From aacc4f63d0f8d2d853e1834b27a13ac97ea1011b Mon Sep 17 00:00:00 2001 From: Corinna Vinschen Date: Tue, 15 Dec 2015 14:58:52 +0100 Subject: [PATCH] Drop has_mandatory_integrity_control flag --- winsup/cygwin/sec_auth.cc | 69 ++++++++++++++++++--------------------- winsup/cygwin/wincap.cc | 7 ---- winsup/cygwin/wincap.h | 2 -- 3 files changed, 31 insertions(+), 47 deletions(-) diff --git a/winsup/cygwin/sec_auth.cc b/winsup/cygwin/sec_auth.cc index 853a07fad..e8d1d9138 100644 --- a/winsup/cygwin/sec_auth.cc +++ b/winsup/cygwin/sec_auth.cc @@ -45,39 +45,36 @@ issetugid (void) static HANDLE get_full_privileged_inheritable_token (HANDLE token) { - if (wincap.has_mandatory_integrity_control ()) + TOKEN_LINKED_TOKEN linked; + ULONG size; + + /* When fetching the linked token without TCB privs, then the linked + token is not a primary token, only an impersonation token, which is + not suitable for CreateProcessAsUser. Converting it to a primary + token using DuplicateTokenEx does NOT work for the linked token in + this case. So we have to switch on TCB privs to get a primary token. + This is generally performed in the calling functions. */ + if (NT_SUCCESS (NtQueryInformationToken (token, TokenLinkedToken, + (PVOID) &linked, sizeof linked, + &size))) { - TOKEN_LINKED_TOKEN linked; - ULONG size; - - /* When fetching the linked token without TCB privs, then the linked - token is not a primary token, only an impersonation token, which is - not suitable for CreateProcessAsUser. Converting it to a primary - token using DuplicateTokenEx does NOT work for the linked token in - this case. So we have to switch on TCB privs to get a primary token. - This is generally performed in the calling functions. */ - if (NT_SUCCESS (NtQueryInformationToken (token, TokenLinkedToken, - (PVOID) &linked, sizeof linked, - &size))) + debug_printf ("Linked Token: %p", linked.LinkedToken); + if (linked.LinkedToken) { - debug_printf ("Linked Token: %p", linked.LinkedToken); - if (linked.LinkedToken) - { - TOKEN_TYPE type; + TOKEN_TYPE type; - /* At this point we don't know if the user actually had TCB - privileges. Check if the linked token is a primary token. - If not, just return the original token. */ - if (NT_SUCCESS (NtQueryInformationToken (linked.LinkedToken, - TokenType, (PVOID) &type, - sizeof type, &size)) - && type != TokenPrimary) - debug_printf ("Linked Token is not a primary token!"); - else - { - CloseHandle (token); - token = linked.LinkedToken; - } + /* At this point we don't know if the user actually had TCB + privileges. Check if the linked token is a primary token. + If not, just return the original token. */ + if (NT_SUCCESS (NtQueryInformationToken (linked.LinkedToken, + TokenType, (PVOID) &type, + sizeof type, &size)) + && type != TokenPrimary) + debug_printf ("Linked Token is not a primary token!"); + else + { + CloseHandle (token); + token = linked.LinkedToken; } } } @@ -972,14 +969,10 @@ create_token (cygsid &usersid, user_groups &new_groups) &mandatory_integrity_sid))) goto out; - /* On systems supporting Mandatory Integrity Control, add the MIC SID. */ - if (wincap.has_mandatory_integrity_control ()) - { - new_tok_gsids->Groups[new_tok_gsids->GroupCount].Attributes = - SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED; - new_tok_gsids->Groups[new_tok_gsids->GroupCount++].Sid - = mandatory_integrity_sid; - } + new_tok_gsids->Groups[new_tok_gsids->GroupCount].Attributes = + SE_GROUP_INTEGRITY | SE_GROUP_INTEGRITY_ENABLED; + new_tok_gsids->Groups[new_tok_gsids->GroupCount++].Sid + = mandatory_integrity_sid; /* Let's be heroic... */ status = NtCreateToken (&token, TOKEN_ALL_ACCESS, &oa, TokenImpersonation, diff --git a/winsup/cygwin/wincap.cc b/winsup/cygwin/wincap.cc index 4146ee4ba..3fd7a4ad3 100644 --- a/winsup/cygwin/wincap.cc +++ b/winsup/cygwin/wincap.cc @@ -21,7 +21,6 @@ wincaps wincap_xpsp2 __attribute__((section (".cygwin_dll_common"), shared)) = { def_guard_pages:1, max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, is_server:false, - has_mandatory_integrity_control:false, needs_count_in_si_lpres2:false, has_gaa_largeaddress_bug:false, has_transactions:false, @@ -52,7 +51,6 @@ wincaps wincap_2003 __attribute__((section (".cygwin_dll_common"), shared)) = { def_guard_pages:1, max_sys_priv:SE_CREATE_GLOBAL_PRIVILEGE, is_server:false, - has_mandatory_integrity_control:false, needs_count_in_si_lpres2:false, has_gaa_largeaddress_bug:false, has_transactions:false, @@ -83,7 +81,6 @@ wincaps wincap_vista __attribute__((section (".cygwin_dll_common"), shared)) = { def_guard_pages:1, max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, is_server:false, - has_mandatory_integrity_control:true, needs_count_in_si_lpres2:true, has_gaa_largeaddress_bug:true, has_transactions:true, @@ -114,7 +111,6 @@ wincaps wincap_7 __attribute__((section (".cygwin_dll_common"), shared)) = { def_guard_pages:1, max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, is_server:false, - has_mandatory_integrity_control:true, needs_count_in_si_lpres2:false, has_gaa_largeaddress_bug:true, has_transactions:true, @@ -145,7 +141,6 @@ wincaps wincap_8 __attribute__((section (".cygwin_dll_common"), shared)) = { def_guard_pages:2, max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, is_server:false, - has_mandatory_integrity_control:true, needs_count_in_si_lpres2:false, has_gaa_largeaddress_bug:false, has_transactions:true, @@ -176,7 +171,6 @@ wincaps wincap_10 __attribute__((section (".cygwin_dll_common"), shared)) = { def_guard_pages:2, max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, is_server:false, - has_mandatory_integrity_control:true, needs_count_in_si_lpres2:false, has_gaa_largeaddress_bug:false, has_transactions:true, @@ -207,7 +201,6 @@ wincaps wincap_10_1511 __attribute__((section (".cygwin_dll_common"), shared)) = def_guard_pages:2, max_sys_priv:SE_CREATE_SYMBOLIC_LINK_PRIVILEGE, is_server:false, - has_mandatory_integrity_control:true, needs_count_in_si_lpres2:false, has_gaa_largeaddress_bug:false, has_transactions:true, diff --git a/winsup/cygwin/wincap.h b/winsup/cygwin/wincap.h index 4f60d11e6..441a11234 100644 --- a/winsup/cygwin/wincap.h +++ b/winsup/cygwin/wincap.h @@ -14,7 +14,6 @@ struct wincaps DWORD def_guard_pages; DWORD max_sys_priv; unsigned is_server : 1; - unsigned has_mandatory_integrity_control : 1; unsigned needs_count_in_si_lpres2 : 1; unsigned has_gaa_largeaddress_bug : 1; unsigned has_transactions : 1; @@ -70,7 +69,6 @@ public: } DWORD IMPLEMENT (max_sys_priv) bool IMPLEMENT (is_server) - bool IMPLEMENT (has_mandatory_integrity_control) bool IMPLEMENT (needs_count_in_si_lpres2) bool IMPLEMENT (has_gaa_largeaddress_bug) bool IMPLEMENT (has_transactions)