wine/wine-staging
0
0
Fork 0
mirror of https://gitlab.winehq.org/wine/wine-staging.git synced 2024-11-21 16:46:54 -08:00
Code Issues Packages Projects Releases Wiki Activity

Rebase against abaddc871842ba4ec0156f4bfed9939b44052ee4.

Browse Source
This commit is contained in:
Sebastian Lackner 2017-06-20 13:55:21 +02:00
parent 0a16521c7e
commit 83a65ef99b
20 changed files with 171 additions and 1088 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

24
patches/Compiler_Warnings/0011-gdiplus-Initialize-containers-list-in-GdipCloneImage.patch
View File

@ -1,24 +0,0 @@
From 380543910f8912374a13b9773738e018bd638341 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Sun, 11 Jun 2017 02:42:47 +0200
Subject: gdiplus: Initialize containers list in GdipCloneImage.
---
dlls/gdiplus/image.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/dlls/gdiplus/image.c b/dlls/gdiplus/image.c
index ce2194317ff..b28606e916c 100644
--- a/dlls/gdiplus/image.c
+++ b/dlls/gdiplus/image.c
@@ -1339,6 +1339,7 @@ GpStatus WINGDIPAPI GdipCloneImage(GpImage *image, GpImage **cloneImage)
result->unit = metafile->unit;
result->metafile_type = metafile->metafile_type;
result->hemf = CopyEnhMetaFileW(metafile->hemf, NULL);
+ list_init(&result->containers);
if (!result->hemf)
{
--
2.13.1

16
patches/advapi32-BuildSecurityDescriptor/0002-advapi32-tests-Add-basic-tests-for-BuildSecurityDesc.patch
View File

@ -1,4 +1,4 @@
From 63082c3863d8be466ed14f532653ddf35e40328a Mon Sep 17 00:00:00 2001
From 09d62cfc4fa999eacc89af2ad414810e22c910a9 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 5 May 2017 00:18:50 +0200
Subject: advapi32/tests: Add basic tests for BuildSecurityDescriptor.
@ -8,11 +8,11 @@ Subject: advapi32/tests: Add basic tests for BuildSecurityDescriptor.
1 file changed, 39 insertions(+)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index d6ea3a19fad..c591f7b6e5f 100644
index ca5edffae5..db5a0f934c 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -7489,6 +7489,44 @@ static void test_child_token_sd(void)
HeapFree(GetProcessHeap(), 0, sd);
@@ -7217,6 +7217,44 @@ static void test_GetExplicitEntriesFromAclW(void)
HeapFree(GetProcessHeap(), 0, old_acl);
}
+static void test_BuildSecurityDescriptorW(void)
@ -56,14 +56,14 @@ index d6ea3a19fad..c591f7b6e5f 100644
START_TEST(security)
{
init();
@@ -7542,6 +7580,7 @@ START_TEST(security)
test_pseudo_tokens();
@@ -7271,6 +7309,7 @@ START_TEST(security)
test_maximum_allowed();
test_token_label();
test_GetExplicitEntriesFromAclW();
+ test_BuildSecurityDescriptorW();
/* must be the last test, modifies process token */
/* Must be the last test, modifies process token */
test_token_security_descriptor();
--
2.12.2
2.13.1

2
patches/advapi32-BuildSecurityDescriptor/definition
View File

@ -1,2 +1,2 @@
Fixes: Initial implementation of advapi32.BuildSecurityDescriptorW
Depends: server-LABEL_SECURITY_INFORMATION
Depends: advapi32-GetExplicitEntriesFromAclW

16
patches/advapi32-GetExplicitEntriesFromAclW/0001-advapi32-Implement-GetExplicitEntriesFromAclW.patch
View File

@ -1,4 +1,4 @@
From cd5f99efd824965d92bd8491afd0c6e6d7bdc118 Mon Sep 17 00:00:00 2001
From 510d9f43f441bc3a9723aabfd2c1cdc8737d6dcc Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Sun, 28 Aug 2016 21:56:41 +0200
Subject: advapi32: Implement GetExplicitEntriesFromAclW.
@ -101,7 +101,7 @@ index e36792cff4..b305947347 100644
/******************************************************************************
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 09c6a721cc..286d236e4b 100644
index 3c68205922..ca5edffae5 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -134,6 +134,7 @@ static BOOL (WINAPI *pGetWindowsAccountDomainSid)(PSID,PSID,DWORD*);
@ -120,8 +120,8 @@ index 09c6a721cc..286d236e4b 100644
myARGC = winetest_get_mainargs( &myARGV );
}
@@ -6795,6 +6797,145 @@ static void test_token_security_descriptor(void)
CloseHandle(token);
@@ -7076,6 +7078,145 @@ static void test_child_token_sd(void)
HeapFree(GetProcessHeap(), 0, sd);
}
+static void test_GetExplicitEntriesFromAclW(void)
@ -266,12 +266,14 @@ index 09c6a721cc..286d236e4b 100644
START_TEST(security)
{
init();
@@ -6845,4 +6986,5 @@ START_TEST(security)
@@ -7129,6 +7270,7 @@ START_TEST(security)
test_pseudo_tokens();
test_maximum_allowed();
test_token_security_descriptor();
test_token_label();
+ test_GetExplicitEntriesFromAclW();
}
/* Must be the last test, modifies process token */
test_token_security_descriptor();
--
2.13.1

