First cut of full implementation of new permission handling
* fhandler.cc (fhandler_base::open_with_arch): Call open with mode
not umasked.
(fhandler_base::open): Explicitely umask mode on NFS here. Call new
set_created_file_access rather than set_file_attribute.
* fhandler_disk_file.cc (fhandler_disk_file::fchmod): Reimplement
setting permissions on filesystems supporting ACLs using the new
set_posix_access call.
(fhandler_disk_file::fchown): Ditto.
(fhandler_disk_file::mkdir): Call new set_created_file_access rather
than set_file_attribute.
* fhandler_socket.cc (fhandler_socket::bind): Don't umask here. Add
WRITE_OWNER access to allow writing group in case of SGID bit set.
Call new set_created_file_access rather than set_file_attribute.
* path.cc (symlink_worker): Call new set_created_file_access rather
than set_file_attribute.
* sec_acl.cc (searchace): Un-staticize.
(set_posix_access): New, complementary functionality to
get_posix_access.
(setacl): Implement in terms of get_posix_access/set_posix_access.
(get_posix_access): Add handling for just created files requiring
their first Cygwin ACL. Fix new_style recognition. Handle SGID
bit. For old-style ACLs, ignore SYSTEM and Administrators when
computing the {DEF_}CLASS_OBJ perms.
* security.cc (get_file_sd): Revamp comment. Change and (hopefully)
speed up inheritance processing for just created files.
(alloc_sd): Remove.
(set_security_attribute): Call set_posix_access instead of alloc_sd.
(get_object_attribute): Fix return value.
(create_object_sd_from_attribute): Call set_posix_access instead of
alloc_sd.
(set_file_attribute): Remove.
(set_created_file_access): New function implemented in terms of
get_posix_access/set_posix_access.
* security.h (set_file_attribute): Remove prototype.
(set_created_file_access): Add prototype.
(searchace): Ditto.
(set_posix_access): Ditto.
* syscalls.cc (open): Call open_with_arch with mode not umasked.
* pwdgrp.h (sidfromuid): New inline function.
(sidfromgid): Ditto.
* fhandler_disk_file.cc (fhandler_disk_file::fchown): Use sidfromuid.
* quotactl.cc (quotactl): Use sidfromuid and sidfromgid.
* sec_acl.cc: Change preceeding comment explaining new-style ACLs.
Describe how to generate deny ACEs in more detail. Accommodate the
fact that a NULL deny ACE is used for {DEF_}CLASS_OBJ, rather than
a special Cygwin ACE. Improve further comments.
(CYG_ACE_NEW_STYLE): Define.
(get_posix_access): Change from Cygwin ACE to NULL deny ACE. Fix
CLASS_OBJ handling to generate CLASS_OBJ and DEF_CLASS_OBJ from a single
NULL deny ACE if the inheritance flags say so.
* sec_helper.cc (well_known_cygwin_sid): Remove.
* security.h (well_known_cygwin_sid): Drop declaration.
Jon TURNEY [Sat, 4 Apr 2015 22:31:03 +0000 (23:31 +0100)]
Compile exceptions.cc with -fno-omit-frame-pointer on x86
Selectively using -fomit-frame-pointer when -O is used doesn't make sense
anymore, apparently since gcc 4.6, -O implies -fomit-frame-pointer.
exceptions.cc must be compiled with -fno-omit-frame-pointer on x86, as it uses
RtlCaptureContext, which requires a frame pointer.
* Makefile.in : Remove setting -fomit-frame-pointer for compiling
various files, it is already the default. Set
-fno-omit-frame-pointer for exceptions.cc on x86.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Add FAQ entry on how Cygwin counters install and update MITM attacks
* faq-setup.xml: Document how Cygwin secures installation and
update against man-in-the-middle (MITM) attacks. Note that
setup embeds a public key to check the signature of setup.ini,
and that setup.ini includes SHA-512 cryptographic hashes.
Signed-off-by: David A. Wheeler <dwheeler@dwheeler.com>
Drop local stdint.h and inttypes.h in favor of newlib files
* include/cygwin/types.h: Include sys/_stdint.h rather than stdint.h.
* include/stdint.h: Drop in favor of newlib version.
* include/inttypes.h: Ditto.
