wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-11-21 16:46:54 -08:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against 1d178982ae5a73b18f367026c8689b56789c39fd.

Browse Source
This commit is contained in:
Alistair Leslie-Hughes 2022-01-26 09:16:36 +11:00
parent c87f47bcba
commit 5b0e78d2c0
11 changed files with 148 additions and 140 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
patches/eventfd_synchronization/0013-server-Create-eventfd-file-descriptors-for-process-o.patch
View File

@ -1,4 +1,4 @@
From 24fa0367db3de31fdc2da7bd61c27699c091cdaa Mon Sep 17 00:00:00 2001
From 3e714e2eb10fe17f12b747731c0ce7e18fd4b7a0 Mon Sep 17 00:00:00 2001
From: Zebediah Figura <zfigura@codeweavers.com>
Date: Mon, 6 Jul 2020 15:11:12 -0500
Subject: [PATCH] server: Create eventfd file descriptors for process objects.
@ -49,7 +49,7 @@ index 7ca4ca89394..6a0a367124d 100644
void esync_init(void);
+int esync_create_fd( int initval, int flags );
diff --git a/server/process.c b/server/process.c
index ca9844c5c90..eca2f8f4bca 100644
index da972a41955..91b26d00ec0 100644
--- a/server/process.c
+++ b/server/process.c
@@ -63,6 +63,7 @@
@ -86,7 +86,7 @@ index ca9844c5c90..eca2f8f4bca 100644
list_init( &process->thread_list );
list_init( &process->locks );
@@ -741,6 +744,9 @@ struct process *create_process( int fd, struct process *parent, unsigned int fla
if (!token_assign_label( process->token, security_high_label_sid ))
if (!token_assign_label( process->token, &high_label_sid ))
goto error;
+ if (do_esync())

28
patches/nvapi-Stub_DLL/0020-d3d11-Introduce-a-COM-interface-to-retrieve-the-wine.patch
View File

@ -1,4 +1,4 @@
From 2a1f587297f97e8c8f3d1327f2dfd3f5f1fd2300 Mon Sep 17 00:00:00 2001
From 0b292f9ebd14638de48420184e065ce7ec9c4126 Mon Sep 17 00:00:00 2001
From: Zebediah Figura <z.figura12@gmail.com>
Date: Sat, 22 May 2021 18:05:40 -0500
Subject: [PATCH] d3d11: Introduce a COM interface to retrieve the
@ -11,18 +11,18 @@ Subject: [PATCH] d3d11: Introduce a COM interface to retrieve the
3 files changed, 112 insertions(+)
diff --git a/dlls/d3d11/d3d11_private.h b/dlls/d3d11/d3d11_private.h
index f4c66ca4ce9..8dc8ecc88db 100644
index efe26551258..6079a8ad2db 100644
--- a/dlls/d3d11/d3d11_private.h
+++ b/dlls/d3d11/d3d11_private.h
@@ -545,6 +545,7 @@ struct d3d11_device_context
{
@@ -546,6 +546,7 @@ struct d3d11_device_context
ID3D11DeviceContext1 ID3D11DeviceContext1_iface;
ID3D11Multithread ID3D11Multithread_iface;
ID3DUserDefinedAnnotation ID3DUserDefinedAnnotation_iface;
+ IWineD3DDeviceContext IWineD3DDeviceContext_iface;
LONG refcount;
D3D11_DEVICE_CONTEXT_TYPE type;
@@ -561,6 +562,7 @@ struct d3d_device
@@ -562,6 +563,7 @@ struct d3d_device
ID3D11Device2 ID3D11Device2_iface;
ID3D10Device1 ID3D10Device1_iface;
ID3D10Multithread ID3D10Multithread_iface;
@ -31,10 +31,10 @@ index f4c66ca4ce9..8dc8ecc88db 100644
IUnknown *outer_unk;
LONG refcount;
diff --git a/dlls/d3d11/device.c b/dlls/d3d11/device.c
index b5b97c83aba..626e9d47e81 100644
index f0cbb1741ab..82419b2a5bc 100644
--- a/dlls/d3d11/device.c
+++ b/dlls/d3d11/device.c
@@ -3223,11 +3223,67 @@ static const struct ID3D11MultithreadVtbl d3d11_multithread_vtbl =
@@ -3191,6 +3191,61 @@ static const struct ID3D11MultithreadVtbl d3d11_multithread_vtbl =
d3d11_multithread_GetMultithreadProtected,
};
@ -93,16 +93,18 @@ index b5b97c83aba..626e9d47e81 100644
+ context_d3d_device_context_get_wined3d_device_context,
+};
+
static void d3d11_device_context_init(struct d3d11_device_context *context, struct d3d_device *device,
D3D11_DEVICE_CONTEXT_TYPE type)
{
/* ID3DUserDefinedAnnotation methods */
static inline struct d3d11_device_context *impl_from_ID3DUserDefinedAnnotation(ID3DUserDefinedAnnotation *iface)
@@ -3271,6 +3326,7 @@ static void d3d11_device_context_init(struct d3d11_device_context *context, stru
context->ID3D11DeviceContext1_iface.lpVtbl = &d3d11_device_context_vtbl;
context->ID3D11Multithread_iface.lpVtbl = &d3d11_multithread_vtbl;
context->ID3DUserDefinedAnnotation_iface.lpVtbl = &d3d11_user_defined_annotation_vtbl;
+ context->IWineD3DDeviceContext_iface.lpVtbl = &context_d3d_device_context_vtbl;
context->refcount = 1;
context->type = type;
@@ -6631,6 +6687,49 @@ static const struct ID3D10MultithreadVtbl d3d10_multithread_vtbl =
@@ -6695,6 +6751,49 @@ static const struct ID3D10MultithreadVtbl d3d10_multithread_vtbl =
d3d10_multithread_GetMultithreadProtected,
};
@ -152,7 +154,7 @@ index b5b97c83aba..626e9d47e81 100644
/* IWineDXGIDeviceParent IUnknown methods */
static inline struct d3d_device *device_from_dxgi_device_parent(IWineDXGIDeviceParent *iface)
@@ -6834,6 +6933,7 @@ void d3d_device_init(struct d3d_device *device, void *outer_unknown)
@@ -6898,6 +6997,7 @@ void d3d_device_init(struct d3d_device *device, void *outer_unknown)
device->ID3D11Device2_iface.lpVtbl = &d3d11_device_vtbl;
device->ID3D10Device1_iface.lpVtbl = &d3d10_device1_vtbl;
device->ID3D10Multithread_iface.lpVtbl = &d3d10_multithread_vtbl;
@ -179,5 +181,5 @@ index 83012047ea7..3c910376cc7 100644
+ struct wined3d_device_context *get_wined3d_device_context();
+}
--
2.30.2
2.34.1

