From c3a0a3744636069f43197eb18245aaae89f568e5 Mon Sep 17 00:00:00 2001 From: "Jason A. Donenfeld" Date: Mon, 30 Sep 2019 17:07:47 +0200 Subject: [PATCH] Use newer x/sys/windows SecurityAttributes struct This struct now has a properly typed member, so use the properly typed functions with it. Also update the vendor directory and hope nothing explodes. Signed-off-by: Jason A. Donenfeld Signed-off-by: Sebastiaan van Stijn --- builder/dockerfile/internals_windows.go | 17 ++--------------- daemon/debugtrap_windows.go | 5 ++--- pkg/system/filesys_windows.go | 5 ++--- 3 files changed, 6 insertions(+), 21 deletions(-) diff --git a/builder/dockerfile/internals_windows.go b/builder/dockerfile/internals_windows.go index 9287703bb6..f4e18c9a4e 100644 --- a/builder/dockerfile/internals_windows.go +++ b/builder/dockerfile/internals_windows.go @@ -12,7 +12,6 @@ import ( "github.com/docker/docker/pkg/idtools" "github.com/docker/docker/pkg/jsonmessage" "github.com/docker/docker/pkg/system" - "github.com/pkg/errors" "golang.org/x/sys/windows" ) @@ -31,13 +30,7 @@ func getAccountIdentity(builder *Builder, accountName string, ctrRootPath string sid, err := windows.StringToSid(accountName) if err == nil { - accountSid, err := sid.String() - - if err != nil { - return idtools.Identity{SID: ""}, errors.Wrapf(err, "error converting SID to string") - } - - return idtools.Identity{SID: accountSid}, nil + return idtools.Identity{SID: sid.String()}, nil } } @@ -46,13 +39,7 @@ func getAccountIdentity(builder *Builder, accountName string, ctrRootPath string // If this is a SID that is built-in and hence the same across all systems then use that. if err == nil && (accType == windows.SidTypeAlias || accType == windows.SidTypeWellKnownGroup) { - accountSid, err := sid.String() - - if err != nil { - return idtools.Identity{SID: ""}, errors.Wrapf(err, "error converting SID to string") - } - - return idtools.Identity{SID: accountSid}, nil + return idtools.Identity{SID: sid.String()}, nil } // Check if the account name is one unique to containers. diff --git a/daemon/debugtrap_windows.go b/daemon/debugtrap_windows.go index 606d3ce955..1400661096 100644 --- a/daemon/debugtrap_windows.go +++ b/daemon/debugtrap_windows.go @@ -5,7 +5,6 @@ import ( "os" "unsafe" - winio "github.com/Microsoft/go-winio" "github.com/docker/docker/pkg/signal" "github.com/sirupsen/logrus" "golang.org/x/sys/windows" @@ -17,7 +16,7 @@ func (d *Daemon) setupDumpStackTrap(root string) { // signaled. ACL'd to builtin administrators and local system event := "Global\\stackdump-" + fmt.Sprint(os.Getpid()) ev, _ := windows.UTF16PtrFromString(event) - sd, err := winio.SddlToSecurityDescriptor("D:P(A;;GA;;;BA)(A;;GA;;;SY)") + sd, err := windows.SecurityDescriptorFromString("D:P(A;;GA;;;BA)(A;;GA;;;SY)") if err != nil { logrus.Errorf("failed to get security descriptor for debug stackdump event %s: %s", event, err.Error()) return @@ -25,7 +24,7 @@ func (d *Daemon) setupDumpStackTrap(root string) { var sa windows.SecurityAttributes sa.Length = uint32(unsafe.Sizeof(sa)) sa.InheritHandle = 1 - sa.SecurityDescriptor = uintptr(unsafe.Pointer(&sd[0])) + sa.SecurityDescriptor = sd h, err := windows.CreateEvent(&sa, 0, 0, ev) if h == 0 || err != nil { logrus.Errorf("failed to create debug stackdump event %s: %s", event, err.Error()) diff --git a/pkg/system/filesys_windows.go b/pkg/system/filesys_windows.go index 7cebd6efc0..e95902f3b1 100644 --- a/pkg/system/filesys_windows.go +++ b/pkg/system/filesys_windows.go @@ -11,7 +11,6 @@ import ( "time" "unsafe" - winio "github.com/Microsoft/go-winio" "golang.org/x/sys/windows" ) @@ -103,13 +102,13 @@ func mkdirall(path string, applyACL bool, sddl string) error { // and Local System. func mkdirWithACL(name string, sddl string) error { sa := windows.SecurityAttributes{Length: 0} - sd, err := winio.SddlToSecurityDescriptor(sddl) + sd, err := windows.SecurityDescriptorFromString(sddl) if err != nil { return &os.PathError{Op: "mkdir", Path: name, Err: err} } sa.Length = uint32(unsafe.Sizeof(sa)) sa.InheritHandle = 1 - sa.SecurityDescriptor = uintptr(unsafe.Pointer(&sd[0])) + sa.SecurityDescriptor = sd namep, err := windows.UTF16PtrFromString(name) if err != nil {