_ATTRIBUTE_RECALL_ON_DATA_ACCESS 0x00400000 +#endif + /* So-called "Microsoft Account" SIDs (S-1-11-...) have a netbios domain name "MicrosoftAccounts". The new "Application Container SIDs" (S-1-15-...) have a netbios domain name "APPLICATION PACKAGE AUTHORITY" diff --git a/winsup/cygwin/msys2_path_conv.cc b/winsup/cygwin/msys2_path_conv.cc index 133939a7a8..1c60bf375c 100644 --- a/winsup/cygwin/msys2_path_conv.cc +++ b/winsup/cygwin/msys2_path_conv.cc @@ -366,7 +366,6 @@ path_type find_path_start_and_type(const char** src, int recurse, const char* en switch (*it) { case '`': case '\'': - case '"': case '*': case '?': case '[': diff --git a/winsup/cygwin/path.cc b/winsup/cygwin/path.cc index 30d444c416..a44741f27f 100644 --- a/winsup/cygwin/path.cc +++ b/winsup/cygwin/path.cc @@ -3378,7 +3378,8 @@ symlink_info::check (char *path, const suffix_info *suffixes, fs_info &fs, } status = NtOpenFile (&h, READ_CONTROL | FILE_READ_ATTRIBUTES, &attr, &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_REPARSE_POINT + FILE_OPEN_NO_RECALL + | FILE_OPEN_REPARSE_POINT | FILE_OPEN_FOR_BACKUP_INTENT); debug_printf ("%y = NtOpenFile (no-EAs %S)", status, &upath); } @@ -3595,7 +3596,11 @@ symlink_info::check (char *path, const suffix_info *suffixes, fs_info &fs, directory using a relative path, symlink evaluation goes totally awry. We never want a virtual drive evaluated as symlink. */ if (upath.Length <= 14) - goto file_not_symlink; + goto file_not_symlink; + + /* Offline files, even if reparse points, are not symlinks. */ + if (isoffline (fileattr)) + goto file_not_symlink; /* Reparse points are potentially symlinks. This check must be performed before checking the SYSTEM attribute for sysfile @@ -3641,7 +3646,8 @@ symlink_info::check (char *path, const suffix_info *suffixes, fs_info &fs, status = NtOpenFile (&sym_h, SYNCHRONIZE | GENERIC_READ, &attr, &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT | FILE_SYNCHRONOUS_IO_NONALERT); if (!NT_SUCCESS (status)) res = 0; @@ -3685,7 +3691,8 @@ symlink_info::check (char *path, const suffix_info *suffixes, fs_info &fs, status = NtOpenFile (&sym_h, SYNCHRONIZE | GENERIC_READ, &attr, &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT | FILE_SYNCHRONOUS_IO_NONALERT); if (!NT_SUCCESS (status)) diff --git a/winsup/cygwin/sec/base.cc b/winsup/cygwin/sec/base.cc index 8b04b40b49..0fc8699bfc 100644 --- a/winsup/cygwin/sec/base.cc +++ b/winsup/cygwin/sec/base.cc @@ -65,7 +65,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, fh ? pc.init_reopen_attr (attr, fh) : pc.get_object_attr (attr, sec_none_nih), &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT | pc.is_known_reparse_point () ? FILE_OPEN_REPARSE_POINT : 0); if (!NT_SUCCESS (status)) @@ -129,7 +130,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, NULL, NULL); status = NtOpenFile (&fh, READ_CONTROL, &attr, &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT | FILE_OPEN_REPARSE_POINT); if (!NT_SUCCESS (status)) { @@ -234,7 +236,8 @@ set_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, bool is_chown) : pc.get_object_attr (attr, sec_none_nih), &io, FILE_SHARE_VALID_FLAGS, - FILE_OPEN_FOR_BACKUP_INTENT + FILE_OPEN_NO_RECALL + | FILE_OPEN_FOR_BACKUP_INTENT | pc.is_known_reparse_point () ? FILE_OPEN_REPARSE_POINT : 0); if (!NT_SUCCESS (status)) diff --git a/winsup/cygwin/spawn.cc b/winsup/cygwin/spawn.cc index 383f5e56fe..acdef49375 100644 --- a/winsup/cygwin/spawn.cc +++ b/winsup/cygwin/spawn.cc @@ -607,38 +607,8 @@ child_info_spawn::worker (const char *prog_arg, const char *const *argv, int fileno_stderr = 2; if (!iscygwin ()) - { - bool need_send_sig = false; - int fd; - cygheap_fdenum cfd (false); - while ((fd = cfd.next ()) >= 0) - if (cfd->get_dev () == FH_PIPEW - && (fd == fileno_stdout || fd == fileno_stderr)) - { - fhandler_pipe *pipe = (fhandler_pipe *)(fhandler_base *) cfd; - pipe->set_pipe_non_blocking (false); - if (pipe->request_close_query_hdl ()) - need_send_sig = true; - } - else if (cfd->get_dev () == FH_PIPER && fd == fileno_stdin) - { - fhandler_pipe *pipe = (fhandler_pipe *)(fhandler_base *) cfd; - pipe->set_pipe_non_blocking (false); - } - - if (need_send_sig) - { - tty_min dummy_tty; - dummy_tty.ntty = (fh_devices) myself->ctty; - dummy_tty.pgid = myself->pgid; - tty_min *t = cygwin_shared->tty.get_cttyp (); - if (!t) /* If tty is not allocated, use dummy_tty instead. */ - t = &dummy_tty; - /* Emit __SIGNONCYGCHLD to let all processes in the - process group close query_hdl. */ - t->kill_pgrp (__SIGNONCYGCHLD); - } - } + fhandler_pipe::spawn_worker (fileno_stdin, fileno_stdout, + fileno_stderr); bool no_pcon = mode != _P_OVERLAY && mode != _P_WAIT; term_spawn_worker.setup (iscygwin (), handle (fileno_stdin, false), diff --git a/winsup/cygwin/uinfo.cc b/winsup/cygwin/uinfo.cc index fefd984f84..f963841789 100644 --- a/winsup/cygwin/uinfo.cc +++ b/winsup/cygwin/uinfo.cc @@ -928,37 +928,45 @@ fetch_from_path (cyg_ldap *pldap, PUSER_INFO_3 ui, cygpsid &sid, PCWSTR str, return ret; } -static size_t -fetch_env(LPCWSTR key, char *buf, size_t size) -{ - WCHAR wbuf[32767]; - DWORD max = sizeof wbuf / sizeof *wbuf; - DWORD len = GetEnvironmentVariableW (key, wbuf, max); - - if (!len || len >= max) - return 0; - - len = sys_wcstombs (buf, size, wbuf, len); - return len && len < size ? len : 0; -} - static char * fetch_home_env (void) { - char home[32767]; - size_t max = sizeof home / sizeof *home, len; + /* If `HOME` is set, prefer it */ + const char *home = getenv ("HOME"); + if (home) + { + /* In the very early code path of `user_info::initialize ()`, the value + of the environment variable `HOME` is still in its Windows form. */ + if (isdrive (home) || home[0] == '\\') + return (char *) cygwin_create_path (CCP_WIN_A_TO_POSIX, home); + return strdup (home); + } - if (fetch_env (L"HOME", home, max) - || ((len = fetch_env (L"HOMEDRIVE", home, max)) - && fetch_env (L"HOMEPATH", home + len, max - len)) - || fetch_env (L"USERPROFILE", home, max)) + /* If `HOME` is unset, fall back to `HOMEDRIVE``HOMEPATH` + (without a directory separator, as `HOMEPATH` starts with one). */ + const char *home_drive = getenv ("HOMEDRIVE"); + if (home_drive) { - tmp_pathbuf tp; - cygwin_conv_path (CCP_WIN_A_TO_POSIX | CCP_ABSOLUTE, - home, tp.c_get(), NT_MAX_PATH); - return strdup(tp.c_get()); + const char *home_path = getenv ("HOMEPATH"); + if (home_path) + { + tmp_pathbuf tp; + char *p = tp.c_get (), *q; + + // concatenate HOMEDRIVE and HOMEPATH + q = stpncpy (p, home_drive, NT_MAX_PATH); + strlcpy (q, home_path, NT_MAX_PATH - (q - p)); + return (char *) cygwin_create_path (CCP_WIN_A_TO_POSIX, p); + } } + /* If neither `HOME` nor `HOMEDRIVE``HOMEPATH` are set, fall back + to `USERPROFILE`; In corporate setups, this might point to a + disconnected network share, hence this is the last fall back. */ + home = getenv ("USERPROFILE"); + if (home) + return (char *) cygwin_create_path (CCP_WIN_A_TO_POSIX, home); + return NULL; } @@ -1038,8 +1046,6 @@ cygheap_pwdgrp::get_home (PUSER_INFO_3 ui, cygpsid &sid, PCWSTR dom, for (uint16_t idx = 0; !home && idx < NSS_SCHEME_MAX; ++idx) { - if (!ui && home_scheme[idx].method != NSS_SCHEME_ENV) - continue; switch (home_scheme[idx].method) { case NSS_SCHEME_FALLBACK: @@ -1490,9 +1496,9 @@ get_logon_sid () } } -/* Fetch special AzureAD group, which is part of the token group list but - *not* recognized by LookupAccountSid (ERROR_NONE_MAPPED). */ -static cygsid azure_grp_sid (""); +/* Fetch special AzureAD and IIS APPPOOL groups, which are part of the token + group list but *not* recognized by LookupAccountSid (ERROR_NONE_MAPPED). */ +static cygsid azure_grp_sid (""), iis_apppool_grp_sid (""); static void get_azure_grp_sid () @@ -1520,6 +1526,36 @@ get_azure_grp_sid () } } +static void +get_iis_apppool_grp_sid () +{ + if (PSID (iis_apppool_grp_sid) == NO_SID) + { + NTSTATUS status; + ULONG size; + tmp_pathbuf tp; + PTOKEN_GROUPS groups = (PTOKEN_GROUPS) tp.w_get (); + + status = NtQueryInformationToken (hProcToken, TokenGroups, groups, + 2 * NT_MAX_PATH, &size); + if (!NT_SUCCESS (status)) + debug_printf ("NtQueryInformationToken (TokenGroups) %y", status); + else + { + for (DWORD pg = 0; pg < groups->GroupCount; ++pg) + { + PSID sid = groups->Groups[pg].Sid; + if (sid_id_auth (sid) == 5 && + sid_sub_auth (sid, 0) == SECURITY_APPPOOL_ID_BASE_RID) + { + iis_apppool_grp_sid = sid; + break; + } + } + } + } +} + void * pwdgrp::add_account_post_fetch (char *line, bool lock) { @@ -1801,6 +1837,16 @@ pwdgrp::construct_sid_from_name (cygsid &sid, wchar_t *name, wchar_t *sep) } return false; } + if (sep && wcscmp (name, L"IIS APPPOOL\\Group") == 0) + { + get_iis_apppool_grp_sid (); + if (PSID (logon_sid) != NO_SID) + { + sid = iis_apppool_grp_sid; + return true; + } + return false; + } if (!sep && wcscmp (name, L"CurrentSession") == 0) { get_logon_sid (); @@ -2024,8 +2070,11 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) /* Last but not least, some validity checks on the name style. */ if (!fq_name) { - /* AzureAD user must be prepended by "domain" name. */ - if (sid_id_auth (sid) == 12) + /* AzureAD and IIS APPPOOL users must be prepended by "domain" + name. */ + if (sid_id_auth (sid) == 12 || + (sid_id_auth (sid) == 5 && + sid_sub_auth (sid, 0) == SECURITY_APPPOOL_ID_BASE_RID)) return NULL; /* name_only account is either builtin or primary domain, or account domain on non-domain machines. */ @@ -2051,8 +2100,10 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) } else { - /* AzureAD accounts should be fully qualifed either. */ - if (sid_id_auth (sid) == 12) + /* AzureAD and IIS APPPOOL accounts should be fully qualifed either. */ + if (sid_id_auth (sid) == 12 || + (sid_id_auth (sid) == 5 && + sid_sub_auth (sid, 0) == SECURITY_APPPOOL_ID_BASE_RID)) break; /* Otherwise, no fully_qualified for builtin accounts, except for NT SERVICE, for which we require the prefix. Note that there's @@ -2131,6 +2182,19 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) sid = csid = azure_grp_sid; break; } + else if (arg.id == 0x1002) + { + /* IIS APPPOOL S-1-5-82-* user */ + csid = cygheap->user.saved_sid (); + } + else if (arg.id == 0x1003) + { + /* Special IIS APPPOOL group SID */ + get_iis_apppool_grp_sid (); + /* LookupAccountSidW will fail. */ + sid = csid = iis_apppool_grp_sid; + break; + } else if (arg.id == 0xfffe) { /* Special case "nobody" for reproducible construction of a @@ -2187,9 +2251,6 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) { /* Just some fake. */ sid = csid.create (99, 1, 0); - if (arg.id == cygheap->user.real_uid) - home = cygheap->pg.get_home(NULL, cygheap->user.sid(), - NULL, NULL, false); break; } else if (arg.id >= UNIX_POSIX_OFFSET) @@ -2245,7 +2306,7 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) && (sid_sub_auth_count (sid) <= 3 || sid_id_auth (sid) == 11)) { acc_type = SidTypeWellKnownGroup; - home = cygheap->pg.get_home (pldap, sid, dom, domain, name, + home = cygheap->pg.get_home ((PUSER_INFO_3) NULL, sid, dom, name, fully_qualified_name); } switch ((int) acc_type) @@ -2262,7 +2323,9 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) Those we let pass, but no others. */ bool its_ok = false; - if (sid_id_auth (sid) == 12) + if (sid_id_auth (sid) == 12 || + (sid_id_auth (sid) == 5 && + sid_sub_auth (sid, 0) == SECURITY_APPPOOL_ID_BASE_RID)) its_ok = true; else if (wincap.has_microsoft_accounts ()) { @@ -2351,7 +2414,7 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) posix_offset = fetch_posix_offset (td, &loc_ldap); } } - /* AzureAD S-1-12-1-W-X-Y-Z user */ + /* AzureAD S-1-12-1-W-X-Y-Z and IIS APPOOL S-1-5-82-* user */ else if (sid_id_auth (sid) == 12) { uid = gid = 0x1000; @@ -2364,6 +2427,21 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) name, fully_qualified_name); break; } + /* IIS APPOOL S-1-5-82-* user */ + else if (sid_id_auth (sid) == 5 && + sid_sub_auth (sid, 0) == SECURITY_APPPOOL_ID_BASE_RID) + { + uid = 0x1002; + gid = 0x1003; + fully_qualified_name = true; + home = cygheap->pg.get_home ((PUSER_INFO_3) NULL, sid, dom, name, + fully_qualified_name); + shell = cygheap->pg.get_shell ((PUSER_INFO_3) NULL, sid, dom, + name, fully_qualified_name); + gecos = cygheap->pg.get_gecos ((PUSER_INFO_3) NULL, sid, dom, + name, fully_qualified_name); + break; + } /* If the domain returned by LookupAccountSid is not our machine name, and if our machine is no domain member, we lose. We have nobody to ask for the POSIX offset. */ @@ -2635,6 +2713,20 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) fully_qualified_name = true; acc_type = SidTypeUnknown; } + else if (sid_id_auth (sid) == 5 && + sid_sub_auth (sid, 0) == SECURITY_APPPOOL_ID_BASE_RID) + { + /* Special IIS APPPOOL group SID which can't be resolved by + LookupAccountSid (ERROR_NONE_MAPPED). This is only allowed + as group entry, not as passwd entry. */ + if (is_passwd ()) + return NULL; + uid = gid = 0x1003; + wcpcpy (dom, L"IIS APPPOOL"); + wcpcpy (name = namebuf, L"Group"); + fully_qualified_name = true; + acc_type = SidTypeUnknown; + } else if (sid_id_auth (sid) == 5 /* SECURITY_NT_AUTHORITY */ && sid_sub_auth (sid, 0) == SECURITY_LOGON_IDS_RID) { @@ -2743,11 +2835,10 @@ pwdgrp::fetch_account_from_windows (fetch_user_arg_t &arg, cyg_ldap *pldap) logon. Unless it's the SYSTEM account. This conveniently allows to logon interactively as SYSTEM for debugging purposes. */ else if (acc_type != SidTypeUser && sid != well_known_system_sid) - __small_sprintf (linebuf, "%W:*:%u:%u:U-%W\\%W,%s:%s:/sbin/nologin", + __small_sprintf (linebuf, "%W:*:%u:%u:U-%W\\%W,%s:/:/sbin/nologin", posix_name, uid, gid, dom, name, - sid.string ((char *) sidstr), - home ? home : "/"); + sid.string ((char *) sidstr)); else __small_sprintf (linebuf, "%W:*:%u:%u:%s%sU-%W\\%W,%s:%s%W:%s", posix_name, uid, gid, diff --git a/winsup/doc/ntsec.xml b/winsup/doc/ntsec.xml index d61b585171..8f07c2258f 100644 --- a/winsup/doc/ntsec.xml +++ b/winsup/doc/ntsec.xml @@ -1221,6 +1221,17 @@ schemata are the following: See for a more detailed description. + + env + Derives the home directory of the current user from the + environment variable HOME (falling back to + HOMEDRIVE\HOMEPATH and + USERPROFILE, in that order). This is faster + than the windows schema at the + expense of determining only the current user's home directory + correctly. This schema is skipped for any other account. + + @@ -1353,6 +1364,17 @@ of each schema when used with db_home: See for a detailed description. + + env + Derives the home directory of the current user from the + environment variable HOME (falling back to + HOMEDRIVE\HOMEPATH and + USERPROFILE, in that order). This is faster + than the windows schema at the + expense of determining only the current user's home directory + correctly. This schema is skipped for any other account. + + @ad_attribute AD only: The user's home directory is set to the path given