From 44736b809edaacc39d9bab1d18e04067e3fdb13d Mon Sep 17 00:00:00 2001 From: Jan Kotas Date: Fri, 6 Oct 2017 17:51:29 -0700 Subject: Delete dead code (#14365) Delete some dead code related to Windows Phone and code access security --- src/classlibnative/bcltype/system.cpp | 10 --- src/dlls/mscorrc/mscorrc.rc | 39 ---------- src/dlls/mscorrc/resource.h | 43 ----------- src/vm/clsload.cpp | 133 +++++--------------------------- src/vm/clsload.hpp | 21 ++--- src/vm/comdelegate.cpp | 140 ---------------------------------- src/vm/comdelegate.h | 3 - src/vm/corhost.cpp | 4 - src/vm/domainfile.cpp | 14 +--- 9 files changed, 30 insertions(+), 377 deletions(-) diff --git a/src/classlibnative/bcltype/system.cpp b/src/classlibnative/bcltype/system.cpp index 11b7107a65..6577ffcb4a 100644 --- a/src/classlibnative/bcltype/system.cpp +++ b/src/classlibnative/bcltype/system.cpp @@ -31,16 +31,6 @@ #include "array.h" #include "eepolicy.h" - -#ifdef FEATURE_WINDOWSPHONE -Volatile g_fGetPhoneVersionInitialized; - -// This is the API to query the phone version information -typedef BOOL (*pfnGetPhoneVersion)(LPOSVERSIONINFO lpVersionInformation); - -pfnGetPhoneVersion g_pfnGetPhoneVersion = NULL; -#endif - typedef void(WINAPI *pfnGetSystemTimeAsFileTime)(LPFILETIME lpSystemTimeAsFileTime); extern pfnGetSystemTimeAsFileTime g_pfnGetSystemTimeAsFileTime; diff --git a/src/dlls/mscorrc/mscorrc.rc b/src/dlls/mscorrc/mscorrc.rc index 8bc7ff00b9..9e5be16af1 100644 --- a/src/dlls/mscorrc/mscorrc.rc +++ b/src/dlls/mscorrc/mscorrc.rc @@ -1156,10 +1156,6 @@ BEGIN IDS_EE_INTEROP_STUB_CA_NO_ACCESS_TO_STUB_METHOD "The interop method '%1' cannot access the stub method '%2' specified in ManagedToNativeComInteropStubAttribute. Please make sure they have compatible access modifiers and security accessibility." #endif // FEATURE_COMINTEROP -#ifdef FEATURE_WINDOWSPHONE - IDS_EE_INTEROP_DLL_IMPORT_ON_USER_METHOD "DllImport cannot be used by application code. Use the Windows Runtime to call native code." -#endif - #ifdef FEATURE_COMINTEROP IDS_EE_STRUCTLAYOUT_WINRT "Windows Runtime value types must have sequential layout." IDS_EE_PRESERVESIG_WINRT "The PreserveSigAttribute may not be used on Windows Runtime methods." @@ -1177,8 +1173,6 @@ BEGIN IDS_EE_CANNOTCAST_NOMARSHAL "The Windows Runtime Object can only be used in the threading context where it was created, because it implements INoMarshal or has MarshalingBehaviorAttribute(MarshalingType.None) set." IDS_EE_WINRT_WEAKREF_BAD_TYPE "The object resolved by a native IWeakReference has an incompatible type for its managed WeakReference instance.\r\nExpected WeakReference target type: '%1'\r\nNative IWeakReference returned type: '%2'" #endif // FEATURE_COMINTEROP - - IDS_EE_INTEROP_CODE_SIZE_COMMENT "Code size" IDS_EE_ADUNLOAD_IN_FINALIZER "AppDomain cannot be unloaded during object finalization." IDS_EE_ADUNLOAD_DEFAULT "The default domain cannot be unloaded." @@ -1275,14 +1269,10 @@ BEGIN IDS_CLASSLOAD_EQUIVALENTSTRUCTFIELDS "Could not load the structure '%1' from assembly '%2'. The structure is marked as eligible for type equivalence, but it has a static or non-public field." IDS_CLASSLOAD_EQUIVALENTBADTYPE "Could not load type '%1' from assembly '%2'. The type is marked as eligible for type equivalence, but either it has generic parameters, or it is not a structure, COM imported interface, enumeration, or delegate." IDS_CLASSLOAD_EQUIVALENTNOTTRUSTED "Could not load type '%1' from assembly '%2'. The type is marked as eligible for type equivalence, but the containing assembly is not loaded as fully trusted." - IDS_CLASSLOAD_EQUIVALENTTRANSPARENCY "Could not load type '%1' from assembly '%2'. The type is marked as eligible for type equivalence, but either it is not marked as safe-critical or transparent, or it has a field or method that is not marked as safe-critical or transparent." IDS_CLASSLOAD_EQUIVALENTNOTPUBLIC "Could not load type '%1' from assembly '%2'. The type is marked as eligible for type equivalence, but it is not marked as public." IDS_EE_CODEEXECUTION_CONTAINSGENERICVAR "Could not execute the method because either the method itself or the containing type is not fully instantiated." IDS_CLASSLOAD_WRONGCPU "Could not load file or assembly '%1'. This assembly was compiled for a different processor." - - IDS_SECURITY_DEMAND_DENIED "Request for permission of type '%1' failed." - IDS_CANNOT_MARSHAL "Type '%1' cannot be marshaled as an unmanaged structure; no meaningful size or offset can be computed." IDS_PINVOKE_STRINGBUILDEROVERFLOW "Warning: A StringBuilder buffer has been overflowed by unmanaged code. The process may become unstable. Insufficient capacity allocated to the StringBuilder before marshaling it." @@ -1536,44 +1526,15 @@ BEGIN IDS_UNMARSHALABLE_DEMAND_OBJECT "The security object (Permission or PermissionSet) used for performing a Demand caused an error relating to serialization/deserialization." IDS_EE_OBJECT_TO_VARIANT_NOT_SUPPORTED "Invalid managed/unmanaged type combination (Marshaling to and from COM VARIANTs isn't supported)." IDS_EE_OBJECT_TO_ITF_NOT_SUPPORTED "Invalid managed/unmanaged type combination (Marshaling to and from COM interface pointers isn't supported)." - IDS_TYPE_INHERITANCE_RULES_VIOLATED "Inheritance security rules violated by type: '%1'. Derived types must either match the security accessibility of the base type or be less accessible. If the base class has a non-transparent default constructor, the derived class must also have a default constructor, and the method inheritance rules apply across those two methods." - IDS_METHOD_INHERITANCE_RULES_VIOLATED "Inheritance security rules violated while overriding member: '%1'. Security accessibility of the overriding method must match the security accessibility of the method being overriden." - IDS_CRITICAL_METHOD_ACCESS_DENIED "Attempt to access method %1 in violation of security transparency rules failed." - IDS_CRITICAL_TYPE_ACCESS_DENIED "Attempt to access type %1 in violation of security transparency rules failed." - IDS_APPLICATION_ASSEMBLY_EXEC_DENIED "Application assemblies cannot be directly executed: %1" - IDS_REFLECTION_METHOD_ACCESS_DENIED "Application code cannot access %1 using Reflection." - - IDS_E_LOAD_CRITICAL_IN_PARTIAL_TRUST "Assembly '%1' is partially trusted, however it is not entirely security transparent. If this assembly is meant to be used in partial trust, you will need to apply the SecurityTransparentAttribute to it." - IDS_E_TRANSPARENT_CALL_LINKDEMAND "Attempt by security transparent method '%1' to access LinkDemand protected method '%2' failed. Methods must be security critical or security safe-critical to satisfy a LinkDemand." - IDS_E_TRANSPARENT_CALL_NATIVE "Attempt by security transparent method '%1' to call native code through method '%2' failed. Methods must be security critical or security safe-critical to call native code." - IDS_E_TRANSPARENT_REFLECTION "Security transparent method %1 cannot access %2 using reflection." - IDS_E_TRANSPARENT_METHOD_CRITICAL_TYPE "Method '%1' is security transparent, but is a member of a security critical type." - IDS_E_UNKNOWN_SECURITY_RULESET "Assembly '%1' specified an unknown security rule set." - IDS_E_UNTRUSTED_APPDOMAIN_MANAGER "Partial trust applications may not specify an AppDomainManager for the default domain." IDS_E_FIELDACCESS "Attempt by method '%1' to access field '%2' failed.%3" IDS_E_METHODACCESS "Attempt by method '%1' to access method '%2' failed.%3" IDS_E_TYPEACCESS "Attempt by method '%1' to access type '%2' failed.%3" - IDS_E_CRITICAL_FIELD_ACCESS_DENIED "Attempt by security transparent method '%1' to access security critical field '%2' failed.%3" - IDS_E_CRITICAL_METHOD_ACCESS_DENIED "Attempt by security transparent method '%1' to access security critical method '%2' failed.