security/sandbox/chromium/base/shim/sdkdecls.h@925c144e1f1f (annotated)
security/sandbox/chromium/base/shim/sdkdecls.h
Fri, 16 Jan 2015 18:13:44 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Fri, 16 Jan 2015 18:13:44 +0100
- branch
- TOR_BUG_9701
- changeset 14
- 925c144e1f1f
- permissions
- -rw-r--r--
Integrate suggestion from review to improve consistency with existing code.
| michael@0 | 1 | /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ |
| michael@0 | 2 | /* vim: set ts=2 et sw=2 tw=80: */ |
| michael@0 | 3 | /* This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 4 | * License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 5 | * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ |
| michael@0 | 6 | |
| michael@0 | 7 | #ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ |
| michael@0 | 8 | #define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ |
| michael@0 | 9 | |
| michael@0 | 10 | #include <windows.h> |
| michael@0 | 11 | |
| michael@0 | 12 | // This file contains definitions required for things dynamically loaded |
| michael@0 | 13 | // while building or targetting lower platform versions or lower SDKs. |
| michael@0 | 14 | |
| michael@0 | 15 | #if (_WIN32_WINNT < 0x0600) |
| michael@0 | 16 | typedef struct _STARTUPINFOEXA { |
| michael@0 | 17 | STARTUPINFOA StartupInfo; |
| michael@0 | 18 | LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList; |
| michael@0 | 19 | } STARTUPINFOEXA, *LPSTARTUPINFOEXA; |
| michael@0 | 20 | typedef struct _STARTUPINFOEXW { |
| michael@0 | 21 | STARTUPINFOW StartupInfo; |
| michael@0 | 22 | LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList; |
| michael@0 | 23 | } STARTUPINFOEXW, *LPSTARTUPINFOEXW; |
| michael@0 | 24 | #ifdef UNICODE |
| michael@0 | 25 | typedef STARTUPINFOEXW STARTUPINFOEX; |
| michael@0 | 26 | typedef LPSTARTUPINFOEXW LPSTARTUPINFOEX; |
| michael@0 | 27 | #else |
| michael@0 | 28 | typedef STARTUPINFOEXA STARTUPINFOEX; |
| michael@0 | 29 | typedef LPSTARTUPINFOEXA LPSTARTUPINFOEX; |
| michael@0 | 30 | #endif // UNICODE |
| michael@0 | 31 | |
| michael@0 | 32 | #define PROC_THREAD_ATTRIBUTE_NUMBER 0x0000FFFF |
| michael@0 | 33 | #define PROC_THREAD_ATTRIBUTE_THREAD 0x00010000 // Attribute may be used with thread creation |
| michael@0 | 34 | #define PROC_THREAD_ATTRIBUTE_INPUT 0x00020000 // Attribute is input only |
| michael@0 | 35 | #define PROC_THREAD_ATTRIBUTE_ADDITIVE 0x00040000 // Attribute may be "accumulated," e.g. bitmasks, counters, etc. |
| michael@0 | 36 | |
| michael@0 | 37 | #define ProcThreadAttributeValue(Number, Thread, Input, Additive) \ |
| michael@0 | 38 | (((Number) & PROC_THREAD_ATTRIBUTE_NUMBER) | \ |
| michael@0 | 39 | ((Thread != FALSE) ? PROC_THREAD_ATTRIBUTE_THREAD : 0) | \ |
| michael@0 | 40 | ((Input != FALSE) ? PROC_THREAD_ATTRIBUTE_INPUT : 0) | \ |
| michael@0 | 41 | ((Additive != FALSE) ? PROC_THREAD_ATTRIBUTE_ADDITIVE : 0)) |
| michael@0 | 42 | |
| michael@0 | 43 | #define ProcThreadAttributeHandleList 2 |
| michael@0 | 44 | |
| michael@0 | 45 | #define PROC_THREAD_ATTRIBUTE_HANDLE_LIST \ |
| michael@0 | 46 | ProcThreadAttributeValue (ProcThreadAttributeHandleList, FALSE, TRUE, FALSE) |
| michael@0 | 47 | |
| michael@0 | 48 | #define PROCESS_DEP_ENABLE 0x00000001 |
| michael@0 | 49 | #define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002 |
| michael@0 | 50 | |
| michael@0 | 51 | #endif // (_WIN32_WINNT >= 0x0600) |
| michael@0 | 52 | |
| michael@0 | 53 | #if (_WIN32_WINNT < 0x0601) |
| michael@0 | 54 | #define ProcThreadAttributeMitigationPolicy 7 |
| michael@0 | 55 | #define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY \ |
| michael@0 | 56 | ProcThreadAttributeValue (ProcThreadAttributeMitigationPolicy, FALSE, TRUE, FALSE) |
| michael@0 | 57 | |
| michael@0 | 58 | #define PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE 0x01 |
| michael@0 | 59 | #define PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE 0x02 |
| michael@0 | 60 | #define PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE 0x04 |
| michael@0 | 61 | #endif // (_WIN32_WINNT >= 0x0601) |
| michael@0 | 62 | |
| michael@0 | 63 | #if (_WIN32_WINNT < 0x0602) |
| michael@0 | 64 | #define ProcThreadAttributeSecurityCapabilities 9 |
| michael@0 | 65 | #define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \ |
| michael@0 | 66 | ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, FALSE, TRUE, FALSE) |
| michael@0 | 67 | |
| michael@0 | 68 | #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_MASK (0x00000003 << 8) |
