| changeset 13195 | be27e1b6a4b9 |
| parent 8306 | e8b13a27a0e2 |
| child 13963 | e5b53c306fb5 |
| 13099:64752e56d721 | 13195:be27e1b6a4b9 |
|---|---|
118 warning("Could not close %s: %s\n", destfile, strerror(errno)); |
118 warning("Could not close %s: %s\n", destfile, strerror(errno)); |
119 } |
119 } |
120 } |
120 } |
121 } |
121 } |
122 |
122 |
123 FREE_C_HEAP_ARRAY(char, destfile); |
123 FREE_C_HEAP_ARRAY(char, destfile, mtInternal); |
124 } |
124 } |
125 |
125 |
126 // Shared Memory Implementation Details |
126 // Shared Memory Implementation Details |
127 |
127 |
128 // Note: the win32 shared memory implementation uses two objects to represent |
128 // Note: the win32 shared memory implementation uses two objects to represent |
155 static char* get_user_tmp_dir(const char* user) { |
155 static char* get_user_tmp_dir(const char* user) { |
156 |
156 |
157 const char* tmpdir = os::get_temp_directory(); |
157 const char* tmpdir = os::get_temp_directory(); |
158 const char* perfdir = PERFDATA_NAME; |
158 const char* perfdir = PERFDATA_NAME; |
159 size_t nbytes = strlen(tmpdir) + strlen(perfdir) + strlen(user) + 3; |
159 size_t nbytes = strlen(tmpdir) + strlen(perfdir) + strlen(user) + 3; |
160 char* dirname = NEW_C_HEAP_ARRAY(char, nbytes); |
160 char* dirname = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal); |
161 |
161 |
162 // construct the path name to user specific tmp directory |
162 // construct the path name to user specific tmp directory |
163 _snprintf(dirname, nbytes, "%s\\%s_%s", tmpdir, perfdir, user); |
163 _snprintf(dirname, nbytes, "%s\\%s_%s", tmpdir, perfdir, user); |
164 |
164 |
165 return dirname; |
165 return dirname; |
279 else { |
279 else { |
280 return NULL; |
280 return NULL; |
281 } |
281 } |
282 } |
282 } |
283 |
283 |
284 char* user_name = NEW_C_HEAP_ARRAY(char, strlen(user)+1); |
284 char* user_name = NEW_C_HEAP_ARRAY(char, strlen(user)+1, mtInternal); |
285 strcpy(user_name, user); |
285 strcpy(user_name, user); |
286 |
286 |
287 return user_name; |
287 return user_name; |
288 } |
288 } |
289 |
289 |
313 // open the directory and check if the file for the given vmid exists. |
313 // open the directory and check if the file for the given vmid exists. |
314 // The file with the expected name and the latest creation date is used |
314 // The file with the expected name and the latest creation date is used |
315 // to determine the user name for the process id. |
315 // to determine the user name for the process id. |
316 // |
316 // |
317 struct dirent* dentry; |
317 struct dirent* dentry; |
318 char* tdbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(tmpdirname)); |
318 char* tdbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(tmpdirname), mtInternal); |
319 errno = 0; |
319 errno = 0; |
320 while ((dentry = os::readdir(tmpdirp, (struct dirent *)tdbuf)) != NULL) { |
320 while ((dentry = os::readdir(tmpdirp, (struct dirent *)tdbuf)) != NULL) { |
321 |
321 |
322 // check if the directory entry is a hsperfdata file |
322 // check if the directory entry is a hsperfdata file |
323 if (strncmp(dentry->d_name, PERFDATA_NAME, strlen(PERFDATA_NAME)) != 0) { |
323 if (strncmp(dentry->d_name, PERFDATA_NAME, strlen(PERFDATA_NAME)) != 0) { |
324 continue; |
324 continue; |
325 } |
325 } |
326 |
326 |
327 char* usrdir_name = NEW_C_HEAP_ARRAY(char, |
327 char* usrdir_name = NEW_C_HEAP_ARRAY(char, |
328 strlen(tmpdirname) + strlen(dentry->d_name) + 2); |
328 strlen(tmpdirname) + strlen(dentry->d_name) + 2, mtInternal); |
329 strcpy(usrdir_name, tmpdirname); |
329 strcpy(usrdir_name, tmpdirname); |
330 strcat(usrdir_name, "\\"); |
330 strcat(usrdir_name, "\\"); |
