summaryrefslogtreecommitdiff
path: root/vendor/github.com/Microsoft/go-winio/pipe.go
diff options
context:
space:
mode:
authorMiloslav Trmač <mitr@redhat.com>2019-10-01 22:15:58 +0200
committerMiloslav Trmač <mitr@redhat.com>2019-10-04 20:18:23 +0200
commitd3f59bedb393521986e645bc48c47938f321b643 (patch)
treec61aa40e008b7fcb371d899880a4afd1714f50af /vendor/github.com/Microsoft/go-winio/pipe.go
parentbd08fc0e9b3a9943008585879877b68789e38c31 (diff)
downloadpodman-d3f59bedb393521986e645bc48c47938f321b643.tar.gz
podman-d3f59bedb393521986e645bc48c47938f321b643.tar.bz2
podman-d3f59bedb393521986e645bc48c47938f321b643.zip
Update c/image to v4.0.1 and buildah to 1.11.3
This requires updating all import paths throughout, and a matching buildah update to interoperate. I can't figure out the reason for go.mod tracking github.com/containers/image v3.0.2+incompatible // indirect ((go mod graph) lists it as a direct dependency of libpod, but (go list -json -m all) lists it as an indirect dependency), but at least looking at the vendor subdirectory, it doesn't seem to be actually used in the built binaries. Signed-off-by: Miloslav Trmač <mitr@redhat.com>
Diffstat (limited to 'vendor/github.com/Microsoft/go-winio/pipe.go')
-rw-r--r--vendor/github.com/Microsoft/go-winio/pipe.go231
1 files changed, 160 insertions, 71 deletions
diff --git a/vendor/github.com/Microsoft/go-winio/pipe.go b/vendor/github.com/Microsoft/go-winio/pipe.go
index d99eedb64..d6a46f6a2 100644
--- a/vendor/github.com/Microsoft/go-winio/pipe.go
+++ b/vendor/github.com/Microsoft/go-winio/pipe.go
@@ -3,10 +3,13 @@
package winio
import (
+ "context"
"errors"
+ "fmt"
"io"
"net"
"os"
+ "runtime"
"syscall"
"time"
"unsafe"
@@ -18,6 +21,48 @@ import (
//sys getNamedPipeInfo(pipe syscall.Handle, flags *uint32, outSize *uint32, inSize *uint32, maxInstances *uint32) (err error) = GetNamedPipeInfo
//sys getNamedPipeHandleState(pipe syscall.Handle, state *uint32, curInstances *uint32, maxCollectionCount *uint32, collectDataTimeout *uint32, userName *uint16, maxUserNameSize uint32) (err error) = GetNamedPipeHandleStateW
//sys localAlloc(uFlags uint32, length uint32) (ptr uintptr) = LocalAlloc
+//sys ntCreateNamedPipeFile(pipe *syscall.Handle, access uint32, oa *objectAttributes, iosb *ioStatusBlock, share uint32, disposition uint32, options uint32, typ uint32, readMode uint32, completionMode uint32, maxInstances uint32, inboundQuota uint32, outputQuota uint32, timeout *int64) (status ntstatus) = ntdll.NtCreateNamedPipeFile
+//sys rtlNtStatusToDosError(status ntstatus) (winerr error) = ntdll.RtlNtStatusToDosErrorNoTeb
+//sys rtlDosPathNameToNtPathName(name *uint16, ntName *unicodeString, filePart uintptr, reserved uintptr) (status ntstatus) = ntdll.RtlDosPathNameToNtPathName_U
+//sys rtlDefaultNpAcl(dacl *uintptr) (status ntstatus) = ntdll.RtlDefaultNpAcl
+
+type ioStatusBlock struct {
+ Status, Information uintptr
+}
+
+type objectAttributes struct {
+ Length uintptr
+ RootDirectory uintptr
+ ObjectName *unicodeString
+ Attributes uintptr
+ SecurityDescriptor *securityDescriptor
+ SecurityQoS uintptr
+}
+
+type unicodeString struct {
+ Length uint16
+ MaximumLength uint16
+ Buffer uintptr
+}
+
+type securityDescriptor struct {
+ Revision byte
+ Sbz1 byte
+ Control uint16
+ Owner uintptr
+ Group uintptr
+ Sacl uintptr
+ Dacl uintptr
+}
+
+type ntstatus int32
+
+func (status ntstatus) Err() error {
+ if status >= 0 {
+ return nil
+ }
+ return rtlNtStatusToDosError(status)
+}
const (
cERROR_PIPE_BUSY = syscall.Errno(231)
@@ -25,21 +70,20 @@ const (
cERROR_PIPE_CONNECTED = syscall.Errno(535)
cERROR_SEM_TIMEOUT = syscall.Errno(121)
- cPIPE_ACCESS_DUPLEX = 0x3
- cFILE_FLAG_FIRST_PIPE_INSTANCE = 0x80000
- cSECURITY_SQOS_PRESENT = 0x100000
- cSECURITY_ANONYMOUS = 0
+ cSECURITY_SQOS_PRESENT = 0x100000
+ cSECURITY_ANONYMOUS = 0
- cPIPE_REJECT_REMOTE_CLIENTS = 0x8
+ cPIPE_TYPE_MESSAGE = 4
- cPIPE_UNLIMITED_INSTANCES = 255
+ cPIPE_READMODE_MESSAGE = 2
- cNMPWAIT_USE_DEFAULT_WAIT = 0
- cNMPWAIT_NOWAIT = 1
+ cFILE_OPEN = 1
+ cFILE_CREATE = 2
- cPIPE_TYPE_MESSAGE = 4
+ cFILE_PIPE_MESSAGE_TYPE = 1
+ cFILE_PIPE_REJECT_REMOTE_CLIENTS = 2
- cPIPE_READMODE_MESSAGE = 2
+ cSE_DACL_PRESENT = 4
)
var (
@@ -137,9 +181,30 @@ func (s pipeAddress) String() string {
return string(s)
}
+// tryDialPipe attempts to dial the pipe at `path` until `ctx` cancellation or timeout.
