HCS fails with E_ACCESSDENIED when starting a VM whose user-supplied
kernelModules or systemDistro VHDs live somewhere VMWP cannot read
(e.g. under the user profile). Eagerly call HcsGrantVmAccess on those
paths while impersonating the user, before the VM is started.
The grant is best-effort: it requires WRITE_DAC on the file (typically
via ownership), which the impersonated user may lack for VHDs they only
have READ access to (e.g. SYSTEM-owned VHDs reachable via inherited
folder ACLs). Failures are logged via CATCH_LOG; if VMWP truly cannot
read the VHD, StartComputeSystem will still surface a clear
E_ACCESSDENIED.
Adds two regression tests:
- CustomVhdsInUserProfile: VHDs under %TEMP%, exercises the grant path.
- CustomVhdsAccessibleViaInheritedAcls: VHDs in the install dir launched
as a non-elevated user, exercises the swallowed-grant-failure path.
Co-authored-by: Copilot <198982749+Copilot@users.noreply.github.com>
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update Microsoft.WSL.Kernel to 6.18.26.1-1
* Update tests for Linux 6.18 kernel behavior changes
Adjust eventfd size validation, lxtfs writev, and mount option
format expectations to match 6.18 kernel behavior.
* Update test patterns for new kernel /proc/mounts cache format
The kernel now outputs cache=0x5 (hex) instead of cache=5 (decimal) in
/proc/mounts for 9p filesystems. Update the ExpectMount patterns in
WSLCTests::WindowsMounts and WSLCTests::GPU to match the new format.
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Make port 0 resolution inline
* reduce retry delay to 10ms
* add e2e test
* resolve comments
* resolve comments
* [wip] add test debug info
* copy the new binary to test stage
* switch to using inline perl sript instead of linux binary
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Fallback to NAT when IPv6 is disabled via registry for mirrored networking
When the registry key HKLM\SYSTEM\CurrentControlSet\Services\Tcpip6\Parameters
has DisabledComponents set to 0xFF (all IPv6 components disabled), mirrored
networking mode cannot mirror host interfaces. This adds a check in
ValidateNetworkingMode() that detects this condition and falls back to NAT
networking mode with a user-facing warning.
Only mirrored networking mode is affected by this registry key; other
networking modes (NAT, Bridged, VirtioProxy) are not checked.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* add registry check
* pr review
* remove shutdown
* re-add shutdown
---------
Co-authored-by: Catalin-Emil Fetoiu <cfetoiu@microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Fix VHD ownership after cross-volume move to prevent E_ACCESSDENIED
When MoveDistribution moves a VHD across volumes, MoveFileEx copies the
file and the new file's owner may not be the user's SID. This causes
HcsGrantVmAccess to fail with E_ACCESSDENIED when later launching the
distro, because the impersonated user lacks WRITE_DAC on the file
(only implicitly granted to the owner).
Fix by explicitly setting the VHD owner to the user's SID after the
move, matching what CreateVhd already does at creation time. Uses
handle-based SetSecurityInfo with FILE_FLAG_OPEN_REPARSE_POINT to
avoid TOCTOU races and symlink following.
Also fixes a pre-existing build break in MountTests.cpp from the test
refactor (WSL2_TEST_ONLY -> WSL2_TEST_METHOD).
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Preserve original VHD owner instead of using GetUserSid()
Instead of unconditionally setting the VHD owner to the caller's SID
after a cross-volume move, read the original owner before the move and
restore it afterward. This avoids changing ownership to someone who
didn't originally own the file.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* route fixes from protonvpn testing
* add unit test, fix log
* ai code review
* format with vs 2022
* review
* remove optional has_value checks
* harden contracts for to, via having or not having values
* update IsOnlink check
* fix constructor parameters
* fix build
---------
Co-authored-by: Catalin-Emil Fetoiu <cfetoiu@microsoft.com>
Cherry-pick WSL1/WSL2 test changes from 9c4dba91 (feature/wsl-for-apps).
Replace runtime WSL1_TEST_ONLY()/WSL2_TEST_ONLY() skip macros with
WSL1_TEST_METHOD()/WSL2_TEST_METHOD() TAEF metadata macros. This moves
version filtering to the test runner level via /select: queries, so
inapplicable tests are excluded entirely instead of appearing as skipped.