2
patches/patchinstall.sh
View File

@ -51,7 +51,7 @@ usage()
# Get the upstream commit sha
upstream_commit()
{
echo "513feedff77bf1474d7a8ab49d4053ef8e5181c7"
echo "1d178982ae5a73b18f367026c8689b56789c39fd"
}
# Show version information

30
patches/server-Stored_ACLs/0001-server-Unify-the-storage-of-security-attributes-for-.patch
View File

@ -1,4 +1,4 @@
From 3bafbe9d52d8189439b4969c091324d56c2462ed Mon Sep 17 00:00:00 2001
From 1a3f9029f375e5934ff2e87f83bd2cd5d546dd80 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Thu, 17 Apr 2014 16:07:46 -0600
Subject: [PATCH] server: Unify the storage of security attributes for files
@ -11,14 +11,14 @@ Subject: [PATCH] server: Unify the storage of security attributes for files
3 files changed, 30 insertions(+), 51 deletions(-)
diff --git a/server/change.c b/server/change.c
index 1c384310d59..1e27e266fc1 100644
index dd9e0bfee31..fc030159101 100644
--- a/server/change.c
+++ b/server/change.c
@@ -373,48 +373,15 @@ static int dir_set_sd( struct object *obj, const struct security_descriptor *sd,
@@ -365,48 +365,15 @@ static int dir_set_sd( struct object *obj, const struct security_descriptor *sd,
unsigned int set_info )
{
struct dir *dir = (struct dir *)obj;
- const SID *owner;
- const struct sid *owner;
- struct stat st;
- mode_t mode;
- int unix_fd;
@ -39,7 +39,7 @@ index 1c384310d59..1e27e266fc1 100644
- set_error( STATUS_INVALID_SECURITY_DESCR );
- return 0;
- }
- if (!obj->sd || !security_equal_sid( owner, sd_get_owner( obj->sd ) ))
- if (!obj->sd || !equal_sid( owner, sd_get_owner( obj->sd ) ))
- {
- /* FIXME: get Unix uid and call fchown */
- }
@ -70,10 +70,10 @@ index 1c384310d59..1e27e266fc1 100644
static struct change_record *get_first_change_record( struct dir *dir )
diff --git a/server/file.c b/server/file.c
index af080ffc5fb..34da2168643 100644
index 1fd0ac37df5..6032e228a9f 100644
--- a/server/file.c
+++ b/server/file.c
@@ -562,18 +562,13 @@ mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner )
@@ -499,18 +499,13 @@ mode_t sd_to_mode( const struct security_descriptor *sd, const struct sid *owner
return new_mode;
}
@ -84,7 +84,7 @@ index af080ffc5fb..34da2168643 100644
{
- struct file *file = (struct file *)obj;
+ int unix_fd = get_unix_fd( fd );
const SID *owner;
const struct sid *owner;
struct stat st;
- mode_t mode;
- int unix_fd;
@ -96,7 +96,7 @@ index af080ffc5fb..34da2168643 100644
if (unix_fd == -1 || fstat( unix_fd, &st ) == -1) return 1;
@@ -600,10 +595,10 @@ static int file_set_sd( struct object *obj, const struct security_descriptor *sd
@@ -537,10 +532,10 @@ static int file_set_sd( struct object *obj, const struct security_descriptor *sd
if (set_info & DACL_SECURITY_INFORMATION)
{
/* keep the bits that we don't map to access rights in the ACL */
@ -110,7 +110,7 @@ index af080ffc5fb..34da2168643 100644
{
file_set_error();
return 0;
@@ -645,6 +640,21 @@ static struct list *file_get_kernel_obj_list( struct object *obj )
@@ -585,6 +580,21 @@ static struct list *file_get_kernel_obj_list( struct object *obj )
return &file->kernel_object;
}
@ -133,12 +133,12 @@ index af080ffc5fb..34da2168643 100644
{
struct file *file = (struct file *)obj;
diff --git a/server/file.h b/server/file.h
index 69b2b368aed..d241927ebbd 100644
index 358788096a0..38bcea802d6 100644
--- a/server/file.h
+++ b/server/file.h
@@ -151,6 +151,8 @@ extern struct object_type *file_get_type( struct object *obj );
extern struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID *group );
extern mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner );
@@ -168,6 +168,8 @@ extern void file_set_error(void);
extern struct security_descriptor *mode_to_sd( mode_t mode, const struct sid *user, const struct sid *group );
extern mode_t sd_to_mode( const struct security_descriptor *sd, const struct sid *owner );
extern int is_file_executable( const char *name );
+extern int set_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid,
+ const struct security_descriptor *sd, unsigned int set_info );
@ -146,5 +146,5 @@ index 69b2b368aed..d241927ebbd 100644
/* file mapping functions */
--
2.17.1
2.34.1

