blob: 45825135aef00030ca71b919b0c5e79e12db40b1 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
|
// Licensed to the .NET Foundation under one or more agreements.
// The .NET Foundation licenses this file to you under the MIT license.
// See the LICENSE file in the project root for more information.
//
//
#include "common.h"
#include "securityattributes.h"
#include "security.h"
#include "eeconfig.h"
#include "corhost.h"
CorHostProtectionManager::CorHostProtectionManager()
{
CONTRACTL
{
MODE_ANY;
GC_NOTRIGGER;
NOTHROW;
}CONTRACTL_END;
m_eProtectedCategories = eNoChecks;
m_fEagerSerializeGrantSet = false;
m_fFrozen = false;
}
HRESULT CorHostProtectionManager::QueryInterface(REFIID id, void **pInterface)
{
WRAPPER_NO_CONTRACT;
STATIC_CONTRACT_SO_TOLERANT;
#ifdef FEATURE_INCLUDE_ALL_INTERFACES
if (id == IID_ICLRHostProtectionManager)
{
*pInterface = GetHostProtectionManager();
return S_OK;
}
#endif // FEATURE_INCLUDE_ALL_INTERFACES
return E_NOINTERFACE;
}
ULONG CorHostProtectionManager::AddRef()
{
LIMITED_METHOD_CONTRACT;
return 1;
}
ULONG CorHostProtectionManager::Release()
{
LIMITED_METHOD_CONTRACT;
return 1;
}
void CorHostProtectionManager::Freeze()
{
LIMITED_METHOD_CONTRACT;
m_fFrozen = true;
}
HRESULT CorHostProtectionManager::SetProtectedCategories(EApiCategories eProtectedCategories)
{
LIMITED_METHOD_CONTRACT;
STATIC_CONTRACT_SO_TOLERANT;
if(m_fFrozen)
return E_FAIL;
if((eProtectedCategories | eAll) != eAll)
return E_FAIL;
m_eProtectedCategories = eProtectedCategories;
return S_OK;
}
EApiCategories CorHostProtectionManager::GetProtectedCategories()
{
WRAPPER_NO_CONTRACT;
Freeze();
return m_eProtectedCategories;
}
bool CorHostProtectionManager::GetEagerSerializeGrantSets() const
{
LIMITED_METHOD_CONTRACT;
// To provide more context about this flag in the hosting API, this is the case where,
// during the unload of an appdomain, we need to serialize a grant set for a shared assembly
// that has resolved policy in order to maintain the invariant that the same assembly loaded
// into another appdomain created in the future will be granted the same permissions
// (since the current policy is potentially burned into the jitted code of the shared assembly already).
return m_fEagerSerializeGrantSet;
}
HRESULT CorHostProtectionManager::SetEagerSerializeGrantSets()
{
LIMITED_METHOD_CONTRACT;
STATIC_CONTRACT_SO_TOLERANT;
m_fEagerSerializeGrantSet = true;
return S_OK;
}
|