diff options
| author | Dan Moseley <danmose@microsoft.com> | 2017-02-07 14:10:09 -0800 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2017-02-07 14:10:09 -0800 |
| commit | c35e8dbc37e5380f46553510d0368aad04a677d2 (patch) | |
| tree | 62e2316f5a30f3cddd507b562b2bf4dc73ac72ef /src/vm | |
| parent | 3c34cce7187e44c024331ad6267c6507034e48bd (diff) | |
| download | coreclr-c35e8dbc37e5380f46553510d0368aad04a677d2.tar.gz coreclr-c35e8dbc37e5380f46553510d0368aad04a677d2.tar.bz2 coreclr-c35e8dbc37e5380f46553510d0368aad04a677d2.zip | |
Remove more CAS (#9390)
* Remove PermissionSet
* Remove HostProtectionAttribute
* Remove PermissionState
* Remove S.Security.Permissions
* Remove IPrincipal
* Fix native side
* Remove model.xml again
Diffstat (limited to 'src/vm')
| -rw-r--r-- | src/vm/appdomainnative.cpp | 5 | ||||
| -rw-r--r-- | src/vm/appdomainnative.hpp | 2 | ||||
| -rw-r--r-- | src/vm/assembly.cpp | 17 | ||||
| -rw-r--r-- | src/vm/assembly.hpp | 3 | ||||
| -rw-r--r-- | src/vm/comsynchronizable.cpp | 33 | ||||
| -rw-r--r-- | src/vm/comsynchronizable.h | 4 | ||||
| -rw-r--r-- | src/vm/security.h | 2 | ||||
| -rw-r--r-- | src/vm/securitydescriptorassembly.cpp | 76 | ||||
| -rw-r--r-- | src/vm/securitydescriptorassembly.h | 4 |
9 files changed, 9 insertions, 137 deletions
diff --git a/src/vm/appdomainnative.cpp b/src/vm/appdomainnative.cpp index 85c828f9ca..3935cb5b54 100644 --- a/src/vm/appdomainnative.cpp +++ b/src/vm/appdomainnative.cpp @@ -580,7 +580,7 @@ void QCALLTYPE AppDomainNative::SetupBindingPaths(__in_z LPCWSTR wszTrustedPlatf #endif // FEATURE_VERSIONING -FCIMPL12(Object*, AppDomainNative::CreateDynamicAssembly, AppDomainBaseObject* refThisUNSAFE, AssemblyNameBaseObject* assemblyNameUNSAFE, Object* identityUNSAFE, StackCrawlMark* stackMark, Object* requiredPsetUNSAFE, Object* optionalPsetUNSAFE, Object* refusedPsetUNSAFE, U1Array *securityRulesBlobUNSAFE, U1Array *aptcaBlobUNSAFE, INT32 access, INT32 dwFlags, SecurityContextSource securityContextSource) +FCIMPL9(Object*, AppDomainNative::CreateDynamicAssembly, AppDomainBaseObject* refThisUNSAFE, AssemblyNameBaseObject* assemblyNameUNSAFE, Object* identityUNSAFE, StackCrawlMark* stackMark, U1Array *securityRulesBlobUNSAFE, U1Array *aptcaBlobUNSAFE, INT32 access, INT32 dwFlags, SecurityContextSource securityContextSource) { FCALL_CONTRACT; @@ -594,9 +594,6 @@ FCIMPL12(Object*, AppDomainNative::CreateDynamicAssembly, AppDomainBaseObject* r args.refThis = (APPDOMAINREF) refThisUNSAFE; args.assemblyName = (ASSEMBLYNAMEREF) assemblyNameUNSAFE; args.identity = (OBJECTREF) identityUNSAFE; - args.requiredPset = (OBJECTREF) requiredPsetUNSAFE; - args.optionalPset = (OBJECTREF) optionalPsetUNSAFE; - args.refusedPset = (OBJECTREF) refusedPsetUNSAFE; args.securityRulesBlob = (U1ARRAYREF) securityRulesBlobUNSAFE; args.aptcaBlob = (U1ARRAYREF) aptcaBlobUNSAFE; args.loaderAllocator = NULL; diff --git a/src/vm/appdomainnative.hpp b/src/vm/appdomainnative.hpp index 5aa781ba41..cb0c364cfa 100644 --- a/src/vm/appdomainnative.hpp +++ b/src/vm/appdomainnative.hpp @@ -34,7 +34,7 @@ public: static FCDECL2(void, UpdateLoaderOptimization, AppDomainBaseObject* refThisUNSAFE, DWORD optimization); #endif // FEATURE_LOADER_OPTIMIZATION - static FCDECL12(Object*, CreateDynamicAssembly, AppDomainBaseObject* refThisUNSAFE, AssemblyNameBaseObject* assemblyNameUNSAFE, Object* identityUNSAFE, StackCrawlMark* stackMark, Object* requiredPsetUNSAFE, Object* optionalPsetUNSAFE, Object* refusedPsetUNSAFE, U1Array* securityRulesBlobUNSAFE, U1Array* aptcaBlobUNSAFE, INT32 