Jon TURNEY [Mon, 30 Mar 2015 19:31:13 +0000 (20:31 +0100)]
Provide ucontext to signal handlers
Add ucontext.h header, defining ucontext_t and mcontext_t types.
Provide sigaction sighandlers with a ucontext_t parameter, containing stack and
context information.
* include/sys/ucontext.h : New header.
* include/ucontext.h : Ditto.
* exceptions.cc (call_signal_handler): Provide ucontext_t
parameter to signal handler function.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Jon TURNEY [Mon, 30 Mar 2015 19:56:03 +0000 (20:56 +0100)]
Add cygwin_internal() operation to retrieve the EXCEPTION_RECORD from a siginfo_t *
* external.cc (cygwin_internal): Add operation to retrieve a copy
of the EXCEPTION_RECORD from a siginfo_t *.
* include/sys/cygwin.h (cygwin_getinfo_types): Ditto.
* exception.h (cygwin_exception): Add exception_record accessor.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Jon TURNEY [Mon, 30 Mar 2015 17:05:51 +0000 (18:05 +0100)]
Rename struct ucontext to struct __mcontext
* include/cygwin/signal.h : Rename struct ucontext to struct
__mcontext. Fix layout differences from the Win32 API CONTEXT
type. Remove unused member _internal. Rename member which
corresponds to ContextFlags. Add cr2 member.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Corinna Vinschen [Mon, 30 Mar 2015 16:05:06 +0000 (18:05 +0200)]
Try best to handle user from domain not in trusted domain list.
* cygheap.h (cygheap_domain_info::add_domain): Add prototype.
* uinfo.cc (cygheap_domain_info::add_domain): New method.
(pwdgrp::fetch_account_from_windows): Try to add domain explicitely
if it was not in the original list of trusted domains and go ahead
rather than bailing out. Add comment to explain why.
Corinna Vinschen [Mon, 30 Mar 2015 14:53:52 +0000 (16:53 +0200)]
Prepare to rename/reuse struct ucontext.
* cygtls.h (struct _cygtls): Convert thread_context to type CONTEXT.
* exceptions.cc (_cygtls::signal_debugger): Use sizeof (CONTEXT) for
size of CONTEXT copied for GDB's digestion.
* include/cygwin/signal.h: Add a preliminary comment.
Takashi Yano [Wed, 25 Mar 2015 11:42:38 +0000 (20:42 +0900)]
TIOCPKT mode of PTY is broken if ONLCR bit is cleared.
* tty.h (class tty_min): Remove variable "write_error" to which any
errors are not currently set at anywhere.
(class tty): Add variable "column" for handling ONOCR.
* tty.cc (tty::init): Add initialization code for variable "column".
* fhandler.h (class fhandler_pty_master): Remove variable "need_nl"
which is not necessary any more. "need_nl" was needed by OPOST process
in fhandler_pty_master::process_slave_output().
(class fhandler_pty_common): Add function process_opost_output() for
handling post processing for OPOST in write process.
* fhandler_tty.cc (fhandler_pty_master::process_slave_output): Count
TIOCPKT control byte into length to be read in TIOCPKT mode. Move
post processing for OPOST to write process. Remove code related to
variable "write_error". Return with EIO error if slave is already
closed.
(fhandler_pty_master::fhandler_pty_master): Remove initialization
code for variable "need_nl".
(fhandler_pty_common::process_opost_output): Add this function for
handling of OPOST in write process. Add code to avoid blocking in
non-blocking mode when output is suspended by ^S.
(fhandler_pty_slave::write): Call fhandler_pty_common::
process_opost_output() instead of WriteFile(). Remove code related to
variable "write_error".
(fhandler_pty_master::doecho): Call fhandler_pty_common::
process_opost_output() instead of WriteFile().
* select.cc (peek_pipe): Remove code related to variable "need_nl".
Corinna Vinschen [Tue, 24 Mar 2015 09:42:45 +0000 (10:42 +0100)]
Ignore __STDC_{FORMAT,LIMIT,CONSTANT}_MACROS
Per glibc BZ #15366:
* inttypes.h: Drop __STDC_FORMAT_MACROS consideration.
* stdint.h: Drop __STDC_LIMIT_MACROS and __STDC_CONSTANT_MACROS
consideration.
Joel Sherrill [Wed, 18 Mar 2015 20:44:41 +0000 (15:44 -0500)]
Change from configure time to compile time probe for intptr_t definition.
