[4/6] server: Support sending process and thread security descriptors for the "new_process" request in the protocol.
Joris van der Wel
joris at jorisvanderwel.com
Sun Jul 6 13:18:48 CDT 2014
server: Support sending process and thread security descriptors for
the "new_process" request in the protocol.
---
dlls/kernel32/process.c | 30 +++++++++++++++++-------------
include/wine/server_protocol.h | 10 +++++++---
server/process.c | 37 +++++++++++++++++++++++--------------
server/protocol.def | 41 +++++++++++++++++++++++------------------
server/request.h | 7 +++++--
server/trace.c | 7 ++++++-
6 files changed, 81 insertions(+), 51 deletions(-)
-------------- next part --------------
From 6980c3bdc7a8aa23dedd4c046099a45d67226206 Mon Sep 17 00:00:00 2001
From: Joris van der Wel <joris at jorisvanderwel.com>
Date: Sun, 6 Jul 2014 16:23:13 +0200
Subject: server: Support sending process and thread security descriptors for
the "new_process" request in the protocol.
---
dlls/kernel32/process.c | 30 +++++++++++++++++-------------
include/wine/server_protocol.h | 10 +++++++---
server/process.c | 37 +++++++++++++++++++++++--------------
server/protocol.def | 41 +++++++++++++++++++++++------------------
server/request.h | 7 +++++--
server/trace.c | 7 ++++++-
6 files changed, 81 insertions(+), 51 deletions(-)
diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
index 2566ac4..082a6ea 100644
--- a/dlls/kernel32/process.c
+++ b/dlls/kernel32/process.c
@@ -2025,19 +2025,23 @@ static BOOL create_process( HANDLE hFile, LPCWSTR filename, LPWSTR cmd_line, LPW
SERVER_START_REQ( new_process )
{
- req->inherit_all = inherit;
- req->create_flags = flags;
- req->socket_fd = socketfd[1];
- req->exe_file = wine_server_obj_handle( hFile );
- req->process_access = PROCESS_ALL_ACCESS;
- req->process_attr = (psa && (psa->nLength >= sizeof(*psa)) && psa->bInheritHandle) ? OBJ_INHERIT : 0;
- req->thread_access = THREAD_ALL_ACCESS;
- req->thread_attr = (tsa && (tsa->nLength >= sizeof(*tsa)) && tsa->bInheritHandle) ? OBJ_INHERIT : 0;
- req->cpu = cpu;
- req->info_size = startup_info_size;
-
- wine_server_add_data( req, startup_info, startup_info_size );
- wine_server_add_data( req, env, (env_end - env) * sizeof(WCHAR) );
+ req->inherit_all = inherit;
+ req->create_flags = flags;
+ req->socket_fd = socketfd[1];
+ req->exe_file = wine_server_obj_handle( hFile );
+ req->process_access = PROCESS_ALL_ACCESS;
+ req->process_attr = (psa && (psa->nLength >= sizeof(*psa)) && psa->bInheritHandle) ? OBJ_INHERIT : 0;
+ req->thread_access = THREAD_ALL_ACCESS;
+ req->thread_attr = (tsa && (tsa->nLength >= sizeof(*tsa)) && tsa->bInheritHandle) ? OBJ_INHERIT : 0;
+ req->cpu = cpu;
+ req->process_sd_size = 0;
+ req->thread_sd_size = 0;
+ req->info_size = startup_info_size;
+ req->env_size = (env_end - env) * sizeof(WCHAR);
+
+ wine_server_add_data( req, startup_info, req->info_size );
+ wine_server_add_data( req, env , req->env_size );
+
if (!(status = wine_server_call( req )))
{
info->dwProcessId = (DWORD)reply->pid;
diff --git a/include/wine/server_protocol.h b/include/wine/server_protocol.h
index 57ab839..afef4ce 100644
--- a/include/wine/server_protocol.h
+++ b/include/wine/server_protocol.h
@@ -656,10 +656,14 @@ struct new_process_request
unsigned int thread_access;
unsigned int thread_attr;
cpu_type_t cpu;
+ data_size_t process_sd_size;
+ data_size_t thread_sd_size;
data_size_t info_size;
+ data_size_t env_size;
+ /* VARARG(process_sd,security_descriptor,process_sd_size); */
+ /* VARARG(thread_sd,security_descriptor,thread_sd_size); */
/* VARARG(info,startup_info,info_size); */
- /* VARARG(env,unicode_str); */
- char __pad_52[4];
+ /* VARARG(env,unicode_str,env_size); */
};
struct new_process_reply
{
@@ -5834,6 +5838,6 @@ union generic_reply
struct set_suspend_context_reply set_suspend_context_reply;
