diff options
author | Jan Kotas <jkotas@microsoft.com> | 2017-10-06 17:51:29 -0700 |
---|---|---|
committer | GitHub <noreply@github.com> | 2017-10-06 17:51:29 -0700 |
commit | 44736b809edaacc39d9bab1d18e04067e3fdb13d (patch) | |
tree | 8ac0851b332e1f981085c205fdfe3fb602175ef0 /src/vm | |
parent | 273b482fd0345de3dadad6fee4544517b2b8de62 (diff) | |
download | coreclr-44736b809edaacc39d9bab1d18e04067e3fdb13d.tar.gz coreclr-44736b809edaacc39d9bab1d18e04067e3fdb13d.tar.bz2 coreclr-44736b809edaacc39d9bab1d18e04067e3fdb13d.zip |
Delete dead code (#14365)
Delete some dead code related to Windows Phone and code access security
Diffstat (limited to 'src/vm')
-rw-r--r-- | src/vm/clsload.cpp | 133 | ||||
-rw-r--r-- | src/vm/clsload.hpp | 21 | ||||
-rw-r--r-- | src/vm/comdelegate.cpp | 140 | ||||
-rw-r--r-- | src/vm/comdelegate.h | 3 | ||||
-rw-r--r-- | src/vm/corhost.cpp | 4 | ||||
-rw-r--r-- | src/vm/domainfile.cpp | 14 |
6 files changed, 30 insertions, 285 deletions
diff --git a/src/vm/clsload.cpp b/src/vm/clsload.cpp index bb71f0b6ed..6492b6f064 100644 --- a/src/vm/clsload.cpp +++ b/src/vm/clsload.cpp @@ -4928,7 +4928,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method if (m_fThrowIfTargetIsInaccessible) { - ThrowAccessException(pContext, pTargetMT, NULL, FALSE); + ThrowAccessException(pContext, pTargetMT, NULL); } return FALSE; @@ -4938,7 +4938,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method { if (m_fThrowIfTargetIsInaccessible) { - ThrowAccessException(pContext, pTargetMT, NULL, FALSE); + ThrowAccessException(pContext, pTargetMT, NULL); } return FALSE; @@ -4948,8 +4948,6 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method #ifndef CROSSGEN_COMPILE - BOOL fAccessingFrameworkCode = FALSE; - // In CoreCLR kRestrictedMemberAccess means that one can access private/internal // classes/members in app code. if (m_accessCheckType != kMemberAccess && pTargetMT) @@ -4966,7 +4964,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method // No Access if (m_fThrowIfTargetIsInaccessible) { - ThrowAccessException(pContext, pTargetMT, NULL, fAccessingFrameworkCode); + ThrowAccessException(pContext, pTargetMT, NULL); } #endif // CROSSGEN_COMPILE @@ -4982,8 +4980,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method void AccessCheckOptions::ThrowAccessException( AccessCheckContext* pContext, MethodTable* pFailureMT, /* = NULL */ - Exception* pInnerException, /* = NULL */ - BOOL fAccessingFrameworkCode /* = FALSE */) const + Exception* pInnerException /* = NULL */) const { CONTRACTL { @@ -5005,7 +5002,7 @@ void AccessCheckOptions::ThrowAccessException( // If we know the specific type that caused the failure, display it. // Else display the whole type that we are trying to access. MethodTable * pMT = (pFailureMT != NULL) ? pFailureMT : m_pTargetMT; - ThrowTypeAccessException(pContext, pMT, 0, pInnerException, fAccessingFrameworkCode); + ThrowTypeAccessException(pContext, pMT, 0, pInnerException); } else if (m_pTargetMethod != NULL) { @@ -5018,17 +5015,17 @@ void AccessCheckOptions::ThrowAccessException( // throwing the standard MethodAccessException. if (pCallerMD != NULL && m_pTargetMethod == pCallerMD && pFailureMT != NULL) { - ThrowTypeAccessException(pContext, pFailureMT, 0, pInnerException, fAccessingFrameworkCode); + ThrowTypeAccessException(pContext, pFailureMT, 0, pInnerException); } else { - ThrowMethodAccessException(pContext, m_pTargetMethod, 0, pInnerException, fAccessingFrameworkCode); + ThrowMethodAccessException(pContext, m_pTargetMethod, 0, pInnerException); } } else { _ASSERTE(m_pTargetField != NULL); - ThrowFieldAccessException(pContext, m_pTargetField, 0, pInnerException, fAccessingFrameworkCode); + ThrowFieldAccessException(pContext, m_pTargetField, 0, pInnerException); } } @@ -5085,80 +5082,10 @@ BOOL AccessCheckOptions::FailOrThrow(AccessCheckContext *pContext) const return FALSE; } -// Generate access exception context strings that are due to potential security misconfiguration -void GetAccessExceptionAdditionalContextForSecurity(Assembly *pAccessingAssembly, - Assembly *pTargetAssembly, - BOOL fAccessingFrameworkCode, - StringArrayList *pContextInformation) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_ANY; - PRECONDITION(CheckPointer(pAccessingAssembly)); - PRECONDITION(CheckPointer(pTargetAssembly)); - PRECONDITION(CheckPointer(pContextInformation)); - } - CONTRACTL_END; - - if (fAccessingFrameworkCode) - { - SString accessingFrameworkCodeError; - EEException::GetResourceMessage(IDS_E_ACCESSING_PRIVATE_FRAMEWORK_CODE, accessingFrameworkCodeError); - - pContextInformation->Append(accessingFrameworkCodeError); - } - - -} - -// Generate additional context about the root cause of an access exception which may help in debugging it (for -// instance v4 APTCA implying transparnecy, or conditional APTCA not being enabled). If no additional -// context is available, then this returns SString.Empty. -SString GetAdditionalAccessExceptionContext(Assembly *pAccessingAssembly, - Assembly *pTargetAssembly, - BOOL fAccessingFrameworkCode) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_ANY; - PRECONDITION(CheckPointer(pAccessingAssembly)); - PRECONDITION(CheckPointer(pTargetAssembly)); - } - CONTRACTL_END; - - StringArrayList contextComponents; - - // See if the exception may have been caused by security - GetAccessExceptionAdditionalContextForSecurity(pAccessingAssembly, - pTargetAssembly, - fAccessingFrameworkCode, - &contextComponents); - - // Append each component of additional context we found into the additional context string in its own - // paragraph. - SString additionalContext; - for (DWORD i = 0; i < contextComponents.GetCount(); ++i) - { - SString contextComponent = contextComponents.Get(i); - if (!contextComponent.IsEmpty()) - { - additionalContext.Append(W("\n\n")); - additionalContext.Append(contextComponent); - } - } - - return additionalContext; -} - void DECLSPEC_NORETURN ThrowFieldAccessException(AccessCheckContext* pContext, FieldDesc *pFD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5175,15 +5102,13 @@ void DECLSPEC_NORETURN ThrowFieldAccessException(AccessCheckContext* pContext, ThrowFieldAccessException(pCallerMD, pFD, messageID, - pInnerException, - fAccessingFrameworkCode); + pInnerException); } void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc* pCallerMD, FieldDesc *pFD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5202,11 +5127,7 @@ void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc* pCallerMD, messageID = IDS_E_FIELDACCESS; } - SString strAdditionalContext = GetAdditionalAccessExceptionContext(pCallerMD->GetAssembly(), - pFD->GetApproxEnclosingMethodTable()->GetAssembly(), - fAccessingFrameworkCode); - - EX_THROW_WITH_INNER(EEFieldException, (pFD, pCallerMD, strAdditionalContext, messageID), pInnerException); + EX_THROW_WITH_INNER(EEFieldException, (pFD, pCallerMD, SString::Empty(), messageID), pInnerException); } else { @@ -5217,8 +5138,7 @@ void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc* pCallerMD, void DECLSPEC_NORETURN ThrowMethodAccessException(AccessCheckContext* pContext, MethodDesc *pCalleeMD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5235,15 +5155,13 @@ void DECLSPEC_NORETURN ThrowMethodAccessException(AccessCheckContext* pContext, ThrowMethodAccessException(pCallerMD, pCalleeMD, messageID, - pInnerException, - fAccessingFrameworkCode); + pInnerException); } void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc* pCallerMD, MethodDesc *pCalleeMD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5262,11 +5180,7 @@ void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc* pCallerMD, messageID = IDS_E_METHODACCESS; } - SString strAdditionalContext = GetAdditionalAccessExceptionContext(pCallerMD->GetAssembly(), - pCalleeMD->GetAssembly(), - fAccessingFrameworkCode); - - EX_THROW_WITH_INNER(EEMethodException, (pCalleeMD, pCallerMD, strAdditionalContext, messageID), pInnerException); + EX_THROW_WITH_INNER(EEMethodException, (pCalleeMD, pCallerMD, SString::Empty(), messageID), pInnerException); } else { @@ -5277,8 +5191,7 @@ void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc* pCallerMD, void DECLSPEC_NORETURN ThrowTypeAccessException(AccessCheckContext* pContext, MethodTable *pMT, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5295,15 +5208,13 @@ void DECLSPEC_NORETURN ThrowTypeAccessException(AccessCheckContext* pContext, ThrowTypeAccessException(pCallerMD, pMT, messageID, - pInnerException, - fAccessingFrameworkCode); + pInnerException); } void DECLSPEC_NORETURN ThrowTypeAccessException(MethodDesc* pCallerMD, MethodTable *pMT, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5322,11 +5233,7 @@ void DECLSPEC_NORETURN ThrowTypeAccessException(MethodDesc* pCallerMD, messageID = IDS_E_TYPEACCESS; } - SString strAdditionalContext = GetAdditionalAccessExceptionContext(pCallerMD->GetAssembly(), - pMT->GetAssembly(), - fAccessingFrameworkCode); - - EX_THROW_WITH_INNER(EETypeAccessException, (pMT, pCallerMD, strAdditionalContext, messageID), pInnerException); + EX_THROW_WITH_INNER(EETypeAccessException, (pMT, pCallerMD, SString::Empty(), messageID), pInnerException); } else { diff --git a/src/vm/clsload.hpp b/src/vm/clsload.hpp index 5a9248e422..9689979123 100644 --- a/src/vm/clsload.hpp +++ b/src/vm/clsload.hpp @@ -474,8 +474,7 @@ private: void ThrowAccessException( AccessCheckContext* pContext, MethodTable* pFailureMT = NULL, - Exception* pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE) const; + Exception* pInnerException = NULL) const; MethodTable * m_pTargetMT; MethodDesc * m_pTargetMethod; @@ -493,38 +492,32 @@ private: void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc *pCallerMD, FieldDesc *pFD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc *pCallerMD, MethodDesc *pCalleeMD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowTypeAccessException(MethodDesc *pCallerMD, MethodTable *pMT, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowFieldAccessException(AccessCheckContext* pContext, FieldDesc *pFD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowMethodAccessException(AccessCheckContext* pContext, MethodDesc *pCalleeMD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowTypeAccessException(AccessCheckContext* pContext, MethodTable *pMT, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); //--------------------------------------------------------------------------------------- diff --git a/src/vm/comdelegate.cpp b/src/vm/comdelegate.cpp index 961a758750..3f3c55338f 100644 --- a/src/vm/comdelegate.cpp +++ b/src/vm/comdelegate.cpp @@ -1050,126 +1050,6 @@ void COMDelegate::BindToMethod(DELEGATEREF *pRefThis, GCPROTECT_END(); } -// On the CoreCLR, we don't allow non-fulltrust delegates to be marshaled out (or created: CorHost::CreateDelegate ensures that) -// This helper function checks if we have a full-trust delegate with AllowReversePInvokeCallsAttribute targets. -BOOL COMDelegate::IsFullTrustDelegate(DELEGATEREF pDelegate) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - } - CONTRACTL_END; - -#ifdef FEATURE_WINDOWSPHONE - // we always allow reverse p/invokes on the phone. The OS provides the sandbox. - return TRUE; -#else - if (IsSecureDelegate(pDelegate)) - { - // A secure delegate implies => creator and target are different, and creator is