[newlib-cygwin] __acltotext: Always append NUL
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=3d88f10983e6517a2e8993a2ada0b3fd335f3c61 commit 3d88f10983e6517a2e8993a2ada0b3fd335f3c61 Author: Corinna Vinschen Date: Wed Jan 6 21:05:56 2016 +0100 __acltotext: Always append NUL * sec_acl.cc (__acltotext): Append NUL unconditionally. Signed-off-by: Corinna Vinschen Diff: --- winsup/cygwin/sec_acl.cc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/winsup/cygwin/sec_acl.cc b/winsup/cygwin/sec_acl.cc index 052856f..3993249 100644 --- a/winsup/cygwin/sec_acl.cc +++ b/winsup/cygwin/sec_acl.cc @@ -1699,8 +1699,8 @@ __acltotext (aclent_t *aclbufp, int aclcnt, const char *prefix, char separator, { _CHK (1); *bufp++ = separator; - *bufp++ = '\0'; } + *bufp = '\0'; return strdup (buf); }
[newlib-cygwin] Implement POSIX.1e ACL functions
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=9ddf063921f5202100f8e36bb451ae5ac9f76d37 commit 9ddf063921f5202100f8e36bb451ae5ac9f76d37 Author: Corinna Vinschen Date: Wed Jan 6 18:41:36 2016 +0100 Implement POSIX.1e ACL functions * Makefile.in (DLL_OFILES): Add sec_posixacl.o. (SUBLIBS): Add libacl.a (libacl.a): New rule to create libacl.a. * common.din: Export POSIX ACL functions as well as most libacl.a extensions. * fhandler.h (fhander_base::acl_get): New prototype. (fhander_base::acl_set): Ditto. (fhandler_disk_file::acl_get): Ditto. (fhandler_disk_file::acl_set): Ditto. * include/acl/libacl.h: New file. * include/cygwin/version.h: Bump API minor version. * include/sys/acl.h: Drop including cygwin/acl.h. Accommodate throughout Cygwin. Add POSIX ACL definitions. * sec_acl.cc: Include sec_posixacl.h. Replace ILLEGAL_UID and ILLEGAL_GID with ACL_UNDEFINED_ID where sensible. (__aclcheck): New internal acl check function to be used for Solaris and POSIX ACLs. (aclcheck32): Call __aclcheck. (__aclcalcmask): New function to compute ACL_MASK value. (__aclsort): New internal acl sort function to be used for Solaris and POSIX ACLs. (aclsort32): Call __aclsort. (permtostr): Work directly on provided buffer. (__acltotext): New internal acltotext function to be used for Solaris and POSIX ACLs. (acltotext32): Call __acltotext. (__aclfromtext): New internal aclfromtext function to be used for Solaris and POSIX ACLs. (aclfromtext32): Call __aclfromtext. * sec_posixacl.cc: New file implemeting POSIX ACL functions. * sec_posixacl.h: New internal header. Signed-off-by: Corinna Vinschen Diff: --- winsup/cygwin/Makefile.in |6 +- winsup/cygwin/common.din | 39 ++ winsup/cygwin/fhandler.cc |2 +- winsup/cygwin/fhandler.h |5 + winsup/cygwin/fhandler_disk_file.cc|2 +- winsup/cygwin/fhandler_socket.cc |2 +- winsup/cygwin/fhandler_tty.cc |2 +- winsup/cygwin/fhandler_virtual.cc |2 +- winsup/cygwin/include/acl/libacl.h | 55 ++ winsup/cygwin/include/cygwin/version.h |3 +- winsup/cygwin/include/sys/acl.h| 85 ++- winsup/cygwin/sec_acl.cc | 768 +++ winsup/cygwin/sec_helper.cc|2 +- winsup/cygwin/sec_posixacl.cc | 1052 winsup/cygwin/sec_posixacl.h | 68 +++ winsup/cygwin/security.cc |2 +- winsup/utils/getfacl.c |3 +- winsup/utils/setfacl.c |3 +- 18 files changed, 1825 insertions(+), 276 deletions(-) diff --git a/winsup/cygwin/Makefile.in b/winsup/cygwin/Makefile.in index 271a5be..fac9b3e 100644 --- a/winsup/cygwin/Makefile.in +++ b/winsup/cygwin/Makefile.in @@ -267,6 +267,7 @@ DLL_OFILES:= \ sec_acl.o \ sec_auth.o \ sec_helper.o \ + sec_posixacl.o \ security.o \ select.o \ sem.o \ @@ -443,7 +444,7 @@ endif API_VER:=$(srcdir)/include/cygwin/version.h LIB_NAME:=libcygwin.a -SUBLIBS:=libpthread.a libutil.a ${CURDIR}/libm.a ${CURDIR}/libc.a libdl.a libresolv.a librt.a +SUBLIBS:=libpthread.a libutil.a ${CURDIR}/libm.a ${CURDIR}/libc.a libdl.a libresolv.a librt.a libacl.a EXTRALIBS:=libautomode.a libbinmode.a libtextmode.a libtextreadmode.a INSTOBJS:=automode.o binmode.o textmode.o textreadmode.o TARGET_LIBS:=$(LIB_NAME) $(CYGWIN_START) $(GMON_START) $(LIBGMON_A) $(SUBLIBS) $(INSTOBJS) $(EXTRALIBS) @@ -643,6 +644,9 @@ libresolv.a: ${LIB_NAME} minires.o librt.a: ${LIB_NAME} posix_ipc.o ${speclib} ${@F} +libacl.a: ${LIB_NAME} sec_posixacl.o + ${speclib} ${@F} + ${EXTRALIBS}: lib%.a: %.o $(AR) cru $@ $? diff --git a/winsup/cygwin/common.din b/winsup/cygwin/common.din index c39d265..fe714d8 100644 --- a/winsup/cygwin/common.din +++ b/winsup/cygwin/common.din @@ -117,6 +117,45 @@ accept = cygwin_accept SIGFE accept4 SIGFE access SIGFE acl SIGFE +acl_add_perm NOSIGFE +acl_calc_mask SIGFE +acl_check NOSIGFE +acl_clear_perms NOSIGFE +acl_cmp SIGFE +acl_copy_entry NOSIGFE +acl_copy_ext NOSIGFE +acl_copy_int NOSIGFE +acl_create_entry SIGFE +acl_delete_def_file SIGFE +acl_delete_entry NOSIGFE +acl_delete_perm NOSIGFE +acl_dup SIGFE +acl_entries NOSIGFE +acl_equiv_mode SIGFE +acl_error NOSIGFE +acl_extended_fd SIGFE +acl_extended_file SIGFE +acl_extended_file_nofollow SIGFE +acl_free SIGFE +acl_from_mode NOSIGFE +acl_from_text SIGFE +acl_get_entry NOSIGFE +acl_get_fd SIGFE +acl_get_file SIGFE +acl_get_perm NOSIGFE +acl_get_permset NOSIGFE +acl_get_qualifier SIGFE +acl_get_tag_type NOSIGFE +acl_init SIGFE +acl_set_fd SIGFE +acl_set_file SIGFE +acl_set_permset NOSIGFE +acl_set_q
[newlib-cygwin] acl_create_entry: Don't invalidate existing entry_d and permset_d.