323
patches/patchinstall.sh
View File

@ -52,7 +52,7 @@ usage()
# Get the upstream commit sha
upstream_commit()
{
echo "95a49bdce6cd5a35d5035456e576ab81239fb081"
echo "abaddc871842ba4ec0156f4bfed9939b44052ee4"
}
# Show version information
@ -321,7 +321,6 @@ patch_enable_all ()
enable_server_File_Permissions="$1"
enable_server_Inherited_ACLs="$1"
enable_server_Key_State="$1"
enable_server_LABEL_SECURITY_INFORMATION="$1"
enable_server_Map_EXDEV_Error="$1"
enable_server_Misc_ACL="$1"
enable_server_Object_Types="$1"
@ -433,7 +432,6 @@ patch_enable_all ()
enable_wined3d_CSMT_Helper="$1"
enable_wined3d_CSMT_Main="$1"
enable_wined3d_DXTn="$1"
enable_wined3d_GDI_Rendering="$1"
enable_wined3d_GTX_560M="$1"
enable_wined3d_Limit_Vram="$1"
enable_wined3d_QUERY_Stubs="$1"
@ -1209,9 +1207,6 @@ patch_enable ()
server-Key_State)
enable_server_Key_State="$2"
;;
server-LABEL_SECURITY_INFORMATION)
enable_server_LABEL_SECURITY_INFORMATION="$2"
;;
server-Map_EXDEV_Error)
enable_server_Map_EXDEV_Error="$2"
;;
@ -1545,9 +1540,6 @@ patch_enable ()
wined3d-DXTn)
enable_wined3d_DXTn="$2"
;;
wined3d-GDI_Rendering)
enable_wined3d_GDI_Rendering="$2"
;;
wined3d-GTX_560M)
enable_wined3d_GTX_560M="$2"
;;
@ -2321,6 +2313,17 @@ if test "$enable_server_Inherited_ACLs" -eq 1; then
enable_server_Stored_ACLs=1
fi
if test "$enable_server_Stored_ACLs" -eq 1; then
if test "$enable_ntdll_DOS_Attributes" -gt 1; then
abort "Patchset ntdll-DOS_Attributes disabled, but server-Stored_ACLs depends on that."
fi
if test "$enable_server_File_Permissions" -gt 1; then
abort "Patchset server-File_Permissions disabled, but server-Stored_ACLs depends on that."
fi
enable_ntdll_DOS_Attributes=1
enable_server_File_Permissions=1
fi
if test "$enable_oleaut32_OLEPictureImpl_SaveAsFile" -eq 1; then
if test "$enable_oleaut32_Load_Save_EMF" -gt 1; then
abort "Patchset oleaut32-Load_Save_EMF disabled, but oleaut32-OLEPictureImpl_SaveAsFile depends on that."
@ -2661,36 +2664,10 @@ if test "$enable_advapi32_LsaLookupSids" -eq 1; then
fi
if test "$enable_advapi32_BuildSecurityDescriptor" -eq 1; then
if test "$enable_server_LABEL_SECURITY_INFORMATION" -gt 1; then
abort "Patchset server-LABEL_SECURITY_INFORMATION disabled, but advapi32-BuildSecurityDescriptor depends on that."
fi
enable_server_LABEL_SECURITY_INFORMATION=1
fi
if test "$enable_server_LABEL_SECURITY_INFORMATION" -eq 1; then
if test "$enable_advapi32_GetExplicitEntriesFromAclW" -gt 1; then
abort "Patchset advapi32-GetExplicitEntriesFromAclW disabled, but server-LABEL_SECURITY_INFORMATION depends on that."
fi
if test "$enable_server_Misc_ACL" -gt 1; then
abort "Patchset server-Misc_ACL disabled, but server-LABEL_SECURITY_INFORMATION depends on that."
fi
if test "$enable_server_Stored_ACLs" -gt 1; then
abort "Patchset server-Stored_ACLs disabled, but server-LABEL_SECURITY_INFORMATION depends on that."
abort "Patchset advapi32-GetExplicitEntriesFromAclW disabled, but advapi32-BuildSecurityDescriptor depends on that."
fi
enable_advapi32_GetExplicitEntriesFromAclW=1
enable_server_Misc_ACL=1
enable_server_Stored_ACLs=1
fi
if test "$enable_server_Stored_ACLs" -eq 1; then
if test "$enable_ntdll_DOS_Attributes" -gt 1; then
abort "Patchset ntdll-DOS_Attributes disabled, but server-Stored_ACLs depends on that."
fi
if test "$enable_server_File_Permissions" -gt 1; then
abort "Patchset server-File_Permissions disabled, but server-Stored_ACLs depends on that."
fi
enable_ntdll_DOS_Attributes=1
enable_server_File_Permissions=1
fi
@ -2714,11 +2691,11 @@ fi
# | Modified files:
# | * dlls/amstream/mediastreamfilter.c, dlls/d2d1/brush.c, dlls/d2d1/geometry.c, dlls/d3d11/view.c, dlls/d3d8/texture.c,
# | dlls/d3d9/tests/visual.c, dlls/d3d9/texture.c, dlls/ddraw/viewport.c, dlls/dsound/primary.c, dlls/dwrite/font.c,
# | dlls/dwrite/layout.c, dlls/fusion/tests/asmenum.c, dlls/fusion/tests/asmname.c, dlls/gdiplus/image.c,
# | dlls/kernel32/oldconfig.c, dlls/kernel32/tests/heap.c, dlls/msxml3/schema.c, dlls/netapi32/netapi32.c,
# | dlls/ole32/storage32.h, dlls/oleaut32/oleaut.c, dlls/rpcrt4/cstub.c, dlls/rsaenh/rsaenh.c, dlls/shell32/shfldr_fs.c,
# | dlls/vbscript/vbdisp.c, dlls/winealsa.drv/mmdevdrv.c, dlls/wined3d/glsl_shader.c, dlls/ws2_32/tests/sock.c,
# | include/wine/list.h, include/wine/rbtree.h, include/winnt.h, tools/makedep.c
# | dlls/dwrite/layout.c, dlls/fusion/tests/asmenum.c, dlls/fusion/tests/asmname.c, dlls/kernel32/oldconfig.c,
# | dlls/kernel32/tests/heap.c, dlls/msxml3/schema.c, dlls/netapi32/netapi32.c, dlls/ole32/storage32.h,
# | dlls/oleaut32/oleaut.c, dlls/rpcrt4/cstub.c, dlls/rsaenh/rsaenh.c, dlls/shell32/shfldr_fs.c, dlls/vbscript/vbdisp.c,
# | dlls/winealsa.drv/mmdevdrv.c, dlls/wined3d/glsl_shader.c, dlls/ws2_32/tests/sock.c, include/wine/list.h,
# | include/wine/rbtree.h, include/winnt.h, tools/makedep.c
# |
if test "$enable_Compiler_Warnings" -eq 1; then
patch_apply Compiler_Warnings/0001-ole32-Fix-compilation-with-recent-versions-of-gcc.patch
@ -2729,7 +2706,6 @@ if test "$enable_Compiler_Warnings" -eq 1; then
patch_apply Compiler_Warnings/0007-rsaenh-tests-Avoid-compiler-warnings-with-GCC-7.patch
patch_apply Compiler_Warnings/0008-kernel32-Avoid-compiler-warnings-with-GCC-7.patch
patch_apply Compiler_Warnings/0009-ws2_32-tests-Work-around-an-incorrect-detection-in-G.patch
patch_apply Compiler_Warnings/0011-gdiplus-Initialize-containers-list-in-GdipCloneImage.patch
patch_apply Compiler_Warnings/0018-Appease-the-blessed-version-of-gcc-4.5-when-Werror-i.patch
patch_apply Compiler_Warnings/0019-dsound-Avoid-implicit-cast-of-interface-pointer.patch
patch_apply Compiler_Warnings/0020-amstream-Avoid-implicit-cast-of-interface-pointer.patch
@ -2753,7 +2729,6 @@ if test "$enable_Compiler_Warnings" -eq 1; then
printf '%s\n' '+ { "Sebastian Lackner", "rsaenh/tests: Avoid compiler warnings with GCC 7.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "kernel32: Avoid compiler warnings with GCC 7.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "ws2_32/tests: Work around an incorrect detection in GCC 7.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "gdiplus: Initialize containers list in GdipCloneImage.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "Appease the blessed version of gcc (4.5) when -Werror is enabled.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "dsound: Avoid implicit cast of interface pointer.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "amstream: Avoid implicit cast of interface pointer.", 1 },';
@ -2856,144 +2831,10 @@ if test "$enable_advapi32_GetExplicitEntriesFromAclW" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Misc_ACL
# |
# | This patchset fixes the following Wine bugs:
# | * [#15980] GetSecurityInfo returns NULL DACL for process object
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
# |
if test "$enable_server_Misc_ACL" -eq 1; then
patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
) >> "$patchlist"
fi
# Patchset ntdll-DOS_Attributes
# |
# | This patchset fixes the following Wine bugs:
# | * [#9158] Support for DOS hidden/system file attributes
# |
# | Modified files:
# | * configure.ac, dlls/ntdll/directory.c, dlls/ntdll/file.c, dlls/ntdll/ntdll_misc.h, dlls/ntdll/tests/directory.c,
# | dlls/ntdll/tests/file.c, include/wine/port.h, libs/port/Makefile.in, libs/port/xattr.c
# |
if test "$enable_ntdll_DOS_Attributes" -eq 1; then
patch_apply ntdll-DOS_Attributes/0001-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch
patch_apply ntdll-DOS_Attributes/0002-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch
patch_apply ntdll-DOS_Attributes/0003-ntdll-Implement-storing-DOS-attributes-in-NtSetInfor.patch
patch_apply ntdll-DOS_Attributes/0004-ntdll-Implement-storing-DOS-attributes-in-NtCreateFi.patch
patch_apply ntdll-DOS_Attributes/0005-libport-Add-support-for-Mac-OS-X-style-extended-attr.patch
patch_apply ntdll-DOS_Attributes/0006-libport-Add-support-for-FreeBSD-style-extended-attri.patch
patch_apply ntdll-DOS_Attributes/0007-ntdll-Perform-the-Unix-style-hidden-file-check-withi.patch
patch_apply ntdll-DOS_Attributes/0008-ntdll-Always-store-SAMBA_XATTR_DOS_ATTRIB-when-path-.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQueryInformationFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQuery[Full]AttributesFile and NtQueryDirectoryFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtSetInformationFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtCreateFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "libport: Add support for Mac OS X style extended attributes.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "libport: Add support for FreeBSD style extended attributes.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Perform the Unix-style hidden file check within the unified file info grabbing routine.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "ntdll: Always store SAMBA_XATTR_DOS_ATTRIB when path could be interpreted as hidden.", 1 },';
) >> "$patchlist"
fi
# Patchset server-File_Permissions
# |
# | This patchset fixes the following Wine bugs:
# | * [#38970] Improve mapping of DACL to file permissions
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, dlls/ntdll/tests/file.c, server/fd.c, server/file.c
# |
if test "$enable_server_File_Permissions" -eq 1; then
patch_apply server-File_Permissions/0001-server-Improve-STATUS_CANNOT_DELETE-checks-for-direc.patch
patch_apply server-File_Permissions/0002-server-Allow-to-open-files-without-any-permission-bi.patch
patch_apply server-File_Permissions/0003-server-When-creating-new-directories-temporarily-giv.patch
patch_apply server-File_Permissions/0004-advapi32-tests-Add-tests-for-ACL-inheritance-in-Crea.patch
patch_apply server-File_Permissions/0005-advapi32-tests-Add-ACL-inheritance-tests-for-creatin.patch
patch_apply server-File_Permissions/0006-ntdll-tests-Added-tests-for-open-behaviour-on-readon.patch
patch_apply server-File_Permissions/0007-server-FILE_WRITE_ATTRIBUTES-should-succeed-for-read.patch
patch_apply server-File_Permissions/0008-server-Improve-mapping-of-DACL-to-file-permissions.patch
(
printf '%s\n' '+ { "Sebastian Lackner", "server: Improve STATUS_CANNOT_DELETE checks for directory case.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Allow to open files without any permission bits.", 2 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: When creating new directories temporarily give read-permissions until they are opened.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "advapi32/tests: Add tests for ACL inheritance in CreateDirectoryA.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "advapi32/tests: Add ACL inheritance tests for creating subdirectories with NtCreateFile.", 1 },';
printf '%s\n' '+ { "Qian Hong", "ntdll/tests: Added tests for open behaviour on readonly files.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: FILE_WRITE_ATTRIBUTES should succeed for readonly files.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Improve mapping of DACL to file permissions.", 1 },';
) >> "$patchlist"
fi
# Patchset server-Stored_ACLs
# |
# | This patchset has the following (direct or indirect) dependencies:
# | * ntdll-DOS_Attributes, server-File_Permissions
# |
# | This patchset fixes the following Wine bugs:
# | * [#33576] Support for stored file ACLs
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, include/wine/port.h, server/change.c, server/file.c, server/file.h, server/object.c,
# | server/object.h
# |
if test "$enable_server_Stored_ACLs" -eq 1; then
patch_apply server-Stored_ACLs/0001-server-Unify-the-storage-of-security-attributes-for-.patch
patch_apply server-Stored_ACLs/0002-server-Unify-the-retrieval-of-security-attributes-fo.patch
patch_apply server-Stored_ACLs/0003-server-Add-a-helper-function-set_sd_from_token_inter.patch
patch_apply server-Stored_ACLs/0004-server-Temporarily-store-the-full-security-descripto.patch
patch_apply server-Stored_ACLs/0005-server-Store-file-security-attributes-with-extended-.patch
patch_apply server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch
patch_apply server-Stored_ACLs/0007-server-Retrieve-file-security-attributes-with-extend.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "server: Unify the storage of security attributes for files and directories.", 7 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Unify the retrieval of security attributes for files and directories.", 7 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Add a helper function set_sd_from_token_internal to merge two security descriptors.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Temporarily store the full security descriptor for file objects.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Store file security attributes with extended file attributes.", 8 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Convert return of file security masks with generic access mappings.", 7 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Retrieve file security attributes with extended file attributes.", 7 },';
) >> "$patchlist"
fi
# Patchset server-LABEL_SECURITY_INFORMATION
# |
# | This patchset has the following (direct or indirect) dependencies:
# | * advapi32-GetExplicitEntriesFromAclW, server-Misc_ACL, ntdll-DOS_Attributes, server-File_Permissions, server-Stored_ACLs
# |
# | This patchset fixes the following Wine bugs:
# | * [#42014] Implement support for LABEL_SECURITY_INFORMATION
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
# |
if test "$enable_server_LABEL_SECURITY_INFORMATION" -eq 1; then
patch_apply server-LABEL_SECURITY_INFORMATION/0001-advapi32-tests-Add-back-a-dropped-test.patch
patch_apply server-LABEL_SECURITY_INFORMATION/0006-advapi32-tests-Show-that-tokens-do-not-inherit-secur.patch
patch_apply server-LABEL_SECURITY_INFORMATION/0007-advapi32-tests-Show-that-tokens-do-not-inherit-dacls.patch
patch_apply server-LABEL_SECURITY_INFORMATION/0008-advapi32-tests-Show-that-tokens-do-not-inherit-sacls.patch
patch_apply server-LABEL_SECURITY_INFORMATION/0009-server-Assign-a-default-label-high-to-all-tokens.patch
(
printf '%s\n' '+ { "Sebastian Lackner", "advapi32/tests: Add back a dropped test.", 1 },';
printf '%s\n' '+ { "Michael Müller", "advapi32/tests: Show that tokens do not inherit security descriptors during duplication.", 1 },';
printf '%s\n' '+ { "Michael Müller", "advapi32/tests: Show that tokens do not inherit dacls while creating child processes.", 1 },';
printf '%s\n' '+ { "Michael Müller", "advapi32/tests: Show that tokens do not inherit sacls / mandatory labels while creating child processes.", 1 },';
printf '%s\n' '+ { "Michael Müller", "server: Assign a default label (high) to all tokens.", 1 },';
) >> "$patchlist"
fi
# Patchset advapi32-BuildSecurityDescriptor
# |
# | This patchset has the following (direct or indirect) dependencies:
# | * advapi32-GetExplicitEntriesFromAclW, server-Misc_ACL, ntdll-DOS_Attributes, server-File_Permissions, server-Stored_ACLs,
# | server-LABEL_SECURITY_INFORMATION
# | * advapi32-GetExplicitEntriesFromAclW
# |
# | Modified files:
# | * dlls/advapi32/security.c, dlls/advapi32/tests/security.c
@ -3026,6 +2867,23 @@ if test "$enable_server_CreateProcess_ACLs" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Misc_ACL
# |
# | This patchset fixes the following Wine bugs:
# | * [#15980] GetSecurityInfo returns NULL DACL for process object
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, server/process.c, server/security.h, server/token.c
# |
if test "$enable_server_Misc_ACL" -eq 1; then
patch_apply server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
patch_apply server-Misc_ACL/0002-server-Add-default-security-descriptor-DACL-for-proc.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "server: Add default security descriptor ownership for processes.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Add default security descriptor DACL for processes.", 1 },';
) >> "$patchlist"
fi
# Patchset advapi32-LsaLookupSids
# |
# | This patchset has the following (direct or indirect) dependencies:
@ -4808,6 +4666,35 @@ if test "$enable_kernel32_COMSPEC" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-File_Permissions
# |
# | This patchset fixes the following Wine bugs:
# | * [#38970] Improve mapping of DACL to file permissions
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, dlls/ntdll/tests/file.c, server/fd.c, server/file.c
# |
if test "$enable_server_File_Permissions" -eq 1; then
patch_apply server-File_Permissions/0001-server-Improve-STATUS_CANNOT_DELETE-checks-for-direc.patch
patch_apply server-File_Permissions/0002-server-Allow-to-open-files-without-any-permission-bi.patch
patch_apply server-File_Permissions/0003-server-When-creating-new-directories-temporarily-giv.patch
patch_apply server-File_Permissions/0004-advapi32-tests-Add-tests-for-ACL-inheritance-in-Crea.patch
patch_apply server-File_Permissions/0005-advapi32-tests-Add-ACL-inheritance-tests-for-creatin.patch
patch_apply server-File_Permissions/0006-ntdll-tests-Added-tests-for-open-behaviour-on-readon.patch
patch_apply server-File_Permissions/0007-server-FILE_WRITE_ATTRIBUTES-should-succeed-for-read.patch
patch_apply server-File_Permissions/0008-server-Improve-mapping-of-DACL-to-file-permissions.patch
(
printf '%s\n' '+ { "Sebastian Lackner", "server: Improve STATUS_CANNOT_DELETE checks for directory case.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Allow to open files without any permission bits.", 2 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: When creating new directories temporarily give read-permissions until they are opened.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "advapi32/tests: Add tests for ACL inheritance in CreateDirectoryA.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "advapi32/tests: Add ACL inheritance tests for creating subdirectories with NtCreateFile.", 1 },';
printf '%s\n' '+ { "Qian Hong", "ntdll/tests: Added tests for open behaviour on readonly files.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: FILE_WRITE_ATTRIBUTES should succeed for readonly files.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Improve mapping of DACL to file permissions.", 1 },';
) >> "$patchlist"
fi
# Patchset ntdll-FileDispositionInformation
# |
# | This patchset has the following (direct or indirect) dependencies:
@ -5751,6 +5638,36 @@ if test "$enable_ntdll_CLI_Images" -eq 1; then
) >> "$patchlist"
fi
# Patchset ntdll-DOS_Attributes
# |
# | This patchset fixes the following Wine bugs:
# | * [#9158] Support for DOS hidden/system file attributes
# |
# | Modified files:
# | * configure.ac, dlls/ntdll/directory.c, dlls/ntdll/file.c, dlls/ntdll/ntdll_misc.h, dlls/ntdll/tests/directory.c,
# | dlls/ntdll/tests/file.c, include/wine/port.h, libs/port/Makefile.in, libs/port/xattr.c
# |
if test "$enable_ntdll_DOS_Attributes" -eq 1; then
patch_apply ntdll-DOS_Attributes/0001-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch
patch_apply ntdll-DOS_Attributes/0002-ntdll-Implement-retrieving-DOS-attributes-in-NtQuery.patch
patch_apply ntdll-DOS_Attributes/0003-ntdll-Implement-storing-DOS-attributes-in-NtSetInfor.patch
patch_apply ntdll-DOS_Attributes/0004-ntdll-Implement-storing-DOS-attributes-in-NtCreateFi.patch
patch_apply ntdll-DOS_Attributes/0005-libport-Add-support-for-Mac-OS-X-style-extended-attr.patch
patch_apply ntdll-DOS_Attributes/0006-libport-Add-support-for-FreeBSD-style-extended-attri.patch
patch_apply ntdll-DOS_Attributes/0007-ntdll-Perform-the-Unix-style-hidden-file-check-withi.patch
patch_apply ntdll-DOS_Attributes/0008-ntdll-Always-store-SAMBA_XATTR_DOS_ATTRIB-when-path-.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQueryInformationFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement retrieving DOS attributes in NtQuery[Full]AttributesFile and NtQueryDirectoryFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtSetInformationFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Implement storing DOS attributes in NtCreateFile.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "libport: Add support for Mac OS X style extended attributes.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "libport: Add support for FreeBSD style extended attributes.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "ntdll: Perform the Unix-style hidden file check within the unified file info grabbing routine.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "ntdll: Always store SAMBA_XATTR_DOS_ATTRIB when path could be interpreted as hidden.", 1 },';
) >> "$patchlist"
fi
# Patchset ntdll-Dealloc_Thread_Stack
# |
# | Modified files:
@ -7115,6 +7032,37 @@ if test "$enable_server_FileEndOfFileInformation" -eq 1; then
) >> "$patchlist"
fi
# Patchset server-Stored_ACLs
# |
# | This patchset has the following (direct or indirect) dependencies:
# | * ntdll-DOS_Attributes, server-File_Permissions
# |
# | This patchset fixes the following Wine bugs:
# | * [#33576] Support for stored file ACLs
# |
# | Modified files:
# | * dlls/advapi32/tests/security.c, include/wine/port.h, server/change.c, server/file.c, server/file.h, server/object.c,
# | server/object.h
# |
if test "$enable_server_Stored_ACLs" -eq 1; then
patch_apply server-Stored_ACLs/0001-server-Unify-the-storage-of-security-attributes-for-.patch
patch_apply server-Stored_ACLs/0002-server-Unify-the-retrieval-of-security-attributes-fo.patch
patch_apply server-Stored_ACLs/0003-server-Add-a-helper-function-set_sd_from_token_inter.patch
patch_apply server-Stored_ACLs/0004-server-Temporarily-store-the-full-security-descripto.patch
patch_apply server-Stored_ACLs/0005-server-Store-file-security-attributes-with-extended-.patch
patch_apply server-Stored_ACLs/0006-server-Convert-return-of-file-security-masks-with-ge.patch
patch_apply server-Stored_ACLs/0007-server-Retrieve-file-security-attributes-with-extend.patch
(
printf '%s\n' '+ { "Erich E. Hoover", "server: Unify the storage of security attributes for files and directories.", 7 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Unify the retrieval of security attributes for files and directories.", 7 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Add a helper function set_sd_from_token_internal to merge two security descriptors.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "server: Temporarily store the full security descriptor for file objects.", 1 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Store file security attributes with extended file attributes.", 8 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Convert return of file security masks with generic access mappings.", 7 },';
printf '%s\n' '+ { "Erich E. Hoover", "server: Retrieve file security attributes with extended file attributes.", 7 },';
) >> "$patchlist"
fi
# Patchset server-Inherited_ACLs
# |
# | This patchset has the following (direct or indirect) dependencies:
@ -9142,25 +9090,6 @@ if test "$enable_wined3d_CSMT_Helper" -eq 1; then
) >> "$patchlist"
fi
# Patchset wined3d-GDI_Rendering
# |
# | Modified files:
# | * dlls/wined3d/context.c, dlls/wined3d/device.c, dlls/wined3d/surface.c, dlls/wined3d/texture.c,
# | dlls/wined3d/wined3d_private.h
# |
if test "$enable_wined3d_GDI_Rendering" -eq 1; then
patch_apply wined3d-GDI_Rendering/0001-wined3d-Avoid-NULL-pointer-dereference-when-using-GD.patch
patch_apply wined3d-GDI_Rendering/0002-wined3d-Create-CPU-blitter-also-for-GDI-render.patch
patch_apply wined3d-GDI_Rendering/0003-wined3d-Fix-memory-leaks-in-blitter_destroy-callback.patch
patch_apply wined3d-GDI_Rendering/0004-wined3d-Trigger-frontbuffer-update-in-surface_cpu_bl.patch
(
printf '%s\n' '+ { "Sebastian Lackner", "wined3d: Avoid NULL pointer dereference when using GDI renderer.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "wined3d: Create CPU blitter also for GDI render.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "wined3d: Fix memory leaks in blitter_destroy callbacks.", 1 },';
printf '%s\n' '+ { "Sebastian Lackner", "wined3d: Trigger frontbuffer update in surface_cpu_blt.", 1 },';
) >> "$patchlist"
fi
# Patchset wined3d-GTX_560M
# |
# | Modified files:

