[4/6] server: Support sending process and thread security descriptors for the "new_process" request in the protocol.

Sun Jul 6 13:18:48 CDT 2014

server: Support sending process and thread security descriptors for
 the "new_process" request in the protocol.

---
 dlls/kernel32/process.c        | 30 +++++++++++++++++-------------
 include/wine/server_protocol.h | 10 +++++++---
 server/process.c               | 37 +++++++++++++++++++++++--------------
 server/protocol.def            | 41 +++++++++++++++++++++++------------------
 server/request.h               |  7 +++++--
 server/trace.c                 |  7 ++++++-
 6 files changed, 81 insertions(+), 51 deletions(-)
-------------- next part --------------
From 6980c3bdc7a8aa23dedd4c046099a45d67226206 Mon Sep 17 00:00:00 2001
From: Joris van der Wel <joris at jorisvanderwel.com>
Date: Sun, 6 Jul 2014 16:23:13 +0200
Subject: server: Support sending process and thread security descriptors for
 the "new_process" request in the protocol.

---
 dlls/kernel32/process.c        | 30 +++++++++++++++++-------------
 include/wine/server_protocol.h | 10 +++++++---
 server/process.c               | 37 +++++++++++++++++++++++--------------
 server/protocol.def            | 41 +++++++++++++++++++++++------------------
 server/request.h               |  7 +++++--
 server/trace.c                 |  7 ++++++-
 6 files changed, 81 insertions(+), 51 deletions(-)

diff --git a/dlls/kernel32/process.c b/dlls/kernel32/process.c
index 2566ac4..082a6ea 100644
--- a/dlls/kernel32/process.c
+++ b/dlls/kernel32/process.c
@@ -2025,19 +2025,23 @@ static BOOL create_process( HANDLE hFile, LPCWSTR filename, LPWSTR cmd_line, LPW
 
     SERVER_START_REQ( new_process )
     {
-        req->inherit_all    = inherit;
-        req->create_flags   = flags;
-        req->socket_fd      = socketfd[1];
-        req->exe_file       = wine_server_obj_handle( hFile );
-        req->process_access = PROCESS_ALL_ACCESS;
-        req->process_attr   = (psa && (psa->nLength >= sizeof(*psa)) && psa->bInheritHandle) ? OBJ_INHERIT : 0;
-        req->thread_access  = THREAD_ALL_ACCESS;
-        req->thread_attr    = (tsa && (tsa->nLength >= sizeof(*tsa)) && tsa->bInheritHandle) ? OBJ_INHERIT : 0;
-        req->cpu            = cpu;
-        req->info_size      = startup_info_size;
-
-        wine_server_add_data( req, startup_info, startup_info_size );
-        wine_server_add_data( req, env, (env_end - env) * sizeof(WCHAR) );
+        req->inherit_all     = inherit;
+        req->create_flags    = flags;
+        req->socket_fd       = socketfd[1];
+        req->exe_file        = wine_server_obj_handle( hFile );
+        req->process_access  = PROCESS_ALL_ACCESS;
+        req->process_attr    = (psa && (psa->nLength >= sizeof(*psa)) && psa->bInheritHandle) ? OBJ_INHERIT : 0;
+        req->thread_access   = THREAD_ALL_ACCESS;
+        req->thread_attr     = (tsa && (tsa->nLength >= sizeof(*tsa)) && tsa->bInheritHandle) ? OBJ_INHERIT : 0;
+        req->cpu             = cpu;
+        req->process_sd_size = 0;  
+        req->thread_sd_size  = 0;
+        req->info_size       = startup_info_size;
+        req->env_size        = (env_end - env) * sizeof(WCHAR);
+        
+        wine_server_add_data( req, startup_info, req->info_size       );
+        wine_server_add_data( req, env         , req->env_size        );
+        
         if (!(status = wine_server_call( req )))
         {
             info->dwProcessId = (DWORD)reply->pid;
diff --git a/include/wine/server_protocol.h b/include/wine/server_protocol.h
index 57ab839..afef4ce 100644
--- a/include/wine/server_protocol.h
+++ b/include/wine/server_protocol.h
@@ -656,10 +656,14 @@ struct new_process_request
     unsigned int thread_access;
     unsigned int thread_attr;
     cpu_type_t   cpu;
+    data_size_t  process_sd_size;
+    data_size_t  thread_sd_size;
     data_size_t  info_size;
+    data_size_t  env_size;
+    /* VARARG(process_sd,security_descriptor,process_sd_size); */
+    /* VARARG(thread_sd,security_descriptor,thread_sd_size); */
     /* VARARG(info,startup_info,info_size); */
-    /* VARARG(env,unicode_str); */
-    char __pad_52[4];
+    /* VARARG(env,unicode_str,env_size); */
 };
 struct new_process_reply
 {
@@ -5834,6 +5838,6 @@ union generic_reply
     struct set_suspend_context_reply set_suspend_context_reply;
 };
 
