From: VMware, Inc <> Date: Mon, 15 Oct 2012 04:51:21 +0000 (-0700) Subject: Internal branch sync. Included in this change: X-Git-Tag: 2012.10.14-874563~30 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=730a632939663b3e16eb160b8158a99ea73bca0e;p=thirdparty%2Fopen-vm-tools.git Internal branch sync. Included in this change: . fixes in VIX plugin . define a new tools option "enableMessageBusTunnel" . formatting changes Signed-off-by: Dmitry Torokhov --- diff --git a/open-vm-tools/lib/include/vmware/guestrpc/tclodefs.h b/open-vm-tools/lib/include/vmware/guestrpc/tclodefs.h index 2974aa5ab..caf54313b 100644 --- a/open-vm-tools/lib/include/vmware/guestrpc/tclodefs.h +++ b/open-vm-tools/lib/include/vmware/guestrpc/tclodefs.h @@ -54,12 +54,13 @@ * Tools options. */ -#define TOOLSOPTION_COPYPASTE "copypaste" -#define TOOLSOPTION_AUTOHIDE "autohide" -#define TOOLSOPTION_BROADCASTIP "broadcastIP" -#define TOOLSOPTION_ENABLEDND "enableDnD" -#define TOOLSOPTION_MAP_ROOT_HGFS_SHARE "mapRootHgfsShare" -#define TOOLSOPTION_LINK_ROOT_HGFS_SHARE "linkRootHgfsShare" +#define TOOLSOPTION_COPYPASTE "copypaste" +#define TOOLSOPTION_AUTOHIDE "autohide" +#define TOOLSOPTION_BROADCASTIP "broadcastIP" +#define TOOLSOPTION_ENABLEDND "enableDnD" +#define TOOLSOPTION_MAP_ROOT_HGFS_SHARE "mapRootHgfsShare" +#define TOOLSOPTION_LINK_ROOT_HGFS_SHARE "linkRootHgfsShare" +#define TOOLSOPTION_ENABLE_MESSAGE_BUS_TUNNEL "enableMessageBusTunnel" /* * Auto-upgrade commands. diff --git a/open-vm-tools/modules/shared/vmxnet/vmnet_def.h b/open-vm-tools/modules/shared/vmxnet/vmnet_def.h index a18eabb3b..6963dbaf8 100644 --- a/open-vm-tools/modules/shared/vmxnet/vmnet_def.h +++ b/open-vm-tools/modules/shared/vmxnet/vmnet_def.h @@ -57,39 +57,57 @@ * (eg VLAN support is in the virtual switch) so even vlance * can use them */ -#define VMNET_CAP_SG 0x0001 /* Can do scatter-gather transmits. */ -#define VMNET_CAP_IP4_CSUM 0x0002 /* Can checksum only TCP/UDP over IPv4. */ -#define VMNET_CAP_HW_CSUM 0x0004 /* Can checksum all packets. */ -#define VMNET_CAP_HIGH_DMA 0x0008 /* Can DMA to high memory. */ -#define VMNET_CAP_TOE 0x0010 /* Supports TCP/IP offload. */ -#define VMNET_CAP_TSO 0x0020 /* Supports TCP Segmentation offload */ -#define VMNET_CAP_SW_TSO 0x0040 /* Supports SW TCP Segmentation */ -#define VMNET_CAP_VMXNET_APROM 0x0080 /* Vmxnet APROM support */ -#define VMNET_CAP_HW_TX_VLAN 0x0100 /* Can we do VLAN tagging in HW */ -#define VMNET_CAP_HW_RX_VLAN 0x0200 /* Can we do VLAN untagging in HW */ -#define VMNET_CAP_SW_VLAN 0x0400 /* Can we do VLAN tagging/untagging in SW */ -#define VMNET_CAP_WAKE_PCKT_RCV 0x0800 /* Can wake on network packet recv? */ -#define VMNET_CAP_ENABLE_INT_INLINE 0x1000 /* Enable Interrupt Inline */ -#define VMNET_CAP_ENABLE_HEADER_COPY 0x2000 /* copy header for vmkernel */ -#define VMNET_CAP_TX_CHAIN 0x4000 /* Guest can use multiple tx entries for a pkt */ -#define VMNET_CAP_RX_CHAIN 0x8000 /* a pkt can span multiple rx entries */ -#define VMNET_CAP_LPD 0x10000 /* large pkt delivery */ -#define VMNET_CAP_BPF 0x20000 /* BPF Support in VMXNET Virtual Hardware */ -#define VMNET_CAP_SG_SPAN_PAGES 0x40000 /* Can do scatter-gather span multiple pages transmits. */ -#define VMNET_CAP_IP6_CSUM 0x80000 /* Can do IPv6 csum offload. */ -#define VMNET_CAP_TSO6 0x100000 /* Can do TSO segmentation