1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
|
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
//
//
#ifndef __SECURITYDESCRIPTOR_H__
#define __SECURITYDESCRIPTOR_H__
#include "securityconfig.h"
#include "securityattributes.h"
#include "securitypolicy.h"
class ISecurityDescriptor;
class IPEFileSecurityDescriptor;
// Security flags for the objects that store security information
#define CORSEC_ASSERTED 0x000020 // Asseted permission set present on frame
#define CORSEC_DENIED 0x000040 // Denied permission set present on frame
#define CORSEC_REDUCED 0x000080 // Reduced permission set present on frame
// Inline Functions to support lazy handles - read/write to handle that may not have been created yet
// SecurityDescriptor and ApplicationSecurityDescriptor currently use these
inline OBJECTREF ObjectFromLazyHandle(LOADERHANDLE handle, LoaderAllocator* la);
#ifndef DACCESS_COMPILE
inline void StoreObjectInLazyHandle(LOADERHANDLE& handle, OBJECTREF ref, LoaderAllocator* la);
#endif // #ifndef DACCESS_COMPILE
///////////////////////////////////////////////////////////////////////////////
//
// [SecurityDescriptor]
// |
// +----[PEFileSecurityDescriptor]
// |
// +----[ApplicationSecurityDescriptor]
// |
// +----[AssemblySecurityDescriptor]
//
// [SharedSecurityDescriptor]
//
///////////////////////////////////////////////////////////////////////////////
//
// A Security Descriptor is placed on AppDomain and Assembly (Unmanged) objects.
// AppDomain and Assembly could be from different zones.
// Security Descriptor could also be placed on a native frame.
//
///////////////////////////////////////////////////////////////////////////////
///////////////////////////////////////////////////////////////////////////////
//
// SecurityDescriptor is the base class for all security descriptors.
// Extend this class to implement SecurityDescriptors for Assemblies and
// AppDomains.
//
// WARNING : Do not add virtual methods to this class! Doing so results
// in derived classes such as AssemblySecurityDescriptor having two v-table
// pointers, which the DAC doesn't support.
//
///////////////////////////////////////////////////////////////////////////////
class SecurityDescriptor
{
protected:
#ifdef FEATURE_CAS_POLICY
LOADERHANDLE m_hAdditionalEvidence; // Evidence Object
#endif // FEATURE_CAS_POLICY
// The unmanaged DomainAssembly object
DomainAssembly *m_pAssem;
// The PEFile associated with the DomainAssembly
PEFile *m_pPEFile;
// The AppDomain context
AppDomain* m_pAppDomain;
BOOL m_fSDResolved;
#ifdef FEATURE_CAS_POLICY
BOOL m_fEvidenceComputed;
#endif // FEATURE_CAS_POLICY
DWORD m_dwSpecialFlags;
LoaderAllocator *m_pLoaderAllocator;
private:
#ifndef CROSSGEN_COMPILE
LOADERHANDLE m_hGrantedPermissionSet; // Granted Permission
LOADERHANDLE m_hGrantDeniedPermissionSet;// Specifically Denied Permissions
#endif // CROSSGEN_COMPILE
public:
BOOL IsFullyTrusted();
DWORD GetSpecialFlags() const;
AppDomain* GetDomain() const;
BOOL CanCallUnmanagedCode() const;
#ifdef FEATURE_CAS_POLICY
#ifndef DACCESS_COMPILE
void SetEvidence(OBJECTREF evidence);
BOOL CheckQuickCache(SecurityConfig::QuickCacheEntryType all, DWORD dwZone);
#endif // FEATURE_CAS_POLICY
BOOL IsEvidenceComputed() const;
inline void SetEvidenceComputed();
#endif // FEATURE_CAS_POLICY
#ifndef DACCESS_COMPILE
void SetGrantedPermissionSet(OBJECTREF GrantedPermissionSet,
OBJECTREF DeniedPermissionSet,
DWORD dwSpecialFlags);
OBJECTREF GetGrantedPermissionSet(OBJECTREF* pRefusedPermissions = NULL);
#endif // DACCESS_COMPILE
BOOL IsResolved() const;
// Checks for one of the special security flags such as FullTrust or UnmanagedCode
FORCEINLINE BOOL CheckSpecialFlag (DWORD flags) const;
// Used to locate the assembly
inline PEFile *GetPEFile() const;
protected:
//--------------------
// Constructor
//--------------------
#ifndef DACCESS_COMPILE
inline SecurityDescriptor(AppDomain *pAppDomain, DomainAssembly *pAssembly, PEFile* pPEFile, LoaderAllocator *pLoaderAllocator);
#ifdef FEATURE_PAL
SecurityDescriptor() {}
#endif // FEATURE_PAL
#endif // !DACCESS_COMPILE
};
template<typename IT>
class SecurityDescriptorBase : public IT, public SecurityDescriptor
{
public:
VPTR_ABSTRACT_VTABLE_CLASS(SecurityDescriptorBase, IT) // needed for the DAC
inline SecurityDescriptorBase(AppDomain *pAppDomain, DomainAssembly *pAssembly, PEFile* pPEFile, LoaderAllocator *pLoaderAllocator);
public:
virtual BOOL IsFullyTrusted() { return SecurityDescriptor::IsFullyTrusted(); }
virtual BOOL CanCallUnmanagedCode() const { return SecurityDescriptor::CanCallUnmanagedCode(); }
virtual DWORD GetSpecialFlags() const { return SecurityDescriptor::GetSpecialFlags(); }
virtual AppDomain* GetDomain() const { return SecurityDescriptor::GetDomain(); }
virtual BOOL IsResolved() const { return SecurityDescriptor::IsResolved(); }
#ifdef FEATURE_CAS_POLICY
virtual BOOL IsEvidenceComputed() const { return SecurityDescriptor::IsEvidenceComputed(); }
#ifndef DACCESS_COMPILE
virtual void SetEvidence(OBJECTREF evidence) { SecurityDescriptor::SetEvidence(evidence); }
#endif // DACCESS_COMPILE
#endif // FEATURE_CAS_POLICY
#ifndef DACCESS_COMPILE
virtual OBJECTREF GetGrantedPermissionSet(OBJECTREF* RefusedPermissions = NULL) { return SecurityDescriptor::GetGrantedPermissionSet(RefusedPermissions); }
#endif
};
#include "securitydescriptor.inl"
#endif // #define __SECURITYDESCRIPTOR_H__
|