331 strcat(usrdir_name, dentry->d_name); |
331 strcat(usrdir_name, dentry->d_name); |
332 |
332 |
333 DIR* subdirp = os::opendir(usrdir_name); |
333 DIR* subdirp = os::opendir(usrdir_name); |
334 |
334 |
335 if (subdirp == NULL) { |
335 if (subdirp == NULL) { |
336 FREE_C_HEAP_ARRAY(char, usrdir_name); |
336 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal); |
337 continue; |
337 continue; |
338 } |
338 } |
339 |
339 |
340 // Since we don't create the backing store files in directories |
340 // Since we don't create the backing store files in directories |
341 // pointed to by symbolic links, we also don't follow them when |
341 // pointed to by symbolic links, we also don't follow them when |
342 // looking for the files. We check for a symbolic link after the |
342 // looking for the files. We check for a symbolic link after the |
343 // call to opendir in order to eliminate a small window where the |
343 // call to opendir in order to eliminate a small window where the |
344 // symlink can be exploited. |
344 // symlink can be exploited. |
345 // |
345 // |
346 if (!is_directory_secure(usrdir_name)) { |
346 if (!is_directory_secure(usrdir_name)) { |
347 FREE_C_HEAP_ARRAY(char, usrdir_name); |
347 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal); |
348 os::closedir(subdirp); |
348 os::closedir(subdirp); |
349 continue; |
349 continue; |
350 } |
350 } |
351 |
351 |
352 struct dirent* udentry; |
352 struct dirent* udentry; |
353 char* udbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(usrdir_name)); |
353 char* udbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(usrdir_name), mtInternal); |
354 errno = 0; |
354 errno = 0; |
355 while ((udentry = os::readdir(subdirp, (struct dirent *)udbuf)) != NULL) { |
355 while ((udentry = os::readdir(subdirp, (struct dirent *)udbuf)) != NULL) { |
356 |
356 |
357 if (filename_to_pid(udentry->d_name) == vmid) { |
357 if (filename_to_pid(udentry->d_name) == vmid) { |
358 struct stat statbuf; |
358 struct stat statbuf; |
359 |
359 |
360 char* filename = NEW_C_HEAP_ARRAY(char, |
360 char* filename = NEW_C_HEAP_ARRAY(char, |
361 strlen(usrdir_name) + strlen(udentry->d_name) + 2); |
361 strlen(usrdir_name) + strlen(udentry->d_name) + 2, mtInternal); |
362 |
362 |
363 strcpy(filename, usrdir_name); |
363 strcpy(filename, usrdir_name); |
364 strcat(filename, "\\"); |
364 strcat(filename, "\\"); |
365 strcat(filename, udentry->d_name); |
365 strcat(filename, udentry->d_name); |
366 |
366 |
367 if (::stat(filename, &statbuf) == OS_ERR) { |
367 if (::stat(filename, &statbuf) == OS_ERR) { |
368 FREE_C_HEAP_ARRAY(char, filename); |
368 FREE_C_HEAP_ARRAY(char, filename, mtInternal); |
369 continue; |
369 continue; |
370 } |
370 } |
371 |
371 |
372 // skip over files that are not regular files. |
372 // skip over files that are not regular files. |
373 if ((statbuf.st_mode & S_IFMT) != S_IFREG) { |
373 if ((statbuf.st_mode & S_IFMT) != S_IFREG) { |
374 FREE_C_HEAP_ARRAY(char, filename); |
374 FREE_C_HEAP_ARRAY(char, filename, mtInternal); |
375 continue; |
375 continue; |
376 } |
376 } |
377 |
377 |
378 // If we found a matching file with a newer creation time, then |
378 // If we found a matching file with a newer creation time, then |
379 // save the user name. The newer creation time indicates that |
379 // save the user name. The newer creation time indicates that |
391 // later becomes the expected value. |
391 // later becomes the expected value. |
392 // |
392 // |
393 if (statbuf.st_ctime > latest_ctime) { |
393 if (statbuf.st_ctime > latest_ctime) { |
394 char* user = strchr(dentry->d_name, '_') + 1; |
394 char* user = strchr(dentry->d_name, '_') + 1; |
395 |
395 |