offload for IPv6 pkts. */ -#define VMNET_CAP_TSO256k 0x200000 /* Can do TSO segmentation offload for pkts up to 256kB. */ -#define VMNET_CAP_UPT 0x400000 /* Support UPT */ -#define VMNET_CAP_RDONLY_INETHDRS 0x800000 /* Modifies inet headers for TSO/CSUm */ -#define VMNET_CAP_ENCAP 0x1000000 /* NPA not used, so redefining for ENCAP support */ -#define VMNET_CAP_DCB 0x2000000 /* Support DCB */ -#define VMNET_CAP_OFFLOAD_8OFFSET 0x4000000 /* supports 8bit parameterized offsets */ -#define VMNET_CAP_OFFLOAD_16OFFSET 0x8000000 /* supports 16bit parameterized offsets */ -#define VMNET_CAP_IP6_CSUM_EXT_HDRS 0x10000000 /* support csum of ip6 ext hdrs */ -#define VMNET_CAP_TSO6_EXT_HDRS 0x20000000 /* support TSO for ip6 ext hdrs */ -#define VMNET_CAP_SCHED 0x40000000 /* compliant with network scheduling */ -#define VMNET_CAP_SRIOV 0x80000000 /* Supports SR-IOV */ +#define VMNET_CAP_SG 0x0001 /* Can do scatter-gather transmits. */ +#define VMNET_CAP_IP4_CSUM 0x0002 /* Can checksum only TCP/UDP over IPv4. */ +#define VMNET_CAP_HW_CSUM 0x0004 /* Can checksum all packets. */ +#define VMNET_CAP_HIGH_DMA 0x0008 /* Can DMA to high memory. */ +#define VMNET_CAP_TOE 0x0010 /* Supports TCP/IP offload. */ +#define VMNET_CAP_TSO 0x0020 /* Supports TCP Segmentation offload */ +#define VMNET_CAP_SW_TSO 0x0040 /* Supports SW TCP Segmentation */ +#define VMNET_CAP_VMXNET_APROM 0x0080 /* Vmxnet APROM support */ +#define VMNET_CAP_HW_TX_VLAN 0x0100 /* Can we do VLAN tagging in HW */ +#define VMNET_CAP_HW_RX_VLAN 0x0200 /* Can we do VLAN untagging in HW */ +#define VMNET_CAP_SW_VLAN 0x0400 /* Can we do VLAN tagging/untagging in SW */ +#define VMNET_CAP_WAKE_PCKT_RCV 0x0800 /* Can wake on network packet recv? */ +#define VMNET_CAP_ENABLE_INT_INLINE 0x1000 /* Enable Interrupt Inline */ +#define VMNET_CAP_ENABLE_HEADER_COPY 0x2000 /* copy header for vmkernel */ +#define VMNET_CAP_TX_CHAIN 0x4000 /* Guest can use multiple tx entries for a pkt */ +#define VMNET_CAP_RX_CHAIN 0x8000 /* a pkt can span multiple rx entries */ +#define VMNET_CAP_LPD 0x10000 /* large pkt delivery */ +#define VMNET_CAP_BPF 0x20000 /* BPF Support in VMXNET Virtual Hardware */ +#define VMNET_CAP_SG_SPAN_PAGES 0x40000 /* Can do scatter-gather span multiple pages transmits. */ +#define VMNET_CAP_IP6_CSUM 0x80000 /* Can do IPv6 csum offload. */ +#define VMNET_CAP_TSO6 0x100000 /* Can do TSO segmentation offload for IPv6 pkts. */ +#define VMNET_CAP_TSO256k 0x200000 /* Can do TSO segmentation offload for pkts up to 256kB. */ +#define VMNET_CAP_UPT 0x400000 /* Support UPT */ +#define VMNET_CAP_RDONLY_INETHDRS 0x800000 /* Modifies inet headers for TSO/CSUm */ +#define VMNET_CAP_ENCAP 0x1000000 /* NPA not used, so redefining for ENCAP support */ +#define VMNET_CAP_DCB 0x2000000 /* Support DCB */ +#define VMNET_CAP_OFFLOAD_8OFFSET 0x4000000 /* supports 8bit parameterized offsets */ +#define VMNET_CAP_OFFLOAD_16OFFSET 0x8000000 /* supports 16bit parameterized offsets */ +#define VMNET_CAP_IP6_CSUM_EXT_HDRS 0x10000000 /* support csum of ip6 ext hdrs */ +#define VMNET_CAP_TSO6_EXT_HDRS 0x20000000 /* support TSO for ip6 ext hdrs */ +#define VMNET_CAP_SCHED 0x40000000 /* compliant with network scheduling */ +#define VMNET_CAP_SRIOV 0x80000000 /* Supports SR-IOV */ #ifdef VMKTCPIP_RSS -#define VMNET_CAP_RSS 0x100000000 /* support RSS FIXME get a 32 