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=e4ecb5b96a9d526f69aa0f2c2c38b00d8d27ed07 commit e4ecb5b96a9d526f69aa0f2c2c38b00d8d27ed07 Author: Corinna Vinschen Date: Wed Jan 6 23:00:51 2016 +0100 acl_create_entry: Don't invalidate existing entry_d and permset_d. * sec_posixacl .cc (__acl_dup): Remove. (acl_dup): Fold __acl_dup functionality into this function. (acl_create_entry): Don't create new acl_t. Just realloc acl->entry to make room for new aclent_t. Signed-off-by: Corinna Vinschen Diff: --- winsup/cygwin/sec_posixacl.cc | 27 +++ 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/winsup/cygwin/sec_posixacl.cc b/winsup/cygwin/sec_posixacl.cc index 54bac8f..8760ad5 100644 --- a/winsup/cygwin/sec_posixacl.cc +++ b/winsup/cygwin/sec_posixacl.cc @@ -48,22 +48,21 @@ acl_init (int count) return acl; } -static acl_t -__acl_dup (acl_t acl, int max) +extern "C" acl_t +acl_dup (acl_t acl) { __try { - acl_t new_acl = acl_init (max); + acl_t new_acl = acl_init (acl->max_count); if (new_acl) { - int new_idx = 0; + uint16_t new_idx = 0; for (uint16_t idx = 0; idx < acl->count; ++idx) if (acl->entry[idx].a_type != ACL_DELETED_TAG) new_acl->entry[new_idx++] = acl->entry[idx]; new_acl->magic = ACL_MAGIC; new_acl->count = new_idx; - new_acl->max_count = max; return new_acl; } } @@ -72,12 +71,6 @@ __acl_dup (acl_t acl, int max) return NULL; } -extern "C" acl_t -acl_dup (acl_t acl) -{ - return __acl_dup (acl, acl->max_count); -} - extern "C" int acl_free (void *obj_p) { @@ -159,12 +152,14 @@ acl_create_entry (acl_t *acl_p, acl_entry_t *entry_p) } if (acl->count >= acl->max_count) { - acl_t new_acl = __acl_dup (acl, acl->count + 1); - if (!new_acl) + aclent_t *new_e; + + new_e = (aclent_t *) realloc (acl->entry, + _ENTRY_SIZE (acl->max_count + 1)); + if (!new_e) __leave; - *acl_p = new_acl; - acl_free (acl); - acl = *acl_p; + acl->entry = new_e; + ++acl->max_count; } idx = acl->count++; *entry_p = __to_entry (acl, idx);
[newlib-cygwin] cygwin/acl.h: Don't clutter namespace
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=edd7d93484703b81b5e203a9c7c490f117eb4e42 commit edd7d93484703b81b5e203a9c7c490f117eb4e42 Author: Corinna Vinschen Date: Wed Jan 6 18:24:03 2016 +0100 cygwin/acl.h: Don't clutter namespace include/cygwin/acl.h: Change comments to /**/ style. Reformat declarations. Use underscores in argument names. Signed-off-by: Corinna Vinschen Diff: --- winsup/cygwin/include/cygwin/acl.h | 70 +- 1 file changed, 38 insertions(+), 32 deletions(-) diff --git a/winsup/cygwin/include/cygwin/acl.h b/winsup/cygwin/include/cygwin/acl.h index b7cbf03..846c49c 100644 --- a/winsup/cygwin/include/cygwin/acl.h +++ b/winsup/cygwin/include/cygwin/acl.h @@ -33,56 +33,62 @@ extern "C" { On one hand, there are only a limited number of SIDs shorter than the normal user/group SIDs, on the other hand there are no deny aclent_t entries, so we should be fine with 32K aclbuf_t buffers provided by the caller. */ -#defineMIN_ACL_ENTRIES (3)// minimal acl entries from GETACLCNT -#defineMAX_ACL_ENTRIES (2730) // max entries of each type +#defineMIN_ACL_ENTRIES (3)/* minimal acl entries from GETACLCNT */ +#defineMAX_ACL_ENTRIES (2730) /* max entries of each type */ -// Return values of aclcheck(3) in case of error */ +/* Return values of aclcheck(3) in case of error */ #define GRP_ERROR (0x1) #define USER_ERROR (0x2) #define CLASS_ERROR (0x3) #define OTHER_ERROR (0x4) #define DUPLICATE_ERROR (0x5) #define ENTRY_ERROR (0x6) -#define