%3" - IDS_E_CRITICAL_TYPE_ACCESS_DENIED "Attempt by security transparent method '%1' to access security critical type '%2' failed.%3" - IDS_E_DELEGATE_BINDING_TRANSPARENCY "A delegate of type '%1' cannot be bound to the method '%2' due to security transparency rules. Ensure the delegate type and the method being bound have compatible security transparency." - IDS_E_DELEGATE_FULLTRUST_ARPIC_1 "Delegate '%1' must be bound to a method in a fully-trusted assembly and the method must have the AllowReversePinvokeCallsAttribute." - IDS_E_DELEGATE_FULLTRUST_ARPIC_2 "Cannot create a Delegate for marshalling out unless it is bound to a method in a fully-trusted assembly and the method has the AllowReversePinvokeCallsAttribute." - IDS_E_ACCESSING_PRIVATE_FRAMEWORK_CODE "Reflection invocation to internal or private types or members in the framework is not allowed." IDS_EE_TORNSTATE "Unexpected change made to file '%1'." END -// These strings are attached to various access exceptions to provide additional context as to what may have -// caused them, and how they might be fixed. -STRINGTABLE DISCARDABLE -BEGIN - IDS_ACCESS_EXCEPTION_CONTEXT_LEVEL2_APTCA "Assembly '%1' is marked with the AllowPartiallyTrustedCallersAttribute, and uses the level 2 security transparency model. Level 2 transparency causes all methods in AllowPartiallyTrustedCallers assemblies to become security transparent by default, which may be the cause of this exception." - IDS_ACCESS_EXCEPTION_CONTEXT_PT_TRANSPARENT "Assembly '%1' is partially trusted, which causes the CLR to make it entirely security transparent regardless of any transparency annotations in the assembly itself. In order to access security critical code, this assembly must be fully trusted." -END - // These strings are generated from within the EE for streams STRINGTABLE DISCARDABLE BEGIN diff --git a/src/dlls/mscorrc/resource.h b/src/dlls/mscorrc/resource.h index eb1cb293f4..a798765f46 100644 --- a/src/dlls/mscorrc/resource.h +++ b/src/dlls/mscorrc/resource.h @@ -217,7 +217,6 @@ #define IDS_STREAMS_FILE_NAME 0x176d #define IDS_STREAMS_SEEK_MODIFIER 0x176e -#define IDS_SECURITY_DEMAND_DENIED 0x176f #define IDS_CANNOT_MARSHAL 0x1770 #define IDS_PINVOKE_STRINGBUILDEROVERFLOW 0x1771 @@ -598,7 +597,6 @@ #define IDS_CLASSLOAD_COLLECTIBLEFIXEDVTATTR 0x1ab6 #define IDS_CLASSLOAD_EQUIVALENTBADTYPE 0x1ab7 #define IDS_CLASSLOAD_EQUIVALENTNOTTRUSTED 0x1ab8 -#define IDS_CLASSLOAD_EQUIVALENTTRANSPARENCY 0x1ab9 #define IDS_CLASSLOAD_EQUIVALENTNOTPUBLIC 0x1aba #define IDS_EE_CODEEXECUTION_CONTAINSGENERICVAR 0x1abb #define IDS_CLASSLOAD_WRONGCPU 0x1abc @@ -769,14 +767,6 @@ #define IDS_EE_OBJECT_TO_VARIANT_NOT_SUPPORTED 0x2090 #define IDS_EE_OBJECT_TO_ITF_NOT_SUPPORTED 0x2091 -#define IDS_INHERITIANCE_RULES_VIOLATED 0x2092 -#define IDS_CRITICAL_METHOD_ACCESS_DENIED 0x2093 -#define IDS_CRITICAL_TYPE_ACCESS_DENIED 0x2094 -#define IDS_APPLICATION_ASSEMBLY_EXEC_DENIED 0x2095 -#define IDS_REFLECTION_METHOD_ACCESS_DENIED 0x2096 -#define IDS_METHOD_INHERITANCE_RULES_VIOLATED 0x2097 -#define IDS_TYPE_INHERITANCE_RULES_VIOLATED 0x2098 - #define IDS_EE_BADMARSHALFIELD_DECIMAL 0x2099 #define IDS_EE_CANNOTCASTSAME 0x209a @@ -785,13 +775,6 @@ #define IDS_CLASSLOAD_COLLECTIBLE_CONTEXT_BOUND_OBJECT 0x209d -#define IDS_E_LOAD_CRITICAL_IN_PARTIAL_TRUST 0x2100 -#define IDS_E_TRANSPARENT_CALL_LINKDEMAND 0x2101 -#define IDS_E_TRANSPARENT_METHOD_CRITICAL_TYPE 0x2102 -#define IDS_E_UNKNOWN_SECURITY_RULESET 0x2103 -#define IDS_E_UNTRUSTED_APPDOMAIN_MANAGER 0x2104 -#define IDS_E_LOADFROM_REMOTE_SOURCE 0x2106 - // For ForwardInteropStubAttribute #ifdef FEATURE_COMINTEROP #define IDS_EE_INTEROP_STUB_CA_MUST_BE_WITHIN_SAME_ASSEMBLY 0x2107 @@ -801,33 +784,11 @@ #define IDS_EE_INTEROP_STUB_CA_NO_ACCESS_TO_STUB_METHOD 0x2111 #endif -#define IDS_EE_INTEROP_CODE_SIZE_COMMENT 0x2112 - #define