flag */ +#define VMNET_CAP_RSS 0x100000000UL /* support RSS FIXME get a 32 flag */ #endif + +#define VMNET_CAP_SG_TX VMNET_CAP_SG +#define VMNET_CAP_SG_RX 0x200000000UL /* Scatter-gather receive capability */ +#define VMNET_CAP_PRIV_STATS 0x400000000UL /* Driver supports accessing private stats */ +#define VMNET_CAP_LINK_STATUS_SET 0x800000000UL /* Driver supports changing link status */ +#define VMNET_CAP_MAC_ADDR_SET 0x1000000000UL /* Driver supports changing the interface MAC address */ +#define VMNET_CAP_COALESCE_PARAMS 0x2000000000UL /* Driver supports changing interrupt coalescing parameters */ +#define VMNET_CAP_VLAN_FILTER 0x4000000000UL /* VLAN Filtering capability */ +#define VMNET_CAP_WAKE_ON_LAN 0x8000000000UL /* Wake-On-LAN capability */ +#define VMNET_CAP_NETWORK_DUMP 0x10000000000UL /* Network core dumping capability */ +#define VMNET_CAP_MULTI_QUEUE 0x20000000000UL /* Multiple queue capability */ +#define VMNET_CAP_EEPROM 0x40000000000UL /* EEPROM dump capability */ +#define VMNET_CAP_REGDUMP 0x80000000000UL /* Register dump capability */ +#define VMNET_CAP_SELF_TEST 0x100000000000UL /* Self-test capability */ +#define VMNET_CAP_PAUSE_PARAMS 0x200000000000UL /* Pause frame parameter adjusting */ +#define VMNET_CAP_RESTART_NEG 0x400000000000UL /* Ability to restart negotiation of link speed/duplexity */ +#define VMNET_CAP_LEGACY 0x8000000000000000UL /* Uplink is compatible with vmklinux drivers */ + #endif // _VMNET_DEF_H_ diff --git a/open-vm-tools/services/plugins/vix/vixTools.c b/open-vm-tools/services/plugins/vix/vixTools.c index 4dbaf18d3..de9782feb 100644 --- a/open-vm-tools/services/plugins/vix/vixTools.c +++ b/open-vm-tools/services/plugins/vix/vixTools.c @@ -2227,7 +2227,7 @@ VixToolsTranslateVGAuthError(VGAuthError vgErr) err = VIX_E_INVALID_ARG; break; case VGAUTH_E_AUTHENTICATION_DENIED: - err = VIX_E_GUEST_USER_PERMISSIONS; + err = VIX_E_INVALID_LOGIN_CREDENTIALS; break; case VGAUTH_E_INVALID_TICKET: err = VIX_E_INVALID_ARG; @@ -7858,12 +7858,11 @@ VixToolsGetTempFile(VixCommandRequestHeader *requestMsg, // IN goto abort; } - directoryPath = Util_SafeStrdup(tempPtr); - if (VIX_COMMAND_CREATE_TEMPORARY_DIRECTORY == requestMsg->opCode) { createTempFile = FALSE; } + directoryPath = Util_SafeStrdup(tempPtr); } else { data.filePrefix = Util_SafeStrdup(""); data.fileSuffix = Util_SafeStrdup(""); @@ -7895,12 +7894,6 @@ VixToolsGetTempFile(VixCommandRequestHeader *requestMsg, // IN err = VIX_OK; } - /* - * Don't give up if VixToolsGetUserTmpDir() failed. It might just - * have failed to load DLLs, so we might be running on Win 9x. - * Just fall through to use the old fashioned File_MakeTemp(). - */ - if (VIX_SUCCEEDED(err)) { /* @@ -7935,8 +7928,17 @@ VixToolsGetTempFile(VixCommandRequestHeader *requestMsg, // IN err = Vix_TranslateErrno(errno); goto abort; } + } else { + /* + * Don't give up if VixToolsGetUserTmpDir() failed. It might just + * have failed to load DLLs, so we might be running on Win 9x. + * Just fall through to use the old fashioned File_GetSafeTmpDir(). + */ + + ASSERT(directoryPath == NULL); + directoryPath = Util_SafeStrdup(""); + err = VIX_OK; } - err = VIX_OK; } #endif @@ -8794,7 +8796,11 @@ VixToolsAddAuthAlias(VixCommandRequestHeader *requestMsg) // IN } impersonatingVMWareUser = TRUE; - vgErr = TheVGAuthContext(&ctx); + /* + * For