396 if (latest_user != NULL) FREE_C_HEAP_ARRAY(char, latest_user); |
396 if (latest_user != NULL) FREE_C_HEAP_ARRAY(char, latest_user, mtInternal); |
397 latest_user = NEW_C_HEAP_ARRAY(char, strlen(user)+1); |
397 latest_user = NEW_C_HEAP_ARRAY(char, strlen(user)+1, mtInternal); |
398 |
398 |
399 strcpy(latest_user, user); |
399 strcpy(latest_user, user); |
400 latest_ctime = statbuf.st_ctime; |
400 latest_ctime = statbuf.st_ctime; |
401 } |
401 } |
402 |
402 |
403 FREE_C_HEAP_ARRAY(char, filename); |
403 FREE_C_HEAP_ARRAY(char, filename, mtInternal); |
404 } |
404 } |
405 } |
405 } |
406 os::closedir(subdirp); |
406 os::closedir(subdirp); |
407 FREE_C_HEAP_ARRAY(char, udbuf); |
407 FREE_C_HEAP_ARRAY(char, udbuf, mtInternal); |
408 FREE_C_HEAP_ARRAY(char, usrdir_name); |
408 FREE_C_HEAP_ARRAY(char, usrdir_name, mtInternal); |
409 } |
409 } |
410 os::closedir(tmpdirp); |
410 os::closedir(tmpdirp); |
411 FREE_C_HEAP_ARRAY(char, tdbuf); |
411 FREE_C_HEAP_ARRAY(char, tdbuf, mtInternal); |
412 |
412 |
413 return(latest_user); |
413 return(latest_user); |
414 } |
414 } |
415 |
415 |
416 // return the name of the user that owns the process identified by vmid. |
416 // return the name of the user that owns the process identified by vmid. |
451 // the id is converted to an unsigned value here because win32 allows |
451 // the id is converted to an unsigned value here because win32 allows |
452 // negative process ids. However, OpenFileMapping API complains |
452 // negative process ids. However, OpenFileMapping API complains |
453 // about a name containing a '-' characters. |
453 // about a name containing a '-' characters. |
454 // |
454 // |
455 nbytes += UINT_CHARS; |
455 nbytes += UINT_CHARS; |
456 char* name = NEW_C_HEAP_ARRAY(char, nbytes); |
456 char* name = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal); |
457 _snprintf(name, nbytes, "%s_%s_%u", PERFDATA_NAME, user, vmid); |
457 _snprintf(name, nbytes, "%s_%s_%u", PERFDATA_NAME, user, vmid); |
458 |
458 |
459 return name; |
459 return name; |
460 } |
460 } |
461 |
461 |
467 static char* get_sharedmem_filename(const char* dirname, int vmid) { |
467 static char* get_sharedmem_filename(const char* dirname, int vmid) { |
468 |
468 |
469 // add 2 for the file separator and a null terminator. |
469 // add 2 for the file separator and a null terminator. |
470 size_t nbytes = strlen(dirname) + UINT_CHARS + 2; |
470 size_t nbytes = strlen(dirname) + UINT_CHARS + 2; |
471 |
471 |
472 char* name = NEW_C_HEAP_ARRAY(char, nbytes); |
472 char* name = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal); |
473 _snprintf(name, nbytes, "%s\\%d", dirname, vmid); |
473 _snprintf(name, nbytes, "%s\\%d", dirname, vmid); |
474 |
474 |
475 return name; |
475 return name; |
476 } |
476 } |
477 |
477 |
483 // method may be unsuccessful in removing the file. |
483 // method may be unsuccessful in removing the file. |
484 // |
484 // |
485 static void remove_file(const char* dirname, const char* filename) { |
485 static void remove_file(const char* dirname, const char* filename) { |
486 |
486 |
487 size_t nbytes = strlen(dirname) + strlen(filename) + 2; |
487 size_t nbytes = strlen(dirname) + strlen(filename) + 2; |
488 char* path = NEW_C_HEAP_ARRAY(char, nbytes); |
488 char* path = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal); |
489 |
489 |
490 strcpy(path, dirname); |
490 strcpy(path, dirname); |
491 strcat(path, "\\"); |
491 strcat(path, "\\"); |
492 strcat(path, filename); |
492 strcat(path, filename); |
493 |
493 |
498 " store file %s : %s\n", path, strerror(errno)); |
498 " store file %s : %s\n", path, strerror(errno)); |
499 } |
499 } |
500 } |
500 } |
501 } |