18
patches/server-Stored_ACLs/0002-server-Unify-the-retrieval-of-security-attributes-fo.patch
View File

@ -1,4 +1,4 @@
From a258817a0a1caaa20d552447e1db0f3c55ebf246 Mon Sep 17 00:00:00 2001
From d00da337d96200866ae73008844455c29e4d3291 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Thu, 17 Apr 2014 16:07:50 -0600
Subject: [PATCH] server: Unify the retrieval of security attributes for files
@ -11,10 +11,10 @@ Subject: [PATCH] server: Unify the retrieval of security attributes for files
3 files changed, 28 insertions(+), 38 deletions(-)
diff --git a/server/change.c b/server/change.c
index 1e27e266fc1..77c9ff8bc2d 100644
index fc030159101..5beedef4714 100644
--- a/server/change.c
+++ b/server/change.c
@@ -333,39 +333,17 @@ static struct fd *dir_get_fd( struct object *obj )
@@ -325,39 +325,17 @@ static struct fd *dir_get_fd( struct object *obj )
return (struct fd *)grab_object( dir->fd );
}
@ -60,10 +60,10 @@ index 1e27e266fc1..77c9ff8bc2d 100644
}
diff --git a/server/file.c b/server/file.c
index 34da2168643..60a47106da4 100644
index 6032e228a9f..d476f4b796e 100644
--- a/server/file.c
+++ b/server/file.c
@@ -450,23 +450,19 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
@@ -389,23 +389,19 @@ struct security_descriptor *mode_to_sd( mode_t mode, const struct sid *user, con
return sd;
}
@ -92,7 +92,7 @@ index 34da2168643..60a47106da4 100644
return obj->sd;
sd = mode_to_sd( st.st_mode,
@@ -474,13 +470,27 @@ static struct security_descriptor *file_get_sd( struct object *obj )
@@ -413,13 +409,27 @@ static struct security_descriptor *file_get_sd( struct object *obj )
token_get_primary_group( current->process->token ));
if (!sd) return obj->sd;
@ -123,10 +123,10 @@ index 34da2168643..60a47106da4 100644
{
mode_t mode = 0;
diff --git a/server/file.h b/server/file.h
index d241927ebbd..acabcc875b7 100644
index 38bcea802d6..abea05d33fd 100644
--- a/server/file.h
+++ b/server/file.h
@@ -153,6 +153,8 @@ extern mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner
@@ -170,6 +170,8 @@ extern mode_t sd_to_mode( const struct security_descriptor *sd, const struct sid
extern int is_file_executable( const char *name );
extern int set_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid,
const struct security_descriptor *sd, unsigned int set_info );
@ -136,5 +136,5 @@ index d241927ebbd..acabcc875b7 100644
/* file mapping functions */
--
2.17.1
2.34.1

16
patches/server-Stored_ACLs/0003-server-Add-a-helper-function-set_sd_from_token_inter.patch
View File