MISS_ERROR (0x7) // which = -1 -#define MEM_ERROR (0x8) // which = -1 +#define MISS_ERROR (0x7) /* which = -1 */ +#define MEM_ERROR (0x8) /* which = -1 */ -// Values for entry type of struct acl -#define USER_OBJ(0x0001)// owner -#define USER(0x0002)// additional user -#define GROUP_OBJ (0x0004)// owning group -#define GROUP (0x0008)// additional group -#define CLASS_OBJ (0x0010)// mask entry -#define OTHER_OBJ (0x0020)// others -#define ACL_DEFAULT (0x1000)// default flag -#define DEF_USER_OBJ(ACL_DEFAULT|USER_OBJ) // default owner -#define DEF_USER(ACL_DEFAULT|USER) // default additional user -#define DEF_GROUP_OBJ (ACL_DEFAULT|GROUP_OBJ) // default owning group -#define DEF_GROUP (ACL_DEFAULT|GROUP) // default additional group -#define DEF_CLASS_OBJ (ACL_DEFAULT|CLASS_OBJ) // default mask entry -#define DEF_OTHER_OBJ (ACL_DEFAULT|OTHER_OBJ) // default others -// Values with equivalent meanings +/* Values for entry type of struct acl */ +#define USER_OBJ(0x0001)/* owner */ +#define USER(0x0002)/* additional user */ +#define GROUP_OBJ (0x0004)/* owning group */ +#define GROUP (0x0008)/* additional group*/ +#define CLASS_OBJ (0x0010)/* mask entry */ +#define OTHER_OBJ (0x0020)/* others */ +#define ACL_DEFAULT (0x1000)/* default flag */ +#define DEF_USER_OBJ(ACL_DEFAULT|USER_OBJ) /* default owner */ +#define DEF_USER(ACL_DEFAULT|USER) /* default additional user */ +#define DEF_GROUP_OBJ (ACL_DEFAULT|GROUP_OBJ) /* default owning group */ +#define DEF_GROUP (ACL_DEFAULT|GROUP) /* default additional group */ +#define DEF_CLASS_OBJ (ACL_DEFAULT|CLASS_OBJ) /* default mask entry */ +#define DEF_OTHER_OBJ (ACL_DEFAULT|OTHER_OBJ) /* default others */ +/* Values with equivalent meanings */ #define USER_OWNER USER_OBJ #define GROUP_OWNER GROUP_OBJ #define MASKCLASS_OBJ #define OTHER OTHER_OBJ typedef struct acl { -int a_type;/* entry type */ -uid_ta_id; /* UID | GID */ +int a_type;/* entry type */ +id_t a_id; /* UID | GID */ mode_t a_perm;/* permissions */ } aclent_t; #ifndef __INSIDE_CYGWIN__ -int _EXFUN(acl,(const char *path, int cmd, int nentries, aclent_t *aclbufp)); -int _EXFUN(facl,(int fd, int cmd, int nentries, aclent_t *aclbufp)); -int _EXFUN(aclcheck,(aclent_t *aclbufp, int nentries, int *which)); -int _EXFUN(aclsort,(int nentries, int calclass, aclent_t *aclbufp)); -int _EXFUN(acltomode,(aclent_t *aclbufp, int nentries, mode_t *modep)); -int _EXFUN(aclfrommode,(aclent_t *aclbufp, int nentries, mode_t *modep)); -int _EXFUN(acltopbits,(aclent_t *aclbufp, int nentries, mode_t *pbitsp)); -int _EXFUN(aclfrompbits,(aclent_t *aclbufp, int nentries, mode_t *pbitsp)); -char *_EXFUN(acltotext,(aclent_t *aclb
[newlib-cygwin] faq: Sort BLODA list and update advice on fixing fork failures
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=930474058e4596b652c4b42d9e6eea6c294db9c1 commit 930474058e4596b652c4b42d9e6eea6c294db9c1 Author: Jon Turney Date: Mon Mar 7 18:42:41 2016 + faq: Sort BLODA list and update advice on fixing fork failures * faq-using.xml (bloda): Alphabetically sort BLODA list for ease of finding things in it. (fixing-fork-failures): Update to suggest rebase-trigger rather than running rebaseall via dash yourself. Mention detect_bloda CYGWIN token. Signed-off-by: Jon Turney Diff: --- winsup/doc/faq-using.xml | 88 ++-- 1 file changed, 56 insertions(+), 32 deletions(-) diff --git a/winsup/doc/faq-using.xml b/winsup/doc/faq-using.xml index f6d4b8e..66e133b 100644 --- a/winsup/doc/faq-using.xml +++ b/winsup/doc/faq-using.xml @@ -1286,39 +1286,39 @@ behaviour which affect the operation of other programs, such as Cygwin. Among the software that has been found to cause difficulties are: -Sonic Solutions burning software containing DLA component (when DLA disabled) -Norton/McAfee/Symantec antivirus or antispyware -Logitech webcam software with "Logitech process monitor" service -Kerio, Agnitum or ZoneAlarm Personal Firewall -Iolo System Mechanic/AntiVirus/Firewall -LanDesk -Windows Defender -Various programs by Wave Systems Corp using wxvault.dll, including Embassy Trust Suite and Embassy Security Center -NOD32 Antivirus -ByteMobile laptop optimization client -Earthlink Total-Access -Spybot S&D TeaTimer AR Soft RAM Disk ATI Catalyst (some versions) -NVIDIA GeForce (some versions) -Windows LiveOneCare -Webroot Spy Sweeper with Antivirus -COMODO Firewall Pro -PC Tools Spyware Doctor +AVAST (disable FILESYSTEM and BEHAVIOR realtime shields) Avira AntiVir -Panda Internet Security BitDefender -Google Desktop -Sophos Anti-Virus 7 Bufferzone from Trustware -Lenovo IPS Core Service (ipssvc) -Lenovo RapidBoot Shield -Credant Guardian Shield -AVAST (disable FILESYSTEM and BEHAVIOR realtime shields) +ByteMobile laptop optimization client +COMODO Firewall Pro Citrix Metaframe Presentation Server/XenApp (see http://support.citrix.com/article/CTX107825";>Citrix Support page) -Lavasoft Web Companion +Credant Guardian Shield +Earthlink Total-Access Forefront TMG +Google Desktop +Iolo System Mechanic/AntiVirus/Firewall +Kerio, Agnitum or ZoneAlarm Personal Firewall +LanDesk +Lavasoft Web Companion +Lenovo IPS Core Service (ipssvc) +Lenovo RapidBoot Shield +Logitech webcam software with "Logitech process monitor" service MacType +NOD32 Antivirus +NVIDIA GeForce (some versions) +Norton/McAfee/Symantec antivirus or antispyware +PC Tools Spyware Doctor +Panda Internet Security +Sonic Solutions burning software containing DLA component (when DLA disabled) +Sophos Anti-Virus 7 +Spybot S&D TeaTimer +Various programs by Wave Systems Corp using wxvault.dll, including Embassy Trust Suite and Embassy Security Center +Webroot Spy Sweeper with Antivirus +Windows Defender +Windows LiveOneCare Sometimes these problems can be worked around, by temporarily or partially disabling the offending software. For instance, it may be possible to disable @@ -1398,16 +1398,40 @@ such as virtual memory paging and file caching. Ensure that you have eliminated (not just disabled) all software on the . -Read the 'rebase' package README in -/usr/share/doc/rebase/, and follow the -instructions there to run 'rebaseall'. Switch from 32-bit Cygwin to 64-bit Cygwin, if your OS and CPU support that. With the bigger address space fork() is less likely to fail. + + + Try setting the environment variable CYGWIN to "detect_bloda", which + enables some extra debugging, which may indicate what other software is + causing the problem. + + + See https://cygwin.com/ml/cygwin/2012-02/msg00797.html";>this + mail for more information. + + + + + Force a full rebase: Run rebase-trigger fullrebase, + exit all Cygwin programs and run Cygwin setup. + + + By default, Cygwin's setup program automatically performs an incremental + rebase of newly installed files. Forcing a full rebase causes the + rebase map to be cleared before doing the rebase. + + + See /usr/share/doc/rebase/README and + /usr/share/doc/Cygwin/_autorebase.README for more + details. + + Please note that installing new packages or updating existing + ones undoes the effects of rebase and often causes fork() failures to + reappear. + + - Please note that installing new packages or updating existing - ones undoes the effects of rebaseall and often causes fork() failures - to reappear. If so, just run rebaseall again. - See the https://cygwin.com/cygwin-ug-net/highlights.html#ov-hi-process";> process creation sec
