f4a1f8a1db
* cygheap.h (cygheap_user::curr_primary_token): New member. (cygheap_user::primary_token): New method. (cygheap_user::deimpersonate): Always revert to processes' impersonation token. (cygheap_user::reimpersonate): Set processes' or setuid token as necessary. (cygheap_user::has_impersonation_tokens): Look for curr_primary_token value. (cygheap_user::close_impersonation_tokens): Close curr_primary_token here if necessary. Don't reset token values to NO_IMPERSONATION since that's done in uinfo_init anyway. (init_cygheap::luid): New LUID array keeping privilege LUIDs. * cygtls.cc (_cygtls::init_thread): Call cygheap->user.reimpersonate. * dcrt0.cc (hProcToken): New global variable to keep process token. (hProcImpToken): Ditto for process impersonation token. (dll_crt0_0): Open process token here once. Duplicate to create hProcImpToken. (dll_crt0_1): Call set_cygwin_privileges. * environ.cc (allow_ntea): Drop duplicate declaration. (allow_smbntsec): Ditto. (set_traverse): Only set allow_traverse here. (environ_init): Ditto. * fhandler_disk_file.cc (fhandler_disk_file::fchmod): Drop call to enable_restore_privilege. (fhandler_disk_file::fchown): Ditto. (fhandler_disk_file::facl): Ditto. * fork.cc (fork_child): Move call to cygheap->user.reimpersonate after syn with parent. Call set_cygwin_privileges. * grp.cc (internal_getgroups): Use hProcImpToken instead of opening process token. * path.cc (fs_info::update): Bypass traverse checking when retrieving volume information using push/pop_thread_privileges. * registry.cc (load_registry_hive): Drop setting restore privilege since it's already set if available. * sec_helper.cc: Include cygtls.h. (cygpriv): Privilege string array. (privilege_luid): New function, evaluate LUID from cygpriv_idx. (privilege_luid_by_name): New function, evaluate LUID from privilege string. (privilege_name): New function, evaluate privilege string from cygpriv_idx. (set_privilege): New static function called by set_process_privilege and set_thread_privilege. Call privilege_luid to get privilege LUID. Fix bug in return value evaluation. Improve debug output. (set_cygwin_privileges): New function. (set_process_privilege): Remove. (enable_restore_privilege): Remove. * security.cc (allow_traverse): New global variable. (sys_privs): Change type to cygpriv_idx and store privilege indices instead of strings. (SYSTEM_PRIVILEGES_COUNT): Renamed from SYSTEM_PERMISSION_COUNT. (get_system_priv_list): Don't use numerical constant in malloc call. Use privilege_luid to get privilege LUIDs. (get_priv_list): Call privilege_luid_by_name to get LUIDs. Improve inner privilege LUID comparison loop. (create_token): Enable create token privilege using push/pop_self_privileges. Use hProcToken instead of opening process token. Use default DACL when duplicating token. (subauth): Enable tcb privilege using push/pop_self_privileges. Use sec_none instead of homw made security attributes when duplicating token. (check_file_access): Don't duplicate access token, use active impersonation token as is. * security.h (enum cygpriv_idx): New enumeration type enumerating possible privileges. (privilege_luid): Declare new function. (privilege_luid_by_name): Ditto. (privilege_name): Ditto. (allow_traverse): Declare. (set_privilege): Declare function. (set_process_privilege): Define as macro. (enable_restore_privilege): Remove declaration. (_push_thread_privilege): Define macro. (push_thread_privilege): Ditto. (pop_thread_privilege): Ditto. (pop_self_privilege): Ditto. * spawn.cc (spawn_guts): Use cygheap->user.primary_token instead of cygheap->user.token. * syscalls.cc (statvfs): Bypass traverse checking when retrieving volume information using push/pop_thread_privileges. Rearrange code to simplify push/pop bracketing. (seteuid32): Use hProcToken instead of opening process token. Call cygheap->user.deimpersonate instead of RevertToSelf. Create impersonation token from primary internal or external token. Set cygheap->user.curr_primary_token and cygheap->user.current_token privileges once here. Drop "failed" and "failed_ptok" labels. Drop setting DefaultDacl of process token. (setegid32): Use hProcToken and hProcImpToken instead of opening process token. Always reimpersonate afterwards. * uinfo.cc (cygheap_user::init): Use hProcToken instead of opening process token. (internal_getlogin): Ditto. Set hProcImpToken, too. (uinfo_init): Initialize cygheap->user.curr_primary_token. * winsup.h (hProcToken): Declare. (hProcImpToken): Declare.