29
patches/server-LABEL_SECURITY_INFORMATION/0001-advapi32-tests-Add-back-a-dropped-test.patch
View File

@ -1,29 +0,0 @@
From 47f4a0e0cb0e90695cb863306475e7ac11ef3e4a Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 16 Jun 2017 04:53:19 +0200
Subject: advapi32/tests: Add back a dropped test.
---
dlls/advapi32/tests/security.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index de511af32f..eca83765af 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -6426,10 +6426,12 @@ static void test_AddMandatoryAce(void)
sacl = (void *)0xdeadbeef;
present = TRUE;
+ defaulted = TRUE;
ret = GetSecurityDescriptorSacl(sd2, &present, &sacl, &defaulted);
ok(ret, "GetSecurityDescriptorSacl failed with error %u\n", GetLastError());
ok(!present, "SACL is present\n");
ok(sacl == (void *)0xdeadbeef, "SACL is set\n");
+ todo_wine ok(!defaulted, "SACL defaulted\n");
HeapFree(GetProcessHeap(), 0, sd2);
CloseHandle(handle);
--
2.13.1

78
patches/server-LABEL_SECURITY_INFORMATION/0006-advapi32-tests-Show-that-tokens-do-not-inherit-secur.patch
View File

@ -1,78 +0,0 @@
From afc6af7ffafd30c8830d2085e32505dd87d866ec Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Thu, 12 Jan 2017 05:31:31 +0100
Subject: advapi32/tests: Show that tokens do not inherit security descriptors
during duplication.
---
dlls/advapi32/tests/security.c | 45 ++++++++++++++++++++++++++++++++++++++++--
1 file changed, 43 insertions(+), 2 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index eca83765af..f4f2519a04 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -6947,8 +6947,9 @@ static void test_token_security_descriptor(void)
BOOL defaulted, present, ret;
ACCESS_ALLOWED_ACE *ace;
SECURITY_ATTRIBUTES sa;
- HANDLE token, token2;
- DWORD size;
+ HANDLE token, token2, token3;
+ DWORD size, index;
+ BOOL found;
PSID psid;
if (!pDuplicateTokenEx || !pConvertStringSidToSidA || !pAddAccessAllowedAceEx || !pGetAce
@@ -7011,8 +7012,48 @@ static void test_token_security_descriptor(void)
HeapFree(GetProcessHeap(), 0, sd2);
+ /* Duplicate token without security attributes.
+ * Tokens do not inherit the security descriptor when calling DuplicateToken,
+ * see https://blogs.msdn.microsoft.com/oldnewthing/20160512-00/?p=93447
+ */
+ ret = pDuplicateTokenEx(token2, MAXIMUM_ALLOWED, NULL, SecurityImpersonation, TokenImpersonation, &token3);
+ ok(ret, "DuplicateTokenEx failed with %u\n", GetLastError());
+
+ ret = GetKernelObjectSecurity(token3, DACL_SECURITY_INFORMATION, NULL, 0, &size);
+ ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER,
+ "GetKernelObjectSecurity failed with %u\n", GetLastError());
+
+ sd2 = HeapAlloc(GetProcessHeap(), 0, size);
+ ret = GetKernelObjectSecurity(token3, DACL_SECURITY_INFORMATION, sd2, size, &size);
+ ok(ret, "GetKernelObjectSecurity failed %u\n", GetLastError());
+
+ acl2 = (void *)0xdeadbeef;
+ present = FALSE;
+ defaulted = TRUE;
+ ret = GetSecurityDescriptorDacl(sd2, &present, &acl2, &defaulted);
+ ok(ret, "GetSecurityDescriptorDacl failed with %u\n", GetLastError());
+ todo_wine
+ ok(present, "acl2 not present\n");
+ ok(acl2 != (void *)0xdeadbeef, "acl2 not set\n");
+ ok(!defaulted, "acl2 defaulted\n");
+
+ if (acl2)
+ {
+ index = 0;
+ found = FALSE;
+ while (pGetAce( acl2, index++, (void **)&ace ))
+ {
+ if (ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE && EqualSid(&ace->SidStart, psid))
+ found = TRUE;
+ }
+ ok(!found, "Access allowed ace got inherited!\n");
+ }
+
+ HeapFree(GetProcessHeap(), 0, sd2);
+
LocalFree(psid);
+ CloseHandle(token3);
CloseHandle(token2);
CloseHandle(token);
}
--
2.13.1

190
patches/server-LABEL_SECURITY_INFORMATION/0007-advapi32-tests-Show-that-tokens-do-not-inherit-dacls.patch
View File

@ -1,190 +0,0 @@
From 21b2087eb06737076d603559bc7ba9059f8414d0 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Thu, 12 Jan 2017 05:37:42 +0100
Subject: advapi32/tests: Show that tokens do not inherit dacls while creating
child processes.
---
dlls/advapi32/tests/security.c | 135 +++++++++++++++++++++++++++++++++++++++--
1 file changed, 130 insertions(+), 5 deletions(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index f4f2519a04..8316de84d7 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -6942,13 +6942,16 @@ static void test_token_security_descriptor(void)
{
char buffer_sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
SECURITY_DESCRIPTOR *sd = (SECURITY_DESCRIPTOR *)&buffer_sd, *sd2;
- char buffer_acl[256];
- ACL *acl = (ACL *)&buffer_acl, *acl2;
+ char buffer_acl[256], buffer[MAX_PATH];
+ ACL *acl = (ACL *)&buffer_acl, *acl2, *acl_child;
BOOL defaulted, present, ret;
ACCESS_ALLOWED_ACE *ace;
SECURITY_ATTRIBUTES sa;
HANDLE token, token2, token3;
- DWORD size, index;
+ EXPLICIT_ACCESSW exp_access;
+ PROCESS_INFORMATION info;
+ STARTUPINFOA startup;
+ DWORD size, index, retd;
BOOL found;
PSID psid;
@@ -7051,6 +7054,76 @@ static void test_token_security_descriptor(void)
HeapFree(GetProcessHeap(), 0, sd2);
+ /* When creating a child process, the process does only inherit the
+ * Token of the parent, but not the DACL of the token.
+ */
+ ret = GetKernelObjectSecurity(token, DACL_SECURITY_INFORMATION, NULL, 0, &size);
+ ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER,
+ "GetKernelObjectSecurity failed with %u\n", GetLastError());
+
+ sd2 = HeapAlloc(GetProcessHeap(), 0, size);
+ ret = GetKernelObjectSecurity(token, DACL_SECURITY_INFORMATION, sd2, size, &size);
+ ok(ret, "GetKernelObjectSecurity failed %u\n", GetLastError());
+
+ acl2 = (void *)0xdeadbeef;
+ present = FALSE;
+ defaulted = TRUE;
+ ret = GetSecurityDescriptorDacl(sd2, &present, &acl2, &defaulted);
+ ok(ret, "GetSecurityDescriptorDacl failed with %u\n", GetLastError());
+ todo_wine
+ ok(present, "acl2 not present\n");
+ ok(acl2 != (void *)0xdeadbeef, "acl2 not set\n");
+ ok(!defaulted, "acl2 defaulted\n");
+
+ /* check that the ace we add for testing does not already exist! */
+ if (acl2)
+ {
+ index = 0;
+ found = FALSE;
+ while (pGetAce( acl2, index++, (void **)&ace ))
+ {
+ if (ace->Header.AceType == ACCESS_ALLOWED_ACE_TYPE && EqualSid(&ace->SidStart, psid))
+ found = TRUE;
+ }
+ ok(!found, "Test ace does already exist!\n");
+ }
+
+ exp_access.grfAccessPermissions = GENERIC_ALL;
+ exp_access.grfAccessMode = GRANT_ACCESS;
+ exp_access.grfInheritance = NO_PROPAGATE_INHERIT_ACE;
+ exp_access.Trustee.pMultipleTrustee = NULL;
+ exp_access.Trustee.TrusteeForm = TRUSTEE_IS_SID;
+ exp_access.Trustee.MultipleTrusteeOperation = NO_MULTIPLE_TRUSTEE;
+ exp_access.Trustee.TrusteeType = TRUSTEE_IS_WELL_KNOWN_GROUP;
+ exp_access.Trustee.ptstrName = (void*)psid;
+
+ retd = pSetEntriesInAclW(1, &exp_access, acl2, &acl_child);
+ ok(retd == ERROR_SUCCESS, "Expected ERROR_SUCCESS, got %u\n", retd);
+
+ memset(sd, 0, sizeof(buffer_sd));
+ ret = InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION);
+ ok(ret, "InitializeSecurityDescriptor failed with %u\n", GetLastError());
+
+ ret = SetSecurityDescriptorDacl(sd, TRUE, acl_child, FALSE);
+ ok(ret, "SetSecurityDescriptorDacl failed with %u\n", GetLastError());
+
+ ret = SetKernelObjectSecurity(token, DACL_SECURITY_INFORMATION, sd);
+ ok(ret, "SetKernelObjectSecurity failed with %u\n", GetLastError());
+
+ /* start child process with our modified token */
+ memset(&startup, 0, sizeof(startup));
+ startup.cb = sizeof(startup);
+ startup.dwFlags = STARTF_USESHOWWINDOW;
+ startup.wShowWindow = SW_SHOWNORMAL;
+
+ sprintf(buffer, "%s tests/security.c test_token_sd", myARGV[0]);
+ ret = CreateProcessA(NULL, buffer, NULL, NULL, FALSE, 0, NULL, NULL, &startup, &info);
+ ok(ret, "CreateProcess failed with error %u\n", GetLastError());
+ winetest_wait_child_process(info.hProcess);
+ CloseHandle(info.hProcess);
+ CloseHandle(info.hThread);
+
+ LocalFree(acl_child);
LocalFree(psid);
CloseHandle(token3);
@@ -7197,6 +7270,53 @@ static void test_GetExplicitEntriesFromAclW(void)
HeapFree(GetProcessHeap(), 0, old_acl);
}
+static void test_child_token_sd(void)
+{
+ BOOL ret, present, defaulted, found;
+ ACCESS_ALLOWED_ACE *ace_acc;
+ SECURITY_DESCRIPTOR *sd;
+ DWORD size, index;
+ HANDLE token;
+ ACL *pAcl;
+ PSID psid;
+
+ ret = pConvertStringSidToSidA("S-1-5-6", &psid);
+ ok(ret, "ConvertStringSidToSidA failed with %u\n", GetLastError());
+
+ ret = OpenProcessToken(GetCurrentProcess(), MAXIMUM_ALLOWED, &token);
+ ok(ret, "OpenProcessToken failed with error %u\n", GetLastError());
+
+ ret = GetKernelObjectSecurity(token, DACL_SECURITY_INFORMATION, NULL, 0, &size);
+ ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER,
+ "GetKernelObjectSecurity failed with %u\n", GetLastError());
+
+ sd = HeapAlloc(GetProcessHeap(), 0, size);
+ ret = GetKernelObjectSecurity(token, DACL_SECURITY_INFORMATION, sd, size, &size);
+ ok(ret, "GetKernelObjectSecurity failed %u\n", GetLastError());
+
+ pAcl = NULL;
+ present = FALSE;
+ defaulted = TRUE;
+ ret = GetSecurityDescriptorDacl(sd, &present, &pAcl, &defaulted);
+ ok(ret, "GetSecurityDescriptorSacl failed with %u\n", GetLastError());
+
+ index = 0;
+ found = FALSE;
+ if (present && pAcl)
+ {
+ ok(pAcl->AceCount > 0, "Expected at least one ACE\n");
+ while (pGetAce( pAcl, index++, (void **)&ace_acc ))
+ {
+ if (ace_acc->Header.AceType == ACCESS_ALLOWED_ACE_TYPE && EqualSid(&ace_acc->SidStart, psid))
+ found = TRUE;
+ }
+ }
+ ok(!found, "The ACE should not haven been inherited from the parent\n");
+
+ LocalFree(psid);
+ HeapFree(GetProcessHeap(), 0, sd);
+}
+
START_TEST(security)
{
init();
@@ -7204,7 +7324,10 @@ START_TEST(security)
if (myARGC >= 3)
{
- test_process_security_child();
+ if (!strcmp(myARGV[2], "test_token_sd"))
+ test_child_token_sd();
+ else
+ test_process_security_child();
return;
}
test_kernel_objects_security();
@@ -7246,6 +7369,8 @@ START_TEST(security)
test_GetSidIdentifierAuthority();
test_pseudo_tokens();
test_maximum_allowed();
- test_token_security_descriptor();
test_GetExplicitEntriesFromAclW();
+
+ /* must be the last test, modifies process token */
+ test_token_security_descriptor();
}
--
2.13.1