-#define SERVER_PROTOCOL_VERSION 456
+#define SERVER_PROTOCOL_VERSION 457
 
 #endif /* __WINE_WINE_SERVER_PROTOCOL_H */
diff --git a/server/process.c b/server/process.c
index 7b9a3b2..6c004f4 100644
--- a/server/process.c
+++ b/server/process.c
@@ -880,6 +880,9 @@ DECL_HANDLER(new_process)
     struct process *process;
     struct process *parent = current->process;
     int socket_fd = thread_get_inflight_fd( current, req->socket_fd );
+    const startup_info_t *req_info;
+    data_size_t req_info_size;
+    const WCHAR *req_env;
 
     if (socket_fd == -1)
     {
@@ -903,6 +906,12 @@ DECL_HANDLER(new_process)
         close( socket_fd );
         return;
     }
+    
+    req_info = (const startup_info_t *)
+               ((char*)get_req_data() + req->process_sd_size + req->thread_sd_size);
+    
+    req_env = (const WCHAR *) 
+              ((char*)get_req_data() + req->process_sd_size + req->thread_sd_size + req->info_size);
 
     if (!req->info_size)  /* create an orphaned process */
     {
@@ -919,28 +928,28 @@ DECL_HANDLER(new_process)
     if (req->exe_file &&
         !(info->exe_file = get_file_obj( current->process, req->exe_file, FILE_READ_DATA )))
         goto done;
-
-    info->data_size = get_req_data_size();
-    info->info_size = min( req->info_size, info->data_size );
-
+    
     if (req->info_size < sizeof(*info->data))
     {
         /* make sure we have a full startup_info_t structure */
-        data_size_t env_size = info->data_size - info->info_size;
-        data_size_t info_size = min( req->info_size, FIELD_OFFSET( startup_info_t, curdir_len ));
-
-        if (!(info->data = mem_alloc( sizeof(*info->data) + env_size ))) goto done;
-        memcpy( info->data, get_req_data(), info_size );
-        memset( (char *)info->data + info_size, 0, sizeof(*info->data) - info_size );
-        memcpy( info->data + 1, (const char *)get_req_data() + req->info_size, env_size );
-        info->info_size = sizeof(startup_info_t);
-        info->data_size = info->info_size + env_size;
+        
+        info->info_size = sizeof(*info->data);
+        info->data_size = sizeof(*info->data) + req->env_size;
+        
+        req_info_size = min( req->info_size, FIELD_OFFSET( startup_info_t, curdir_len ));
+        if (!(info->data = mem_alloc( info->data_size ))) goto done;
+        memset( info->data, 0, info->data_size );
+        memcpy( info->data, req_info, req_info_size );
+        memcpy( info->data + 1, req_env, req->env_size );
     }
     else
     {
         data_size_t pos = sizeof(*info->data);
+        
+        info->info_size = req->info_size;
+        info->data_size = req->info_size + req->env_size;
 
-        if (!(info->data = memdup( get_req_data(), info->data_size ))) goto done;
+        if (!(info->data = memdup( req_info, info->data_size ))) goto done;
 #define FIXUP_LEN(len) do { (len) = min( (len), info->info_size - pos ); pos += (len); } while(0)
         FIXUP_LEN( info->data->curdir_len );
         FIXUP_LEN( info->data->dllpath_len );
diff --git a/server/protocol.def b/server/protocol.def
index a8c1fb9..7b0b769 100644
--- a/server/protocol.def
+++ b/server/protocol.def
@@ -661,24 +661,29 @@ struct rawinput_device
 
