X-Recipient: archive-cygwin AT delorie DOT com
X-Spam-Check-By: sourceware.org
Date: Sun, 4 Dec 2011 00:04:08 +0100
From: Corinna Vinschen <corinna-cygwin AT cygwin DOT com>
To: cygwin AT cygwin DOT com
Subject: Re: gnome-keyring bug in snapshots
Message-ID: <20111203230408.GC12518@calimero.vinschen.de>
Reply-To: cygwin AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
References: <CAGvSfew2TFPGwp=Kq_bkJ0891+vJiAueAd1H+K_SHNimMw0y1Q AT mail DOT gmail DOT com> <20111203184459 DOT GA21371 AT ednor DOT casa DOT cgf DOT cx> <20111203213047 DOT GA24925 AT ednor DOT casa DOT cgf DOT cx>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <20111203213047.GA24925@ednor.casa.cgf.cx>
User-Agent: Mutt/1.5.21 (2010-09-15)
Mailing-List: contact cygwin-help AT cygwin DOT com; run by ezmlm
Precedence: bulk
List-Id: <cygwin.cygwin.com>
List-Unsubscribe: <mailto:cygwin-unsubscribe-archive-cygwin=delorie DOT com AT cygwin DOT com>
List-Subscribe: <mailto:cygwin-subscribe AT cygwin DOT com>
List-Archive: <http://sourceware.org/ml/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-help AT cygwin DOT com>, <http://sourceware.org/ml/#faqs>
Sender: cygwin-owner AT cygwin DOT com
Mail-Followup-To: cygwin AT cygwin DOT com
Delivered-To: mailing list cygwin AT cygwin DOT com

On Dec  3 16:30, Christopher Faylor wrote:
> On Sat, Dec 03, 2011 at 01:44:59PM -0500, Christopher Faylor wrote:
> >On Tue, Nov 29, 2011 at 09:19:10PM -0600, Yaakov (Cygwin/X) wrote:
> >>For some time now, snapshots have displayed a bug wrt gnome-keyring,
> >>namely that passwords don't "register" when entered.  This wreaks
> >>havoc on the GNOME desktop where so many programs rely on
> >>gnome-keyring.
> >>[...]
> According to strace, the "couldn't allocate secure memory..." messages
> seems to be caused by this:
> 
> gnome-keyring-daemon 3820 seterrno_from_nt_status: /cygnus/src/uberbaum/winsup/cygwin/mmap.cc:1399 status 0xC0000061
> 
> That is coming from mlock() which hasn't changed in months.
> 
> The status above translates to: STATUS_PRIVILEGE_NOT_HELD and that is
> coming from NtLockVirtualMemory() .
> 
> Yaakov or Corinna does any of the above mean anything to you?

As documented in mmap.cc, mlock functionality requires the SE_LOCK_MEMORY
privilege which only the SYSTEM account holds by default.  Mlock is
unchanged since it has been introduced in 2005.

Having said that, after searching the net for a while I found out that
the privilege requirement is excessive.  In 2005 I stumbled over the
wrong interpretation of what the VirtualLock function is doing.  Not
even Microsoft guys are immune to that(*), apparently.

I dropped the requirement for the SE_LOCK_MEMORY privilege in CVS so
every process should be able to call mlock successfully now.


Corinna

(*) http://blogs.msdn.com/b/oldnewthing/archive/2007/11/06/5924058.aspx
    See the last paragraph.


-- 
Corinna Vinschen                  Please, send mails regarding Cygwin to
Cygwin Project Co-Leader          cygwin AT cygwin DOT com
Red Hat

--
Problem reports:       http://cygwin.com/problems.html
FAQ:                   http://cygwin.com/faq/
Documentation:         http://cygwin.com/docs.html
Unsubscribe info:      http://cygwin.com/ml/#unsubscribe-simple