@ -1,4 +1,4 @@
From c1c4b5f185231e12dfb488d9b4530c4b10c2765d Mon Sep 17 00:00:00 2001
From 94f5ff2ca72ce78d339f1247adc58a10b1690af4 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 30 Mar 2015 12:32:34 +0200
Subject: [PATCH] server: Add a helper function set_sd_from_token_internal to
@ -10,7 +10,7 @@ Subject: [PATCH] server: Add a helper function set_sd_from_token_internal to
2 files changed, 40 insertions(+), 22 deletions(-)
diff --git a/server/object.c b/server/object.c
index b2779fd61fe..9b1cca62af6 100644
index 907bc087444..494d6e94569 100644
--- a/server/object.c
+++ b/server/object.c
@@ -538,8 +538,9 @@ struct security_descriptor *default_get_sd( struct object *obj )
@ -26,7 +26,7 @@ index b2779fd61fe..9b1cca62af6 100644
struct security_descriptor new_sd, *new_sd_ptr;
int present;
@@ -548,8 +549,6 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri
ACL *replaced_sacl = NULL;
struct acl *replaced_sacl = NULL;
char *ptr;
- if (!set_info) return 1;
@ -65,13 +65,13 @@ index b2779fd61fe..9b1cca62af6 100644
@@ -595,20 +594,20 @@ int set_sd_defaults_from_token( struct object *obj, const struct security_descri
else if (set_info & LABEL_SECURITY_INFORMATION && present)
{
const ACL *old_sacl = NULL;
const struct acl *old_sacl = NULL;
- if (obj->sd && obj->sd->control & SE_SACL_PRESENT) old_sacl = sd_get_sacl( obj->sd, &present );
- if (!(replaced_sacl = replace_security_labels( old_sacl, sacl ))) return 0;
+ if (old_sd && old_sd->control & SE_SACL_PRESENT) old_sacl = sd_get_sacl( old_sd, &present );
+ if (!(replaced_sacl = replace_security_labels( old_sacl, sacl ))) return NULL;
new_sd.control |= SE_SACL_PRESENT;
new_sd.sacl_len = replaced_sacl->AclSize;
new_sd.sacl_len = replaced_sacl->size;
sacl = replaced_sacl;
}
else
@ -143,10 +143,10 @@ index b2779fd61fe..9b1cca62af6 100644
/** Set the security descriptor using the current primary token for defaults. */
diff --git a/server/object.h b/server/object.h
index 5b2c309f0b2..4f354cca177 100644
index c98e45125a0..f4261d0d585 100644
--- a/server/object.h
+++ b/server/object.h
@@ -174,6 +174,9 @@ extern struct fd *no_get_fd( struct object *obj );
@@ -173,6 +173,9 @@ extern struct fd *no_get_fd( struct object *obj );
extern unsigned int default_map_access( struct object *obj, unsigned int access );
extern struct security_descriptor *default_get_sd( struct object *obj );
extern int default_set_sd( struct object *obj, const struct security_descriptor *sd, unsigned int set_info );
@ -157,5 +157,5 @@ index 5b2c309f0b2..4f354cca177 100644
unsigned int set_info, struct token *token );
extern WCHAR *no_get_full_name( struct object *obj, data_size_t *ret_len );
--
2.20.1
2.34.1

132
patches/server-Stored_ACLs/0004-server-Temporarily-store-the-full-security-descripto.patch
View File