Updated files:
- test/windows/Common.h: New macros + removed old skip macros
- test/windows/*.cpp: Converted all test methods
- tools/test/run-tests.ps1: Auto-add /select: when no user filter
- cloudtest/TestGroup.xml.in: Add version filter to TAEF args
- test/README.md: Document new macros
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Mask console-getty.service to prevent multi-distro failures (#13595)
When multiple WSL distros run concurrently, /dev/tty devices are shared
at the VM level. The second distro's console-getty.service fails because
the tty is already held by the first, causing systemd to report failed
units and triggering user@UID.service failures.
Mask console-getty.service during WSL systemd unit generation, similar
to the existing masking of networkd-wait-online. This service provides
no value in WSL since users don't connect to the underlying tty.
Fixes#13595
* format source
* pr feedback
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Add /attachdebugger option to automatically launch WinDbgX for test debugging
When /attachdebugger is passed to test.bat, run-tests.ps1 now:
- Starts te.exe with /waitfordebugger in the background
- Polls for the TE.ProcessHost.exe child process via WMI
- Launches WinDbgX attached directly to the test host PID
- With /inproc, attaches to TE.exe itself instead
This replaces the manual workflow of running /waitfordebugger, reading
the PID from the output, and launching WinDbgX separately.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* run-tests: use /inproc with /attachdebugger, simplify exit
Per review feedback from @OneBlue:
- Add /inproc when /attachdebugger is set so WinDbgX attaches
directly to TE.exe instead of polling for TE.ProcessHost.exe
- Simplify exit to pass through TE.exe exit code directly
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* docs: update /attachdebugger to reflect /inproc behavior
The script now always adds /inproc, so update the README to match:
WinDbgX attaches directly to TE.exe, no ProcessHost polling.
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
* Update Microsoft.WSL.DeviceHost to version 1.1.48-0 (#14575)
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Re-enable WSLG during testing.
This reverts commit bf759a092b.
* add back config change (will work with new default, but makes test explicit)
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Revert "test: enable virtiofs tests and enable WSLG during testing (#14387)"
* enable wslg for SystemdNoClearTmpUnit test
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* test: Add arm64 test distro support
* update unit test baseline
* more test baseline updates
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* detach terminal before running mount -a
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* use _exit on error before execv in child process to avoid unintentional resource release
* Add regression test
* Fix clang format issue
* fix all clang format issue
* Potential fix for pull request finding
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* resolve ai comments
* move test to unit test
* Fix string literal
* Overwrite fstab to resolve pipeline missing file issue
---------
Co-authored-by: Feng Wang <wangfen@microsoft.com>
Co-authored-by: Copilot Autofix powered by AI <175728472+Copilot@users.noreply.github.com>
* Refactor: trim unnecessary DLL deps from COMMON_LINK_LIBRARIES
- Split MSI/Wintrust install functions from wslutil.cpp into install.cpp
- Remove MI.lib, wsldeps.lib, msi.lib, Wintrust.lib, computecore.lib,
computenetwork.lib, Iphlpapi.lib from COMMON_LINK_LIBRARIES
- Add per-target MSI_LINK_LIBRARIES, HCS_LINK_LIBRARIES, SERVICE_LINK_LIBRARIES
- Delay-load msi.dll and WINTRUST.dll for wsl.exe and wslg.exe
- Result: wslhost, wslrelay, wslcsdk, testplugin lose msi/wintrust startup imports;
wsl.exe and wslg.exe defer msi/wintrust loading until actually needed;
wslservice is the only target that imports computecore/computenetwork/Iphlpapi
* minor fixes to install.cpp that were caught during PR
* move to wsl::windows::common::install namespace
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
- Allow VirtioProxy to keep EnableDnsTunneling=true in config, but clear
socket-specific options (BestEffortDnsParsing, DnsTunnelingIpAddress)
- Suppress dedicated DNS tunneling hvsocket for VirtioProxy; tunneling
is handled through the VirtioNetworking device host instead
- Set DnsTunneling flag on VirtioNetworkingFlags so the device host
knows to tunnel DNS
- Expand SWIOTLB kernel cmdline to cover VirtioFs and VirtioProxy
- Bump DeviceHost package to 1.1.39-0
- Add VirtioProxy DNS test coverage for tunneling on/off
- Skip GuestPortIsReleasedV6 on Windows 10
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Initial work
* .
