| Age | Commit message (Collapse) | Author |
|---|
|
|
|
This reverts commit 33c30b4ff76ca22bdedce4aa41d05736a546d86b.
|
|
Message-ID: <20231124213041.952886-3-flaviocruz@gmail.com>
|
|
works on x86_64.
Message-ID: <ZVlHm2xuVaS8SItY@jupiter.tail36e24.ts.net>
|
|
Message-Id: <20230508213136.608575-5-bugaevc@gmail.com>
|
|
Message-Id: <ZFLcIs0iwiC9kQDf@jupiter.tail36e24.ts.net>
|
|
For coherency with the existing RPCs
|
|
And add proc_complete_reauthentication ()
|
|
Now that it's completely unused.
procinfo.owner is now simply set to the first UID that a process has.
proc_setowner () is kept for compatibility, but now does nothing.
The clients still try to call it, though, for compatibility with older
proc server versions.
|
|
While fshelp_start_translator_long () has been calling proc_setowner () on the
task it creates, it has never reauthenticated its process. This meant that the
translator, once started, could access processes authenticated same as the
process that called fshelp_start_translator_long (). In particular, this means
that any unprivileged translator started by a privileged parent translator had
in fact had a privileged proc port, and could access other processes through
it.
With this change, fshelp_start_translator_long () will now reauthenticate the
process it creates. Moreover, it will now respect a custom proc server port
passed in the given ports.
|
|
|
|
It only really supports ports_len > INIT_PORT_BOOTSTRAP,
ports_type == MACH_MSG_TYPE_COPY_SEND, fds_type == MACH_MSG_TYPE_COPY_SEND.
Make that explicit, and remove the branches that tried to handle the other
cases.
|
|
|
|
* libdiskfs/boot-start.c (diskfs_start_bootstrap): Fix printf format.
* libfshelp/delegate.c: Include <alloca.h> and <stdlib.h>.
* libfshelp/start-translator-long.c: Include <stdlib.h>.
* libshouldbeinlibc/ugids-verify-auth.c (server_verify_make_auth): Fix
prototypes for password_check_group and password_check_user.
* libstore/argp.c: Include <stdlib.h>.
* libstore/task.c: Include <stdlib.h>.
* exec/exec.c: Include <mach/vm_param.h>.
* libbpf/bpf_impl.c: Include <stdlib.h>.
* proc/info.c (S_proc_getloginpids): Remove local variables leader_task
and leader_sub.
* proc/main.c (main): Remove local variable original_argv.
* boot/boot.c (task_died, S_mach_notify_new_task): Fix printf format.
* exec/elfcore.c: Include <alloca.h> and <mach/vm_param.h>.
* trans/crash.c: Include <hurd/msg.h>.
* trans/random.c: Include <signal.h>.
* utils/login.c: Include <signal.h>.
* utils/id.c: Include <hurd/msg.h>.
* utils/devprobe.c: Include <stdlib.h>.
* utils/addauth.c: Include <hurd/msg.h>.
* utils/frobauth-mod.c: Include <hurd/msg.h>.
* utils/storeread.c: Include <stdlib.h>.
* utils/msgport.c: Include <hurd/msg.h>.
* sutils/clookup.c (file_name_lookup_carefully): Fix lookup function
prototype, make head and tail const.
* utils/rpcscan.c: Include <stdlib.h>.
* sutils/bless.c: Include <stdlib.h>.
* fstests/fstests.c: Include <stdlib.h>.
* startup/startup.c (argz_task_insert_right): Fix printf format.
* init/init.c: Include <stdlib.h>.
|
|
* hurd/fs.defs (file_exec): Deprecate in favor of...
(file_exec_paths): ...this new RPC.
* TODO: Update.
* doc/hurd.texi: Update RPC name.
* hurd/hurd_types.h: Update RPC name.
* libdiskfs/boot-start.c: Update RPC name.
* configure.ac: Check for presence of RPC stubs file_exec_paths exec_exec_paths.
* exec/hashexec.c (check_hashbang): When file_exec_paths is available, use it
instead of file_exec.
* startup/startup.c (run, run_for_real, start_child): Likewise.
* utils/login.c (main): Likewise.
* libfshelp/start-translator-long.c (fshelp_start_translator_long): Likewise.
* libdiskfs/file-exec.c (diskfs_S_file_exec): Move code to
new function diskfs_S_file_exec_paths and call it.
(diskfs_S_file_exec_paths): New function, use exec_exec_paths when available
instead of exec_exec
* libnetfs/file-exec.c (netfs_S_file_exec, netfs_S_file_exec_paths): Likewise.
* trans/fakeroot.c (netfs_S_file_exec, netfs_S_file_exec_paths): Likewise.
