Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Port grantvmgroupaccess code from go-winio and extend functionality. #1347

Merged
merged 2 commits into from
Apr 23, 2022
Merged

Port grantvmgroupaccess code from go-winio and extend functionality. #1347

merged 2 commits into from
Apr 23, 2022

Conversation

anmaxvl
Copy link
Contributor

@anmaxvl anmaxvl commented Apr 7, 2022
edited
Loading

As originally suggested here microsoft/go-winio#243
port go-winio/pkg/security code into hcsshim repo and further extend the
package and tooling code to support setting other access permissions like
GENERIC_WRITE, GENERIC_EXECUTE, GENERIC_ALL and their combinations.

grantvmgroupaccess tool now supports various boolean flags to set
aforementioned permissions.

@anmaxvl anmaxvl requested a review from a team as a code owner April 7, 2022 02:03
@anmaxvl anmaxvl mentioned this pull request Apr 7, 2022
Closed
@anmaxvl anmaxvl force-pushed the port-grantvmgroupaccess-code branch 3 times, most recently from af0fd42 to a4bcc87 Compare April 7, 2022 17:17
jterry75
jterry75 approved these changes Apr 7, 2022
View reviewed changes
Copy link
Contributor

@jterry75 jterry75 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. One last nit

helsaawy
helsaawy reviewed Apr 8, 2022
View reviewed changes
internal/security/grantvmgroupaccess_test.go Outdated Show resolved Hide resolved
internal/security/syscall_windows.go Outdated Show resolved Hide resolved
internal/security/grantvmgroupaccess.go Outdated Show resolved Hide resolved
@anmaxvl anmaxvl force-pushed the port-grantvmgroupaccess-code branch 6 times, most recently from acc6a86 to a5cc184 Compare April 11, 2022 00:08
helsaawy
helsaawy approved these changes Apr 11, 2022
View reviewed changes
internal/security/grantvmgroupaccess.go Outdated Show resolved Hide resolved
@anmaxvl anmaxvl force-pushed the port-grantvmgroupaccess-code branch from 25b45d1 to bd278ed Compare April 11, 2022 17:30
katiewasnothere
katiewasnothere approved these changes Apr 22, 2022
View reviewed changes
Copy link
Contributor

@katiewasnothere katiewasnothere left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

small nit in the tests, otherwise LGTM

@anmaxvl
Port grantvmgroupaccess code from go-winio repo for further extension
fb706b3 
Signed-off-by: Maksim An <maksiman@microsoft.com>
@anmaxvl anmaxvl force-pushed the port-grantvmgroupaccess-code branch 2 times, most recently from cf033f5 to 9f020aa Compare April 22, 2022 23:53
@anmaxvl
Extend GrantVmGroupAccess to support write/execute/all permissions
6b92044 
Add masks for GENERIC_WRITE, GENERIC_EXECUTE and GENERIC_ALL and update
function signatures accordingly.
Update grantvmgroupaccess tool to support granting permissions from above.

Ignore various linter errors resurfaced after code copy-paste.
Remove mksyscall_windows.go and update old unit tests and cleanup helper
functions and packages used.

Add unit test coverage for new functionality.

Signed-off-by: Maksim An <maksiman@microsoft.com>
@anmaxvl anmaxvl force-pushed the port-grantvmgroupaccess-code branch from 9f020aa to 6b92044 Compare April 23, 2022 00:03
@anmaxvl anmaxvl merged commit 113a929 into microsoft:master Apr 23, 2022
@anmaxvl anmaxvl deleted the port-grantvmgroupaccess-code branch April 23, 2022 00:08
anmaxvl added a commit that referenced this pull request Feb 7, 2023
@anmaxvl
Merged PR 5999316: Update ADO to dbb347e
437abac 
Sync ADO with upstream to enable including test GCS binaries as
part of dev-pipeline

Related work items: #1311, #1322, #1341, #1343, #1345, #1347, #1348, #1350, #1353, #1354, #1355, #1358, #1361, #1365, #1368, #1369, #1370
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@katiewasnothere katiewasnothere katiewasnothere approved these changes

@kevpar kevpar kevpar left review comments

@helsaawy helsaawy helsaawy approved these changes

@jterry75 jterry75 jterry75 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@anmaxvl @kevpar @jterry75 @katiewasnothere @helsaawy