src/vm/appdomainstack.cpp


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110

// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
// 


// 


#include "common.h"

#include "appdomainstack.h"
#include "appdomainstack.inl"
#include "security.h"
#include "securitypolicy.h"
#include "appdomain.inl"
#ifdef FEATURE_REMOTING
#include "crossdomaincalls.h"
#else
#include "callhelpers.h"
#endif

#ifdef _DEBUG
void AppDomainStack::CheckOverridesAssertCounts()
{
    LIMITED_METHOD_CONTRACT;
    DWORD   dwAppDomainIndex = 0;
    DWORD dwOverrides = 0;
    DWORD dwAsserts = 0;
    AppDomainStackEntry *pEntry = NULL;
    for(dwAppDomainIndex=0;dwAppDomainIndex<m_numEntries;dwAppDomainIndex++)
    {
        pEntry = __GetEntryPtr(dwAppDomainIndex);
        dwOverrides += pEntry->m_dwOverridesCount;
        dwAsserts += pEntry->m_dwAsserts;
    }
    _ASSERTE(dwOverrides == m_dwOverridesCount);
    _ASSERTE(dwAsserts == m_dwAsserts);    
}
#endif

BOOL AppDomainStackEntry::IsFullyTrustedWithNoStackModifiers(void)
{
    LIMITED_METHOD_CONTRACT;   
    if (m_domainID.m_dwId == INVALID_APPDOMAIN_ID || m_dwOverridesCount != 0 || m_dwAsserts != 0)
        return FALSE;

    AppDomainFromIDHolder pDomain(m_domainID, FALSE);
    if (pDomain.IsUnloaded())
        return FALSE;
    IApplicationSecurityDescriptor *currAppSecDesc = pDomain->GetSecurityDescriptor();
    if (currAppSecDesc == NULL)
        return FALSE;
    return Security::CheckDomainWideSpecialFlag(currAppSecDesc, 1 << SECURITY_FULL_TRUST);
}
BOOL AppDomainStackEntry::IsHomogeneousWithNoStackModifiers(void)
{
    LIMITED_METHOD_CONTRACT;
    if (m_domainID.m_dwId == INVALID_APPDOMAIN_ID || m_dwOverridesCount != 0 || m_dwAsserts != 0)
        return FALSE;

    AppDomainFromIDHolder pDomain(m_domainID, FALSE);
    if (pDomain.IsUnloaded())
        return FALSE;
    IApplicationSecurityDescriptor *currAppSecDesc = pDomain->GetSecurityDescriptor();
    if (currAppSecDesc == NULL)
        return FALSE;
    return (currAppSecDesc->IsHomogeneous() && !currAppSecDesc->ContainsAnyRefusedPermissions());
}

BOOL AppDomainStackEntry::HasFlagsOrFullyTrustedWithNoStackModifiers(DWORD flags)
{
    LIMITED_METHOD_CONTRACT;
    if (m_domainID.m_dwId == INVALID_APPDOMAIN_ID || m_dwOverridesCount != 0 || m_dwAsserts != 0)
        return FALSE;

    AppDomainFromIDHolder pDomain(m_domainID, FALSE);
    if (pDomain.IsUnloaded())
        return FALSE;
    IApplicationSecurityDescriptor *currAppSecDesc = pDomain->GetSecurityDescriptor();
    if (currAppSecDesc == NULL)
        return FALSE;
    
    // either the desired flag (often 0) or fully trusted will do
    flags |= (1<<SECURITY_FULL_TRUST);
    return Security::CheckDomainWideSpecialFlag(currAppSecDesc, flags);
}

BOOL AppDomainStack::AllDomainsHomogeneousWithNoStackModifiers()
{
    WRAPPER_NO_CONTRACT;

    // Used primarily by CompressedStack code to decide if a CS has to be constructed 

    DWORD   dwAppDomainIndex = 0;


    InitDomainIteration(&dwAppDomainIndex);
    while (dwAppDomainIndex != 0)
    {
        AppDomainStackEntry* pEntry = GetNextDomainEntryOnStack(&dwAppDomainIndex);
        _ASSERTE(pEntry != NULL);
        
        if (!pEntry->IsHomogeneousWithNoStackModifiers() && !pEntry->IsFullyTrustedWithNoStackModifiers())
            return FALSE;
    }

    return TRUE;
}