MSYS2-packages/msys2-runtime-3.4/0053-Cygwin-get-set-security-descriptors-using-FILE_OPEN_.patch

From 6f45a7c693dc4b723c24d4f28f038d551d492243 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Fri, 8 Mar 2024 21:30:57 +0100
Subject: [PATCH 53/N] Cygwin: get/set security descriptors using
 FILE_OPEN_NO_RECALL

Add FILE_OPEN_NO_RECALL to NtOpenFile calls trying to fetch
or write file security descriptors so as not to recall them
from offline storage inadvertently.

Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de>
---
 winsup/cygwin/sec/base.cc | 9 ++++++---
 1 file changed, 6 insertions(+), 3 deletions(-)

diff --git a/winsup/cygwin/sec/base.cc b/winsup/cygwin/sec/base.cc
index 8b04b40..0fc8699 100644
--- a/winsup/cygwin/sec/base.cc
+++ b/winsup/cygwin/sec/base.cc
@@ -65,7 +65,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd,
 			   fh ? pc.init_reopen_attr (attr, fh)
 			      : pc.get_object_attr (attr, sec_none_nih),
 			   &io, FILE_SHARE_VALID_FLAGS,
-			   FILE_OPEN_FOR_BACKUP_INTENT
+			   FILE_OPEN_NO_RECALL
+			   | FILE_OPEN_FOR_BACKUP_INTENT
 			   | pc.is_known_reparse_point ()
 			   ? FILE_OPEN_REPARSE_POINT : 0);
       if (!NT_SUCCESS (status))
@@ -129,7 +130,8 @@ get_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd,
 				  NULL, NULL);
       status = NtOpenFile (&fh, READ_CONTROL, &attr, &io,
 			   FILE_SHARE_VALID_FLAGS,
-			   FILE_OPEN_FOR_BACKUP_INTENT
+			   FILE_OPEN_NO_RECALL
+			   | FILE_OPEN_FOR_BACKUP_INTENT
 			   | FILE_OPEN_REPARSE_POINT);
       if (!NT_SUCCESS (status))
 	{
@@ -234,7 +236,8 @@ set_file_sd (HANDLE fh, path_conv &pc, security_descriptor &sd, bool is_chown)
 				  : pc.get_object_attr (attr, sec_none_nih),
 			       &io,
 			       FILE_SHARE_VALID_FLAGS,
-			       FILE_OPEN_FOR_BACKUP_INTENT
+			       FILE_OPEN_NO_RECALL
+			       | FILE_OPEN_FOR_BACKUP_INTENT
 			       | pc.is_known_reparse_point ()
 			       ? FILE_OPEN_REPARSE_POINT : 0);
 	  if (!NT_SUCCESS (status))