};
-#define SERVER_PROTOCOL_VERSION 456
+#define SERVER_PROTOCOL_VERSION 457
#endif /* __WINE_WINE_SERVER_PROTOCOL_H */
diff --git a/server/process.c b/server/process.c
index 7b9a3b2..6c004f4 100644
--- a/server/process.c
+++ b/server/process.c
@@ -880,6 +880,9 @@ DECL_HANDLER(new_process)
struct process *process;
struct process *parent = current->process;
int socket_fd = thread_get_inflight_fd( current, req->socket_fd );
+ const startup_info_t *req_info;
+ data_size_t req_info_size;
+ const WCHAR *req_env;
if (socket_fd == -1)
{
@@ -903,6 +906,12 @@ DECL_HANDLER(new_process)
close( socket_fd );
return;
}
+
+ req_info = (const startup_info_t *)
+ ((char*)get_req_data() + req->process_sd_size + req->thread_sd_size);
+
+ req_env = (const WCHAR *)
+ ((char*)get_req_data() + req->process_sd_size + req->thread_sd_size + req->info_size);
if (!req->info_size) /* create an orphaned process */
{
@@ -919,28 +928,28 @@ DECL_HANDLER(new_process)
if (req->exe_file &&
!(info->exe_file = get_file_obj( current->process, req->exe_file, FILE_READ_DATA )))
goto done;
-
- info->data_size = get_req_data_size();
- info->info_size = min( req->info_size, info->data_size );
-
+
if (req->info_size < sizeof(*info->data))
{
/* make sure we have a full startup_info_t structure */
- data_size_t env_size = info->data_size - info->info_size;
- data_size_t info_size = min( req->info_size, FIELD_OFFSET( startup_info_t, curdir_len ));
-
- if (!(info->data = mem_alloc( sizeof(*info->data) + env_size ))) goto done;
- memcpy( info->data, get_req_data(), info_size );
- memset( (char *)info->data + info_size, 0, sizeof(*info->data) - info_size );
- memcpy( info->data + 1, (const char *)get_req_data() + req->info_size, env_size );
- info->info_size = sizeof(startup_info_t);
- info->data_size = info->info_size + env_size;
+
+ info->info_size = sizeof(*info->data);
+ info->data_size = sizeof(*info->data) + req->env_size;
+
+ req_info_size = min( req->info_size, FIELD_OFFSET( startup_info_t, curdir_len ));
+ if (!(info->data = mem_alloc( info->data_size ))) goto done;
+ memset( info->data, 0, info->data_size );
+ memcpy( info->data, req_info, req_info_size );
+ memcpy( info->data + 1, req_env, req->env_size );
}
else
{
data_size_t pos = sizeof(*info->data);
+
+ info->info_size = req->info_size;
+ info->data_size = req->info_size + req->env_size;
- if (!(info->data = memdup( get_req_data(), info->data_size ))) goto done;
+ if (!(info->data = memdup( req_info, info->data_size ))) goto done;
#define FIXUP_LEN(len) do { (len) = min( (len), info->info_size - pos ); pos += (len); } while(0)
FIXUP_LEN( info->data->curdir_len );
FIXUP_LEN( info->data->dllpath_len );
diff --git a/server/protocol.def b/server/protocol.def
index a8c1fb9..7b0b769 100644
--- a/server/protocol.def
+++ b/server/protocol.def
@@ -661,24 +661,29 @@ struct rawinput_device
/* Create a new process from the context of the parent */
@REQ(new_process)
- int inherit_all; /* inherit all handles from parent */
- unsigned int create_flags; /* creation flags */
- int socket_fd; /* file descriptor for process socket */
- obj_handle_t exe_file; /* file handle for main exe */
- unsigned int process_access; /* access rights for process object */
- unsigned int process_attr; /* attributes for process object */
- unsigned int thread_access; /* access rights for thread object */
- unsigned int thread_attr; /* attributes for thread object */
- cpu_type_t cpu; /* CPU that the new process will use */
- data_size_t info_size; /* size of startup info */
- VARARG(info,startup_info,info_size); /* startup information */
- VARARG(env,unicode_str); /* environment for new process */
- at REPLY
- obj_handle_t info; /* new process info handle */
- process_id_t pid; /* process id */
- obj_handle_t phandle; /* process handle (in the current process) */
