From 6274fc5f5ed971a81ee6ff30c0ed72b58ac4ce66 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Tue, 7 May 2019 08:15:39 +0200 Subject: ringlogger: export R/O handle for UI process --- main.go | 2 -- ringlogger/ringlogger_windows.go | 52 ++++++++++++++++++++++++---------------- service/securityapi.go | 2 +- service/service_manager.go | 3 ++- 4 files changed, 35 insertions(+), 24 deletions(-) diff --git a/main.go b/main.go index c68118a8..18b83e92 100644 --- a/main.go +++ b/main.go @@ -11,7 +11,6 @@ import ( "golang.zx2c4.com/wireguard/windows/ringlogger" "golang.zx2c4.com/wireguard/windows/service" "golang.zx2c4.com/wireguard/windows/ui" - "log" "os" "strconv" "strings" @@ -175,7 +174,6 @@ func main() { if err != nil { fatal(err) } - log.SetOutput(ringlogger.Global) service.InitializeIPCClient(readPipe, writePipe, eventPipe) ui.RunUI() return diff --git a/ringlogger/ringlogger_windows.go b/ringlogger/ringlogger_windows.go index 1e0b4b76..4c142e6a 100644 --- a/ringlogger/ringlogger_windows.go +++ b/ringlogger/ringlogger_windows.go @@ -36,10 +36,11 @@ type logMem struct { } type Ringlogger struct { - tag string - file *os.File - mapping windows.Handle - log *logMem + tag string + file *os.File + mapping windows.Handle + log *logMem + readOnly bool } func NewRinglogger(filename string, tag string) (*Ringlogger, error) { @@ -55,7 +56,7 @@ func NewRinglogger(filename string, tag string) (*Ringlogger, error) { if err != nil { return nil, err } - rl, err := NewRingloggerFromMappingHandle(mapping, tag) + rl, err := newRingloggerFromMappingHandle(mapping, tag, windows.FILE_MAP_WRITE) if err != nil { return nil, err } @@ -63,8 +64,16 @@ func NewRinglogger(filename string, tag string) (*Ringlogger, error) { return rl, nil } -func NewRingloggerFromMappingHandle(mappingHandle windows.Handle, tag string) (*Ringlogger, error) { - view, err := windows.MapViewOfFile(mappingHandle, windows.FILE_MAP_WRITE, 0, 0, 0) +func NewRingloggerFromInheritedMappingHandle(handleStr string, tag string) (*Ringlogger, error) { + handle, err := strconv.ParseUint(handleStr, 10, 64) + if err != nil { + return nil, err + } + return newRingloggerFromMappingHandle(windows.Handle(handle), tag, windows.FILE_MAP_READ) +} + +func newRingloggerFromMappingHandle(mappingHandle windows.Handle, tag string, access uint32) (*Ringlogger, error) { + view, err := windows.MapViewOfFile(mappingHandle, access, 0, 0, 0) if err != nil { return nil, err } @@ -83,23 +92,20 @@ func NewRingloggerFromMappingHandle(mappingHandle windows.Handle, tag string) (* } rl := &Ringlogger{ - tag: tag, - mapping: mappingHandle, - log: log, + tag: tag, + mapping: mappingHandle, + log: log, + readOnly: access&windows.FILE_MAP_WRITE == 0, } runtime.SetFinalizer(rl, (*Ringlogger).Close) return rl, nil } -func NewRingloggerFromInheritedMappingHandle(handleStr string, tag string) (*Ringlogger, error) { - handle, err := strconv.ParseUint(handleStr, 10, 64) - if err != nil { - return nil, err +func (rl *Ringlogger) Write(p []byte) (n int, err error) { + if rl.readOnly { + return 0, io.ErrShortWrite } - return NewRingloggerFromMappingHandle(windows.Handle(handle), tag) -} -func (rl *Ringlogger) Write(p []byte) (n int, err error) { // Race: This isn't synchronized with the fetch_add below, so items might be slightly out of order. ts := time.Now().UnixNano() @@ -219,11 +225,17 @@ func (rl *Ringlogger) Close() error { return nil } -func (rl *Ringlogger) ExportInheritableMappingHandleStr() (str string, err error) { - err = windows.SetHandleInformation(rl.mapping, windows.HANDLE_FLAG_INHERIT, windows.HANDLE_FLAG_INHERIT) +func (rl *Ringlogger) ExportInheritableMappingHandleStr() (str string, handleToClose windows.Handle, err error) { + handleToClose, err = windows.CreateFileMapping(windows.Handle(rl.file.Fd()), nil, windows.PAGE_READONLY, 0, 0, nil) + if err != nil { + return + } + err = windows.SetHandleInformation(handleToClose, windows.HANDLE_FLAG_INHERIT, windows.HANDLE_FLAG_INHERIT) if err != nil { + windows.Close(handleToClose) + handleToClose = 0 return } - str = strconv.FormatUint(uint64(rl.mapping), 10) + str = strconv.FormatUint(uint64(handleToClose), 10) return } diff --git a/service/securityapi.go b/service/securityapi.go index 6c5f7844..6373fd7c 100644 --- a/service/securityapi.go +++ b/service/securityapi.go @@ -154,4 +154,4 @@ func getCurrentSecurityAttributes() (*syscall.SecurityAttributes, error) { return nil, err } return securityAttributes, nil -} \ No newline at end of file +} diff --git a/service/service_manager.go b/service/service_manager.go index e8818ae4..e2ccf4c9 100644 --- a/service/service_manager.go +++ b/service/service_manager.go @@ -143,7 +143,7 @@ func (service *managerService) Execute(args []string, r <-chan svc.ChangeRequest log.Printf("Unable to listen on IPC pipes: %v", err) return } - theirLogMapping, err := ringlogger.Global.ExportInheritableMappingHandleStr() + theirLogMapping, theirLogMappingHandle, err := ringlogger.Global.ExportInheritableMappingHandleStr() if err != nil { log.Printf("Unable to export inheritable mapping handle for logging: %v", err) return @@ -173,6 +173,7 @@ func (service *managerService) Execute(args []string, r <-chan svc.ChangeRequest theirReader.Close() theirWriter.Close() theirEvents.Close() + windows.Close(theirLogMappingHandle) runtime.UnlockOSThread() if err != nil { log.Printf("Unable to start manager UI process: %v", err) -- cgit v1.2.3-59-g8ed1b