501 } |
502 |
502 |
503 FREE_C_HEAP_ARRAY(char, path); |
503 FREE_C_HEAP_ARRAY(char, path, mtInternal); |
504 } |
504 } |
505 |
505 |
506 // returns true if the process represented by pid is alive, otherwise |
506 // returns true if the process represented by pid is alive, otherwise |
507 // returns false. the validity of the result is only accurate if the |
507 // returns false. the validity of the result is only accurate if the |
508 // target process is owned by the same principal that owns this process. |
508 // target process is owned by the same principal that owns this process. |
636 // remove or create new files in this directory. The behavior of this |
636 // remove or create new files in this directory. The behavior of this |
637 // loop under these conditions is dependent upon the implementation of |
637 // loop under these conditions is dependent upon the implementation of |
638 // opendir/readdir. |
638 // opendir/readdir. |
639 // |
639 // |
640 struct dirent* entry; |
640 struct dirent* entry; |
641 char* dbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(dirname)); |
641 char* dbuf = NEW_C_HEAP_ARRAY(char, os::readdir_buf_size(dirname), mtInternal); |
642 errno = 0; |
642 errno = 0; |
643 while ((entry = os::readdir(dirp, (struct dirent *)dbuf)) != NULL) { |
643 while ((entry = os::readdir(dirp, (struct dirent *)dbuf)) != NULL) { |
644 |
644 |
645 int pid = filename_to_pid(entry->d_name); |
645 int pid = filename_to_pid(entry->d_name); |
646 |
646 |
679 remove_file(dirname, entry->d_name); |
679 remove_file(dirname, entry->d_name); |
680 } |
680 } |
681 errno = 0; |
681 errno = 0; |
682 } |
682 } |
683 os::closedir(dirp); |
683 os::closedir(dirp); |
684 FREE_C_HEAP_ARRAY(char, dbuf); |
684 FREE_C_HEAP_ARRAY(char, dbuf, mtInternal); |
685 } |
685 } |
686 |
686 |
687 // create a file mapping object with the requested name, and size |
687 // create a file mapping object with the requested name, and size |
688 // from the file represented by the given Handle object |
688 // from the file represented by the given Handle object |
689 // |
689 // |
745 |
745 |
746 // if an ACL existed and it was not a default acl, then it must |
746 // if an ACL existed and it was not a default acl, then it must |
747 // be an ACL we enlisted. free the resources. |
747 // be an ACL we enlisted. free the resources. |
748 // |
748 // |
749 if (success && exists && pACL != NULL && !isdefault) { |
749 if (success && exists && pACL != NULL && !isdefault) { |
750 FREE_C_HEAP_ARRAY(char, pACL); |
750 FREE_C_HEAP_ARRAY(char, pACL, mtInternal); |
751 } |
751 } |
752 |
752 |
753 // free the security descriptor |
753 // free the security descriptor |
754 FREE_C_HEAP_ARRAY(char, pSD); |
754 FREE_C_HEAP_ARRAY(char, pSD, mtInternal); |
755 } |
755 } |
756 } |
756 } |
757 |
757 |
758 // method to free up a security attributes structure and any |
758 // method to free up a security attributes structure and any |
759 // contained security descriptors and ACL |
759 // contained security descriptors and ACL |
764 // free the contained security descriptor and the ACL |
764 // free the contained security descriptor and the ACL |
765 free_security_desc(lpSA->lpSecurityDescriptor); |
765 free_security_desc(lpSA->lpSecurityDescriptor); |
766 lpSA->lpSecurityDescriptor = NULL; |
766 lpSA->lpSecurityDescriptor = NULL; |
767 |
767 |
768 // free the security attributes structure |
768 // free the security attributes structure |
769 FREE_C_HEAP_ARRAY(char, lpSA); |
769 FREE_C_HEAP_ARRAY(char, lpSA, mtInternal); |
770 } |
770 } |
771 } |
771 } |
772 |
772 |
773 // get the user SID for the process indicated by the process handle |