271 lines
6.2 KiB
C++
271 lines
6.2 KiB
C++
/* cygtls.cc
|
|
|
|
Copyright 2003, 2004, 2005 Red Hat, Inc.
|
|
|
|
This software is a copyrighted work licensed under the terms of the
|
|
Cygwin license. Please consult the file "CYGWIN_LICENSE" for
|
|
details. */
|
|
|
|
#include "winsup.h"
|
|
#include "thread.h"
|
|
#include "cygtls.h"
|
|
#include "assert.h"
|
|
#include <syslog.h>
|
|
#include <signal.h>
|
|
#include <malloc.h>
|
|
#include "exceptions.h"
|
|
#include "sync.h"
|
|
#include "cygerrno.h"
|
|
#include "path.h"
|
|
#include "fhandler.h"
|
|
#include "dtable.h"
|
|
#include "cygheap.h"
|
|
#include "pinfo.h"
|
|
#include "sigproc.h"
|
|
|
|
class sentry
|
|
{
|
|
static muto *lock;
|
|
int destroy;
|
|
public:
|
|
void init ();
|
|
bool acquired () {return lock->acquired ();}
|
|
sentry () {destroy = 0;}
|
|
sentry (DWORD wait) {destroy = lock->acquire (wait);}
|
|
~sentry () {if (destroy) lock->release ();}
|
|
friend void _cygtls::init ();
|
|
};
|
|
|
|
muto NO_COPY *sentry::lock;
|
|
|
|
static size_t NO_COPY nthreads;
|
|
|
|
#define THREADLIST_CHUNK 256
|
|
|
|
void
|
|
_cygtls::init ()
|
|
{
|
|
if (cygheap->threadlist)
|
|
memset (cygheap->threadlist, 0, cygheap->sthreads * sizeof (cygheap->threadlist[0]));
|
|
else
|
|
{
|
|
cygheap->sthreads = THREADLIST_CHUNK;
|
|
cygheap->threadlist = (_cygtls **) ccalloc (HEAP_TLS, cygheap->sthreads,
|
|
sizeof (cygheap->threadlist[0]));
|
|
}
|
|
new_muto1 (sentry::lock, sentry_lock);
|
|
}
|
|
|
|
void
|
|
_cygtls::set_state (bool is_exception)
|
|
{
|
|
initialized = CYGTLS_INITIALIZED + is_exception;
|
|
}
|
|
|
|
void
|
|
_cygtls::reset_exception ()
|
|
{
|
|
if (initialized == CYGTLS_EXCEPTION)
|
|
{
|
|
#ifdef DEBUGGING
|
|
debug_printf ("resetting stack after an exception stack %p, stackptr %p", stack, stackptr);
|
|
#endif
|
|
set_state (false);
|
|
}
|
|
}
|
|
|
|
/* Two calls to get the stack right... */
|
|
void
|
|
_cygtls::call (DWORD (*func) (void *, void *), void *arg)
|
|
{
|
|
char buf[CYGTLS_PADSIZE];
|
|
call2 (func, arg, buf);
|
|
}
|
|
|
|
void
|
|
_cygtls::call2 (DWORD (*func) (void *, void *), void *arg, void *buf)
|
|
{
|
|
exception_list except_entry;
|
|
/* Initialize this thread's ability to respond to things like
|
|
SIGSEGV or SIGFPE. */
|
|
init_exceptions (&except_entry);
|
|
_my_tls.init_thread (buf, func);
|
|
DWORD res = func (arg, buf);
|
|
_my_tls.remove (INFINITE);
|
|
ExitThread (res);
|
|
}
|
|
|
|
void
|
|
_cygtls::init_thread (void *x, DWORD (*func) (void *, void *))
|
|
{
|
|
if (x)
|
|
{
|
|
memset (this, 0, CYGTLS_PADSIZE);
|
|
stackptr = stack;
|
|
if (_GLOBAL_REENT)
|
|
{
|
|
local_clib._stdin = _GLOBAL_REENT->_stdin;
|
|
local_clib._stdout = _GLOBAL_REENT->_stdout;
|
|
local_clib._stderr = _GLOBAL_REENT->_stderr;
|
|
local_clib.__sdidinit = _GLOBAL_REENT->__sdidinit ? -1 : 0;
|
|
local_clib.__cleanup = _GLOBAL_REENT->__cleanup;
|
|
local_clib.__sglue._niobs = 3;
|
|
local_clib.__sglue._iobs = &_GLOBAL_REENT->__sf[0];
|
|
}
|
|
local_clib._current_locale = "C";
|
|
locals.process_logmask = LOG_UPTO (LOG_DEBUG);
|
|
}
|
|
|
|
locals.exitsock = INVALID_SOCKET;
|
|
set_state (false);
|
|
errno_addr = &(local_clib._errno);
|
|
|
|
if ((void *) func == (void *) cygthread::stub
|
|
|| (void *) func == (void *) cygthread::simplestub)
|
|
return;
|
|
|
|
if (wincap.has_security ())
|
|
cygheap->user.reimpersonate ();
|
|
|
|
sentry here (INFINITE);
|
|
if (nthreads >= cygheap->sthreads)