* pr feedback and add unit test
* minor tweaks an fix use after free in logging statement
* implement PR feedback
* hopefully final pr feedback
* pr feedback in test function
* Address PR feedback: add try/catch to TrackPort and PortZeroBind queue push
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* VirtioProxy: Add IPv6 address, gateway, and route support
- Add PreferredIpv6Address field and GetBestGatewayV6* methods to NetworkSettings
- Extend GetHostEndpointSettings() to discover IPv6 unicast address and gateway
- Add UpdateIpv6Address() using ModifyGuestEndpointSettingRequest<IPAddress>
- Push IPv6 default route to guest via UpdateDefaultRoute(AF_INET6)
- Remove AF_INET6 early return in ModifyOpenPorts, use INETADDR_PORT()
- Add EndpointRoute::DefaultRoute() static factory
- Pass client_ip_ipv6 in devicehost options (not yet parsed by devicehost)
- Remove gateway_ip from devicehost options (only needed for DHCP)
- Include IPv6 DNS servers in non-tunneling DNS settings
- Add ConfigurationV6 and DnsResolutionAAAA tests
* cleanup and add more ipv6 tests
* added test coverage and minor updates
* clang format
* pr feedback
* format source
* pr feedback
* test fixes
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Ship initrd.img in MSI using build-time generation via tar.exe
Replace the install-time CreateInitrd/RemoveInitrd custom actions with a
build-time step that generates initrd.img using the Windows built-in
tar.exe (libarchive/bsdtar) and ships it directly in the MSI.
The install-time approach had a race condition: wsl.exe could launch
before the CreateInitrd custom action completed, causing
ERROR_FILE_NOT_FOUND for initrd.img.
Changes:
- Add CMake custom command to generate initrd.img via tar.exe --format=newc
- Add initrd.img as a regular file in the MSI tools component
- Remove CreateInitrd/RemoveInitrd custom actions from WiX, DllMain,
and wslinstall.def
- Remove CreateCpioInitrd helper and its tests (no longer needed)
- Update pipeline build targets to build initramfs instead of init
* pr feedback
* more pr feedback
* switch to using a powershell script instead of tar.exe
* powershell script feedback
* hopefully final pr feedback
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Mask NetworkManager-wait-online.service during boot
Fixes#13772. Similar to PR #13611, this masks NetworkManager-wait-online.service to prevent 60-second timeouts during boot since WSL interfaces are unmanaged by NetworkManager. Also added the service to the discouraged units list in validate-modern.py and added a unit test.
* Addressed Copilot feedback
* Fix
* Move from shipping the initrd to generating during package install.
* pr feedback
* working
* adjust custom action conditions
* update initrd test to cover more cases
* Update msipackage/package.wix.in
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* use stack buffer
* move initrd helper to filesystem.cpp and add unit test
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
* DNS: Simplify dns logic and switch to using 'search' instead of 'domain'
which is obsolete.
* add optional header for natnetworking
* format
* extend configuration test for virtioproxy networking mode
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* virtiofs: add support for mounting directories (not just full volumes)
* disable virtiofs tests for now
* spelling
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* virtiofs: add support for statx syscall
* add statx drvfs test
* skip statx drvfs test on wsl1
* skip stax tests on smb and fat
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* TEST: Add testcases to validated bridged networking connectivity
* minor bridged test updates
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* test: extend coverage of virtioproxy networking mode
* test: add dns test variations to all networking classes
* remove bridged dns variations
* pr feedback
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Resolve issue with config file writing sections outside of their expected header.
* add more writewslconfig variations
* formatting
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* Clean up localhost relay implementation to not rely on procfs parsing.
* pr feedback
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* virtiofs: fix an issue where if the VM is launched by an elevated user, non-elevated shells will have elevated virtiofs access.
* rename keelAlive -> keepAlive
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
* test: add simple virtio proxy networking tests
* move mirrored tests to their own class
* fix failing mirrored variation
* use different port for HostUdpBindDoesNotPreventGuestTcpBind
---------
Co-authored-by: Ben Hillis <benhill@ntdev.microsoft.com>