773 // get the user SID for the process indicated by the process handle |
774 // |
774 // |
803 CloseHandle(hAccessToken); |
803 CloseHandle(hAccessToken); |
804 return NULL; |
804 return NULL; |
805 } |
805 } |
806 } |
806 } |
807 |
807 |
808 token_buf = (PTOKEN_USER) NEW_C_HEAP_ARRAY(char, rsize); |
808 token_buf = (PTOKEN_USER) NEW_C_HEAP_ARRAY(char, rsize, mtInternal); |
809 |
809 |
810 // get the user token information |
810 // get the user token information |
811 if (!GetTokenInformation(hAccessToken, TokenUser, token_buf, rsize, &rsize)) { |
811 if (!GetTokenInformation(hAccessToken, TokenUser, token_buf, rsize, &rsize)) { |
812 if (PrintMiscellaneous && Verbose) { |
812 if (PrintMiscellaneous && Verbose) { |
813 warning("GetTokenInformation failure: lasterror = %d," |
813 warning("GetTokenInformation failure: lasterror = %d," |
814 " rsize = %d\n", GetLastError(), rsize); |
814 " rsize = %d\n", GetLastError(), rsize); |
815 } |
815 } |
816 FREE_C_HEAP_ARRAY(char, token_buf); |
816 FREE_C_HEAP_ARRAY(char, token_buf, mtInternal); |
817 CloseHandle(hAccessToken); |
817 CloseHandle(hAccessToken); |
818 return NULL; |
818 return NULL; |
819 } |
819 } |
820 |
820 |
821 DWORD nbytes = GetLengthSid(token_buf->User.Sid); |
821 DWORD nbytes = GetLengthSid(token_buf->User.Sid); |
822 PSID pSID = NEW_C_HEAP_ARRAY(char, nbytes); |
822 PSID pSID = NEW_C_HEAP_ARRAY(char, nbytes, mtInternal); |
823 |
823 |
824 if (!CopySid(nbytes, pSID, token_buf->User.Sid)) { |
824 if (!CopySid(nbytes, pSID, token_buf->User.Sid)) { |
825 if (PrintMiscellaneous && Verbose) { |
825 if (PrintMiscellaneous && Verbose) { |
826 warning("GetTokenInformation failure: lasterror = %d," |
826 warning("GetTokenInformation failure: lasterror = %d," |
827 " rsize = %d\n", GetLastError(), rsize); |
827 " rsize = %d\n", GetLastError(), rsize); |
828 } |
828 } |
829 FREE_C_HEAP_ARRAY(char, token_buf); |
829 FREE_C_HEAP_ARRAY(char, token_buf, mtInternal); |
830 FREE_C_HEAP_ARRAY(char, pSID); |
830 FREE_C_HEAP_ARRAY(char, pSID, mtInternal); |
831 CloseHandle(hAccessToken); |
831 CloseHandle(hAccessToken); |
832 return NULL; |
832 return NULL; |
833 } |
833 } |
834 |
834 |
835 // close the access token. |
835 // close the access token. |
836 CloseHandle(hAccessToken); |
836 CloseHandle(hAccessToken); |
837 FREE_C_HEAP_ARRAY(char, token_buf); |
837 FREE_C_HEAP_ARRAY(char, token_buf, mtInternal); |
838 |
838 |
839 return pSID; |
839 return pSID; |
840 } |
840 } |
841 |
841 |
842 // structure used to consolidate access control entry information |
842 // structure used to consolidate access control entry information |
910 assert(aces[i].pSid != 0, "pSid should not be 0"); |
910 assert(aces[i].pSid != 0, "pSid should not be 0"); |
911 newACLsize += GetLengthSid(aces[i].pSid); |
911 newACLsize += GetLengthSid(aces[i].pSid); |
912 } |
912 } |
913 |
913 |
914 // create the new ACL |
914 // create the new ACL |
915 newACL = (PACL) NEW_C_HEAP_ARRAY(char, newACLsize); |
915 newACL = (PACL) NEW_C_HEAP_ARRAY(char, newACLsize, mtInternal); |
916 |
916 |
917 if (!InitializeAcl(newACL, newACLsize, ACL_REVISION)) { |
917 if (!InitializeAcl(newACL, newACLsize, ACL_REVISION)) { |
918 if (PrintMiscellaneous && Verbose) { |
918 if (PrintMiscellaneous && Verbose) { |
919 warning("InitializeAcl failure: lasterror = %d \n", GetLastError()); |
919 warning("InitializeAcl failure: lasterror = %d \n", GetLastError()); |
920 } |
920 } |
921 FREE_C_HEAP_ARRAY(char, newACL); |
921 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
922 return false; |
922 return false; |
923 } |
923 } |
924 |
924 |
925 unsigned int ace_index = 0; |
925 unsigned int ace_index = 0; |
