[PATCH 7/7] server/kernel32: Marshal security descriptor to
server for a new process.
Mirek
thunder.m at czela.net
Tue Jan 30 10:32:13 CST 2007
Hi, i cant compile wine with this patch, do you know why?
gcc -c -I. -I. -I../../include -I../../include -D__WINESRC__
-DCOM_NO_WINDOWS_H -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing
-Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -g -O2
-o regsvr.o regsvr.c
make[2]: Leaving directory
`/root/.WineCVS/sources/cvswine/wine/dlls/mmdevldr.vxd'
gcc -c -I. -I. -I../../include -I../../include -D__WINESRC__
-D_KERNEL32_ -D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing
-Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -g -O2
-o profile.o profile.c
process.c: In function ‘create_process’:
process.c:1314: error: ‘struct new_process_request’ has no member named
‘sd_len’
process.c:1318: error: ‘struct new_process_request’ has no member named
‘sd_len’
process.c:1320: error: ‘struct new_process_request’ has no member named
‘sd_len’
process.c:1322: error: ‘struct new_process_request’ has no member named
‘sd_len’
process.c:1323: error: ‘struct new_process_request’ has no member named
‘sd_len’
process.c:1325: error: ‘struct new_process_request’ has no member named
‘sd_len’
process.c:1327: error: ‘struct new_process_request’ has no member named
‘sd_len’
make[2]: *** [process.o] Error 1
make[2]: *** Waiting for unfinished jobs....
make[2]: Entering directory
`/root/.WineCVS/sources/cvswine/wine/dlls/monodebg.vxd'
gcc -c -I. -I. -I../../include -I../../include -D__WINESRC__
-D_REENTRANT -fPIC -Wall -pipe -fno-strict-aliasing
-Wdeclaration-after-statement -Wwrite-strings -Wpointer-arith -g -O2
-o monodebg.o monodebg.c
../../tools/winegcc/winegcc -B../../tools/winebuild -shared
./monodebg.vxd.spec monodebg.o -o monodebg.vxd.so -lkernel32
../../libs/port/libwine_port.a
../../tools/winegcc/winegcc -B../../tools/winebuild -shared ./mlang.spec
mlang.o regsvr.o -o mlang.dll.so -loleaut32 -lole32 -luser32
-lgdi32 -ladvapi32 -lkernel32 -lntdll -Wb,-doleaut32 -luuid
../../libs/port/libwine_port.a
make[2]: Leaving directory
`/root/.WineCVS/sources/cvswine/wine/dlls/kernel32'
make[1]: *** [kernel32] Error 2
make[1]: *** Waiting for unfinished jobs....
make[2]: Leaving directory `/root/.WineCVS/sources/cvswine/wine/dlls/mlang'
make[2]: Leaving directory
`/root/.WineCVS/sources/cvswine/wine/dlls/monodebg.vxd'
make[1]: Leaving directory `/root/.WineCVS/sources/cvswine/wine/dlls'
make: *** [dlls] Error 2
Mirek
Vitaliy Margolen napsal(a):
> We are limited to only 5 server data calls. Here it would have been 7.
> And possibly 12 in the future. Hence decision to send self-relative
> SECURITY_DESCRIPTOR.