- thread_id_t tid; /* thread id */
- obj_handle_t thandle; /* thread handle (in the current process) */
+ int inherit_all; /* inherit all handles from parent */
+ unsigned int create_flags; /* creation flags */
+ int socket_fd; /* file descriptor for process socket */
+ obj_handle_t exe_file; /* file handle for main exe */
+ unsigned int process_access; /* access rights for process object */
+ unsigned int process_attr; /* attributes for process object */
+ unsigned int thread_access; /* access rights for thread object */
+ unsigned int thread_attr; /* attributes for thread object */
+ cpu_type_t cpu; /* CPU that the new process will use */
+ data_size_t process_sd_size; /* size of the process security descriptor */
+ data_size_t thread_sd_size; /* size of the thread security descriptor */
+ data_size_t info_size; /* size of startup info */
+ data_size_t env_size; /* size of the environment */
+ VARARG(process_sd,security_descriptor,process_sd_size); /* security descriptor to set on the process */
+ VARARG(thread_sd,security_descriptor,thread_sd_size); /* security descriptor to set on the thread */
+ VARARG(info,startup_info,info_size); /* startup information */
+ VARARG(env,unicode_str,env_size); /* environment for new process */
+ at REPLY
+ obj_handle_t info; /* new process info handle */
+ process_id_t pid; /* process id */
+ obj_handle_t phandle; /* process handle (in the current process) */
+ thread_id_t tid; /* thread id */
+ obj_handle_t thandle; /* thread handle (in the current process) */
@END
diff --git a/server/request.h b/server/request.h
index e25e327..902b8a5 100644
--- a/server/request.h
+++ b/server/request.h
@@ -660,8 +660,11 @@ C_ASSERT( FIELD_OFFSET(struct new_process_request, process_attr) == 32 );
C_ASSERT( FIELD_OFFSET(struct new_process_request, thread_access) == 36 );
C_ASSERT( FIELD_OFFSET(struct new_process_request, thread_attr) == 40 );
C_ASSERT( FIELD_OFFSET(struct new_process_request, cpu) == 44 );
-C_ASSERT( FIELD_OFFSET(struct new_process_request, info_size) == 48 );
-C_ASSERT( sizeof(struct new_process_request) == 56 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, process_sd_size) == 48 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, thread_sd_size) == 52 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, info_size) == 56 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, env_size) == 60 );
+C_ASSERT( sizeof(struct new_process_request) == 64 );
C_ASSERT( FIELD_OFFSET(struct new_process_reply, info) == 8 );
C_ASSERT( FIELD_OFFSET(struct new_process_reply, pid) == 12 );
C_ASSERT( FIELD_OFFSET(struct new_process_reply, phandle) == 16 );
diff --git a/server/trace.c b/server/trace.c
index 4834354..68a214a 100644
--- a/server/trace.c
+++ b/server/trace.c
@@ -1098,9 +1098,14 @@ static void dump_new_process_request( const struct new_process_request *req )
fprintf( stderr, ", thread_access=%08x", req->thread_access );
fprintf( stderr, ", thread_attr=%08x", req->thread_attr );
dump_cpu_type( ", cpu=", &req->cpu );
+ fprintf( stderr, ", process_sd_size=%u", req->process_sd_size );
+ fprintf( stderr, ", thread_sd_size=%u", req->thread_sd_size );
fprintf( stderr, ", info_size=%u", req->info_size );
+ fprintf( stderr, ", env_size=%u", req->env_size );
+ dump_varargs_security_descriptor( ", process_sd=", min(cur_size,req->process_sd_size) );
+ dump_varargs_security_descriptor( ", thread_sd=", min(cur_size,req->thread_sd_size) );
dump_varargs_startup_info( ", info=", min(cur_size,req->info_size) );
- dump_varargs_unicode_str( ", env=", cur_size );
+ dump_varargs_unicode_str( ", env=", min(cur_size,req->env_size) );
}
static void dump_new_process_reply( const struct new_process_reply *req )
--
1.8.1.msysgit.1
More information about the wine-patches
mailing list