|
|
{
|
|
cygheap->threadlist = (_cygtls **)
|
|
crealloc (cygheap->threadlist, (cygheap->sthreads += THREADLIST_CHUNK)
|
|
* sizeof (cygheap->threadlist[0]));
|
|
memset (cygheap->threadlist + nthreads, 0, THREADLIST_CHUNK * sizeof (cygheap->threadlist[0]));
|
|
}
|
|
|
|
cygheap->threadlist[nthreads++] = this;
|
|
}
|
|
|
|
void
|
|
_cygtls::fixup_after_fork ()
|
|
{
|
|
if (sig)
|
|
{
|
|
pop ();
|
|
sig = 0;
|
|
}
|
|
stacklock = 0;
|
|
locals.exitsock = INVALID_SOCKET;
|
|
wq.thread_ev = NULL;
|
|
}
|
|
|
|
#define free_local(x) \
|
|
if (locals.x) \
|
|
{ \
|
|
free (locals.x); \
|
|
locals.x = NULL; \
|
|
}
|
|
|
|
void
|
|
_cygtls::remove (DWORD wait)
|
|
{
|
|
debug_printf ("wait %p", wait);
|
|
if (!locals.exitsock)
|
|
return;
|
|
// FIXME: Need some sort of atthreadexit function to allow things like
|
|
// select to control this themselves
|
|
if (locals.exitsock != INVALID_SOCKET)
|
|
closesocket (locals.exitsock);
|
|
free_local (process_ident);
|
|
free_local (ntoa_buf);
|
|
free_local (protoent_buf);
|
|
free_local (servent_buf);
|
|
free_local (hostent_buf);
|
|
|
|
do
|
|
{
|
|
sentry here (wait);
|
|
if (here.acquired ())
|
|
{
|
|
for (size_t i = 0; i < nthreads; i++)
|
|
if (this == cygheap->threadlist[i])
|
|
{
|
|
if (i < --nthreads)
|
|
cygheap->threadlist[i] = cygheap->threadlist[nthreads];
|
|
debug_printf ("removed %p element %d", this, i);
|
|
break;
|
|
}
|
|
}
|
|
} while (0);
|
|
remove_wq (wait);
|
|
}
|
|
|
|
void
|
|
_cygtls::push (__stack_t addr, bool exception)
|
|
{
|
|
if (exception)
|
|
lock ();
|
|
*stackptr++ = (__stack_t) addr;
|
|
if (exception)
|
|
unlock ();
|
|
set_state (exception);
|
|
}
|
|
|
|
#define BAD_IX ((size_t) -1)
|
|
static size_t NO_COPY threadlist_ix = BAD_IX;
|
|
|
|
_cygtls *
|
|
_cygtls::find_tls (int sig)
|
|
{
|
|
debug_printf ("sig %d\n", sig);
|
|
sentry here (INFINITE);
|
|
__asm__ volatile (".equ _threadlist_exception_return,.");
|
|
_cygtls *res = NULL;
|
|
for (threadlist_ix = 0; threadlist_ix < nthreads; threadlist_ix++)
|
|
if (sigismember (&(cygheap->threadlist[threadlist_ix]->sigwait_mask), sig))
|
|
{
|
|
res = cygheap->threadlist[threadlist_ix];
|
|
break;
|
|
}
|
|
threadlist_ix = BAD_IX;
|
|
return res;
|
|
}
|
|
|
|
void
|
|
_cygtls::set_siginfo (sigpacket *pack)
|
|
{
|
|
infodata = pack->si;
|
|
}
|
|
|
|
extern "C" DWORD __stdcall RtlUnwind (void *, void *, void *, DWORD);
|
|
static int
|
|
handle_threadlist_exception (EXCEPTION_RECORD *e, void *frame, CONTEXT *, void *)
|
|
{
|
|
if (e->ExceptionCode != STATUS_ACCESS_VIOLATION)
|
|
{
|
|
system_printf ("handle_threadlist_exception called with exception code %d\n",
|
|
e->ExceptionCode);
|
|
return 1;
|
|
}
|
|
|
|
sentry here;
|
|
if (threadlist_ix == BAD_IX)
|
|
{
|
|
system_printf ("handle_threadlist_exception called with threadlist_ix %d\n",
|
|
BAD_IX);
|
|
return 1;
|
|
}
|
|
|
|
if (!here.acquired ())
|
|
{
|
|
system_printf ("handle_threadlist_exception couldn't aquire muto\n");
|
|
return 1;
|
|
}
|
|
|
|
extern void *threadlist_exception_return;
|
|
cygheap->threadlist[threadlist_ix]->remove (INFINITE);
|
|
threadlist_ix = 0;
|
|
RtlUnwind (frame, threadlist_exception_return, e, 0);
|
|
return 0;
|
|
}
|
|
|
|
void
|
|
_cygtls::init_threadlist_exceptions (exception_list *el)
|
|
{
|
|
extern void init_exception_handler (exception_list *, exception_handler *);
|
|
init_exception_handler (el, handle_threadlist_exception);
|
|
}
|