github.com/demonoid81/moby@v0.0.0-20200517203328-62dd8e17c460/pkg/system/syscall_windows.go (about)

     1  package system // import "github.com/demonoid81/moby/pkg/system"
     2  
     3  import (
     4  	"syscall"
     5  	"unsafe"
     6  
     7  	"github.com/Microsoft/hcsshim/osversion"
     8  	"github.com/sirupsen/logrus"
     9  	"golang.org/x/sys/windows"
    10  )
    11  
    12  const (
    13  	OWNER_SECURITY_INFORMATION               = windows.OWNER_SECURITY_INFORMATION     // Deprecated: use golang.org/x/sys/windows.OWNER_SECURITY_INFORMATION
    14  	GROUP_SECURITY_INFORMATION               = windows.GROUP_SECURITY_INFORMATION     // Deprecated: use golang.org/x/sys/windows.GROUP_SECURITY_INFORMATION
    15  	DACL_SECURITY_INFORMATION                = windows.DACL_SECURITY_INFORMATION      // Deprecated: use golang.org/x/sys/windows.DACL_SECURITY_INFORMATION
    16  	SACL_SECURITY_INFORMATION                = windows.SACL_SECURITY_INFORMATION      // Deprecated: use golang.org/x/sys/windows.SACL_SECURITY_INFORMATION
    17  	LABEL_SECURITY_INFORMATION               = windows.LABEL_SECURITY_INFORMATION     // Deprecated: use golang.org/x/sys/windows.LABEL_SECURITY_INFORMATION
    18  	ATTRIBUTE_SECURITY_INFORMATION           = windows.ATTRIBUTE_SECURITY_INFORMATION // Deprecated: use golang.org/x/sys/windows.ATTRIBUTE_SECURITY_INFORMATION
    19  	SCOPE_SECURITY_INFORMATION               = windows.SCOPE_SECURITY_INFORMATION     // Deprecated: use golang.org/x/sys/windows.SCOPE_SECURITY_INFORMATION
    20  	PROCESS_TRUST_LABEL_SECURITY_INFORMATION = 0x00000080
    21  	ACCESS_FILTER_SECURITY_INFORMATION       = 0x00000100
    22  	BACKUP_SECURITY_INFORMATION              = windows.BACKUP_SECURITY_INFORMATION           // Deprecated: use golang.org/x/sys/windows.BACKUP_SECURITY_INFORMATION
    23  	PROTECTED_DACL_SECURITY_INFORMATION      = windows.PROTECTED_DACL_SECURITY_INFORMATION   // Deprecated: use golang.org/x/sys/windows.PROTECTED_DACL_SECURITY_INFORMATION
    24  	PROTECTED_SACL_SECURITY_INFORMATION      = windows.PROTECTED_SACL_SECURITY_INFORMATION   // Deprecated: use golang.org/x/sys/windows.PROTECTED_SACL_SECURITY_INFORMATION
    25  	UNPROTECTED_DACL_SECURITY_INFORMATION    = windows.UNPROTECTED_DACL_SECURITY_INFORMATION // Deprecated: use golang.org/x/sys/windows.UNPROTECTED_DACL_SECURITY_INFORMATION
    26  	UNPROTECTED_SACL_SECURITY_INFORMATION    = windows.UNPROTECTED_SACL_SECURITY_INFORMATION // Deprecated: use golang.org/x/sys/windows.UNPROTECTED_SACL_SECURITY_INFORMATION
    27  )
    28  
    29  const (
    30  	SE_UNKNOWN_OBJECT_TYPE     = windows.SE_UNKNOWN_OBJECT_TYPE     // Deprecated: use golang.org/x/sys/windows.SE_UNKNOWN_OBJECT_TYPE
    31  	SE_FILE_OBJECT             = windows.SE_FILE_OBJECT             // Deprecated: use golang.org/x/sys/windows.SE_FILE_OBJECT
    32  	SE_SERVICE                 = windows.SE_SERVICE                 // Deprecated: use golang.org/x/sys/windows.SE_SERVICE
    33  	SE_PRINTER                 = windows.SE_PRINTER                 // Deprecated: use golang.org/x/sys/windows.SE_PRINTER
    34  	SE_REGISTRY_KEY            = windows.SE_REGISTRY_KEY            // Deprecated: use golang.org/x/sys/windows.SE_REGISTRY_KEY
    35  	SE_LMSHARE                 = windows.SE_LMSHARE                 // Deprecated: use golang.org/x/sys/windows.SE_LMSHARE
    36  	SE_KERNEL_OBJECT           = windows.SE_KERNEL_OBJECT           // Deprecated: use golang.org/x/sys/windows.SE_KERNEL_OBJECT
    37  	SE_WINDOW_OBJECT           = windows.SE_WINDOW_OBJECT           // Deprecated: use golang.org/x/sys/windows.SE_WINDOW_OBJECT
    38  	SE_DS_OBJECT               = windows.SE_DS_OBJECT               // Deprecated: use golang.org/x/sys/windows.SE_DS_OBJECT
    39  	SE_DS_OBJECT_ALL           = windows.SE_DS_OBJECT_ALL           // Deprecated: use golang.org/x/sys/windows.SE_DS_OBJECT_ALL
    40  	SE_PROVIDER_DEFINED_OBJECT = windows.SE_PROVIDER_DEFINED_OBJECT // Deprecated: use golang.org/x/sys/windows.SE_PROVIDER_DEFINED_OBJECT
    41  	SE_WMIGUID_OBJECT          = windows.SE_WMIGUID_OBJECT          // Deprecated: use golang.org/x/sys/windows.SE_WMIGUID_OBJECT
    42  	SE_REGISTRY_WOW64_32KEY    = windows.SE_REGISTRY_WOW64_32KEY    // Deprecated: use golang.org/x/sys/windows.SE_REGISTRY_WOW64_32KEY
    43  )
    44  
    45  const (