106
patches/server-LABEL_SECURITY_INFORMATION/0008-advapi32-tests-Show-that-tokens-do-not-inherit-sacls.patch
View File

@ -1,106 +0,0 @@
From 3ba5029a2aef625586559621bdcd457d686a9424 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Thu, 12 Jan 2017 05:45:33 +0100
Subject: advapi32/tests: Show that tokens do not inherit sacls / mandatory
labels while creating child processes.
---
dlls/advapi32/tests/security.c | 61 ++++++++++++++++++++++++++++++++++++++++++
1 file changed, 61 insertions(+)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 8316de84d7..0ed683103a 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -6940,6 +6940,8 @@ static void test_maximum_allowed(void)
static void test_token_security_descriptor(void)
{
+ static SID low_level = {SID_REVISION, 1, {SECURITY_MANDATORY_LABEL_AUTHORITY},
+ {SECURITY_MANDATORY_LOW_RID}};
char buffer_sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
SECURITY_DESCRIPTOR *sd = (SECURITY_DESCRIPTOR *)&buffer_sd, *sd2;
char buffer_acl[256], buffer[MAX_PATH];
@@ -7110,6 +7112,28 @@ static void test_token_security_descriptor(void)
ret = SetKernelObjectSecurity(token, DACL_SECURITY_INFORMATION, sd);
ok(ret, "SetKernelObjectSecurity failed with %u\n", GetLastError());
+ /* The security label is also not inherited */
+ if (pAddMandatoryAce)
+ {
+ ret = InitializeAcl(acl, 256, ACL_REVISION);
+ ok(ret, "InitializeAcl failed with %u\n", GetLastError());
+
+ ret = pAddMandatoryAce(acl, ACL_REVISION, 0, SYSTEM_MANDATORY_LABEL_NO_WRITE_UP, &low_level);
+ ok(ret, "AddMandatoryAce failed with %u\n", GetLastError());
+
+ memset(sd, 0, sizeof(buffer_sd));
+ ret = InitializeSecurityDescriptor(sd, SECURITY_DESCRIPTOR_REVISION);
+ ok(ret, "InitializeSecurityDescriptor failed with %u\n", GetLastError());
+
+ ret = SetSecurityDescriptorSacl(sd, TRUE, acl, FALSE);
+ ok(ret, "SetSecurityDescriptorSacl failed with %u\n", GetLastError());
+
+ ret = SetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, sd);
+ ok(ret, "SetKernelObjectSecurity failed with %u\n", GetLastError());
+ }
+ else
+ win_skip("SYSTEM_MANDATORY_LABEL not supported\n");
+
/* start child process with our modified token */
memset(&startup, 0, sizeof(startup));
startup.cb = sizeof(startup);
@@ -7272,6 +7296,9 @@ static void test_GetExplicitEntriesFromAclW(void)
static void test_child_token_sd(void)
{
+ static SID low_level = {SID_REVISION, 1, {SECURITY_MANDATORY_LABEL_AUTHORITY},
+ {SECURITY_MANDATORY_LOW_RID}};
+ SYSTEM_MANDATORY_LABEL_ACE *ace_label;
BOOL ret, present, defaulted, found;
ACCESS_ALLOWED_ACE *ace_acc;
SECURITY_DESCRIPTOR *sd;
@@ -7315,6 +7342,40 @@ static void test_child_token_sd(void)
LocalFree(psid);
HeapFree(GetProcessHeap(), 0, sd);
+
+ if (!pAddMandatoryAce)
+ {
+ win_skip("SYSTEM_MANDATORY_LABEL not supported\n");
+ return;
+ }
+
+ ret = GetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, NULL, 0, &size);
+ ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER,
+ "GetKernelObjectSecurity failed with %u\n", GetLastError());
+
+ sd = HeapAlloc(GetProcessHeap(), 0, size);
+ ret = GetKernelObjectSecurity(token, LABEL_SECURITY_INFORMATION, sd, size, &size);
+ ok(ret, "GetKernelObjectSecurity failed %u\n", GetLastError());
+
+ pAcl = NULL;
+ present = FALSE;
+ defaulted = TRUE;
+ ret = GetSecurityDescriptorSacl(sd, &present, &pAcl, &defaulted);
+ ok(ret, "GetSecurityDescriptorSacl failed with %u\n", GetLastError());
+
+ index = 0;
+ found = FALSE;
+ if (present && pAcl)
+ {
+ while (pGetAce( pAcl, index++, (void **)&ace_label ))
+ {
+ if (ace_label->Header.AceType == SYSTEM_MANDATORY_LABEL_ACE_TYPE && EqualSid(&ace_label->SidStart, &low_level))
+ found = TRUE;
+ }
+ }
+ ok(!found, "Low integrity level should not have been inherited\n");
+
+ HeapFree(GetProcessHeap(), 0, sd);
}
START_TEST(security)
--
2.13.1

196
patches/server-LABEL_SECURITY_INFORMATION/0009-server-Assign-a-default-label-high-to-all-tokens.patch
View File