926 // copy any existing ACEs from the old ACL (if any) to the new ACL. |
926 // copy any existing ACEs from the old ACL (if any) to the new ACL. |
929 LPVOID ace; |
929 LPVOID ace; |
930 if (!GetAce(oldACL, ace_index, &ace)) { |
930 if (!GetAce(oldACL, ace_index, &ace)) { |
931 if (PrintMiscellaneous && Verbose) { |
931 if (PrintMiscellaneous && Verbose) { |
932 warning("InitializeAcl failure: lasterror = %d \n", GetLastError()); |
932 warning("InitializeAcl failure: lasterror = %d \n", GetLastError()); |
933 } |
933 } |
934 FREE_C_HEAP_ARRAY(char, newACL); |
934 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
935 return false; |
935 return false; |
936 } |
936 } |
937 if (((ACCESS_ALLOWED_ACE *)ace)->Header.AceFlags && INHERITED_ACE) { |
937 if (((ACCESS_ALLOWED_ACE *)ace)->Header.AceFlags && INHERITED_ACE) { |
938 // this is an inherited, allowed ACE; break from loop so we can |
938 // this is an inherited, allowed ACE; break from loop so we can |
939 // add the new access allowed, non-inherited ACE in the correct |
939 // add the new access allowed, non-inherited ACE in the correct |
956 if (!AddAce(newACL, ACL_REVISION, MAXDWORD, ace, |
956 if (!AddAce(newACL, ACL_REVISION, MAXDWORD, ace, |
957 ((PACE_HEADER)ace)->AceSize)) { |
957 ((PACE_HEADER)ace)->AceSize)) { |
958 if (PrintMiscellaneous && Verbose) { |
958 if (PrintMiscellaneous && Verbose) { |
959 warning("AddAce failure: lasterror = %d \n", GetLastError()); |
959 warning("AddAce failure: lasterror = %d \n", GetLastError()); |
960 } |
960 } |
961 FREE_C_HEAP_ARRAY(char, newACL); |
961 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
962 return false; |
962 return false; |
963 } |
963 } |
964 } |
964 } |
965 ace_index++; |
965 ace_index++; |
966 } |
966 } |
972 aces[i].mask, aces[i].pSid)) { |
972 aces[i].mask, aces[i].pSid)) { |
973 if (PrintMiscellaneous && Verbose) { |
973 if (PrintMiscellaneous && Verbose) { |
974 warning("AddAccessAllowedAce failure: lasterror = %d \n", |
974 warning("AddAccessAllowedAce failure: lasterror = %d \n", |
975 GetLastError()); |
975 GetLastError()); |
976 } |
976 } |
977 FREE_C_HEAP_ARRAY(char, newACL); |
977 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
978 return false; |
978 return false; |
979 } |
979 } |
980 } |
980 } |
981 |
981 |
982 // now copy the rest of the inherited ACEs from the old ACL |
982 // now copy the rest of the inherited ACEs from the old ACL |
987 LPVOID ace; |
987 LPVOID ace; |
988 if (!GetAce(oldACL, ace_index, &ace)) { |
988 if (!GetAce(oldACL, ace_index, &ace)) { |
989 if (PrintMiscellaneous && Verbose) { |
989 if (PrintMiscellaneous && Verbose) { |
990 warning("InitializeAcl failure: lasterror = %d \n", GetLastError()); |
990 warning("InitializeAcl failure: lasterror = %d \n", GetLastError()); |
991 } |
991 } |
992 FREE_C_HEAP_ARRAY(char, newACL); |
992 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
993 return false; |
993 return false; |
994 } |
994 } |
995 if (!AddAce(newACL, ACL_REVISION, MAXDWORD, ace, |
995 if (!AddAce(newACL, ACL_REVISION, MAXDWORD, ace, |
996 ((PACE_HEADER)ace)->AceSize)) { |
996 ((PACE_HEADER)ace)->AceSize)) { |
997 if (PrintMiscellaneous && Verbose) { |
997 if (PrintMiscellaneous && Verbose) { |
998 warning("AddAce failure: lasterror = %d \n", GetLastError()); |
998 warning("AddAce failure: lasterror = %d \n", GetLastError()); |
999 } |
999 } |
1000 FREE_C_HEAP_ARRAY(char, newACL); |
1000 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
1001 return false; |
1001 return false; |
1002 } |
1002 } |
1003 ace_index++; |
1003 ace_index++; |
1004 } |
1004 } |
1005 } |
1005 } |
1008 if (!SetSecurityDescriptorDacl(pSD, TRUE, newACL, FALSE)) { |