    46  	SeTakeOwnershipPrivilege = "SeTakeOwnershipPrivilege"
    47  )
    48  
    49  const (
    50  	ContainerAdministratorSidString = "S-1-5-93-2-1"
    51  	ContainerUserSidString          = "S-1-5-93-2-2"
    52  )
    53  
    54  var (
    55  	ntuserApiset                  = windows.NewLazyDLL("ext-ms-win-ntuser-window-l1-1-0")
    56  	modadvapi32                   = windows.NewLazySystemDLL("advapi32.dll")
    57  	procGetVersionExW             = modkernel32.NewProc("GetVersionExW")
    58  	procSetNamedSecurityInfo      = modadvapi32.NewProc("SetNamedSecurityInfoW")
    59  	procGetSecurityDescriptorDacl = modadvapi32.NewProc("GetSecurityDescriptorDacl")
    60  )
    61  
    62  // OSVersion is a wrapper for Windows version information
    63  // https://msdn.microsoft.com/en-us/library/windows/desktop/ms724439(v=vs.85).aspx
    64  type OSVersion = osversion.OSVersion
    65  
    66  // https://msdn.microsoft.com/en-us/library/windows/desktop/ms724833(v=vs.85).aspx
    67  // TODO: use golang.org/x/sys/windows.OsVersionInfoEx (needs OSVersionInfoSize to be exported)
    68  type osVersionInfoEx struct {
    69  	OSVersionInfoSize uint32
    70  	MajorVersion      uint32
    71  	MinorVersion      uint32
    72  	BuildNumber       uint32
    73  	PlatformID        uint32
    74  	CSDVersion        [128]uint16
    75  	ServicePackMajor  uint16
    76  	ServicePackMinor  uint16
    77  	SuiteMask         uint16
    78  	ProductType       byte
    79  	Reserve           byte
    80  }
    81  
    82  // GetOSVersion gets the operating system version on Windows. Note that
    83  // dockerd.exe must be manifested to get the correct version information.
    84  // Deprecated: use github.com/Microsoft/hcsshim/osversion.Get() instead
    85  func GetOSVersion() OSVersion {
    86  	return osversion.Get()
    87  }
    88  
    89  // IsWindowsClient returns true if the SKU is client
    90  func IsWindowsClient() bool {
    91  	osviex := &osVersionInfoEx{OSVersionInfoSize: 284}
    92  	r1, _, err := procGetVersionExW.Call(uintptr(unsafe.Pointer(osviex)))
    93  	if r1 == 0 {
    94  		logrus.Warnf("GetVersionExW failed - assuming server SKU: %v", err)
    95  		return false
    96  	}
    97  	const verNTWorkstation = 0x00000001
    98  	return osviex.ProductType == verNTWorkstation
    99  }
   100  
   101  // Unmount is a platform-specific helper function to call
   102  // the unmount syscall. Not supported on Windows
   103  func Unmount(_ string) error {
   104  	return nil
   105  }
   106  
   107  // HasWin32KSupport determines whether containers that depend on win32k can
   108  // run on this machine. Win32k is the driver used to implement windowing.
   109  func HasWin32KSupport() bool {
   110  	// For now, check for ntuser API support on the host. In the future, a host
   111  	// may support win32k in containers even if the host does not support ntuser
   112  	// APIs.
   113  	return ntuserApiset.Load() == nil
   114  }
   115  
   116  // Deprecated: use golang.org/x/sys/windows.SetNamedSecurityInfo()
   117  func SetNamedSecurityInfo(objectName *uint16, objectType uint32, securityInformation uint32, sidOwner *windows.SID, sidGroup *windows.SID, dacl *byte, sacl *byte) (result error) {
   118  	r0, _, _ := syscall.Syscall9(procSetNamedSecurityInfo.Addr(), 7, uintptr(unsafe.Pointer(objectName)), uintptr(objectType), uintptr(securityInformation), uintptr(unsafe.Pointer(sidOwner)), uintptr(unsafe.Pointer(sidGroup)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(sacl)), 0, 0)
   119  	if r0 != 0 {
   120  		result = syscall.Errno(r0)
   121  	}
   122  	return
   123  }
   124  
   125  // Deprecated: uses golang.org/x/sys/windows.SecurityDescriptorFromString() and golang.org/x/sys/windows.SECURITY_DESCRIPTOR.DACL()
   126  func GetSecurityDescriptorDacl(securityDescriptor *byte, daclPresent *uint32, dacl **byte, daclDefaulted *uint32) (result error) {
   127  	r1, _, e1 := syscall.Syscall6(procGetSecurityDescriptorDacl.Addr(), 4, uintptr(unsafe.Pointer(securityDescriptor)), uintptr(unsafe.Pointer(daclPresent)), uintptr(unsafe.Pointer(dacl)), uintptr(unsafe.Pointer(daclDefaulted)), 0, 0)
   128  	if r1 == 0 {
   129  		if e1 != 0 {
   130  			result = e1
   131  		} else {
   132  			result = syscall.EINVAL
   133  		}
   134  	}
   135  	return
   136  }