Cygwin: get/set security descriptors using FILE_OPEN_NO_RECALL

Add FILE_OPEN_NO_RECALL to NtOpenFile calls trying to fetch or write file security descriptors so as not to recall them from offline storage inadvertently. Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
2 years ago · 2100c6ef0d
1 changed files with 6 additions and 3 deletions
--- a/winsup/cygwin/sec/base.cc
+++ b/winsup/cygwin/sec/base.cc
@ -65,7 +65,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd,
 			   fh ? pc.init_reopen_attr (attr, fh)
 			      : pc.get_object_attr (attr, sec_none_nih),
 			   &io, FILE_SHARE_VALID_FLAGS,
-			   FILE_OPEN_FOR_BACKUP_INTENT
+			   FILE_OPEN_NO_RECALL
+			   | FILE_OPEN_FOR_BACKUP_INTENT
 			   | pc.is_known_reparse_point ()
 			   ? FILE_OPEN_REPARSE_POINT : 0);
      if (!NT_SUCCESS (status))
@ -129,7 +130,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd,
 				  NULL, NULL);
      status = NtOpenFile (&fh, READ_CONTROL, &attr, &io,
 			   FILE_SHARE_VALID_FLAGS,
-			   FILE_OPEN_FOR_BACKUP_INTENT
+			   FILE_OPEN_NO_RECALL
+			   | FILE_OPEN_FOR_BACKUP_INTENT
 			   | FILE_OPEN_REPARSE_POINT);
      if (!NT_SUCCESS (status))
 	{
@ -234,7 +236,8 @@ set_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, bool is_chown)
 				  : pc.get_object_attr (attr, sec_none_nih),
 			       &io,
 			       FILE_SHARE_VALID_FLAGS,
-			       FILE_OPEN_FOR_BACKUP_INTENT
+			       FILE_OPEN_NO_RECALL
+			       | FILE_OPEN_FOR_BACKUP_INTENT
 			       | pc.is_known_reparse_point ()
 			       ? FILE_OPEN_REPARSE_POINT : 0);
 	  if (!NT_SUCCESS (status))