+func tryDialPipe(ctx context.Context, path *string) (syscall.Handle, error) {
+ for {
+ select {
+ case <-ctx.Done():
+ return syscall.Handle(0), ctx.Err()
+ default:
+ h, err := createFile(*path, syscall.GENERIC_READ|syscall.GENERIC_WRITE, 0, nil, syscall.OPEN_EXISTING, syscall.FILE_FLAG_OVERLAPPED|cSECURITY_SQOS_PRESENT|cSECURITY_ANONYMOUS, 0)
+ if err == nil {
+ return h, nil
+ }
+ if err != cERROR_PIPE_BUSY {
+ return h, &os.PathError{Err: err, Op: "open", Path: *path}
+ }
+ // Wait 10 msec and try again. This is a rather simplistic
+ // view, as we always try each 10 milliseconds.
+ time.Sleep(time.Millisecond * 10)
+ }
+ }
+}
+
// DialPipe connects to a named pipe by path, timing out if the connection
// takes longer than the specified duration. If timeout is nil, then we use
-// a default timeout of 5 seconds. (We do not use WaitNamedPipe.)
+// a default timeout of 2 seconds. (We do not use WaitNamedPipe.)
func DialPipe(path string, timeout *time.Duration) (net.Conn, error) {
var absTimeout time.Time
if timeout != nil {
@@ -147,23 +212,22 @@ func DialPipe(path string, timeout *time.Duration) (net.Conn, error) {
} else {
absTimeout = time.Now().Add(time.Second * 2)
}
+ ctx, _ := context.WithDeadline(context.Background(), absTimeout)
+ conn, err := DialPipeContext(ctx, path)
+ if err == context.DeadlineExceeded {
+ return nil, ErrTimeout
+ }
+ return conn, err
+}
+
+// DialPipeContext attempts to connect to a named pipe by `path` until `ctx`
+// cancellation or timeout.
+func DialPipeContext(ctx context.Context, path string) (net.Conn, error) {
var err error
var h syscall.Handle
- for {
- h, err = createFile(path, syscall.GENERIC_READ|syscall.GENERIC_WRITE, 0, nil, syscall.OPEN_EXISTING, syscall.FILE_FLAG_OVERLAPPED|cSECURITY_SQOS_PRESENT|cSECURITY_ANONYMOUS, 0)
- if err != cERROR_PIPE_BUSY {
- break
- }
- if time.Now().After(absTimeout) {
- return nil, ErrTimeout
- }
-
- // Wait 10 msec and try again. This is a rather simplistic
- // view, as we always try each 10 milliseconds.
- time.Sleep(time.Millisecond * 10)
- }
+ h, err = tryDialPipe(ctx, &path)
if err != nil {
- return nil, &os.PathError{Op: "open", Path: path, Err: err}
+ return nil, err
}
var flags uint32
@@ -194,43 +258,87 @@ type acceptResponse struct {
}
type win32PipeListener struct {
- firstHandle syscall.Handle
- path string
- securityDescriptor []byte
- config PipeConfig
- acceptCh chan (chan acceptResponse)
- closeCh chan int
- doneCh chan int
+ firstHandle syscall.Handle
+ path string
+ config PipeConfig
+ acceptCh chan (chan acceptResponse)
+ closeCh chan int
+ doneCh chan int
}
-func makeServerPipeHandle(path string, securityDescriptor []byte, c *PipeConfig, first bool) (syscall.Handle, error) {
- var flags uint32 = cPIPE_ACCESS_DUPLEX | syscall.FILE_FLAG_OVERLAPPED
+func makeServerPipeHandle(path string, sd []byte, c *PipeConfig, first bool) (syscall.Handle, error) {
+ path16, err := syscall.UTF16FromString(path)
+ if err != nil {
+ return 0, &os.PathError{Op: "open", Path: path, Err: err}
+ }
+
+ var oa objectAttributes
+ oa.Length = unsafe.Sizeof(oa)
+
+ var ntPath unicodeString
+ if err := rtlDosPathNameToNtPathName(&path16[0], &ntPath, 0, 0).Err(); err != nil {
+ return 0, &os.PathError{Op: "open", Path: path, Err: err}
+ }
+ defer localFree(ntPath.Buffer)
+ oa.ObjectName = &ntPath
+
+ // The security descriptor is only needed for the first pipe.
if first {
- flags |= cFILE_FLAG_FIRST_PIPE_INSTANCE
+ if sd != nil {
+ len := uint32(len(sd))
+ sdb := localAlloc(0, len)
+ defer localFree(sdb)
+ copy((*[0xffff]byte)(unsafe.Pointer(sdb))[:], sd)
+ oa.SecurityDescriptor = (*securityDescriptor)(unsafe.Pointer(sdb))
+ } else {
+ // Construct the default named pipe security descriptor.