BFA_REFERENCE_ASSEMBLY 0x2113 #define IDS_E_FIELDACCESS 0x2114 #define IDS_E_METHODACCESS 0x2115 #define IDS_E_TYPEACCESS 0x2116 -#define IDS_E_CRITICAL_FIELD_ACCESS_DENIED 0x2117 -#define IDS_E_CRITICAL_METHOD_ACCESS_DENIED 0x2118 -#define IDS_E_CRITICAL_TYPE_ACCESS_DENIED 0x2119 - -#define IDS_E_TRANSPARENT_CALL_NATIVE 0x2120 -#define IDS_E_TRANSPARENT_REFLECTION 0x2121 - -#define IDS_E_DELEGATE_BINDING_TRANSPARENCY 0x2122 - -#define IDS_E_ACCESSING_PRIVATE_FRAMEWORK_CODE 0x2123 - -#define IDS_E_DELEGATE_FULLTRUST_ARPIC_1 0x2124 -#define IDS_E_DELEGATE_FULLTRUST_ARPIC_2 0x2125 - -#define IDS_ACCESS_EXCEPTION_CONTEXT_LEVEL2_APTCA 0x2200 -#define IDS_ACCESS_EXCEPTION_CONTEXT_APTCA_KILLBIT 0x2201 -#define IDS_ACCESS_EXCEPTION_CONTEXT_CONDITIONAL_APTCA 0x2202 -#define IDS_ACCESS_EXCEPTION_CONTEXT_PT_TRANSPARENT 0x2203 - -#define IDS_E_LOADFROM_REMOTE_SOURCE_MOTW 0x2204 // Profiler error messages for event log #define IDS_E_PROF_NO_CLSID 0x2500 @@ -908,10 +869,6 @@ #define IDS_EE_TORNSTATE 0x2613 -#ifdef FEATURE_WINDOWSPHONE -#define IDS_EE_INTEROP_DLL_IMPORT_ON_USER_METHOD 0x262b -#endif - #ifdef FEATURE_COMINTEROP #define IDS_EE_WINRT_WEAKREF_BAD_TYPE 0x262e diff --git a/src/vm/clsload.cpp b/src/vm/clsload.cpp index bb71f0b6ed..6492b6f064 100644 --- a/src/vm/clsload.cpp +++ b/src/vm/clsload.cpp @@ -4928,7 +4928,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method if (m_fThrowIfTargetIsInaccessible) { - ThrowAccessException(pContext, pTargetMT, NULL, FALSE); + ThrowAccessException(pContext, pTargetMT, NULL); } return FALSE; @@ -4938,7 +4938,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method { if (m_fThrowIfTargetIsInaccessible) { - ThrowAccessException(pContext, pTargetMT, NULL, FALSE); + ThrowAccessException(pContext, pTargetMT, NULL); } return FALSE; @@ -4948,8 +4948,6 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method #ifndef CROSSGEN_COMPILE - BOOL fAccessingFrameworkCode = FALSE; - // In CoreCLR kRestrictedMemberAccess means that one can access private/internal // classes/members in app code. if (m_accessCheckType != kMemberAccess && pTargetMT) @@ -4966,7 +4964,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method // No Access if (m_fThrowIfTargetIsInaccessible) { - ThrowAccessException(pContext, pTargetMT, NULL, fAccessingFrameworkCode); + ThrowAccessException(pContext, pTargetMT, NULL); } #endif // CROSSGEN_COMPILE @@ -4982,8 +4980,7 @@ BOOL AccessCheckOptions::DemandMemberAccess(AccessCheckContext *pContext, Method void AccessCheckOptions::ThrowAccessException( AccessCheckContext* pContext, MethodTable* pFailureMT, /* = NULL */ - Exception* pInnerException, /* = NULL */ - BOOL fAccessingFrameworkCode /* = FALSE */) const + Exception* pInnerException /* = NULL */) const { CONTRACTL { @@ -5005,7 +5002,7 @@ void AccessCheckOptions::ThrowAccessException( // If we know the specific type that caused the failure, display it. // Else display the whole type that we are trying to access. MethodTable * pMT = (pFailureMT != NULL) ? pFailureMT : m_pTargetMT; - ThrowTypeAccessException(pContext, pMT, 0, pInnerException, fAccessingFrameworkCode); + ThrowTypeAccessException(pContext, pMT, 0, pInnerException); } else if (m_pTargetMethod != NULL) { @@ -5018,17 +5015,17 @@ void AccessCheckOptions::ThrowAccessException( // throwing the standard MethodAccessException. if (pCallerMD != NULL && m_pTargetMethod == pCallerMD && pFailureMT != NULL) { - ThrowTypeAccessException(pContext, pFailureMT, 0, pInnerException, fAccessingFrameworkCode); + ThrowTypeAccessException(pContext, pFailureMT, 0, pInnerException); } else { - ThrowMethodAccessException(pContext, m_pTargetMethod, 0, pInnerException, fAccessingFrameworkCode); + ThrowMethodAccessException(pContext, m_pTargetMethod, 0, pInnerException); } } else { _ASSERTE(m_pTargetField != NULL); - ThrowFieldAccessException(pContext, m_pTargetField, 