Hi Sergey, This is not exactly what I had in mind - we have updated the DACL to provide some explicit security (from a NULL DACL which allows everyone everything), so that’s good. But..
I was hoping we could just keep the default security for the DACL (no need to change this, pass a NULL to CreateNamedPipe() is fine (will inherit process token)). Then we should just focus on manipulating the SidStart field in the SYSTEM_MANDATORY_LABEL_ACE structure in the SACL (not the DACL). Maybe you tried this already? Cheers Markus -----Original Message----- From: Sergey Gabdurakhmanov Sent: den 19 september 2014 14:34 To: Mattis Castegren; serviceability-dev@openjdk.java.net; Markus Grönlund; Staffan Larsen; Christian Törnqvist; Markus Grönlund; Alexey Utkin; Dmitry Samersoff Subject: Re: URGENT: RE: RFR(XS): 8057564: JVM hangs at getAgentProperties after attaching to VM with lower IntegrityLevel Hi, New version of the fix for review: http://cr.openjdk.java.net/~sgabdura/8057564/webrev.02/ Now I add security descriptor with read/write permissions to everybody and full control to system and administrators. BR, Sergey On 17.09.2014 18:03, Mattis Castegren wrote: > Also adding Christian, who is both a reviewer AND knows windows. > > This is a very critical customer bug, and we have a hard deadline of next > week. > > Kind Regards > /Mattis > > -----Original Message----- > From: Mattis Castegren > Sent: den 17 september 2014 07:08 > To: Sergey Gabdurakhmanov; serviceability-dev@openjdk.java.net; Markus > Grönlund; Staffan Larsen > Cc: Mattis Castegren > Subject: RE: RFR(XS): 8057564: JVM hangs at getAgentProperties after > attaching to VM with lower IntegrityLevel > > Hi > > This is urgent for a customer case, so we would need the second review. > Dmitry was ok with the fix. Sergey, you also got some additional review from > someone who was not an official reviewer, right? Could you paste those > comments? > > If no one on this alias feels comfortable with reviewing this fix, any ideas > on someone else who can do it and who is has reviewer status? Maybe someone > from another team with a lot of Windows experience? > > Kind Regards > /Mattis > > -----Original Message----- > From: Sergey Gabdurakhmanov > Sent: den 16 september 2014 12:56 > To: serviceability-dev@openjdk.java.net > Subject: Re: RFR(XS): 8057564: JVM hangs at getAgentProperties after > attaching to VM with lower IntegrityLevel > > Hi, > > I need a second approval for the fix integration. > Can somebody else review the patch? > > BR, > Sergey > > On 12.09.2014 17:34, Dmitry Samersoff wrote: >> Sergey, >> >> Looks good for me. >> >> -Dmitry >> >> >> On 2014-09-12 12:46, Sergey Gabdurakhmanov wrote: >>> Dmitry, >>> >>> New patch: >>> http://cr.openjdk.java.net/~sgabdura/8057564/webrev.01/ >>> >>> >>> My answers: >>> >>> 1. You should not free lpSecurityDescriptor if it's null (ll.291) >>> >>> I checked MSDN >>> http://msdn.microsoft.com/en-us/library/windows/desktop/aa366730%28v >>> =vs.85%29.aspx "If the /hMem/ parameter is *NULL*, *LocalFree* >>> ignores the parameter and returns *NULL*." >>> >>> 2. It's better to re-arrange code a bit: >>> >>> if InitializeSecurityDescriptor or SetSecurityDescriptorDacl fails, >>> free lpSecurityDescriptor immediately and continue with >>> lpSecurityDescriptor == NULL >>> >>> Done. >>> >>> >>> 3. Make sure it works on all supported platforms: this code rise >>> minimal server version to windows 2003 server. >>> >>> In Windows 2003 server my fix will create a new security attributes. >>> If SetSecurityDescriptorDacl or InitializeSecurityDescriptor will >>> return false on Windows XP then my patch will pass NULL to >>> CreateNamedPipe and the code will use default security descriptor. >>> >>> >>> BR, >>> Sergey >>> >>> On 11.09.2014 16:16, Dmitry Samersoff wrote: >>>> Sergey, >>>> >>>> 1. You should not free lpSecurityDescriptor if it's null (ll.291) >>>> >>>> 2. It's better to re-arrange code a bit: >>>> >>>> if InitializeSecurityDescriptor or SetSecurityDescriptorDacl fails, >>>> free lpSecurityDescriptor immediately and continue with >>>> lpSecurityDescriptor == NULL >>>> >>>> >>>> 3. Make sure it works on all supported platforms: this code rise >>>> minimal server version to windows 2003 server. >>>> >>>> -Dmitry >>>> >>>> >>>> >>>> On 2014-09-11 15:49, Sergey Gabdurakhmanov wrote: >>>>> Hi, >>>>> >>>>> Could I please have a review of this small fix. >>>>> >>>>> webrev: http://cr.openjdk.java.net/~sgabdura/8057564/webrev.00/ >>>>> bug: https://jbs.oracle.com/bugs/browse/JDK-8057564 >>>>> >>>>> Problem description: >>>>> On Windows 7 with User Account Control (UAC) enabled, JVM hangs at >>>>> getAgentProperties or getSystemProperties after attaching from a "high" >>>>> IntegrityLevel JVM to a "medium" IntegrityLevel JVM, using Attach API: >>>>> attachedVM = com.sun.tools.attach.VirtualMachine.attach(pid); >>>>> final Properties systemProperties = >>>>> attachedVM.getSystemProperties(); >>>>> >>>>> Root cause: >>>>> In WindowsVirtualMachine.attach is implemented with named pipes. >>>>> If named pipe was created with default security properties then >>>>> windows will not allow process with"medium" IntegrityLevel to be >>>>> attached to a processwith "high" IntegrityLevel. >>>>> >>>>> Solution: >>>>> Create security properties that allow requested connection. >>>>> >>>>> I'm going to push this fix into JDK9, 8 and 7. >>>>> BR, >>>>> Sergey >>>>>