@ -1,21 +1,21 @@
From c048391956675382e7cd22ad3d28e34ab011c542 Mon Sep 17 00:00:00 2001
From 8ef1df41f726dc8ceb520c46974c64f628d9f831 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Mon, 30 Mar 2015 12:50:21 +0200
Subject: [PATCH] server: Temporarily store the full security descriptor for
file objects.
---
dlls/advapi32/tests/security.c | 16 +++----
server/change.c | 8 +++-
server/file.c | 88 +++++++++++++++++++++++-----------
server/file.h | 3 +-
4 files changed, 74 insertions(+), 41 deletions(-)
dlls/advapi32/tests/security.c | 16 ++----
server/change.c | 8 ++-
server/file.c | 100 +++++++++++++++++++++------------
server/file.h | 3 +-
4 files changed, 80 insertions(+), 47 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index b4b5a1cd02b..4a414d0019a 100644
index dadec9be388..37a81ec778d 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3677,7 +3677,6 @@ static void test_CreateDirectoryA(void)
@@ -3702,7 +3702,6 @@ static void test_CreateDirectoryA(void)
ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
bret = GetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
ok(bret, "GetAclInformation failed\n");
@ -23,7 +23,7 @@ index b4b5a1cd02b..4a414d0019a 100644
ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
acl_size.AceCount);
LocalFree(pSD);
@@ -3688,7 +3687,6 @@ static void test_CreateDirectoryA(void)
@@ -3713,7 +3712,6 @@ static void test_CreateDirectoryA(void)
ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
bret = GetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
ok(bret, "GetAclInformation failed\n");
@ -31,7 +31,7 @@ index b4b5a1cd02b..4a414d0019a 100644
ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
acl_size.AceCount);
LocalFree(pSD);
@@ -3811,7 +3809,6 @@ static void test_CreateDirectoryA(void)
@@ -3836,7 +3834,6 @@ static void test_CreateDirectoryA(void)
ok(error == ERROR_SUCCESS, "GetNamedSecurityInfo failed with error %d\n", error);
bret = GetAclInformation(pDacl, &acl_size, sizeof(acl_size), AclSizeInformation);
ok(bret, "GetAclInformation failed\n");
@ -39,7 +39,7 @@ index b4b5a1cd02b..4a414d0019a 100644
ok(acl_size.AceCount == 0, "GetAclInformation returned unexpected entry count (%d != 0).\n",
acl_size.AceCount);
LocalFree(pSD);
@@ -4905,23 +4902,22 @@ static void test_GetSecurityInfo(void)
@@ -4935,23 +4932,22 @@ static void test_GetSecurityInfo(void)
bret = GetAce(pDacl, 0, (VOID **)&ace);
ok(bret, "Failed to get Current User ACE.\n");
bret = EqualSid(&ace->SidStart, user_sid);
@ -70,10 +70,10 @@ index b4b5a1cd02b..4a414d0019a 100644
LocalFree(pSD);
CloseHandle(obj);
diff --git a/server/change.c b/server/change.c
index 5e085350f3b..909225a03b3 100644
index 5beedef4714..1ebda152ef9 100644
--- a/server/change.c
+++ b/server/change.c
@@ -1069,7 +1069,8 @@ static int dir_add_to_existing_notify( struct dir *dir )
@@ -1068,7 +1068,8 @@ static int dir_add_to_existing_notify( struct dir *dir )
#endif /* HAVE_SYS_INOTIFY_H */
@ -83,7 +83,7 @@ index 5e085350f3b..909225a03b3 100644
{
struct dir *dir;
@@ -1089,6 +1090,11 @@ struct object *create_dir_obj( struct fd *fd, unsigned int access, mode_t mode )
@@ -1088,6 +1089,11 @@ struct object *create_dir_obj( struct fd *fd, unsigned int access, mode_t mode )
dir->client_process = NULL;
set_fd_user( fd, &dir_fd_ops, &dir->obj );
@ -96,10 +96,10 @@ index 5e085350f3b..909225a03b3 100644
return &dir->obj;
diff --git a/server/file.c b/server/file.c
index ebd6f58939f..32f64282c96 100644
index d476f4b796e..e61de8283b8 100644
--- a/server/file.c
+++ b/server/file.c
@@ -188,7 +188,8 @@ struct file *create_file_for_fd_obj( struct fd *fd, unsigned int access, unsigne
@@ -187,7 +187,8 @@ struct file *create_file_for_fd_obj( struct fd *fd, unsigned int access, unsigne
return file;
}
@ -109,7 +109,7 @@ index ebd6f58939f..32f64282c96 100644
{
struct file *file = alloc_object( &file_ops );
@@ -200,6 +201,12 @@ static struct object *create_file_obj( struct fd *fd, unsigned int access, mode_
@@ -199,6 +200,12 @@ static struct object *create_file_obj( struct fd *fd, unsigned int access, mode_
list_init( &file->kernel_object );
grab_object( fd );
set_fd_user( fd, &file_fd_ops, &file->obj );
@ -122,7 +122,7 @@ index ebd6f58939f..32f64282c96 100644
return &file->obj;
}
@@ -272,11 +279,11 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si
@@ -271,11 +278,11 @@ static struct object *create_file( struct fd *root, const char *nameptr, data_si
if (!fd) goto done;
if (S_ISDIR(mode))
@ -136,14 +136,14 @@ index ebd6f58939f..32f64282c96 100644
release_object( fd );