access, INT32 flags, SecurityContextSource securityContextSource); + static FCDECL9(Object*, CreateDynamicAssembly, AppDomainBaseObject* refThisUNSAFE, AssemblyNameBaseObject* assemblyNameUNSAFE, Object* identityUNSAFE, StackCrawlMark* stackMark, U1Array* securityRulesBlobUNSAFE, U1Array* aptcaBlobUNSAFE, INT32 access, INT32 flags, SecurityContextSource securityContextSource); #ifdef FEATURE_APPDOMAINMANAGER_INITOPTIONS static FCDECL0(FC_BOOL_RET, HasHost); #endif // FEATURE_APPDOMAINMANAGER_INITOPTIONS diff --git a/src/vm/assembly.cpp b/src/vm/assembly.cpp index b3e7611205..2db3e23fff 100644 --- a/src/vm/assembly.cpp +++ b/src/vm/assembly.cpp @@ -924,23 +924,6 @@ Assembly *Assembly::CreateDynamic(AppDomain *pDomain, CreateDynamicAssemblyArgs } // Start loading process - -#ifdef FEATURE_CAS_POLICY - // Get the security descriptor for the assembly. - IAssemblySecurityDescriptor *pSecDesc = pDomainAssembly->GetSecurityDescriptor(); - - // Propagate identity and permission request information into the assembly's - // security descriptor. Then when policy is resolved we'll end up with the - // correct grant set. - // If identity has not been provided then the caller's assembly will be - // calculated instead and we'll just copy the granted permissions from the - // caller to the new assembly and mark policy as resolved (done - // automatically by SetGrantedPermissionSet). - pSecDesc->SetRequestedPermissionSet(args->requiredPset, - args->optionalPset, - args->refusedPset); -#endif // FEATURE_CAS_POLICY - { // Create a concrete assembly // (!Do not remove scoping brace: order is important here: the Assembly holder must destruct before the AllocMemTracker!) diff --git a/src/vm/assembly.hpp b/src/vm/assembly.hpp index bcd36b9a5f..54bb03de96 100644 --- a/src/vm/assembly.hpp +++ b/src/vm/assembly.hpp @@ -73,9 +73,6 @@ enum DynamicAssemblyFlags struct CreateDynamicAssemblyArgsGC { APPDOMAINREF refThis; - OBJECTREF refusedPset; - OBJECTREF optionalPset; - OBJECTREF requiredPset; OBJECTREF identity; ASSEMBLYNAMEREF assemblyName; U1ARRAYREF securityRulesBlob; diff --git a/src/vm/comsynchronizable.cpp b/src/vm/comsynchronizable.cpp index aa8b1596f9..b486687752 100644 --- a/src/vm/comsynchronizable.cpp +++ b/src/vm/comsynchronizable.cpp @@ -52,9 +52,8 @@ struct SharedState OBJECTHANDLE m_Threadable; OBJECTHANDLE m_ThreadStartArg; Thread *m_Internal; - OBJECTHANDLE m_Principal; - SharedState(OBJECTREF threadable, OBJECTREF threadStartArg, Thread *internal, OBJECTREF principal) + SharedState(OBJECTREF threadable, OBJECTREF threadStartArg, Thread *internal) { CONTRACTL { @@ -71,8 +70,6 @@ struct SharedState m_ThreadStartArg = ad->CreateHandle(threadStartArg); m_Internal = internal; - - m_Principal = ad->CreateHandle(principal); } ~SharedState() @@ -95,7 +92,6 @@ struct SharedState { DestroyHandle(m_Threadable); DestroyHandle(m_ThreadStartArg); - DestroyHandle(m_Principal); } } }; @@ -230,7 +226,6 @@ void ThreadNative::KickOffThread_Worker(LPVOID ptr) // we are saving the delagate and result primarily for debugging struct _gc { - OBJECTREF orPrincipal; OBJECTREF orThreadStartArg; OBJECTREF orDelegate; OBJECTREF orResult; @@ -244,22 +239,6 @@ void ThreadNative::KickOffThread_Worker(LPVOID ptr) GCPROTECT_BEGIN(gc); BEGIN_SO_INTOLERANT_CODE(pThread); - gc.orPrincipal = ObjectFromHandle(args->share->m_Principal); - -#ifdef