1008 if (!SetSecurityDescriptorDacl(pSD, TRUE, newACL, FALSE)) { |
1009 if (PrintMiscellaneous && Verbose) { |
1009 if (PrintMiscellaneous && Verbose) { |
1010 warning("SetSecurityDescriptorDacl failure:" |
1010 warning("SetSecurityDescriptorDacl failure:" |
1011 " lasterror = %d \n", GetLastError()); |
1011 " lasterror = %d \n", GetLastError()); |
1012 } |
1012 } |
1013 FREE_C_HEAP_ARRAY(char, newACL); |
1013 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
1014 return false; |
1014 return false; |
1015 } |
1015 } |
1016 |
1016 |
1017 // if running on windows 2000 or later, set the automatic inheritance |
1017 // if running on windows 2000 or later, set the automatic inheritance |
1018 // control flags. |
1018 // control flags. |
1028 SE_DACL_PROTECTED)) { |
1028 SE_DACL_PROTECTED)) { |
1029 if (PrintMiscellaneous && Verbose) { |
1029 if (PrintMiscellaneous && Verbose) { |
1030 warning("SetSecurityDescriptorControl failure:" |
1030 warning("SetSecurityDescriptorControl failure:" |
1031 " lasterror = %d \n", GetLastError()); |
1031 " lasterror = %d \n", GetLastError()); |
1032 } |
1032 } |
1033 FREE_C_HEAP_ARRAY(char, newACL); |
1033 FREE_C_HEAP_ARRAY(char, newACL, mtInternal); |
1034 return false; |
1034 return false; |
1035 } |
1035 } |
1036 } |
1036 } |
1037 // Note, the security descriptor maintains a reference to the newACL, not |
1037 // Note, the security descriptor maintains a reference to the newACL, not |
1038 // a copy of it. Therefore, the newACL is not freed here. It is freed when |
1038 // a copy of it. Therefore, the newACL is not freed here. It is freed when |
1052 // |
1052 // |
1053 static LPSECURITY_ATTRIBUTES make_security_attr(ace_data_t aces[], int count) { |
1053 static LPSECURITY_ATTRIBUTES make_security_attr(ace_data_t aces[], int count) { |
1054 |
1054 |
1055 // allocate space for a security descriptor |
1055 // allocate space for a security descriptor |
1056 PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR) |
1056 PSECURITY_DESCRIPTOR pSD = (PSECURITY_DESCRIPTOR) |
1057 NEW_C_HEAP_ARRAY(char, SECURITY_DESCRIPTOR_MIN_LENGTH); |
1057 NEW_C_HEAP_ARRAY(char, SECURITY_DESCRIPTOR_MIN_LENGTH, mtInternal); |
1058 |
1058 |
1059 // initialize the security descriptor |
1059 // initialize the security descriptor |
1060 if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION)) { |
1060 if (!InitializeSecurityDescriptor(pSD, SECURITY_DESCRIPTOR_REVISION)) { |
1061 if (PrintMiscellaneous && Verbose) { |
1061 if (PrintMiscellaneous && Verbose) { |
1062 warning("InitializeSecurityDescriptor failure: " |
1062 warning("InitializeSecurityDescriptor failure: " |
1074 |
1074 |
1075 // allocate and initialize the security attributes structure and |
1075 // allocate and initialize the security attributes structure and |
1076 // return it to the caller. |
1076 // return it to the caller. |
1077 // |
1077 // |
1078 LPSECURITY_ATTRIBUTES lpSA = (LPSECURITY_ATTRIBUTES) |
1078 LPSECURITY_ATTRIBUTES lpSA = (LPSECURITY_ATTRIBUTES) |
1079 NEW_C_HEAP_ARRAY(char, sizeof(SECURITY_ATTRIBUTES)); |
1079 NEW_C_HEAP_ARRAY(char, sizeof(SECURITY_ATTRIBUTES), mtInternal); |
1080 lpSA->nLength = sizeof(SECURITY_ATTRIBUTES); |
1080 lpSA->nLength = sizeof(SECURITY_ATTRIBUTES); |
1081 lpSA->lpSecurityDescriptor = pSD; |
1081 lpSA->lpSecurityDescriptor = pSD; |
1082 lpSA->bInheritHandle = FALSE; |
1082 lpSA->bInheritHandle = FALSE; |
1083 |
1083 |
1084 return(lpSA); |
1084 return(lpSA); |
1145 aces[2].mask = emask; |
1145 aces[2].mask = emask; |
1146 |
1146 |
1147 // create a security attributes structure with access control |
1147 // create a security attributes structure with access control |
1148 // entries as initialized above. |