+ var dacl uintptr
+ if err := rtlDefaultNpAcl(&dacl).Err(); err != nil {
+ return 0, fmt.Errorf("getting default named pipe ACL: %s", err)
+ }
+ defer localFree(dacl)
+
+ sdb := &securityDescriptor{
+ Revision: 1,
+ Control: cSE_DACL_PRESENT,
+ Dacl: dacl,
+ }
+ oa.SecurityDescriptor = sdb
+ }
}
- var mode uint32 = cPIPE_REJECT_REMOTE_CLIENTS
+ typ := uint32(cFILE_PIPE_REJECT_REMOTE_CLIENTS)
if c.MessageMode {
- mode |= cPIPE_TYPE_MESSAGE
+ typ |= cFILE_PIPE_MESSAGE_TYPE
}
- sa := &syscall.SecurityAttributes{}
- sa.Length = uint32(unsafe.Sizeof(*sa))
- if securityDescriptor != nil {
- len := uint32(len(securityDescriptor))
- sa.SecurityDescriptor = localAlloc(0, len)
- defer localFree(sa.SecurityDescriptor)
- copy((*[0xffff]byte)(unsafe.Pointer(sa.SecurityDescriptor))[:], securityDescriptor)
+ disposition := uint32(cFILE_OPEN)
+ access := uint32(syscall.GENERIC_READ | syscall.GENERIC_WRITE | syscall.SYNCHRONIZE)
+ if first {
+ disposition = cFILE_CREATE
+ // By not asking for read or write access, the named pipe file system
+ // will put this pipe into an initially disconnected state, blocking
+ // client connections until the next call with first == false.
+ access = syscall.SYNCHRONIZE
}
- h, err := createNamedPipe(path, flags, mode, cPIPE_UNLIMITED_INSTANCES, uint32(c.OutputBufferSize), uint32(c.InputBufferSize), 0, sa)
+
+ timeout := int64(-50 * 10000) // 50ms
+
+ var (
+ h syscall.Handle
+ iosb ioStatusBlock
+ )
+ err = ntCreateNamedPipeFile(&h, access, &oa, &iosb, syscall.FILE_SHARE_READ|syscall.FILE_SHARE_WRITE, disposition, 0, typ, 0, 0, 0xffffffff, uint32(c.InputBufferSize), uint32(c.OutputBufferSize), &timeout).Err()
if err != nil {
return 0, &os.PathError{Op: "open", Path: path, Err: err}
}
+
+ runtime.KeepAlive(ntPath)
return h, nil
}
func (l *win32PipeListener) makeServerPipe() (*win32File, error) {
- h, err := makeServerPipeHandle(l.path, l.securityDescriptor, &l.config, false)
+ h, err := makeServerPipeHandle(l.path, nil, &l.config, false)
if err != nil {
return nil, err
}
@@ -341,32 +449,13 @@ func ListenPipe(path string, c *PipeConfig) (net.Listener, error) {
if err != nil {
return nil, err
}
- // Create a client handle and connect it. This results in the pipe
- // instance always existing, so that clients see ERROR_PIPE_BUSY
- // rather than ERROR_FILE_NOT_FOUND. This ties the first instance
- // up so that no other instances can be used. This would have been
- // cleaner if the Win32 API matched CreateFile with ConnectNamedPipe
- // instead of CreateNamedPipe. (Apparently created named pipes are
- // considered to be in listening state regardless of whether any
- // active calls to ConnectNamedPipe are outstanding.)
- h2, err := createFile(path, 0, 0, nil, syscall.OPEN_EXISTING, cSECURITY_SQOS_PRESENT|cSECURITY_ANONYMOUS, 0)
- if err != nil {
- syscall.Close(h)
- return nil, err
- }
- // Close the client handle. The server side of the instance will
- // still be busy, leading to ERROR_PIPE_BUSY instead of
- // ERROR_NOT_FOUND, as long as we don't close the server handle,
- // or disconnect the client with DisconnectNamedPipe.
- syscall.Close(h2)
l := &win32PipeListener{
- firstHandle: h,
- path: path,
- securityDescriptor: sd,
- config: *c,
- acceptCh: make(chan (chan acceptResponse)),
- closeCh: make(chan int),
- doneCh: make(chan int),
+ firstHandle: h,
+ path: path,
+ config: *c,
+ acceptCh: make(chan (chan acceptResponse)),
+ closeCh: make(chan int),
+ doneCh: make(chan int),
}
go l.listenerRoutine()
return l, nil