FEATURE_IMPERSONATION - // Push the initial security principal object (if any) onto the - // managed thread. - if (gc.orPrincipal != NULL) - { - gc.orThread = args->pThread->GetExposedObject(); - MethodDescCallSite setPrincipalInternal(METHOD__THREAD__SET_PRINCIPAL_INTERNAL, &gc.orThread); - ARG_SLOT argsToSetPrincipal[2]; - argsToSetPrincipal[0] = ObjToArgSlot(gc.orThread); - argsToSetPrincipal[1] = ObjToArgSlot(gc.orPrincipal); - setPrincipalInternal.Call(argsToSetPrincipal); - } -#endif - gc.orDelegate = ObjectFromHandle(args->share->m_Threadable); gc.orThreadStartArg = ObjectFromHandle(args->share->m_ThreadStartArg); @@ -434,20 +413,20 @@ ULONG __stdcall ThreadNative::KickOffThread(void* pass) } -FCIMPL3(void, ThreadNative::Start, ThreadBaseObject* pThisUNSAFE, Object* pPrincipalUNSAFE, StackCrawlMark* pStackMark) +FCIMPL2(void, ThreadNative::Start, ThreadBaseObject* pThisUNSAFE, StackCrawlMark* pStackMark) { FCALL_CONTRACT; HELPER_METHOD_FRAME_BEGIN_NOPOLL(); - StartInner(pThisUNSAFE, pPrincipalUNSAFE, pStackMark); + StartInner(pThisUNSAFE, pStackMark); HELPER_METHOD_FRAME_END_POLL(); } FCIMPLEND // Start up a thread, which by now should be in the ThreadStore's Unstarted list. -void ThreadNative::StartInner(ThreadBaseObject* pThisUNSAFE, Object* pPrincipalUNSAFE, StackCrawlMark* pStackMark) +void ThreadNative::StartInner(ThreadBaseObject* pThisUNSAFE, StackCrawlMark* pStackMark) { CONTRACTL { @@ -459,11 +438,9 @@ void ThreadNative::StartInner(ThreadBaseObject* pThisUNSAFE, Object* pPrincipalU struct _gc { - OBJECTREF pPrincipal; THREADBASEREF pThis; } gc; - gc.pPrincipal = (OBJECTREF) pPrincipalUNSAFE; gc.pThis = (THREADBASEREF) pThisUNSAFE; GCPROTECT_BEGIN(gc); @@ -498,7 +475,7 @@ void ThreadNative::StartInner(ThreadBaseObject* pThisUNSAFE, Object* pPrincipalU // Allocate this away from our stack, so we can unwind without affecting // KickOffThread. It is inside a GCFrame, so we can enable GC now. - NewHolder<SharedState> share(new SharedState(threadable, threadStartArg, pNewThread, gc.pPrincipal)); + NewHolder<SharedState> share(new SharedState(threadable, threadStartArg, pNewThread)); pNewThread->IncExternalCount(); diff --git a/src/vm/comsynchronizable.h b/src/vm/comsynchronizable.h index 65ec21228b..d9c2defd70 100644 --- a/src/vm/comsynchronizable.h +++ b/src/vm/comsynchronizable.h @@ -64,11 +64,11 @@ public: static LPVOID F_CALL_CONV FastGetCurrentThread(); static LPVOID F_CALL_CONV FastGetDomain(); - static void StartInner(ThreadBaseObject* pThisUNSAFE, Object* pPrincipalUNSAFE, StackCrawlMark* pStackMark); + static void StartInner(ThreadBaseObject* pThisUNSAFE, StackCrawlMark* pStackMark); static FCDECL1(void, Abort, ThreadBaseObject* pThis); static FCDECL1(void, ResetAbort, ThreadBaseObject* pThis); - static FCDECL3(void, Start, ThreadBaseObject* pThisUNSAFE, Object* pPrincipalUNSAFE, StackCrawlMark* pStackMark); + static FCDECL2(void, Start, ThreadBaseObject* pThisUNSAFE, StackCrawlMark* pStackMark); #ifndef FEATURE_CORECLR static FCDECL1(void, Suspend, ThreadBaseObject* pThisUNSAFE); static FCDECL1(void, Resume, ThreadBaseObject* pThisUNSAFE); diff --git a/src/vm/security.h b/src/vm/security.h index da02515ed9..3f3cb38c09 100644 --- a/src/vm/security.h +++ b/src/vm/security.h @@ -334,8 +334,6 @@ public: #ifdef FEATURE_CAS_POLICY virtual HRESULT LoadSignature( COR_TRUST **ppSignature = NULL) = 0; - virtual void SetRequestedPermissionSet(OBJECTREF RequiredPermissionSet, OBJECTREF