1148 // entries as initialized above. |
1149 LPSECURITY_ATTRIBUTES lpSA = make_security_attr(aces, 3); |
1149 LPSECURITY_ATTRIBUTES lpSA = make_security_attr(aces, 3); |
1150 FREE_C_HEAP_ARRAY(char, aces[0].pSid); |
1150 FREE_C_HEAP_ARRAY(char, aces[0].pSid, mtInternal); |
1151 FreeSid(everybodySid); |
1151 FreeSid(everybodySid); |
1152 FreeSid(administratorsSid); |
1152 FreeSid(administratorsSid); |
1153 return(lpSA); |
1153 return(lpSA); |
1154 } |
1154 } |
1155 |
1155 |
1460 cleanup_sharedmem_resources(dirname); |
1460 cleanup_sharedmem_resources(dirname); |
1461 |
1461 |
1462 assert(((size != 0) && (size % os::vm_page_size() == 0)), |
1462 assert(((size != 0) && (size % os::vm_page_size() == 0)), |
1463 "unexpected PerfMemry region size"); |
1463 "unexpected PerfMemry region size"); |
1464 |
1464 |
1465 FREE_C_HEAP_ARRAY(char, user); |
1465 FREE_C_HEAP_ARRAY(char, user, mtInternal); |
1466 |
1466 |
1467 // create the shared memory resources |
1467 // create the shared memory resources |
1468 sharedmem_fileMapHandle = |
1468 sharedmem_fileMapHandle = |
1469 create_sharedmem_resources(dirname, filename, objectname, size); |
1469 create_sharedmem_resources(dirname, filename, objectname, size); |
1470 |
1470 |
1471 FREE_C_HEAP_ARRAY(char, filename); |
1471 FREE_C_HEAP_ARRAY(char, filename, mtInternal); |
1472 FREE_C_HEAP_ARRAY(char, objectname); |
1472 FREE_C_HEAP_ARRAY(char, objectname, mtInternal); |
1473 FREE_C_HEAP_ARRAY(char, dirname); |
1473 FREE_C_HEAP_ARRAY(char, dirname, mtInternal); |
1474 |
1474 |
1475 if (sharedmem_fileMapHandle == NULL) { |
1475 if (sharedmem_fileMapHandle == NULL) { |
1476 return NULL; |
1476 return NULL; |
1477 } |
1477 } |
1478 |
1478 |
1619 |
1619 |
1620 // since we don't follow symbolic links when creating the backing |
1620 // since we don't follow symbolic links when creating the backing |
1621 // store file, we also don't following them when attaching |
1621 // store file, we also don't following them when attaching |
1622 // |
1622 // |
1623 if (!is_directory_secure(dirname)) { |
1623 if (!is_directory_secure(dirname)) { |
1624 FREE_C_HEAP_ARRAY(char, dirname); |
1624 FREE_C_HEAP_ARRAY(char, dirname, mtInternal); |
1625 THROW_MSG(vmSymbols::java_lang_IllegalArgumentException(), |
1625 THROW_MSG(vmSymbols::java_lang_IllegalArgumentException(), |
1626 "Process not found"); |
1626 "Process not found"); |
1627 } |
1627 } |
1628 |
1628 |
1629 char* filename = get_sharedmem_filename(dirname, vmid); |
1629 char* filename = get_sharedmem_filename(dirname, vmid); |
1638 char* robjectname = NEW_RESOURCE_ARRAY(char, strlen(objectname) + 1); |
1638 char* robjectname = NEW_RESOURCE_ARRAY(char, strlen(objectname) + 1); |
1639 strcpy(rfilename, filename); |
1639 strcpy(rfilename, filename); |
1640 strcpy(robjectname, objectname); |
1640 strcpy(robjectname, objectname); |
1641 |
1641 |
1642 // free the c heap resources that are no longer needed |
1642 // free the c heap resources that are no longer needed |
1643 if (luser != user) FREE_C_HEAP_ARRAY(char, luser); |
1643 if (luser != user) FREE_C_HEAP_ARRAY(char, luser, mtInternal); |
1644 FREE_C_HEAP_ARRAY(char, dirname); |
1644 FREE_C_HEAP_ARRAY(char, dirname, mtInternal); |
1645 FREE_C_HEAP_ARRAY(char, filename); |
1645 FREE_C_HEAP_ARRAY(char, filename, mtInternal); |
1646 FREE_C_HEAP_ARRAY(char, objectname); |
1646 FREE_C_HEAP_ARRAY(char, objectname, mtInternal); |
1647 |
1647 |
1648 if (*sizep == 0) { |
1648 if (*sizep == 0) { |
1649 size = sharedmem_filesize(rfilename, CHECK); |
1649 size = sharedmem_filesize(rfilename, CHECK); |
1650 assert(size != 0, "unexpected size"); |
1650 assert(size != 0, "unexpected size"); |
1651 } |
1651 } |