0, pInnerException, fAccessingFrameworkCode); + ThrowFieldAccessException(pContext, m_pTargetField, 0, pInnerException); } } @@ -5085,80 +5082,10 @@ BOOL AccessCheckOptions::FailOrThrow(AccessCheckContext *pContext) const return FALSE; } -// Generate access exception context strings that are due to potential security misconfiguration -void GetAccessExceptionAdditionalContextForSecurity(Assembly *pAccessingAssembly, - Assembly *pTargetAssembly, - BOOL fAccessingFrameworkCode, - StringArrayList *pContextInformation) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_ANY; - PRECONDITION(CheckPointer(pAccessingAssembly)); - PRECONDITION(CheckPointer(pTargetAssembly)); - PRECONDITION(CheckPointer(pContextInformation)); - } - CONTRACTL_END; - - if (fAccessingFrameworkCode) - { - SString accessingFrameworkCodeError; - EEException::GetResourceMessage(IDS_E_ACCESSING_PRIVATE_FRAMEWORK_CODE, accessingFrameworkCodeError); - - pContextInformation->Append(accessingFrameworkCodeError); - } - - -} - -// Generate additional context about the root cause of an access exception which may help in debugging it (for -// instance v4 APTCA implying transparnecy, or conditional APTCA not being enabled). If no additional -// context is available, then this returns SString.Empty. -SString GetAdditionalAccessExceptionContext(Assembly *pAccessingAssembly, - Assembly *pTargetAssembly, - BOOL fAccessingFrameworkCode) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_ANY; - PRECONDITION(CheckPointer(pAccessingAssembly)); - PRECONDITION(CheckPointer(pTargetAssembly)); - } - CONTRACTL_END; - - StringArrayList contextComponents; - - // See if the exception may have been caused by security - GetAccessExceptionAdditionalContextForSecurity(pAccessingAssembly, - pTargetAssembly, - fAccessingFrameworkCode, - &contextComponents); - - // Append each component of additional context we found into the additional context string in its own - // paragraph. - SString additionalContext; - for (DWORD i = 0; i < contextComponents.GetCount(); ++i) - { - SString contextComponent = contextComponents.Get(i); - if (!contextComponent.IsEmpty()) - { - additionalContext.Append(W("\n\n")); - additionalContext.Append(contextComponent); - } - } - - return additionalContext; -} - void DECLSPEC_NORETURN ThrowFieldAccessException(AccessCheckContext* pContext, FieldDesc *pFD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5175,15 +5102,13 @@ void DECLSPEC_NORETURN ThrowFieldAccessException(AccessCheckContext* pContext, ThrowFieldAccessException(pCallerMD, pFD, messageID, - pInnerException, - fAccessingFrameworkCode); + pInnerException); } void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc* pCallerMD, FieldDesc *pFD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5202,11 +5127,7 @@ void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc* pCallerMD, messageID = IDS_E_FIELDACCESS; } - SString strAdditionalContext = GetAdditionalAccessExceptionContext(pCallerMD->GetAssembly(), - pFD->GetApproxEnclosingMethodTable()->GetAssembly(), - fAccessingFrameworkCode); - - EX_THROW_WITH_INNER(EEFieldException, (pFD, pCallerMD, strAdditionalContext, messageID), pInnerException); + EX_THROW_WITH_INNER(EEFieldException, (pFD, pCallerMD, SString::Empty(), messageID), pInnerException); } else { @@ -5217,8 +5138,7 @@ void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc* pCallerMD, void DECLSPEC_NORETURN ThrowMethodAccessException(AccessCheckContext* pContext, MethodDesc *pCalleeMD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5235,15 +5155,13 @@ void DECLSPEC_NORETURN ThrowMethodAccessException(AccessCheckContext* pContext, ThrowMethodAccessException(pCallerMD, pCalleeMD, messageID, - pInnerException, - fAccessingFrameworkCode); + pInnerException); } void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc* pCallerMD, MethodDesc *pCalleeMD, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5262,11 +5180,7 @@ void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc* pCallerMD, messageID = IDS_E_METHODACCESS; } - SString strAdditionalContext = GetAdditionalAccessExceptionContext(pCallerMD->GetAssembly(), - pCalleeMD->GetAssembly(), - fAccessingFrameworkCode); - - EX_THROW_WITH_INNER(EEMethodException, (pCalleeMD, pCallerMD, strAdditionalContext, messageID), pInnerException); + EX_THROW_WITH_INNER(EEMethodException, (pCalleeMD, pCallerMD, SString::Empty(), messageID), pInnerException); } else { @@ -5277,8 +5191,7 @@ void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc* pCallerMD, void DECLSPEC_NORETURN ThrowTypeAccessException(AccessCheckContext* pContext, MethodTable *pMT, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5295,15 +5208,13 @@ void DECLSPEC_NORETURN ThrowTypeAccessException(AccessCheckContext* pContext, ThrowTypeAccessException(pCallerMD, pMT, messageID, - pInnerException, - fAccessingFrameworkCode); + pInnerException); } void DECLSPEC_NORETURN ThrowTypeAccessException(MethodDesc* pCallerMD, MethodTable *pMT, UINT messageID /* = 0 */, - Exception *pInnerException /* = NULL */, - BOOL fAccessingFrameworkCode /* = FALSE */) + Exception *pInnerException /* = NULL */) { CONTRACTL { @@ -5322,11 +5233,7 @@ void DECLSPEC_NORETURN ThrowTypeAccessException(MethodDesc* pCallerMD, messageID = IDS_E_TYPEACCESS; } - SString strAdditionalContext = GetAdditionalAccessExceptionContext(pCallerMD->GetAssembly(), - pMT->GetAssembly(), - fAccessingFrameworkCode); - - EX_THROW_WITH_INNER(EETypeAccessException, (pMT, pCallerMD, strAdditionalContext, messageID), pInnerException); + EX_THROW_WITH_INNER(EETypeAccessException, (pMT, pCallerMD, SString::Empty(), messageID), pInnerException); } else { diff --git a/src/vm/clsload.hpp b/src/vm/clsload.hpp index 5a9248e422..9689979123 100644 --- a/src/vm/clsload.hpp +++ b/src/vm/clsload.hpp @@ -474,8 +474,7 @@ private: void ThrowAccessException( AccessCheckContext* pContext, MethodTable* pFailureMT = NULL, - Exception* pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE) const; + Exception* pInnerException = NULL) const; MethodTable * m_pTargetMT; MethodDesc * m_pTargetMethod; @@ -493,38 +492,32 @@ private: void DECLSPEC_NORETURN ThrowFieldAccessException(MethodDesc *pCallerMD, FieldDesc *pFD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowMethodAccessException(MethodDesc *pCallerMD, MethodDesc *pCalleeMD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowTypeAccessException(MethodDesc *pCallerMD, MethodTable *pMT, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowFieldAccessException(AccessCheckContext* pContext, FieldDesc *pFD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowMethodAccessException(AccessCheckContext* pContext, MethodDesc *pCalleeMD, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); void DECLSPEC_NORETURN ThrowTypeAccessException(AccessCheckContext* pContext, MethodTable *pMT, UINT messageID = 0, - Exception *pInnerException = NULL, - BOOL fAccessingFrameworkCode = FALSE); + Exception *pInnerException = NULL); //--------------------------------------------------------------------------------------- diff --git a/src/vm/comdelegate.cpp b/src/vm/comdelegate.cpp index 961a758750..3f3c55338f 100644 --- a/src/vm/comdelegate.cpp +++ b/src/vm/comdelegate.cpp @@ -1050,126 +1050,6 @@ void COMDelegate::BindToMethod(DELEGATEREF *pRefThis, GCPROTECT_END(); } -// On the CoreCLR, we don't allow non-fulltrust delegates to be marshaled out (or created: CorHost::CreateDelegate ensures that) -// This helper function checks if we have a full-trust delegate with AllowReversePInvokeCallsAttribute targets. -BOOL COMDelegate::IsFullTrustDelegate(DELEGATEREF pDelegate) -{ - CONTRACTL - { - THROWS; - GC_TRIGGERS; - MODE_COOPERATIVE; - } - CONTRACTL_END; - -#ifdef FEATURE_WINDOWSPHONE - // we always allow reverse