@ -1,196 +0,0 @@
From c58ae1d5ffa3fa25798833d84edfc56ae0394753 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Thu, 12 Jan 2017 05:58:02 +0100
Subject: server: Assign a default label (high) to all tokens.
---
dlls/advapi32/tests/security.c | 42 ++++++++++++++++++++++++++++++++-
server/process.c | 7 ++++++
server/security.h | 2 ++
server/token.c | 53 ++++++++++++++++++++++++++++++++++++++++++
4 files changed, 103 insertions(+), 1 deletion(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 0ed683103a..bc33a623cb 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -6386,6 +6386,8 @@ static void test_AddMandatoryAce(void)
{SECURITY_MANDATORY_LOW_RID}};
static SID medium_level = {SID_REVISION, 1, {SECURITY_MANDATORY_LABEL_AUTHORITY},
{SECURITY_MANDATORY_MEDIUM_RID}};
+ static SID high_level = {SID_REVISION, 1, {SECURITY_MANDATORY_LABEL_AUTHORITY},
+ {SECURITY_MANDATORY_HIGH_RID}};
static SID_IDENTIFIER_AUTHORITY sia_world = {SECURITY_WORLD_SID_AUTHORITY};
char buffer_sd[SECURITY_DESCRIPTOR_MIN_LENGTH];
SECURITY_DESCRIPTOR *sd2, *sd = (SECURITY_DESCRIPTOR *)&buffer_sd;
@@ -6641,6 +6643,45 @@ static void test_AddMandatoryAce(void)
FreeSid(everyone);
HeapFree(GetProcessHeap(), 0, sd2);
CloseHandle(handle);
+
+ ret = OpenProcessToken(GetCurrentProcess(), READ_CONTROL, &handle);
+ ok(ret, "got %d with %d (expected TRUE)\n", ret, GetLastError());
+
+ ret = GetKernelObjectSecurity(handle, LABEL_SECURITY_INFORMATION, NULL, 0, &size);
+ ok(!ret && GetLastError() == ERROR_INSUFFICIENT_BUFFER,
+ "GetKernelObjectSecurity failed with %u\n", GetLastError());
+
+ sd2 = HeapAlloc(GetProcessHeap(), 0, size);
+ ret = GetKernelObjectSecurity(handle, LABEL_SECURITY_INFORMATION, sd2, size, &size);
+ ok(ret, "GetKernelObjectSecurity failed %u\n", GetLastError());
+
+ sacl = (void *)0xdeadbeef;
+ present = FALSE;
+ defaulted = TRUE;
+ ret = GetSecurityDescriptorSacl(sd2, &present, &sacl, &defaulted);
+ ok(ret, "GetSecurityDescriptorSacl failed with %u\n", GetLastError());
+ ok(present, "sacl not present\n");
+ ok(sacl != (void *)0xdeadbeef, "sacl not set\n");
+ ok(sacl->AceCount == 1, "Expected 1 ACEs, got %d\n", sacl->AceCount);
+ ok(!defaulted, "sacl defaulted\n");
+
+ index = 0;
+ found = FALSE;
+ while (pGetAce( sacl, index++, (void **)&ace ))
+ {
+ if (ace->Header.AceType == SYSTEM_MANDATORY_LABEL_ACE_TYPE &&
+ (EqualSid(&ace->SidStart, &medium_level) || EqualSid(&ace->SidStart, &high_level)))
+ {
+ found = TRUE;
+ ok(ace->Header.AceFlags == 0, "Expected 0 as flags, got %x\n", ace->Header.AceFlags);
+ ok(ace->Mask == SYSTEM_MANDATORY_LABEL_NO_WRITE_UP,
+ "Expected SYSTEM_MANDATORY_LABEL_NO_WRITE_UP as flag, got %x\n", ace->Mask);
+ }
+ }
+ ok(found, "Could not find medium/high mandatory label\n");
+
+ HeapFree(GetProcessHeap(), 0, sd2);
+ CloseHandle(handle);
}
static void test_system_security_access(void)
@@ -7072,7 +7113,6 @@ static void test_token_security_descriptor(void)
defaulted = TRUE;
ret = GetSecurityDescriptorDacl(sd2, &present, &acl2, &defaulted);
ok(ret, "GetSecurityDescriptorDacl failed with %u\n", GetLastError());
- todo_wine
ok(present, "acl2 not present\n");
ok(acl2 != (void *)0xdeadbeef, "acl2 not set\n");
ok(!defaulted, "acl2 defaulted\n");
diff --git a/server/process.c b/server/process.c
index 5b1860df14..98dcb21f1a 100644
--- a/server/process.c
+++ b/server/process.c
@@ -571,6 +571,13 @@ struct thread *create_process( int fd, struct thread *parent_thread, int inherit
}
if (!process->handles || !process->token) goto error;
+ /* Assign high security label to token. The default would be medium, but wine provides
+ * admin access to all applications, so high makes more sense. For further information:
+ * "Default integrity level" at https://msdn.microsoft.com/en-us/library/bb625963.aspx
+ */
+ if (!token_assign_label( process->token, security_high_label_sid ))
+ goto error;
+
/* create the main thread */
if (pipe( request_pipe ) == -1)
{
diff --git a/server/security.h b/server/security.h
index 4d9db9ae41..606dbb2ab2 100644
--- a/server/security.h
+++ b/server/security.h
@@ -48,11 +48,13 @@ extern const PSID security_local_system_sid;
extern const PSID security_builtin_users_sid;
extern const PSID security_builtin_admins_sid;
extern const PSID security_domain_users_sid;
+extern const PSID security_high_label_sid;
/* token functions */
extern struct token *token_create_admin(void);
+extern int token_assign_label( struct token *token, PSID label );
extern struct token *token_duplicate( struct token *src_token, unsigned primary,
int impersonation_level, const struct security_descriptor *sd );
extern int token_check_privileges( struct token *token, int all_required,
diff --git a/server/token.c b/server/token.c
index dc3887967c..a1c615eec3 100644
--- a/server/token.c
+++ b/server/token.c
@@ -70,6 +70,7 @@ static const SID interactive_sid = { SID_REVISION, 1, { SECURITY_NT_AUTHORITY },
static const SID anonymous_logon_sid = { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_ANONYMOUS_LOGON_RID } };
static const SID authenticated_user_sid = { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_AUTHENTICATED_USER_RID } };
static const SID local_system_sid = { SID_REVISION, 1, { SECURITY_NT_AUTHORITY }, { SECURITY_LOCAL_SYSTEM_RID } };
+static const SID high_label_sid = { SID_REVISION, 1, { SECURITY_MANDATORY_LABEL_AUTHORITY }, { SECURITY_MANDATORY_HIGH_RID } };
static const struct /* same fields as struct SID */
{
BYTE Revision;
@@ -108,6 +109,7 @@ const PSID security_local_user_sid = (PSID)&local_user_sid;
const PSID security_builtin_admins_sid = (PSID)&builtin_admins_sid;
const PSID security_builtin_users_sid = (PSID)&builtin_users_sid;
const PSID security_domain_users_sid = (PSID)&domain_users_sid;
+const PSID security_high_label_sid = (PSID)&high_label_sid;
static luid_t prev_luid_value = { 1000, 0 };
@@ -734,6 +736,57 @@ struct sid_data
unsigned int subauth[MAX_SUBAUTH_COUNT];
};
+static struct security_descriptor *create_security_label_sd( PSID label_sid )
+{
+ size_t sid_len = security_sid_len( label_sid );
+ size_t sacl_size = sizeof(ACL) + FIELD_OFFSET(SYSTEM_MANDATORY_LABEL_ACE, SidStart) + sid_len;
+ size_t sd_size = sizeof(struct security_descriptor) + sacl_size;
+ SYSTEM_MANDATORY_LABEL_ACE *smla;
+ struct security_descriptor *sd;
+ ACL *sacl;
+
+ sd = mem_alloc( sd_size );
+ if (!sd) return NULL;
+
+ sd->control = SE_SACL_PRESENT;
+ sd->owner_len = 0;
+ sd->group_len = 0;
+ sd->sacl_len = sacl_size;
+ sd->dacl_len = 0;
+
+ sacl = (ACL *)(sd + 1);
+ sacl->AclRevision = ACL_REVISION;
+ sacl->Sbz1 = 0;
+ sacl->AclSize = sacl_size;
+ sacl->AceCount = 1;
+ sacl->Sbz2 = 0;
+
+ smla = (SYSTEM_MANDATORY_LABEL_ACE *)(sacl + 1);
+ smla->Header.AceType = SYSTEM_MANDATORY_LABEL_ACE_TYPE;
+ smla->Header.AceFlags = 0;
+ smla->Header.AceSize = FIELD_OFFSET(SYSTEM_MANDATORY_LABEL_ACE, SidStart) + sid_len;
+ smla->Mask = SYSTEM_MANDATORY_LABEL_NO_WRITE_UP;
+ memcpy( &smla->SidStart, label_sid, sid_len );
+
+ assert( sd_is_valid( sd, sd_size ) );
+ return sd;
+}
+
+int token_assign_label( struct token *token, PSID label )
+{
+ struct security_descriptor *sd;
+ int ret = 0;
+
+ if ((sd = create_security_label_sd( label )))
+ {
+ /* FIXME: this overwrites the complete SACL, not only the label */
+ ret = set_sd_defaults_from_token( &token->obj, sd, SACL_SECURITY_INFORMATION, token );
+ free( sd );
+ }
+
+ return ret;
+}
+
struct token *token_create_admin( void )
{
struct token *token = NULL;
--
2.13.1

4
patches/server-LABEL_SECURITY_INFORMATION/definition
View File

@ -1,4 +0,0 @@
Fixes: [42014] Implement support for LABEL_SECURITY_INFORMATION
Depends: advapi32-GetExplicitEntriesFromAclW
Depends: server-Stored_ACLs
Depends: server-Misc_ACL

26
patches/server-Misc_ACL/0001-server-Add-default-security-descriptor-ownership-for.patch
View File