aliasStore APIs, make a fresh context so we know + * the security is correct. + */ + vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, &ctx); if (VGAUTH_FAILED(vgErr)) { err = VixToolsTranslateVGAuthError(vgErr); goto abort; @@ -8812,6 +8818,14 @@ VixToolsAddAuthAlias(VixCommandRequestHeader *requestMsg) // IN } abort: + if (ctx) { + vgErr = VGAuth_Shutdown(ctx); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + // fall thru + } + } + if (impersonatingVMWareUser) { VixToolsUnimpersonateUser(userToken); } @@ -8910,7 +8924,11 @@ VixToolsRemoveAuthAlias(VixCommandRequestHeader *requestMsg) // IN } impersonatingVMWareUser = TRUE; - vgErr = TheVGAuthContext(&ctx); + /* + * For aliasStore APIs, make a fresh context so we know + * the security is correct. + */ + vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, &ctx); if (VGAUTH_FAILED(vgErr)) { err = VixToolsTranslateVGAuthError(vgErr); goto abort; @@ -8930,6 +8948,13 @@ VixToolsRemoveAuthAlias(VixCommandRequestHeader *requestMsg) // IN } abort: + if (ctx) { + vgErr = VGAuth_Shutdown(ctx); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + // fall thru + } + } if (impersonatingVMWareUser) { VixToolsUnimpersonateUser(userToken); } @@ -9017,7 +9042,11 @@ VixToolsListAuthAliases(VixCommandRequestHeader *requestMsg, // IN } impersonatingVMWareUser = TRUE; - vgErr = TheVGAuthContext(&ctx); + /* + * For aliasStore APIs, make a fresh context so we know + * the security is correct. + */ + vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, &ctx); if (VGAUTH_FAILED(vgErr)) { err = VixToolsTranslateVGAuthError(vgErr); goto abort; @@ -9113,6 +9142,14 @@ abort: free(escapedStr); free(escapedStr2); VGAuth_FreeUserAliasList(num, uaList); + if (ctx) { + vgErr = VGAuth_Shutdown(ctx); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + goto abort; + } + } + if (impersonatingVMWareUser) { VixToolsUnimpersonateUser(userToken); } @@ -9194,7 +9231,11 @@ VixToolsListMappedAliases(VixCommandRequestHeader *requestMsg, // IN goto abort; } - vgErr = VGAuth_QueryMappedAliases(ctx, 0, NULL, &num, &maList); + /* + * For aliasStore APIs, make a fresh context so we know + * the security is correct. + */ + vgErr = VGAuth_Init(VMTOOLSD_APP_NAME, 0, NULL, &ctx); if (VGAUTH_FAILED(vgErr)) { err = VixToolsTranslateVGAuthError(vgErr); goto abort; @@ -9282,6 +9323,14 @@ abort: free(escapedStr); free(escapedStr2); VGAuth_FreeMappedAliasList(num, maList); + if (ctx) { + vgErr = VGAuth_Shutdown(ctx); + if (VGAUTH_FAILED(vgErr)) { + err = VixToolsTranslateVGAuthError(vgErr); + // fall thru + } + } + if (impersonatingVMWareUser) { VixToolsUnimpersonateUser(userToken); } @@ -10985,10 +11034,19 @@ QueryVGAuthConfig(GKeyFile *confDictRef) // IN * TheVGAuthContext * * Get the global VGAuthContext object. + * * Lazily create the global VGAuthContext when needed. + * We need a single shared context to handle authentication in order to + * properly share the SSPI handshake state(s). + * * Creating the global context may also cause the VGAuth Service to * be started. * + * This context should only be used when not impersonating, since it + * will be running over the SUPER_USER connection and can cause + * security issues if used when impersonating. + * + * * Results: * VGAUTH_E_OK if successful, the global context object is returned in * the OUT parameter ctx.