 /* Create a new process from the context of the parent */
 @REQ(new_process)
-    int          inherit_all;    /* inherit all handles from parent */
-    unsigned int create_flags;   /* creation flags */
-    int          socket_fd;      /* file descriptor for process socket */
-    obj_handle_t exe_file;       /* file handle for main exe */
-    unsigned int process_access; /* access rights for process object */
-    unsigned int process_attr;   /* attributes for process object */
-    unsigned int thread_access;  /* access rights for thread object */
-    unsigned int thread_attr;    /* attributes for thread object */
-    cpu_type_t   cpu;            /* CPU that the new process will use */
-    data_size_t  info_size;      /* size of startup info */
-    VARARG(info,startup_info,info_size); /* startup information */
-    VARARG(env,unicode_str);     /* environment for new process */
- at REPLY
-    obj_handle_t info;           /* new process info handle */
-    process_id_t pid;            /* process id */
-    obj_handle_t phandle;        /* process handle (in the current process) */
-    thread_id_t  tid;            /* thread id */
-    obj_handle_t thandle;        /* thread handle (in the current process) */
+    int          inherit_all;                                 /* inherit all handles from parent */
+    unsigned int create_flags;                                /* creation flags */
+    int          socket_fd;                                   /* file descriptor for process socket */
+    obj_handle_t exe_file;                                    /* file handle for main exe */
+    unsigned int process_access;                              /* access rights for process object */
+    unsigned int process_attr;                                /* attributes for process object */
+    unsigned int thread_access;                               /* access rights for thread object */
+    unsigned int thread_attr;                                 /* attributes for thread object */
+    cpu_type_t   cpu;                                         /* CPU that the new process will use */
+    data_size_t  process_sd_size;                             /* size of the process security descriptor */
+    data_size_t  thread_sd_size;                              /* size of the thread security descriptor */
+    data_size_t  info_size;                                   /* size of startup info */
+    data_size_t  env_size;                                    /* size of the environment */
+    VARARG(process_sd,security_descriptor,process_sd_size);   /* security descriptor to set on the process */
+    VARARG(thread_sd,security_descriptor,thread_sd_size);     /* security descriptor to set on the thread */
+    VARARG(info,startup_info,info_size);                      /* startup information */
+    VARARG(env,unicode_str,env_size);                         /* environment for new process */
+ at REPLY
+    obj_handle_t info;                                        /* new process info handle */
+    process_id_t pid;                                         /* process id */
+    obj_handle_t phandle;                                     /* process handle (in the current process) */
+    thread_id_t  tid;                                         /* thread id */
+    obj_handle_t thandle;                                     /* thread handle (in the current process) */
 @END
 
 
diff --git a/server/request.h b/server/request.h
index e25e327..902b8a5 100644
--- a/server/request.h
+++ b/server/request.h
@@ -660,8 +660,11 @@ C_ASSERT( FIELD_OFFSET(struct new_process_request, process_attr) == 32 );
 C_ASSERT( FIELD_OFFSET(struct new_process_request, thread_access) == 36 );
 C_ASSERT( FIELD_OFFSET(struct new_process_request, thread_attr) == 40 );
 C_ASSERT( FIELD_OFFSET(struct new_process_request, cpu) == 44 );
-C_ASSERT( FIELD_OFFSET(struct new_process_request, info_size) == 48 );
-C_ASSERT( sizeof(struct new_process_request) == 56 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, process_sd_size) == 48 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, thread_sd_size) == 52 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, info_size) == 56 );
+C_ASSERT( FIELD_OFFSET(struct new_process_request, env_size) == 60 );
+C_ASSERT( sizeof(struct new_process_request) == 64 );
 C_ASSERT( FIELD_OFFSET(struct new_process_reply, info) == 8 );
 C_ASSERT( FIELD_OFFSET(struct new_process_reply, pid) == 12 );
 C_ASSERT( FIELD_OFFSET(struct new_process_reply, phandle) == 16 );
diff --git a/server/trace.c b/server/trace.c
index 4834354..68a214a 100644
--- a/server/trace.c
+++ b/server/trace.c
@@ -1098,9 +1098,14 @@ static void dump_new_process_request( const struct new_process_request *req )
     fprintf( stderr, ", thread_access=%08x", req->thread_access );
     fprintf( stderr, ", thread_attr=%08x", req->thread_attr );
     dump_cpu_type( ", cpu=", &req->cpu );
+    fprintf( stderr, ", process_sd_size=%u", req->process_sd_size );
+    fprintf( stderr, ", thread_sd_size=%u", req->thread_sd_size );
     fprintf( stderr, ", info_size=%u", req->info_size );
+    fprintf( stderr, ", env_size=%u", req->env_size );
+    dump_varargs_security_descriptor( ", process_sd=", min(cur_size,req->process_sd_size) );
+    dump_varargs_security_descriptor( ", thread_sd=", min(cur_size,req->thread_sd_size) );
     dump_varargs_startup_info( ", info=", min(cur_size,req->info_size) );
-    dump_varargs_unicode_str( ", env=", cur_size );
+    dump_varargs_unicode_str( ", env=", min(cur_size,req->env_size) );
 }
 
 static void dump_new_process_reply( const struct new_process_reply *req )
-- 
1.8.1.msysgit.1

