keep Cygwin docs well-formed and valid
I just did a commit that touched a lot of sgml files. Now both the User's Guide (cygwin-ug-net.sgml) and API Reference (cygwin-api.sgml) are well-formed and valid DocBook XML. The current SGML tools still work fine with it, but I hope to move the doc Makefile to xmlto soon to end the confusion with different SGML toolchains (as far as I know xmlto is standard across platforms, and it's already packaged for Cygwin). For anyone who edits the documentation, though, please keep the files well-formed and valid! This means: --All tags should be in lower case (like , not , close it with --Use entities for 8-bit characters, like © for © and ® for ®. --Close empty tags, though note that is weirdly NOT empty but should be used like this: --Always put tag attributes in quotes Thanks.
Re: [Patch] Fixing the PROCESS_DUP_HANDLE security hole.
On Fri, Dec 24, 2004 at 08:40:29AM -0500, Pierre A. Humblet wrote: >At 12:54 AM 12/24/2004 -0500, Pierre A. Humblet wrote: >I think the way out is as follows: >Toward the end of spawn_guts: > >ciresrv.sync (myself, INFINITE); [always] > >if (wait_for_myself) > waitpid (myself->pid, &dummy, 0); > [For clarity, these two lines should be brought down > inside the case _P_OVERLAY: ] Yes, I thought of this last night as I was trying to sleep. It also dawned on me that I need to synchronize wr_proc_pipe any time it is used. Otherwise an exec followed by a quick SIGSTOP may not work. I almost got up to make these changes but, instead, I just dreamed about them all night and had a crappy night's sleep. The change to pinfo::exit didn't occur to me but it is logical. I have made that change. cgf
Re: [Patch] Fixing the PROCESS_DUP_HANDLE security hole.
At 12:54 AM 12/24/2004 -0500, Pierre A. Humblet wrote:
>At 12:25 AM 12/24/2004 -0500, Christopher Faylor wrote:
>>On Thu, Dec 23, 2004 at 11:59:59PM -0500, Pierre A. Humblet wrote:
>>>At 11:35 PM 12/23/2004 -0500, Christopher Faylor wrote:
I don't think you need it. You just need to tell a process which is
about to exec after having been execed to make sure that its
wr_proc_pipe is valid.
>>>
>>>Yes, that's the key. So the question is only about method. Either the
parent
>>>guarantees that the child has a valid handle, or the child must check
>>>that it already has a valid handle or wait until it does.
>>
>>I have just implemented code which causes an execed child to wait for the
>>parent to fill in its wr_proc_pipe if it is going to exec again. It uses
>>a busy loop but I think it's unlikely that the loop will be exercised too
>>often.
>
>It's late, but I am trying to go through all permutations.
>Here is a strange one.
>Cygwin process A started from Windows execs a Windows process B.
>We are in the case where A
> if (!myself->wr_proc_pipe)
> {
> myself.remember (true);
> wait_for_myself = true;
>
>The problem is that later there is
>if (wait_for_myself)
> waitpid (myself->pid, &res, 0);
>else
> ciresrv.sync (myself, INFINITE);
>
>Process A takes the first branch (waitpid), although it's the
>second branch that will call GetExitCodeProcess.
>So A will see its logical self terminate, but it won't get the
>exit status of B.
>Right? Going to sleep on this.
I think the way out is as follows:
Toward the end of spawn_guts:
ciresrv.sync (myself, INFINITE); [always]
if (wait_for_myself)
waitpid (myself->pid, &dummy, 0);
[For clarity, these two lines should be brought down
inside the case _P_OVERLAY: ]
and in pinfo::exit, change ExitProcess (n) to
ExitProcess (exitcode)
There is NO NEED for a Cygwin process started from Windows to
start a new exec'ed process in suspended state.
The ciressrv.sync will collect the exit status of any Windows
process.
The purpose of the waitpid is to wait for the process chain to be
finished. But waitpid will fail if the child had terminated before
the pipe could be duplicated. That't why waitpid uses "dummy".
At any rate the final return value of the chain is safely set in
the exitstatus.
The change in pinfo::exit is to handle the "norecord" case. In that
case the value of n is meaningless, the correct exit code is already
set in exitcode.