> ---
> dlls/kernel32/process.c | 25 +++++++++++++++++++++++++
> server/process.c | 8 ++++++--
> server/protocol.def | 2 ++
> 3 files changed, 33 insertions(+), 2 deletions(-)
>
>
> ------------------------------------------------------------------------
>
> diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
> index 8cdcd72..463071d 100644
> --- a/dlls/kernel32/process.c
> +++ b/dlls/kernel32/process.c
> @@ -1277,6 +1277,8 @@ static BOOL create_process( HANDLE hFile
>
> SERVER_START_REQ( new_process )
> {
> + PSECURITY_DESCRIPTOR p_sd = NULL;
> +
> req->inherit_all = inherit;
> req->create_flags = flags;
> req->socket_fd = socketfd[1];
> @@ -1303,6 +1305,27 @@ static BOOL create_process( HANDLE hFile
> if (is_console_handle(req->hstderr)) req->hstderr = console_handle_unmap(req->hstderr);
> }
>
> + /* marshal security descriptor */
> + if (psa && psa->lpSecurityDescriptor)
> + {
> + SECURITY_DESCRIPTOR_CONTROL control;
> + DWORD revision;
> +
> + req->sd_len = RtlLengthSecurityDescriptor( psa->lpSecurityDescriptor );
> + RtlGetControlSecurityDescriptor( psa->lpSecurityDescriptor, &control, &revision );
> +
> + if (control & SE_SELF_RELATIVE)
> + wine_server_add_data( req, psa->lpSecurityDescriptor, req->sd_len );
> + else
> + if ((p_sd = HeapAlloc( GetProcessHeap(), 0, req->sd_len )))
> + {
> + RtlMakeSelfRelativeSD( psa->lpSecurityDescriptor, p_sd, &req->sd_len );
> + wine_server_add_data( req, p_sd, req->sd_len );
> + }
> + else req->sd_len = 0;
> + }
> + else req->sd_len = 0;
> +
> wine_server_add_data( req, params, params->Size );
> wine_server_add_data( req, params->Environment, (env_end-params->Environment)*sizeof(WCHAR) );
> if ((ret = !wine_server_call_err( req )))
> @@ -1313,6 +1336,8 @@ static BOOL create_process( HANDLE hFile
> info->hThread = reply->thandle;
> }
> process_info = reply->info;
> +
> + HeapFree( GetProcessHeap(), 0, p_sd );
> }
> SERVER_END_REQ;
>
> diff --git a/server/process.c b/server/process.c
> index 1c53f49..21dd8cb 100644
> --- a/server/process.c
> +++ b/server/process.c
> @@ -820,6 +820,7 @@ DECL_HANDLER(new_process)
> struct thread *thread;
> struct process *process;
> struct process *parent = current->process;
> + const SECURITY_DESCRIPTOR *p_sd = get_req_data();
> int socket_fd = thread_get_inflight_fd( current, req->socket_fd );
>
> if (socket_fd == -1)
> @@ -841,14 +842,14 @@ DECL_HANDLER(new_process)
> info->hstderr = req->hstderr;
> info->exe_file = NULL;
> info->process = NULL;
> - info->data_size = get_req_data_size();
> + info->data_size = get_req_data_size() - req->sd_len;
> info->data = NULL;
>
> if (req->exe_file &&
> !(info->exe_file = get_file_obj( current->process, req->exe_file, FILE_READ_DATA )))
> goto done;
>
> - if (!(info->data = memdup( get_req_data(), info->data_size ))) goto done;
> + if (!(info->data = memdup( (char*)get_req_data() + req->sd_len, info->data_size ))) goto done;
>
> if (!(thread = create_process( socket_fd, current, req->inherit_all ))) goto done;
> process = thread->process;
> @@ -900,6 +901,9 @@ DECL_HANDLER(new_process)
> reply->phandle = alloc_handle( parent, process, req->process_access, req->process_attr );
> reply->thandle = alloc_handle( parent, thread, req->thread_access, req->thread_attr );
>
> + if (req->sd_len)
> + set_object_sd( &process->obj, p_sd, OWNER_SECURITY_INFORMATION | GROUP_SECURITY_INFORMATION |
> + SACL_SECURITY_INFORMATION | DACL_SECURITY_INFORMATION );
> done:
> release_object( info );
> }
> diff --git a/server/protocol.def b/server/protocol.def
> index f49f331..9ebbcbc 100644
> --- a/server/protocol.def
> +++ b/server/protocol.def
> @@ -436,6 +436,8 @@ typedef union
> unsigned int process_attr; /* attributes for process object */
> unsigned int thread_access; /* access rights for thread object */
> unsigned int thread_attr; /* attributes for thread object */
> + data_size_t sd_len; /* length of process' security descriptor */
> + VARARG(sd,bytes,sd_len); /* process' security descriptor to set */
> VARARG(info,startup_info); /* startup information */
> VARARG(env,unicode_str); /* environment for new process */
> @REPLY
>
>
>
> ------------------------------------------------------------------------
>
>
More information about the wine-devel
mailing list