OptionalPermissionSet, OBJECTREF DeniedPermissionSet) = 0; - virtual void SetAdditionalEvidence(OBJECTREF evidence) = 0; virtual BOOL HasAdditionalEvidence() = 0; virtual OBJECTREF GetAdditionalEvidence() = 0; diff --git a/src/vm/securitydescriptorassembly.cpp b/src/vm/securitydescriptorassembly.cpp index b5a412e047..715d956123 100644 --- a/src/vm/securitydescriptorassembly.cpp +++ b/src/vm/securitydescriptorassembly.cpp @@ -34,82 +34,6 @@ AssemblySecurityDescriptor::AssemblySecurityDescriptor(AppDomain *pDomain, Domai } CONTRACTL_END; } -#ifdef FEATURE_CAS_POLICY -OBJECTREF AssemblySecurityDescriptor::GetRequestedPermissionSet(OBJECTREF *pOptionalPermissionSet, - OBJECTREF *pDeniedPermissionSet) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - PRECONDITION(m_pAppDomain == GetAppDomain()); - PRECONDITION(CheckPointer(pOptionalPermissionSet)); - PRECONDITION(CheckPointer(pDeniedPermissionSet)); - PRECONDITION(m_pAppDomain->GetSecurityDescriptor()->IsLegacyCasPolicyEnabled()); - INJECT_FAULT(COMPlusThrowOM();); - } - CONTRACTL_END; - - OBJECTREF req = NULL; - GCPROTECT_BEGIN(req); - - if (!IsAssemblyRequestsComputed()) - { - ReleaseHolder<IMDInternalImport> pImport (m_pAssem->GetFile()->GetMDImportWithRef()); - - // Try to load permission requests from assembly first. - SecurityAttributes::LoadPermissionRequestsFromAssembly(pImport, - &req, - pOptionalPermissionSet, - pDeniedPermissionSet); - - SetRequestedPermissionSet(req, *pOptionalPermissionSet, *pDeniedPermissionSet); - } - else - { - *pOptionalPermissionSet = ObjectFromLazyHandle(m_hOptionalPermissionSet, m_pLoaderAllocator); - *pDeniedPermissionSet = ObjectFromLazyHandle(m_hDeniedPermissionSet, m_pLoaderAllocator); - req = ObjectFromLazyHandle(m_hRequiredPermissionSet, m_pLoaderAllocator); - } - - GCPROTECT_END(); - return req; -} - -void AssemblySecurityDescriptor::SetRequestedPermissionSet(OBJECTREF RequiredPermissionSet, - OBJECTREF OptionalPermissionSet, - OBJECTREF DeniedPermissionSet) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - } - CONTRACTL_END; - - struct _gc - { - OBJECTREF RequiredPermissionSet; - OBJECTREF OptionalPermissionSet; - OBJECTREF DeniedPermissionSet; - } gc; - - gc.RequiredPermissionSet = RequiredPermissionSet; - gc.OptionalPermissionSet = OptionalPermissionSet; - gc.DeniedPermissionSet = DeniedPermissionSet; - - GCPROTECT_BEGIN(gc); - StoreObjectInLazyHandle(m_hRequiredPermissionSet, gc.RequiredPermissionSet, m_pLoaderAllocator); - StoreObjectInLazyHandle(m_hOptionalPermissionSet, gc.OptionalPermissionSet, m_pLoaderAllocator); - StoreObjectInLazyHandle(m_hDeniedPermissionSet, gc.DeniedPermissionSet, m_pLoaderAllocator); - GCPROTECT_END(); - - m_fAssemblyRequestsComputed = TRUE; -} -#endif // FEATURE_CAS_POLICY - // // This method will return TRUE if this assembly is allowed to skip verification. // diff --git a/src/vm/securitydescriptorassembly.h b/src/vm/securitydescriptorassembly.h index 15bc83eef6..4ba65eb11d 100644 --- a/src/vm/securitydescriptorassembly.h +++ b/src/vm/securitydescriptorassembly.h @@ -115,10 +115,6 @@ public: OBJECTREF GetRequestedPermissionSet(OBJECTREF *pOptionalPermissionSet, OBJECTREF *pDeniedPermissionSet); - virtual void SetRequestedPermissionSet(OBJECTREF RequiredPermissionSet, - OBJECTREF OptionalPermissionSet, - OBJECTREF DeniedPermissionSet); - #ifndef DACCESS_COMPILE virtual void SetAdditionalEvidence(OBJECTREF evidence); virtual BOOL HasAdditionalEvidence(); |