* libtrivfs/file-exec.c (trivfs_S_file_exec_paths): New function.
|
|
Our variants print stack traces on failures. This will make locating
errors much easier.
|
|
* hurd/hurd_types.defs: Use posix types.
* libfshelp/start-translator-long.c: Use uint32_t instead of
unsigned32_t.
|
|
* libfshelp/start-translator-long.c (fshelp_start_translator_long):
Once we have a task, go to `lose_task' so that we do not leave hosed
tasks around.
|
|
Properly deallocate all ports and terminate the started translator if
an error occurs.
* libfshelp/start-translator-long.c (fshelp_start_translator_long):
Improve error handling.
|
|
Server threads spawned by libports attempt to adjust their priority and
succeed when the server is privileged. This priority is currently
inherited by child tasks, which could be passive translators owned by
unprivileged users. Reset the priority of the task used for translator
instantiation.
* libfshelp/start-translator-long.c (fshelp_start_translator_long): Set
new task priority to 25 (BASEPRI_USER).
|
|
* start-translator-long.c (service_fsys_startup): Move mach_msg_type_t
const variables inside the function, make them auto so they are
optimized away to integer constants.
Use a union instead of casts to do efficient type checking.
|
|
* start-translator-long.c (fshelp_start_translator_long)
[KERN_INVALID_LEDGER]: Pass extra args to task_create for OSF variant.
|
|
2001-01-17 Neal H Walfield <neal@cs.uml.edu>
* console-run.c (open_console): Conform to new
fshelp_start_translator semantics.
init/
2001-01-17 Neal H Walfield <neal@cs.uml.edu>
* init.c (open_console): Conform to new fshelp_start_translator
semantics.
libfshelp/
2001-01-17 Neal H Walfield <neal@cs.uml.edu>
* fshelp.h: Add two new parameters to fshelp_open_fn_t:
a port to the new task and a cookie.
Add a new parameter, cookie, to fshelp_start_translator and
fshelp_start_translator_long that will be passed to
fshelp_open_fn_t.
* fetch-root.c (fshelp_fetch_root): Conform to new
fshelp_start_translator_long semantics.
* start-translator-long.c (service_fsys_startup): Likewise.
(fshelp_start_translator_long): Likewise.
* start-translator.c (fshelp_start_translator): Likewise.
libtreefs/
Conform to new fshelp_start_translator semantics.
trans/
2001-01-17 Neal H Walfield <neal@cs.uml.edu>
* pump.c (start_pfinet): Conform to new fshelp_start_translator
semantics.
utils/
2001-01-17 Neal H Walfield <neal@cs.uml.edu>
* mount.c (do_mount): Conform to new fshelp_start_translator
semantics.
* settrans.c (main): Conform to new fshelp_start_translator
semantics therby allowing us to print the pid of the an
active translator.
|
|
* start-translator-long.c (service_fsys_startup): If mach_msg fails
with MACH_SEND_INTERRUPTED, clean up the send right in the
pseudo-received request message.
|
|
* start-translator-long.c (fshelp_start_translator_long): Doc fix.
* fshelp.h (fshelp_start_translator_long): Document OWNER_UID.
|
|
* start-translator-long.c (fshelp_start_translator_long): Take new
argument OWNER_UID. Get child's proc port and do proc_setowner on it.
* fshelp.h: Update decl.
* start-translator.c (fshelp_start_translator): Pass new arg to
fshelp_start_translator_long with value from geteuid ().
* fetch-root.c (fshelp_fetch_root): Pass UID as new arg to
fshelp_start_translator_long.
|
|
* start-translator-long.c (service_fsys_startup): Doc fixes, and
omit unused member `dead' from REQUEST.
|
|
Make the mach_msg call sending the startup reply interruptible.
|
|
Make the mach_msg call waiting for the startup message interruptible.
|
|
|
|
Don't pass the address of reply.realnodeType.msgt_name -- it's not really an
int, although the compiler pretends it is.
|
|
Change to use a callback function instead of passing the actual node.
(service_fsys_startup): Support the open flags coming from the translator.
(struct fsys_startup_request): Add the flags field.
(flagsCheck): New variable.
|
|
|
|
Add values for the dealloc parameters to file_exec (all false).
Give away our send right to TASK when we do file_exec.
Initialize BOOTSTRAP & TASK so the cleanup code doesn't get confused.
|
|
MACH_MSG_TYPE_COPY_SEND, then drop our right on bootstrap after the
call, because we are pretending we haven't changed the calling user's
state. For the same reason, save the old BOOTSTRAP port value, and
restore it after the call.
|
|
correctly.
|
|
|