@@ -553,46 +560,66 @@ mode_t sd_to_mode( const struct security_descriptor *sd, const SID *owner )
@@ -512,46 +519,66 @@ mode_t sd_to_mode( const struct security_descriptor *sd, const struct sid *owner
int set_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid,
const struct security_descriptor *sd, unsigned int set_info )
{
+ struct security_descriptor *new_sd;
int unix_fd = get_unix_fd( fd );
- const SID *owner;
+ const SID *owner, *group;
- const struct sid *owner;
+ const struct sid *owner, *group;
struct stat st;
mode_t new_mode;
@ -152,62 +152,69 @@ index ebd6f58939f..32f64282c96 100644
+ if (!obj->sd) get_file_sd( obj, fd, mode, uid );
- if (set_info & OWNER_SECURITY_INFORMATION)
+ /* calculate the new sd, save to a temporary variable before assigning */
+ new_sd = set_sd_from_token_internal( sd, obj->sd, set_info, current->process->token );
+ if (new_sd)
{
- {
- owner = sd_get_owner( sd );
- if (!owner)
+ if (set_info & OWNER_SECURITY_INFORMATION)
{
- {
- set_error( STATUS_INVALID_SECURITY_DESCR );
- return 0;
+ owner = sd_get_owner( new_sd );
+ assert( owner );
+
+ if (!obj->sd || !security_equal_sid( owner, sd_get_owner( obj->sd ) ))
+ {
+ /* FIXME: get Unix uid and call fchown */
+ }
}
- if (!obj->sd || !security_equal_sid( owner, sd_get_owner( obj->sd ) ))
+
+ if (set_info & GROUP_SECURITY_INFORMATION)
{
- }
- if (!obj->sd || !equal_sid( owner, sd_get_owner( obj->sd ) ))
- {
- /* FIXME: get Unix uid and call fchown */
+ group = sd_get_group( new_sd );
+ assert( group );
+
+ if (!obj->sd || !security_equal_sid( group, sd_get_group( obj->sd ) ))
+ {
+ /* FIXME: get Unix uid and call fchown */
+ }
}
- }
- }
- else if (obj->sd)
- owner = sd_get_owner( obj->sd );
- else
- owner = token_get_user( current->process->token );
- /* group and sacl not supported */
+ if (set_info & DACL_SECURITY_INFORMATION)
+ {
+ /* calculate the new sd, save to a temporary variable before assigning */
+ new_sd = set_sd_from_token_internal( sd, obj->sd, set_info, current->process->token );
+ if (new_sd)
+ {
+ if (set_info & OWNER_SECURITY_INFORMATION)
+ {
+ owner = sd_get_owner( new_sd );
+ assert( owner );
- /* group and sacl not supported */
+ if (!obj->sd || !equal_sid( owner, sd_get_owner( obj->sd ) ))
+ {
+ /* FIXME: get Unix uid and call fchown */
+ }
+ }
- if (set_info & DACL_SECURITY_INFORMATION)
- {
- /* keep the bits that we don't map to access rights in the ACL */
- new_mode = st.st_mode & (S_ISUID|S_ISGID|S_ISVTX);
- new_mode |= sd_to_mode( sd, owner );
+ if (set_info & GROUP_SECURITY_INFORMATION)
+ {
+ group = sd_get_group( new_sd );
+ assert( group );
- if (((st.st_mode ^ new_mode) & (S_IRWXU|S_IRWXG|S_IRWXO)) && fchmod( unix_fd, new_mode ) == -1)
+ if (!obj->sd || !equal_sid( group, sd_get_group( obj->sd ) ))
+ {
+ /* FIXME: get Unix uid and call fchown */
+ }
+ }
+
+ if (set_info & DACL_SECURITY_INFORMATION)
{
- file_set_error();
- return 0;
- }
- }
- return 1;
+ owner = sd_get_owner( new_sd );
+ assert( owner );
+
+ /* keep the bits that we don't map to access rights in the ACL */
+ new_mode = st.st_mode & (S_ISUID|S_ISGID|S_ISVTX);
+ new_mode |= sd_to_mode( new_sd, owner );
- if (((st.st_mode ^ new_mode) & (S_IRWXU|S_IRWXG|S_IRWXO)) && fchmod( unix_fd, new_mode ) == -1)
- {
- file_set_error();
- return 0;
+
+ if (((st.st_mode ^ new_mode) & (S_IRWXU|S_IRWXG|S_IRWXO)) && fchmod( unix_fd, new_mode ) == -1)
+ {
+ free( new_sd );
@ -216,19 +223,18 @@ index ebd6f58939f..32f64282c96 100644
+ }
+
+ *mode = (*mode & S_IFMT) | new_mode;
}
+ }
+
+ free( obj->sd );
+ obj->sd = new_sd;
+ return 1;
}
- return 1;
+ }
+
+ return 0;
}
static struct object *file_lookup_name( struct object *obj, struct unicode_str *name,
@@ -732,7 +759,10 @@ DECL_HANDLER(create_file)
@@ -691,7 +718,10 @@ DECL_HANDLER(create_file)
if ((file = create_file( root_fd, name, name_len, nt_name, req->access, req->sharing,
req->create, req->options, req->attrs, sd )))
{
@ -241,10 +247,10 @@ index ebd6f58939f..32f64282c96 100644
}
if (root_fd) release_object( root_fd );
diff --git a/server/file.h b/server/file.h
index f43b535c125..e4d99e786c1 100644
index abea05d33fd..81bcdc1c913 100644
--- a/server/file.h
+++ b/server/file.h
@@ -201,7 +201,8 @@ extern struct object *create_unix_device( struct object *root, const struct unic
@@ -207,7 +207,8 @@ extern struct object *create_unix_device( struct object *root, const struct unic
extern void do_change_notify( int unix_fd );
extern void sigio_callback(void);
@ -255,5 +261,5 @@ index f43b535c125..e4d99e786c1 100644
/* completion */
--
2.20.1
2.34.1