p/invokes on the phone. The OS provides the sandbox. - return TRUE; -#else - if (IsSecureDelegate(pDelegate)) - { - // A secure delegate implies => creator and target are different, and creator is not fully-trusted - return FALSE; - } - else - { - // Suffices to look at the target assembly and check if that is fully-trusted. - // if creator is same as target, we're done. - // if creator is not same as target, then the only interesting case is when it's not FT, - // and that's captured by the SecureDelegate case above. - // The target method yields the target assembly. Target method is not determinable for certain cases: - // - Open Virtual Delegates - // For those cases we play it safe and return FALSE from this function - if (pDelegate->GetInvocationCount() != 0) - { - // From MulticastDelegate.cs (MulticastDelegate.Equals): - // there are 4 kind of delegate kinds that fall into this bucket - // 1- Multicast (_invocationList is Object[]) - // 2- Secure (_invocationList is Delegate) - // 3- Unmanaged FntPtr (_invocationList == null) - // 4- Open virtual (_invocationCount == MethodDesc of target) - // (_invocationList == null, or _invocationList is a LoaderAllocator or DynamicResolver) - - OBJECTREF invocationList = pDelegate->GetInvocationList(); - if (invocationList != NULL) - { - - MethodTable *pMT; - pMT = invocationList->GetTrueMethodTable(); - // Has to be a multicast delegate, or inner open virtual delegate of collectible secure delegate - // since we already checked for secure delegates above - _ASSERTE(!pMT->IsDelegate()); - - if (!pMT->IsArray()) - { - // open Virtual delegate: conservatively return FALSE - return FALSE; - } - - // Given a multicast delegate we walk the list and make sure all targets are FullTrust. - // Yes, this is a recursive call to IsFullTrustDelegate. But we should hit stackoverflow - // only for the same cases where invoking that delegate would hit stackoverflow. - PTRARRAYREF delegateArrayRef = (PTRARRAYREF) invocationList; - - int numDelegates = delegateArrayRef->GetNumComponents(); - for(int i = 0; i< numDelegates; i++) - { - DELEGATEREF innerDel = (DELEGATEREF)delegateArrayRef->GetAt(i); - _ASSERTE(innerDel->GetMethodTable()->IsDelegate()); - if (!IsFullTrustDelegate(innerDel)) - { - // If we find even one non full-trust target in the list, return FALSE - return FALSE; - } - } - // All targets in the multicast delegate are FullTrust, so this multicast delegate is - // also FullTrust - return TRUE; - } - else - { - if (pDelegate->GetInvocationCount() == DELEGATE_MARKER_UNMANAGEDFPTR) - { - // Delegate to unmanaged function pointer - FullTrust - return TRUE; - } - - // - // open Virtual delegate: conservatively return FALSE - return FALSE; - } - } - // Regular delegate. Let's just look at the target Method - MethodDesc* pMD = GetMethodDesc((OBJECTREF)pDelegate); - if (pMD != NULL) - { - // The target must be decorated with AllowReversePInvokeCallsAttribute - if (!IsMethodAllowedToSinkReversePInvoke(pMD)) return FALSE; - - return TRUE; - } - } - // Default: - return FALSE; -#endif //FEATURE_WINDOWSPHONE -} - -// Checks whether the method is decorated with AllowReversePInvokeCallsAttribute. -BOOL COMDelegate::IsMethodAllowedToSinkReversePInvoke(MethodDesc *pMD) -{ - WRAPPER_NO_CONTRACT; -#ifdef FEATURE_WINDOWSPHONE - // we always allow reverse p/invokes on the phone. The OS provides the sandbox. - return TRUE; -#else - return (S_OK == pMD->GetMDImport()->GetCustomAttributeByName( - pMD->GetMemberDef(), - "System.Runtime.InteropServices.AllowReversePInvokeCallsAttribute", - NULL, - NULL)); -#endif // FEATURE_WINDOWSPHONE -} - // Marshals a managed method to an unmanaged callback provided the // managed method is static and it's parameters require no marshalling. PCODE COMDelegate::ConvertToCallback(MethodDesc* pMD) @@ -1262,14 +1142,6 @@ LPVOID COMDelegate::ConvertToCallback(OBJECTREF