@ -1,4 +1,4 @@
From 2380d7451dc978cdab3ebcbeb75272c9147d0f68 Mon Sep 17 00:00:00 2001
From 8bffcd9ad57c8c1b13f38045585043b7003c7c0c Mon Sep 17 00:00:00 2001
From: "Erich E. Hoover" <erich.e.hoover@gmail.com>
Date: Wed, 25 Jun 2014 11:49:12 -0600
Subject: server: Add default security descriptor ownership for processes.
@ -11,10 +11,10 @@ Subject: server: Add default security descriptor ownership for processes.
4 files changed, 69 insertions(+), 1 deletion(-)
diff --git a/dlls/advapi32/tests/security.c b/dlls/advapi32/tests/security.c
index 498d19a..c09b097 100644
index ca5edffae5..acbf124be8 100644
--- a/dlls/advapi32/tests/security.c
+++ b/dlls/advapi32/tests/security.c
@@ -4303,11 +4303,15 @@ static void test_acls(void)
@@ -4542,11 +4542,15 @@ static void test_acls(void)
static void test_GetSecurityInfo(void)
{
@ -30,7 +30,7 @@ index 498d19a..c09b097 100644
ACL_SIZE_INFORMATION acl_size;
PSECURITY_DESCRIPTOR pSD;
ACCESS_ALLOWED_ACE *ace;
@@ -4434,6 +4438,37 @@ static void test_GetSecurityInfo(void)
@@ -4673,6 +4677,37 @@ static void test_GetSecurityInfo(void)
}
LocalFree(pSD);
CloseHandle(obj);
@ -69,7 +69,7 @@ index 498d19a..c09b097 100644
static void test_GetSidSubAuthority(void)
diff --git a/server/process.c b/server/process.c
index d51c884..14e36b0 100644
index 2327a2664b..de6b1ed020 100644
--- a/server/process.c
+++ b/server/process.c
@@ -62,6 +62,7 @@ static int shutdown_stage; /* current stage in the shutdown process */
@ -89,7 +89,7 @@ index d51c884..14e36b0 100644
default_set_sd, /* set_sd */
no_lookup_name, /* lookup_name */
no_link_name, /* link_name */
@@ -664,6 +665,29 @@ static unsigned int process_map_access( struct object *obj, unsigned int access
@@ -671,6 +672,29 @@ static unsigned int process_map_access( struct object *obj, unsigned int access
return access & ~(GENERIC_READ | GENERIC_WRITE | GENERIC_EXECUTE | GENERIC_ALL);
}
@ -120,7 +120,7 @@ index d51c884..14e36b0 100644
{
struct process *process = get_fd_user( fd );
diff --git a/server/security.h b/server/security.h
index 925a85b..bdb7d42 100644
index 873bbc6afd..606dbb2ab2 100644
--- a/server/security.h
+++ b/server/security.h
@@ -47,6 +47,7 @@ extern const PSID security_local_user_sid;
@ -128,14 +128,14 @@ index 925a85b..bdb7d42 100644
extern const PSID security_builtin_users_sid;
extern const PSID security_builtin_admins_sid;
+extern const PSID security_domain_users_sid;
extern const PSID security_high_label_sid;
/* token functions */
diff --git a/server/token.c b/server/token.c
index ca12813..d66c39a 100644
index 532d7b7405..1aa1c993df 100644
--- a/server/token.c
+++ b/server/token.c
@@ -91,6 +91,13 @@ static const struct /* same fields as struct SID */
@@ -92,6 +92,13 @@ static const struct /* same fields as struct SID */
SID_IDENTIFIER_AUTHORITY IdentifierAuthority;
DWORD SubAuthority[2];
} builtin_users_sid = { SID_REVISION, 2, { SECURITY_NT_AUTHORITY }, { SECURITY_BUILTIN_DOMAIN_RID, DOMAIN_ALIAS_RID_USERS } };
@ -149,14 +149,14 @@ index ca12813..d66c39a 100644
const PSID security_world_sid = (PSID)&world_sid;
static const PSID security_local_sid = (PSID)&local_sid;
@@ -100,6 +107,7 @@ const PSID security_local_system_sid = (PSID)&local_system_sid;
@@ -101,6 +108,7 @@ const PSID security_local_system_sid = (PSID)&local_system_sid;
const PSID security_local_user_sid = (PSID)&local_user_sid;
const PSID security_builtin_admins_sid = (PSID)&builtin_admins_sid;
const PSID security_builtin_users_sid = (PSID)&builtin_users_sid;
+const PSID security_domain_users_sid = (PSID)&domain_users_sid;
const PSID security_high_label_sid = (PSID)&high_label_sid;
static luid_t prev_luid_value = { 1000, 0 };
--
2.7.0
2.13.1

10
patches/windowscodecs-TIFF_Support/0011-windowscodecs-Add-support-for-32bppCMYK-and-64bppCMY.patch
View File

@ -1,4 +1,4 @@
From e8d59694358c592df65e9e1f1600df2946f3b2cb Mon Sep 17 00:00:00 2001
From d57197600db7bb0c9f5f3c935ea568cf526d7cb9 Mon Sep 17 00:00:00 2001
From: Dmitry Timoshkov <dmitry@baikal.ru>
Date: Fri, 9 Dec 2016 12:52:36 +0800
Subject: windowscodecs: Add support for 32bppCMYK and 64bppCMYK formats to
@ -11,7 +11,7 @@ Subject: windowscodecs: Add support for 32bppCMYK and 64bppCMYK formats to
3 files changed, 38 insertions(+), 1 deletion(-)
diff --git a/dlls/windowscodecs/regsvr.c b/dlls/windowscodecs/regsvr.c
index f695d3e40a5..9024574e808 100644
index f695d3e40a..9024574e80 100644
--- a/dlls/windowscodecs/regsvr.c
+++ b/dlls/windowscodecs/regsvr.c
@@ -1224,6 +1224,8 @@ static GUID const * const tiff_decode_formats[] = {
@ -42,7 +42,7 @@ index f695d3e40a5..9024574e808 100644
"The Wine Project",
"128bpp RGBAFloat",
diff --git a/dlls/windowscodecs/tiffformat.c b/dlls/windowscodecs/tiffformat.c
index 151b999a359..414c92195ea 100644
index 151b999a35..414c92195e 100644
--- a/dlls/windowscodecs/tiffformat.c
+++ b/dlls/windowscodecs/tiffformat.c
@@ -507,8 +507,31 @@ static HRESULT tiff_get_decode_info(TIFF *tiff, tiff_decode_info *decode_info)
@ -79,7 +79,7 @@ index 151b999a359..414c92195ea 100644
case 8: /* CIELab */
default:
diff --git a/include/wincodec.idl b/include/wincodec.idl
index 73e867f733b..b2fa4a843fe 100644
index 0e279f590e..3132bf6b3b 100644
--- a/include/wincodec.idl
+++ b/include/wincodec.idl
@@ -218,6 +218,7 @@ cpp_quote("DEFINE_GUID(GUID_WICPixelFormat64bppPRGBA, 0x6fddc324,0x4e03,0x4bfe,0
@ -89,7 +89,7 @@ index 73e867f733b..b2fa4a843fe 100644
+cpp_quote("DEFINE_GUID(GUID_WICPixelFormat64bppCMYK, 0x6fddc324,0x4e03,0x4bfe,0xb1,0x85,0x3d,0x77,0x76,0x8d,0xc9,0x1f);")
cpp_quote("#if 0")
typedef DWORD *ID2D1Device;
typedef DWORD *D2D1_PIXEL_FORMAT;
--
2.13.1

6
patches/wined3d-CSMT_Main/9999-IfDefined.patch
View File

@ -512,7 +512,7 @@ diff --git a/dlls/wined3d/texture.c b/dlls/wined3d/texture.c
if (resource->type == WINED3D_RTYPE_TEXTURE_2D)
{
@@ -2981,7 +3053,11 @@ static BOOL texture3d_load_location(struct wined3d_texture *texture, unsigned in
@@ -2969,7 +3041,11 @@ static BOOL texture3d_load_location(struct wined3d_texture *texture, unsigned in
}
else if (sub_resource->locations & WINED3D_LOCATION_BUFFER)
{
@ -524,7 +524,7 @@ diff --git a/dlls/wined3d/texture.c b/dlls/wined3d/texture.c
wined3d_texture_bind_and_dirtify(texture, context,
location == WINED3D_LOCATION_TEXTURE_SRGB);
wined3d_texture_get_pitch(texture, sub_resource_idx, &row_pitch, &slice_pitch);
@@ -3027,7 +3103,11 @@ static BOOL texture3d_load_location(struct wined3d_texture *texture, unsigned in
@@ -3015,7 +3091,11 @@ static BOOL texture3d_load_location(struct wined3d_texture *texture, unsigned in
case WINED3D_LOCATION_BUFFER:
if (sub_resource->locations & (WINED3D_LOCATION_TEXTURE_RGB | WINED3D_LOCATION_TEXTURE_SRGB))
{
@ -536,7 +536,7 @@ diff --git a/dlls/wined3d/texture.c b/dlls/wined3d/texture.c
if (sub_resource->locations & WINED3D_LOCATION_TEXTURE_RGB)
wined3d_texture_bind_and_dirtify(texture, context, FALSE);
@@ -3245,8 +3325,19 @@ HRESULT CDECL wined3d_texture_blt(struct wined3d_texture *dst_texture, unsigned
@@ -3233,8 +3313,19 @@ HRESULT CDECL wined3d_texture_blt(struct wined3d_texture *dst_texture, unsigned
if (dst_texture->sub_resources[dst_sub_resource_idx].map_count
|| src_texture->sub_resources[src_sub_resource_idx].map_count)
{

48
patches/wined3d-GDI_Rendering/0001-wined3d-Avoid-NULL-pointer-dereference-when-using-GD.patch
View File

@ -1,48 +0,0 @@
From 9dc3f3172083cf450ad72c3a8294f592c70e9114 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 16 Jun 2017 16:01:04 +0200
Subject: wined3d: Avoid NULL pointer dereference when using GDI renderer.
Fixes a regression introduced in 62ca4f38269139ef2a8b9842ec538d9e7f7a0e76.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
---
dlls/wined3d/context.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/dlls/wined3d/context.c b/dlls/wined3d/context.c
index 0f6054226b..fbc73ca9a1 100644
--- a/dlls/wined3d/context.c
+++ b/dlls/wined3d/context.c
@@ -2703,12 +2703,13 @@ void context_bind_texture(struct wined3d_context *context, GLenum target, GLuint
void *context_map_bo_address(struct wined3d_context *context,
const struct wined3d_bo_address *data, size_t size, GLenum binding, DWORD flags)
{
- const struct wined3d_gl_info *gl_info = context->gl_info;
+ const struct wined3d_gl_info *gl_info;
BYTE *memory;
if (!data->buffer_object)
return data->addr;
+ gl_info = context->gl_info;
context_bind_bo(context, binding, data->buffer_object);
if (gl_info->supported[ARB_MAP_BUFFER_RANGE])
@@ -2731,11 +2732,12 @@ void *context_map_bo_address(struct wined3d_context *context,
void context_unmap_bo_address(struct wined3d_context *context,
const struct wined3d_bo_address *data, GLenum binding)
{
- const struct wined3d_gl_info *gl_info = context->gl_info;
+ const struct wined3d_gl_info *gl_info;
if (!data->buffer_object)
return;
+ gl_info = context->gl_info;
context_bind_bo(context, binding, data->buffer_object);
GL_EXTCALL(glUnmapBuffer(binding));
context_bind_bo(context, binding, 0);
--
2.13.1

44
patches/wined3d-GDI_Rendering/0002-wined3d-Create-CPU-blitter-also-for-GDI-render.patch
View File