10
patches/server-Stored_ACLs/0005-server-Store-file-security-attributes-with-extended-.patch
View File

@ -1,4 +1,4 @@
From 64a1a23ec691d3e5f732b47c120e2d801cdfad90 Mon Sep 17 00:00:00 2001
From d94d6bfce4c863496d848cbb3f7b59051b3fbe36 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Mon, 30 Mar 2015 13:04:23 +0200
Subject: [PATCH] server: Store file security attributes with extended file
@ -9,7 +9,7 @@ Subject: [PATCH] server: Store file security attributes with extended file
1 file changed, 78 insertions(+)
diff --git a/server/file.c b/server/file.c
index 850b33bd3dd..054c15ff879 100644
index e61de8283b8..01e187b8c00 100644
--- a/server/file.c
+++ b/server/file.c
@@ -31,11 +31,21 @@
@ -113,9 +113,9 @@ index 850b33bd3dd..054c15ff879 100644
static struct object *create_file( struct fd *root, const char *nameptr, data_size_t len,
struct unicode_str nt_name,
unsigned int access, unsigned int sharing, int create,
@@ -613,6 +688,9 @@ int set_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid,
@@ -573,6 +648,9 @@ int set_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid,
*mode = (*mode & S_IFMT) | new_mode;
}
}
+ /* extended attributes are set after the file mode, to ensure it stays in sync */
+ set_xattr_sd( unix_fd, new_sd );
@ -124,5 +124,5 @@ index 850b33bd3dd..054c15ff879 100644
obj->sd = new_sd;
return 1;
--
2.33.0
2.34.1

20
patches/server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch
View File

@ -1,4 +1,4 @@
From 950b2b3feea2040879c6a0ec69a8aecc92b49d9d Mon Sep 17 00:00:00 2001
From eb893d7f6a16af59e95c3b0bd17075f47ddca9cf Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Fri, 18 Apr 2014 14:05:32 -0600
Subject: [PATCH] server: Convert return of file security masks with generic
@ -10,10 +10,10 @@ Subject: [PATCH] server: Convert return of file security masks with generic
2 files changed, 26 insertions(+), 3 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index fe88964f53f..957b407061d 100644
index 37a81ec778d..f154e5b9346 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -4919,8 +4919,8 @@ static void test_GetSecurityInfo(void)
@@ -4935,8 +4935,8 @@ static void test_GetSecurityInfo(void)
ok(bret, "Current User ACE (%s) != Current User SID (%s).\n", debugstr_sid(&ace->SidStart), debugstr_sid(user_sid));
ok(((ACE_HEADER *)ace)->AceFlags == 0,
"Current User ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags);
@ -24,7 +24,7 @@ index fe88964f53f..957b407061d 100644
}
if (acl_size.AceCount > 1)
{
@@ -4930,7 +4930,7 @@ static void test_GetSecurityInfo(void)
@@ -4946,7 +4946,7 @@ static void test_GetSecurityInfo(void)
ok(bret, "Administators Group ACE (%s) != Administators Group SID (%s).\n", debugstr_sid(&ace->SidStart), debugstr_sid(admin_sid));
ok(((ACE_HEADER *)ace)->AceFlags == 0,
"Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags);
@ -34,10 +34,10 @@ index fe88964f53f..957b407061d 100644
}
LocalFree(pSD);
diff --git a/server/file.c b/server/file.c
index cde04a594a9..3055e6ff5b1 100644
index 01e187b8c00..91900429a49 100644
--- a/server/file.c
+++ b/server/file.c
@@ -506,6 +506,26 @@ struct security_descriptor *mode_to_sd( mode_t mode, const SID *user, const SID
@@ -471,6 +471,26 @@ struct security_descriptor *mode_to_sd( mode_t mode, const struct sid *user, con
return sd;
}
@ -64,16 +64,16 @@ index cde04a594a9..3055e6ff5b1 100644
struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode_t *mode,
uid_t *uid )
{
@@ -647,6 +667,9 @@ int set_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid,
@@ -607,6 +627,9 @@ int set_file_sd( struct object *obj, struct fd *fd, mode_t *mode, uid_t *uid,
new_sd = set_sd_from_token_internal( sd, obj->sd, set_info, current->process->token );
if (new_sd)
{
{
+ /* convert generic rights into standard access rights */
+ convert_generic_sd( new_sd );
+
if (set_info & OWNER_SECURITY_INFORMATION)
{
{
owner = sd_get_owner( new_sd );
--
2.20.1
2.34.1