not fully-trusted - return FALSE; - } - else - { - // Suffices to look at the target assembly and check if that is fully-trusted. - // if creator is same as target, we're done. - // if creator is not same as target, then the only interesting case is when it's not FT, - // and that's captured by the SecureDelegate case above. - // The target method yields the target assembly. Target method is not determinable for certain cases: - // - Open Virtual Delegates - // For those cases we play it safe and return FALSE from this function - if (pDelegate->GetInvocationCount() != 0) - { - // From MulticastDelegate.cs (MulticastDelegate.Equals): - // there are 4 kind of delegate kinds that fall into this bucket - // 1- Multicast (_invocationList is Object[]) - // 2- Secure (_invocationList is Delegate) - // 3- Unmanaged FntPtr (_invocationList == null) - // 4- Open virtual (_invocationCount == MethodDesc of target) - // (_invocationList == null, or _invocationList is a LoaderAllocator or DynamicResolver) - - OBJECTREF invocationList = pDelegate->GetInvocationList(); - if (invocationList != NULL) - { - - MethodTable *pMT; - pMT = invocationList->GetTrueMethodTable(); - // Has to be a multicast delegate, or inner open virtual delegate of collectible secure delegate - // since we already checked for secure delegates above - _ASSERTE(!pMT->IsDelegate()); - - if (!pMT->IsArray()) - { - // open Virtual delegate: conservatively return FALSE - return FALSE; - } - - // Given a multicast delegate we walk the list and make sure all targets are FullTrust. - // Yes, this is a recursive call to IsFullTrustDelegate. But we should hit stackoverflow - // only for the same cases where invoking that delegate would hit stackoverflow. - PTRARRAYREF delegateArrayRef = (PTRARRAYREF) invocationList; - - int numDelegates = delegateArrayRef->GetNumComponents(); - for(int i = 0; i< numDelegates; i++) - { - DELEGATEREF innerDel = (DELEGATEREF)delegateArrayRef->GetAt(i); - _ASSERTE(innerDel->GetMethodTable()->IsDelegate()); - if (!IsFullTrustDelegate(innerDel)) - { - // If we find even one non full-trust target in the list, return FALSE - return FALSE; - } - } - // All targets in the multicast delegate are FullTrust, so this multicast delegate is - // also FullTrust - return TRUE; - } - else - { - if (pDelegate->GetInvocationCount() == DELEGATE_MARKER_UNMANAGEDFPTR) - { - // Delegate to unmanaged function pointer - FullTrust - return TRUE; - } - - // - // open Virtual delegate: conservatively return FALSE - return FALSE; - } - } - // Regular delegate. Let's just look at the target Method - MethodDesc* pMD = GetMethodDesc((OBJECTREF)pDelegate); - if (pMD != NULL) - { - // The target must be decorated with AllowReversePInvokeCallsAttribute - if (!IsMethodAllowedToSinkReversePInvoke(pMD)) return FALSE; - - return TRUE; - } - } - // Default: - return FALSE; -#endif //FEATURE_WINDOWSPHONE -} - -// Checks whether the method is decorated with AllowReversePInvokeCallsAttribute. -BOOL COMDelegate::IsMethodAllowedToSinkReversePInvoke(MethodDesc *pMD) -{ - WRAPPER_NO_CONTRACT; -#ifdef FEATURE_WINDOWSPHONE - // we always allow reverse p/invokes on the phone. The OS provides the sandbox. - return TRUE; -#else - return (S_OK == pMD->GetMDImport()->GetCustomAttributeByName( - pMD->GetMemberDef(), - "System.Runtime.InteropServices.AllowReversePInvokeCallsAttribute", - NULL, - NULL)); -#endif // FEATURE_WINDOWSPHONE -} - // Marshals a managed method to an unmanaged callback provided the // managed method is static and it's parameters require no marshalling. PCODE COMDelegate::ConvertToCallback(MethodDesc* pMD) @@ -1262,14 +1142,6 @@ LPVOID COMDelegate::ConvertToCallback(OBJECTREF pDelegateObj) MethodTable* pMT = pDelegate->GetMethodTable(); DelegateEEClass* pClass = (DelegateEEClass*)(pMT->GetClass()); - // On the CoreCLR, we only allow marshaling out delegates that we can guarantee are full-trust delegates - if (!IsFullTrustDelegate(pDelegate)) - { - StackSString strDelegateType; - TypeString::AppendType(strDelegateType, pMT, TypeString::FormatNamespace | TypeString::FormatAngleBrackets| TypeString::FormatSignature); - COMPlusThrow(kSecurityException, IDS_E_DELEGATE_FULLTRUST_ARPIC_1, strDelegateType.GetUnicode()); - } - if (pMT->HasInstantiation()) COMPlusThrowArgumentException(W("delegate"), W("Argument_NeedNonGenericType")); @@ -1450,12 +1322,6 @@ OBJECTREF COMDelegate::ConvertToDelegate(LPVOID pCallback, MethodTable* pMT) if (pUMEntryThunk->GetDomainId() != GetAppDomain()->GetId()) COMPlusThrow(kNotSupportedException, W("NotSupported_DelegateMarshalToWrongDomain")); - // On the CoreCLR, we only allow marshaling out delegates that we can guarantee are full-trust delegates - if (!IsFullTrustDelegate((DELEGATEREF)pDelegate)) - { - COMPlusThrow(kSecurityException, IDS_E_DELEGATE_FULLTRUST_ARPIC_2); - } - GCPROTECT_END(); return pDelegate; } @@ -1558,12 +1424,6 @@ OBJECTREF COMDelegate::ConvertToDelegate(LPVOID pCallback, MethodTable* pMT) GCPROTECT_END(); #endif // defined(_TARGET_X86_) - // On the CoreCLR, we only allow marshaling out delegates that we can guarantee are full-trust delegates - if (!IsFullTrustDelegate(delObj)) - { - COMPlusThrow(kSecurityException, IDS_E_DELEGATE_FULLTRUST_ARPIC_2); - } - return delObj; } diff --git a/src/vm/comdelegate.h b/src/vm/comdelegate.h index f6ca775b60..1bfe8ac987 100644 --- a/src/vm/comdelegate.h +++ b/src/vm/comdelegate.h @@ -125,10 +125,7 @@ public: static BOOL IsTrueMulticastDelegate(OBJECTREF delegate); - static BOOL IsMethodAllowedToSinkReversePInvoke(MethodDesc *pMD); - private: - static BOOL IsFullTrustDelegate(DELEGATEREF pDelegate); static Stub* SetupShuffleThunk(MethodTable * pDelMT, MethodDesc *pTargetMeth); public: diff --git a/src/vm/corhost.cpp b/src/vm/corhost.cpp index 74c42d3a85..f6ca34267a 100644 --- a/src/vm/corhost.cpp +++ b/src/vm/corhost.cpp @@ -869,10 +869,6 @@ HRESULT CorHost2::_CreateDelegate( if (pMD==NULL || !pMD->IsStatic() || pMD->ContainsGenericVariables()) ThrowHR(COR_E_MISSINGMETHOD); - // the target method must be decorated with AllowReversePInvokeCallsAttribute - if (!COMDelegate::IsMethodAllowedToSinkReversePInvoke(pMD)) - ThrowHR(COR_E_SECURITY); - UMEntryThunk *pUMEntryThunk = GetAppDomain()->GetUMEntryThunkCache()->GetUMEntryThunk(pMD); *fnPtr = (INT_PTR)pUMEntryThunk->GetCode(); diff --git a/src/vm/domainfile.cpp b/src/vm/domainfile.cpp index e5736b7282..410884531e 100644 --- a/src/vm/domainfile.cpp +++ b/src/vm/domainfile.cpp @@ -1786,10 +1786,8 @@ void DomainAssembly::FindNativeImage() ExternalLog(LL_ERROR, "Rejecting native image because mscorlib does not have native image"); GetFile()->ClearNativeImage(); -#ifdef FEATURE_WINDOWSPHONE - // On Phone, always through exceptions when we throw the NI out + // Always throw exceptions when we throw the NI out ThrowHR(CLR_E_BIND_SYS_ASM_NI_MISSING); -#endif } else if (!CheckZapSecurity(pNativeImage)) @@ -1802,11 +1800,8 @@ void DomainAssembly::FindNativeImage() GetFile()->ClearNativeImage(); -#ifdef FEATURE_WINDOWSPHONE - // On Phone, always through exceptions when we throw the NI out + // Always throw exceptions when we throw the NI out ThrowHR(CLR_E_BIND_NI_SECURITY_FAILURE); -#endif - } else if (!CheckZapDependencyIdentities(pNativeImage)) { @@ -1818,11 +1813,8 @@ void DomainAssembly::FindNativeImage() GetFile()->ClearNativeImage(); -#ifdef FEATURE_WINDOWSPHONE - // On Phone, always through exceptions when we throw the NI out + // Always throw exceptions when we throw the NI out ThrowHR(CLR_E_BIND_NI_DEP_IDENTITY_MISMATCH); -#endif - } else { |