[newlib-cygwin] Cygwin: Document new POSIX ACL API
https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=c09e96fda04989dcf0948e797deb8f096e12f2fa commit c09e96fda04989dcf0948e797deb8f096e12f2fa Author: Corinna Vinschen Date: Tue Mar 8 17:33:08 2016 +0100 Cygwin: Document new POSIX ACL API Signed-off-by: Corinna Vinschen Diff: --- winsup/cygwin/release/2.5.0 | 16 winsup/doc/new-features.xml | 22 ++ 2 files changed, 38 insertions(+) diff --git a/winsup/cygwin/release/2.5.0 b/winsup/cygwin/release/2.5.0 index 6569942..4608965 100644 --- a/winsup/cygwin/release/2.5.0 +++ b/winsup/cygwin/release/2.5.0 @@ -1,6 +1,19 @@ What's new: --- +- Full set of POSIX.1e ACL API functions now implemented. + New APIs: acl_add_perm, acl_calc_mask, acl_clear_perms, acl_copy_entry, + acl_copy_ext, acl_copy_int, acl_create_entry, acl_delete_def_file, + acl_delete_entry, acl_delete_perm, acl_dup, acl_free, acl_from_text, + acl_get_entry, acl_get_fd, acl_get_file, acl_get_permset, acl_get_qualifier, + acl_get_tag_type, acl_init, acl_set_fd, acl_set_file, acl_set_permset, + acl_set_qualifier, acl_set_tag_type, acl_size, acl_to_text, acl_valid. + +- Most libacl extensions now implemented, too: + New APIs: acl_check, acl_cmp, acl_entries, acl_equiv_mode, acl_error, + acl_extended_fd, acl_extended_file, acl_extended_file_nofollow, + acl_from_mode, acl_get_perm, acl_to_any_text. + - First implementation of pthread_barrier/pthread_barrierattr functions. New APIs: pthread_barrierattr_init, pthread_barrierattr_setpshared, pthread_barrierattr_getpshared, pthread_barrierattr_destroy, @@ -10,6 +23,9 @@ What's new: What changed: - +- Including now *only* includes the POSIX ACL API. To include + the old Solaris API, include . + - In calls to chmod treat ACLs with extra ACEs *only* for Admins and SYSTEM like a trivial ACL. diff --git a/winsup/doc/new-features.xml b/winsup/doc/new-features.xml index 8f7a6ab..4f21288 100644 --- a/winsup/doc/new-features.xml +++ b/winsup/doc/new-features.xml @@ -9,6 +9,28 @@ +- Full set of POSIX.1e ACL API functions now implemented. + New APIs: acl_add_perm, acl_calc_mask, acl_clear_perms, acl_copy_entry, + acl_copy_ext, acl_copy_int, acl_create_entry, acl_delete_def_file, + acl_delete_entry, acl_delete_perm, acl_dup, acl_free, acl_from_text, + acl_get_entry, acl_get_fd, acl_get_file, acl_get_permset, acl_get_qualifier, + acl_get_tag_type, acl_init, acl_set_fd, acl_set_file, acl_set_permset, + acl_set_qualifier, acl_set_tag_type, acl_size, acl_to_text, acl_valid. + + + +- Most libacl extensions now implemented, too: + New APIs: acl_check, acl_cmp, acl_entries, acl_equiv_mode, acl_error, + acl_extended_fd, acl_extended_file, acl_extended_file_nofollow, + acl_from_mode, acl_get_perm, acl_to_any_text. + + + +- Includingnow *only* includes the POSIX ACL API. To include + the old Solaris API, include . + + + First implementation of pthread_barrier/pthread_barrierattr functions. New APIs: pthread_barrierattr_init, pthread_barrierattr_setpshared, pthread_barrierattr_getpshared, pthread_barrierattr_destroy,