24
patches/server-Stored_ACLs/0007-server-Retrieve-file-security-attributes-with-extend.patch
View File

@ -1,4 +1,4 @@
From 2e1ccaecb562ddcbd9cd305927f800810fa735e9 Mon Sep 17 00:00:00 2001
From b6eee87b6b0b97d351b0eabaacdf3f5febbd1502 Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Fri, 18 Apr 2014 14:01:35 -0600
Subject: [PATCH] server: Retrieve file security attributes with extended file
@ -10,10 +10,10 @@ Subject: [PATCH] server: Retrieve file security attributes with extended file
2 files changed, 56 insertions(+), 13 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 29d6d86524e..df5ce2a5463 100644
index f154e5b9346..f2a29e9f1a1 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -3645,7 +3645,7 @@ static void test_CreateDirectoryA(void)
@@ -3656,7 +3656,7 @@ static void test_CreateDirectoryA(void)
}
ok(!error, "GetNamedSecurityInfo failed with error %d\n", error);
test_inherited_dacl(pDacl, admin_sid, user_sid, OBJECT_INHERIT_ACE|CONTAINER_INHERIT_ACE,
@ -22,7 +22,7 @@ index 29d6d86524e..df5ce2a5463 100644
LocalFree(pSD);
/* Test inheritance of ACLs in CreateFile without security descriptor */
@@ -4099,21 +4099,20 @@ static void test_GetNamedSecurityInfoA(void)
@@ -4110,21 +4110,20 @@ static void test_GetNamedSecurityInfoA(void)
bret = GetAce(pDacl, 0, (VOID **)&ace);
ok(bret, "Failed to get Current User ACE.\n");
bret = EqualSid(&ace->SidStart, user_sid);
@ -50,7 +50,7 @@ index 29d6d86524e..df5ce2a5463 100644
ok(((ACE_HEADER *)ace)->AceFlags == 0,
"Administators Group ACE has unexpected flags (0x%x != 0x0)\n", ((ACE_HEADER *)ace)->AceFlags);
ok(ace->Mask == 0x1f01ff || broken(ace->Mask == GENERIC_ALL) /* win2k */,
@@ -4140,8 +4139,8 @@ static void test_GetNamedSecurityInfoA(void)
@@ -4151,8 +4150,8 @@ static void test_GetNamedSecurityInfoA(void)
{
bret = GetAce(pDacl, 0, (VOID **)&ace);
ok(bret, "Failed to get ACE.\n");
@ -62,10 +62,10 @@ index 29d6d86524e..df5ce2a5463 100644
LocalFree(pSD);
diff --git a/server/file.c b/server/file.c
index fe98068c6cd..590f2e6ac14 100644
index 91900429a49..7edf612de73 100644
--- a/server/file.c
+++ b/server/file.c
@@ -47,6 +47,7 @@
@@ -44,6 +44,7 @@
#include <sys/xattr.h>
#endif
#ifdef HAVE_SYS_EXTATTR_H
@ -73,7 +73,7 @@ index fe98068c6cd..590f2e6ac14 100644
#include <sys/extattr.h>
#endif
@@ -65,6 +66,9 @@
@@ -76,6 +77,9 @@ struct type_descr file_type =
#ifndef XATTR_USER_PREFIX
#define XATTR_USER_PREFIX "user."
#endif
@ -83,7 +83,7 @@ index fe98068c6cd..590f2e6ac14 100644
#ifndef XATTR_SIZE_MAX
#define XATTR_SIZE_MAX 65536
#endif
@@ -242,6 +246,22 @@ static inline int xattr_valid_namespace( const char *name )
@@ -252,6 +256,22 @@ static inline int xattr_valid_namespace( const char *name )
}
#endif
@ -106,7 +106,7 @@ index fe98068c6cd..590f2e6ac14 100644
static int xattr_fset( int filedes, const char *name, void *value, size_t size )
{
#if defined(XATTR_ADDITIONAL_OPTIONS)
@@ -541,6 +561,29 @@ static void convert_generic_sd( struct security_descriptor *sd )
@@ -491,6 +511,29 @@ static void convert_generic_sd( struct security_descriptor *sd )
}
}
@ -136,7 +136,7 @@ index fe98068c6cd..590f2e6ac14 100644
struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode_t *mode,
uid_t *uid )
{
@@ -556,9 +599,10 @@ struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode
@@ -506,9 +549,10 @@ struct security_descriptor *get_file_sd( struct object *obj, struct fd *fd, mode
(st.st_uid == *uid))
return obj->sd;
@ -151,5 +151,5 @@ index fe98068c6cd..590f2e6ac14 100644
*mode = st.st_mode;
--
2.29.2
2.34.1

2
staging/upstream-commit
View File

@ -1 +1 @@
6fe37b465649bfff2085ea871ffad0fff7ee7d61
1d178982ae5a73b18f367026c8689b56789c39fd