Pierre
stopping floppy seeks (Was: available for test: findutils-20041219-1)
Brian Dessent wrote:
> > Let me say it again. This is not new behavior:
> >
> > 2003-08-05 Pavel Tsekov
> >
> > * path.cc (cygdrive_getmntent): Do not skip over drives of type
> > DRIVE_REMOVABLE.
> >
> > Perhaps you should be discussing this with Pavel.
>
> Okay, I misunderstood. I thought that you were saying someone had
> posted a patch that would prevent checking floppy drives in that section
> of the code. I now see that it used to be the case that this was done,
> and the above patch removed that functionality.
>
> I have no idea what Pavel's intentions were with his change. I can only
> guess it was to support /cygdrive use with some form of removable media,
> perhaps floppy, perhaps otherwise. However at the time it was
> committed, there was no mount checking code in find, and so there were
> no spurious floppy seeks for opening a login shell and many other
> activities. I will CC him on this email to see if he wants to clarify.
> It seems to me that making this behavior settable through a CYGWIN env
> option would satisy everyone, but I'm also quite sure that no patch I
> submit to implement this would be accepted, mainly due to not having a
> copyright assignment on file.
Here is a patch. If $CYGWIN does not contain "removable" (or contains
"noremovable") then /cygdrive's where GetDriveType() returns
DRIVE_REMOVABLE are skipped, avoiding the annoying floppy seeks.
CYGWIN=removable works the same as current code.
Note: I don't know if this would be considered trivial or not. Nor do I
know if it satisfies Pavel's needs. Just thought I'd post it anyway.
2004-12-24 Brian Dessent <[EMAIL PROTECTED]>
* environ.cc: Add extern decl for `cygdrive_removable'.
(struct parse_thing): Add entry for `[no]removable'.
* path.cc (cygdrive_getmntent): Ignore drive letters of
removable drives, unless `cygdrive_removable' set.Index: src/winsup/cygwin/environ.cc
===
RCS file: /cvs/src/src/winsup/cygwin/environ.cc,v
retrieving revision 1.105
diff -u -p -r1.105 environ.cc
--- src/winsup/cygwin/environ.cc3 Dec 2004 23:49:06 - 1.105
+++ src/winsup/cygwin/environ.cc24 Dec 2004 09:12:45 -
@@ -31,6 +31,7 @@ extern bool ignore_case_with_glob;
extern bool allow_ntea;
extern bool allow_smbntsec;
extern bool allow_winsymlinks;
+extern bool cygdrive_removable;
extern bool strip_title_path;
extern int pcheck_case;
extern int subauth_id;
@@ -537,6 +538,7 @@ static struct parse_thing
{"ntea", {func: set_ntea}, isfunc, NULL, {{0}, {s: "yes"}}},
{"ntsec", {func: set_ntsec}, isfunc, NULL, {{0}, {s: "yes"}}},
{"smbntsec", {func: set_smbntsec}, isfunc, NULL, {{0}, {s: "yes"}}},
+ {"removable", {&cygdrive_removable}, justset, NULL, {{false}, {true}}},
{"reset_com", {&reset_com}, justset, NULL, {{false}, {true}}},
{"strip_title", {&strip_title_path}, justset, NULL, {{false}, {true}}},
{"subauth_id", {func: &subauth_id_init}, isfunc, NULL, {{0}, {0}}},
Index: src/winsup/cygwin/path.cc
===
RCS file: /cvs/src/src/winsup/cygwin/path.cc,v
retrieving revision 1.335
diff -u -p -r1.335 path.cc
--- src/winsup/cygwin/path.cc 23 Dec 2004 21:37:43 - 1.335
+++ src/winsup/cygwin/path.cc 24 Dec 2004 09:12:57 -
@@ -2301,6 +2301,9 @@ mount_item::getmntent ()
return fillout_mntent (native_path, posix_path, flags);
}
+/* If true, removable /cygdrive's should be returned by getmntent() */
+bool cygdrive_removable;
+
static struct mntent *
cygdrive_getmntent ()
{
@@ -2316,7 +2319,8 @@ cygdrive_getmntent ()
break;
__small_sprintf (native_path, "%c:\\", drive);
- if (GetFileAttributes (native_path) == INVALID_FILE_ATTRIBUTES)
+ if ((!cygdrive_removable && GetDriveType (native_path) ==
DRIVE_REMOVABLE) ||
+ GetFileAttributes (native_path) == INVALID_FILE_ATTRIBUTES)
{
_my_tls.locals.available_drives &= ~mask;
continue;