@ -1,44 +0,0 @@
From e18e871d92506bae4647566f55841db205d61475 Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 16 Jun 2017 16:01:34 +0200
Subject: wined3d: Create CPU blitter also for GDI render.
Fixes a regression introduced in cad4badbcf25992e0c61521aa15e639c2611f5d6.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
---
dlls/wined3d/device.c | 11 +++++++++++
1 file changed, 11 insertions(+)
diff --git a/dlls/wined3d/device.c b/dlls/wined3d/device.c
index ded4af6616..3d12e417a4 100644
--- a/dlls/wined3d/device.c
+++ b/dlls/wined3d/device.c
@@ -1164,6 +1164,15 @@ HRESULT CDECL wined3d_device_init_gdi(struct wined3d_device *device,
goto err_out;
}
device->swapchains[0] = swapchain;
+
+ if (!(device->blitter = wined3d_cpu_blitter_create()))
+ {
+ ERR("Failed to create CPU blitter.\n");
+ HeapFree(GetProcessHeap(), 0, device->swapchains);
+ device->swapchain_count = 0;
+ goto err_out;
+ }
+
return WINED3D_OK;
err_out:
@@ -1252,6 +1261,8 @@ HRESULT CDECL wined3d_device_uninit_gdi(struct wined3d_device *device)
{
unsigned int i;
+ device->blitter->ops->blitter_destroy(device->blitter, NULL);
+
for (i = 0; i < device->swapchain_count; ++i)
{
TRACE("Releasing the implicit swapchain %u.\n", i);
--
2.13.1

44
patches/wined3d-GDI_Rendering/0003-wined3d-Fix-memory-leaks-in-blitter_destroy-callback.patch
View File

@ -1,44 +0,0 @@
From bb63fe5dc5aec0dc8fec304f1d7ce790f684dfce Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 16 Jun 2017 16:01:58 +0200
Subject: wined3d: Fix memory leaks in blitter_destroy callbacks.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
---
dlls/wined3d/surface.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/dlls/wined3d/surface.c b/dlls/wined3d/surface.c
index abdeb9cac0..af8b5b4cb3 100644
--- a/dlls/wined3d/surface.c
+++ b/dlls/wined3d/surface.c
@@ -2394,6 +2394,8 @@ static void fbo_blitter_destroy(struct wined3d_blitter *blitter, struct wined3d_
if ((next = blitter->next))
next->ops->blitter_destroy(next, context);
+
+ HeapFree(GetProcessHeap(), 0, blitter);
}
static void fbo_blitter_clear(struct wined3d_blitter *blitter, struct wined3d_device *device,
@@ -2476,6 +2478,8 @@ static void ffp_blitter_destroy(struct wined3d_blitter *blitter, struct wined3d_
if ((next = blitter->next))
next->ops->blitter_destroy(next, context);
+
+ HeapFree(GetProcessHeap(), 0, blitter);
}
static BOOL ffp_blit_supported(const struct wined3d_gl_info *gl_info,
@@ -2766,6 +2770,8 @@ static void cpu_blitter_destroy(struct wined3d_blitter *blitter, struct wined3d_
if ((next = blitter->next))
next->ops->blitter_destroy(next, context);
+
+ HeapFree(GetProcessHeap(), 0, blitter);
}
static HRESULT surface_cpu_blt_compressed(const BYTE *src_data, BYTE *dst_data,
--
2.13.1

84
patches/wined3d-GDI_Rendering/0004-wined3d-Trigger-frontbuffer-update-in-surface_cpu_bl.patch
View File

@ -1,84 +0,0 @@
From 4bc32d1d59b90666b20523e692e9cfc724eacecd Mon Sep 17 00:00:00 2001
From: Sebastian Lackner <sebastian@fds-team.de>
Date: Fri, 16 Jun 2017 16:03:22 +0200
Subject: wined3d: Trigger frontbuffer update in surface_cpu_blt.
Fixes a regression introduced in ee17d7ba1b72b26baae90c1d5e2ae5b3e4721654.
Signed-off-by: Sebastian Lackner <sebastian@fds-team.de>
---
dlls/wined3d/surface.c | 3 +++
dlls/wined3d/texture.c | 22 +++++++++++++++++-----
dlls/wined3d/wined3d_private.h | 2 ++
3 files changed, 22 insertions(+), 5 deletions(-)
diff --git a/dlls/wined3d/surface.c b/dlls/wined3d/surface.c
index af8b5b4cb3..88ae765e17 100644
--- a/dlls/wined3d/surface.c
+++ b/dlls/wined3d/surface.c
@@ -3343,6 +3343,9 @@ release:
context_unmap_bo_address(context, &dst_data, GL_PIXEL_UNPACK_BUFFER);
if (!same_sub_resource)
context_unmap_bo_address(context, &src_data, GL_PIXEL_UNPACK_BUFFER);
+
+ swapchain_frontbuffer_updated(dst_texture, dst_sub_resource_idx, dst_box);
+
if (converted_texture)
wined3d_texture_decref(converted_texture);
if (context)
diff --git a/dlls/wined3d/texture.c b/dlls/wined3d/texture.c
index 476295cecc..9de8b93c5a 100644
--- a/dlls/wined3d/texture.c
+++ b/dlls/wined3d/texture.c
@@ -1979,6 +1979,22 @@ static HRESULT texture_resource_sub_resource_map(struct wined3d_resource *resour
return WINED3D_OK;
}
+void swapchain_frontbuffer_updated(struct wined3d_texture *texture, unsigned int sub_resource_idx,
+ const struct wined3d_box *box)
+{
+ struct wined3d_texture_sub_resource *sub_resource;
+
+ if (!texture->swapchain || texture->swapchain->front_buffer != texture)
+ return;
+ if (!(sub_resource = wined3d_texture_get_sub_resource(texture, sub_resource_idx)))
+ return;
+ if (sub_resource->locations & (WINED3D_LOCATION_DRAWABLE | WINED3D_LOCATION_TEXTURE_RGB))
+ return;
+
+ if (box) SetRect(&texture->swapchain->front_buffer_update, box->left, box->top, box->right, box->bottom);
+ texture->swapchain->swapchain_ops->swapchain_frontbuffer_updated(texture->swapchain);
+}
+
static HRESULT texture_resource_sub_resource_unmap(struct wined3d_resource *resource, unsigned int sub_resource_idx)
{
struct wined3d_texture_sub_resource *sub_resource;
@@ -2010,11 +2026,7 @@ static HRESULT texture_resource_sub_resource_unmap(struct wined3d_resource *reso
if (context)
context_release(context);
- if (texture->swapchain && texture->swapchain->front_buffer == texture)
- {
- if (!(sub_resource->locations & (WINED3D_LOCATION_DRAWABLE | WINED3D_LOCATION_TEXTURE_RGB)))
- texture->swapchain->swapchain_ops->swapchain_frontbuffer_updated(texture->swapchain);
- }
+ swapchain_frontbuffer_updated(texture, sub_resource_idx, NULL);
--sub_resource->map_count;
if (!--resource->map_count && texture->update_map_binding)
diff --git a/dlls/wined3d/wined3d_private.h b/dlls/wined3d/wined3d_private.h
index 1025c98f18..e394931573 100644
--- a/dlls/wined3d/wined3d_private.h
+++ b/dlls/wined3d/wined3d_private.h
@@ -3686,6 +3686,8 @@ void swapchain_destroy_contexts(struct wined3d_swapchain *swapchain) DECLSPEC_HI
HDC swapchain_get_backup_dc(struct wined3d_swapchain *swapchain) DECLSPEC_HIDDEN;
void swapchain_update_draw_bindings(struct wined3d_swapchain *swapchain) DECLSPEC_HIDDEN;
void swapchain_update_swap_interval(struct wined3d_swapchain *swapchain) DECLSPEC_HIDDEN;
+void swapchain_frontbuffer_updated(struct wined3d_texture *texture, unsigned int sub_resource_idx,
+ const struct wined3d_box *box) DECLSPEC_HIDDEN;
/*****************************************************************************
* Utility function prototypes
--
2.13.1

1
patches/wined3d-GDI_Rendering/definition
View File

@ -1 +0,0 @@
Fixes: Multiple regression fixes for GDI rendering

12
patches/winemp3.acm-MPEG3_StreamOpen/0001-winemp3.acm-Check-input-format-in-MPEG3_StreamOpen.patch
View File

@ -1,4 +1,4 @@
From a9e9bf9a348ddd771fd405dae8dcbe9fcb42ddb3 Mon Sep 17 00:00:00 2001
From 4e90e07da9b0880527ac5aed3d2d27b2ba094d83 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michael=20M=C3=BCller?= <michael@fds-team.de>
Date: Sun, 21 Aug 2016 02:36:47 +0200
Subject: winemp3.acm: Check input format in MPEG3_StreamOpen.
@ -9,10 +9,10 @@ Subject: winemp3.acm: Check input format in MPEG3_StreamOpen.
2 files changed, 85 insertions(+), 1 deletion(-)
diff --git a/dlls/msacm32/tests/msacm.c b/dlls/msacm32/tests/msacm.c
index 44a6febb662..21cc10bd45e 100644
index a485f9a197..13532a4980 100644
--- a/dlls/msacm32/tests/msacm.c
+++ b/dlls/msacm32/tests/msacm.c
@@ -1151,6 +1151,76 @@ static void test_acmFormatTagDetails(void)
@@ -1249,6 +1249,76 @@ static void test_acmFormatTagDetails(void)
ok(aftd.cbFormatSize == sizeof(MPEGLAYER3WAVEFORMAT), "got %d\n", aftd.cbFormatSize);
}
@ -89,8 +89,8 @@ index 44a6febb662..21cc10bd45e 100644
static struct
{
struct
@@ -1319,6 +1389,7 @@ START_TEST(msacm)
test_prepareheader();
@@ -1418,6 +1488,7 @@ START_TEST(msacm)
test_convert();
test_acmFormatSuggest();
test_acmFormatTagDetails();
+ test_mp3();
@ -98,7 +98,7 @@ index 44a6febb662..21cc10bd45e 100644
* with other tests due to codec lookup order */
test_acmDriverAdd();
diff --git a/dlls/winemp3.acm/mpegl3.c b/dlls/winemp3.acm/mpegl3.c
index 13a6109a77a..b5ba4c6d834 100644
index 13a6109a77..b5ba4c6d83 100644
--- a/dlls/winemp3.acm/mpegl3.c
+++ b/dlls/winemp3.acm/mpegl3.c
@@ -215,6 +215,7 @@ static void MPEG3_Reset(PACMDRVSTREAMINSTANCE adsi, AcmMpeg3Data* aad)