pDelegateObj) MethodTable* pMT = pDelegate->GetMethodTable(); DelegateEEClass* pClass = (DelegateEEClass*)(pMT->GetClass()); - // On the CoreCLR, we only allow marshaling out delegates that we can guarantee are full-trust delegates - if (!IsFullTrustDelegate(pDelegate)) - { - StackSString strDelegateType; - TypeString::AppendType(strDelegateType, pMT, TypeString::FormatNamespace | TypeString::FormatAngleBrackets| TypeString::FormatSignature); - COMPlusThrow(kSecurityException, IDS_E_DELEGATE_FULLTRUST_ARPIC_1, strDelegateType.GetUnicode()); - } - if (pMT->HasInstantiation()) COMPlusThrowArgumentException(W("delegate"), W("Argument_NeedNonGenericType")); @@ -1450,12 +1322,6 @@ OBJECTREF COMDelegate::ConvertToDelegate(LPVOID pCallback, MethodTable* pMT) if (pUMEntryThunk->GetDomainId() != GetAppDomain()->GetId()) COMPlusThrow(kNotSupportedException, W("NotSupported_DelegateMarshalToWrongDomain")); - // On the CoreCLR, we only allow marshaling out delegates that we can guarantee are full-trust delegates - if (!IsFullTrustDelegate((DELEGATEREF)pDelegate)) - { - COMPlusThrow(kSecurityException, IDS_E_DELEGATE_FULLTRUST_ARPIC_2); - } - GCPROTECT_END(); return pDelegate; } @@ -1558,12 +1424,6 @@ OBJECTREF COMDelegate::ConvertToDelegate(LPVOID pCallback, MethodTable* pMT) GCPROTECT_END(); #endif // defined(_TARGET_X86_) - // On the CoreCLR, we only allow marshaling out delegates that we can guarantee are full-trust delegates - if (!IsFullTrustDelegate(delObj)) - { - COMPlusThrow(kSecurityException, IDS_E_DELEGATE_FULLTRUST_ARPIC_2); - } - return delObj; } diff --git a/src/vm/comdelegate.h b/src/vm/comdelegate.h index f6ca775b60..1bfe8ac987 100644 --- a/src/vm/comdelegate.h +++ b/src/vm/comdelegate.h @@ -125,10 +125,7 @@ public: static BOOL IsTrueMulticastDelegate(OBJECTREF delegate); - static BOOL IsMethodAllowedToSinkReversePInvoke(MethodDesc *pMD); - private: - static BOOL IsFullTrustDelegate(DELEGATEREF pDelegate); static Stub* SetupShuffleThunk(MethodTable * pDelMT, MethodDesc *pTargetMeth); public: diff --git a/src/vm/corhost.cpp b/src/vm/corhost.cpp index 74c42d3a85..f6ca34267a 100644 --- a/src/vm/corhost.cpp +++ b/src/vm/corhost.cpp @@ -869,10 +869,6 @@ HRESULT CorHost2::_CreateDelegate( if (pMD==NULL || !pMD->IsStatic() || pMD->ContainsGenericVariables()) ThrowHR(COR_E_MISSINGMETHOD); - // the target method must be decorated with AllowReversePInvokeCallsAttribute - if (!COMDelegate::IsMethodAllowedToSinkReversePInvoke(pMD)) - ThrowHR(COR_E_SECURITY); - UMEntryThunk *pUMEntryThunk = GetAppDomain()->GetUMEntryThunkCache()->GetUMEntryThunk(pMD); *fnPtr = (INT_PTR)pUMEntryThunk->GetCode(); diff --git a/src/vm/domainfile.cpp b/src/vm/domainfile.cpp index e5736b7282..410884531e 100644 --- a/src/vm/domainfile.cpp +++ b/src/vm/domainfile.cpp @@ -1786,10 +1786,8 @@ void DomainAssembly::FindNativeImage() ExternalLog(LL_ERROR, "Rejecting native image because mscorlib does not have native image"); GetFile()->ClearNativeImage(); -#ifdef FEATURE_WINDOWSPHONE - // On Phone, always through exceptions when we throw the NI out + // Always throw exceptions when we throw the NI out ThrowHR(CLR_E_BIND_SYS_ASM_NI_MISSING); -#endif } else if (!CheckZapSecurity(pNativeImage)) @@ -1802,11 +1800,8 @@ void DomainAssembly::FindNativeImage() GetFile()->ClearNativeImage(); -#ifdef FEATURE_WINDOWSPHONE - // On Phone, always through exceptions when we throw the NI out + // Always throw exceptions when we throw the NI out ThrowHR(CLR_E_BIND_NI_SECURITY_FAILURE); -#endif - } else if (!CheckZapDependencyIdentities(pNativeImage)) { @@ -1818,11 +1813,8 @@ void DomainAssembly::FindNativeImage() GetFile()->ClearNativeImage(); -#ifdef FEATURE_WINDOWSPHONE - // On Phone, always through exceptions when we throw the NI out + // Always throw exceptions when we throw the NI out ThrowHR(CLR_E_BIND_NI_DEP_IDENTITY_MISMATCH); -#endif - } else { -- cgit v1.2.3