2015-03-23 Joel Sherrill <joel.sherrill@oarcorp.com
* configure.in: Delete logic to determine _UINTPTR_EQ_ULONGLONG
and _UINTPTR_EQ_ULONG at configuration time.
*libc/include/sys/config.h: Add logic to determine
_UINTPTR_EQ_ULONGLONG and _UINTPTR_EQ_ULONG at compilation time.
* libc/include/inttypes.h: Add include of <sys/config.h>.
* configure: Regenerated.
Corinna Vinschen [Thu, 19 Mar 2015 17:27:03 +0000 (18:27 +0100)]
Handle S_ISGID bit and multiple ACEs for owner
* sec_acl.cc (get_posix_access): Handle multiple ACEs for the
owner and primary group of the file. Handle the default primary
group ACE as DEF_GROUP_OBJ entry if the directory has the S_ISGID bit
set. Add comments. Minor code rearrangements.
Corinna Vinschen [Wed, 18 Mar 2015 16:49:12 +0000 (17:49 +0100)]
Preliminary read side implementation of new permission handling.
* acl.h (MAX_ACL_ENTRIES): Raise to 2730. Add comment to explain.
* sec_acl.cc: Add leading comment to explain new ACL style.
Add definitions and macros to use for bits in new Cygwin ACL.
(DENY_RWX): New mask value for all temporary deny bits.
(getace): Add bool parameter to decide when leaving all bits intact,
rather than filtering them per the already set bits.
(get_posix_access): New function, taking over functionality to read
POSIX ACL from SECURITY_DESCRIPTOR.
(getacl): Just call get_posix_access.
* sec_helper.cc (well_known_cygwin_sid): Define.
* security.cc (get_attribute_from_acl): Remove.
(get_info_from_sd): Remove.
(get_reg_sd): Call get_posix_access instead of get_info_from_sd.
(get_file_attribute): Ditto.
(get_object_attribute): Ditto.
* security.h (well_known_cygwin_sid): Declare.
(get_posix_access): Add prototype.
* Throughout, use simpler ACE macros from Windows' accctrl.h.
Jon TURNEY [Mon, 9 Mar 2015 21:55:29 +0000 (21:55 +0000)]
Teach stackinfo::walk() how to virtually unwind the tls sigstack
This improves how stackinfo::dumpstack() dumps _sigbe and sigdelayed frames
* exceptions.cc (stack_info): Add sigstackptr member.
(walk): Unwind sigstackptr inside _sigbe and sigdelayed.
* gendef (_sigdelayed_end): Add symbol to mark end of sigdelayed.
Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
Nick Clifton [Wed, 11 Mar 2015 11:14:38 +0000 (11:14 +0000)]
Fix a build problem running the newlib testsuite on targets that only have 32-bit doubles.
* testsuite/newlib.stdio/swprintf.c (main): Change size of value
used to initialise 'val' variable so that it will compile on
targets with 32-bit doubles.
* tty.h (tty::set_master_ctl_closed): Rename from set_master_closed.
(tty::is_master_closed): Drop method.
* fhandler_tty.cc (fhandler_pty_slave::open): Remove code prematurely
bailing out if master control thread is not running.
(fhandler_pty_slave::read): Don't generate SIGHUP if master control
thread is not running.
(fhandler_pty_master::close): Rearrange code to avoid stopping master
control thread twice in multi-threaded scenarios.
* fhandler.h (fhandler_base::get_echo_handle): New virtual method.
(class fhandler_pty_master): Add echo_r and echo_w handles constituting
read and write side of new echo pipe.
* select.cc (peek_pipe): On pty masters, check additionally if input
from the echo pipe is available.
* fhandler_tty.cc (fhandler_pty_master::doecho): Drop output_mutex
locking. Write output to echo pipe.
(fhandler_pty_master::process_slave_output): Check if input is available
in echo pipe and prefer to read from it, if so.
(fhandler_pty_slave::write): Drop output_mutex locking.
(fhandler_pty_master::fhandler_pty_master): Initialize echo pipe
handles to NULL.
(fhandler_pty_master::close): Close and NULL echo pipe handles.
(fhandler_pty_master::setup): Create echo pipe, close in case of error.
git://sourceware.org / newlib-cygwin.git / log