| michael@0 | 69 | #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_DEFER (0x00000000 << 8) |
| michael@0 | 70 | #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000001 << 8) |
| michael@0 | 71 | #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_OFF (0x00000002 << 8) |
| michael@0 | 72 | #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS (0x00000003 << 8) |
| michael@0 | 73 | #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_MASK (0x00000003 << 12) |
| michael@0 | 74 | #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_DEFER (0x00000000 << 12) |
| michael@0 | 75 | #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON (0x00000001 << 12) |
| michael@0 | 76 | #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_OFF (0x00000002 << 12) |
| michael@0 | 77 | #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_RESERVED (0x00000003 << 12) |
| michael@0 | 78 | #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_MASK (0x00000003 << 16) |
| michael@0 | 79 | #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_DEFER (0x00000000 << 16) |
| michael@0 | 80 | #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00000001 << 16) |
| michael@0 | 81 | #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00000002 << 16) |
| michael@0 | 82 | #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_RESERVED (0x00000003 << 16) |
| michael@0 | 83 | #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_MASK (0x00000003 << 20) |
| michael@0 | 84 | #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_DEFER (0x00000000 << 20) |
| michael@0 | 85 | #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON (0x00000001 << 20) |
| michael@0 | 86 | #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF (0x00000002 << 20) |
| michael@0 | 87 | #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_RESERVED (0x00000003 << 20) |
| michael@0 | 88 | #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_MASK (0x00000003 << 24) |
| michael@0 | 89 | #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_DEFER (0x00000000 << 24) |
| michael@0 | 90 | #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON (0x00000001 << 24) |
| michael@0 | 91 | #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_OFF (0x00000002 << 24) |
| michael@0 | 92 | #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_RESERVED (0x00000003 << 24) |
| michael@0 | 93 | #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_MASK (0x00000003 << 28) |
| michael@0 | 94 | #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_DEFER (0x00000000 << 28) |
| michael@0 | 95 | #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON (0x00000001 << 28) |
| michael@0 | 96 | #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_OFF (0x00000002 << 28) |
| michael@0 | 97 | #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28) |
| michael@0 | 98 | #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32) |
| michael@0 | 99 | #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32) |
| michael@0 | 100 | #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32) |
| michael@0 | 101 | #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32) |
| michael@0 | 102 | #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32) |
| michael@0 | 103 | |
| michael@0 | 104 | // Check if we're including >= win8 winnt.h |
| michael@0 | 105 | #ifndef NTDDI_WIN8 |
| michael@0 | 106 | |
| michael@0 | 107 | typedef struct _SECURITY_CAPABILITIES { |
| michael@0 | 108 | PSID AppContainerSid; |
| michael@0 | 109 | PSID_AND_ATTRIBUTES Capabilities; |
| michael@0 | 110 | DWORD CapabilityCount; |
| michael@0 | 111 | DWORD Reserved; |
| michael@0 | 112 | } SECURITY_CAPABILITIES, *PSECURITY_CAPABILITIES, *LPSECURITY_CAPABILITIES; |
| michael@0 | 113 | |
| michael@0 | 114 | typedef enum _PROCESS_MITIGATION_POLICY { |
| michael@0 | 115 | ProcessDEPPolicy, |
| michael@0 | 116 | ProcessASLRPolicy, |
| michael@0 | 117 | ProcessReserved1MitigationPolicy, |
| michael@0 | 118 | ProcessStrictHandleCheckPolicy, |
| michael@0 | 119 | ProcessSystemCallDisablePolicy, |
| michael@0 | 120 | ProcessMitigationOptionsMask, |
| michael@0 | 121 | ProcessExtensionPointDisablePolicy, |
| michael@0 | 122 | MaxProcessMitigationPolicy |
| michael@0 | 123 | } PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY; |
| michael@0 | 124 | |
| michael@0 | 125 | #define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000 |
| michael@0 | 126 | |
| michael@0 | 127 | typedef struct _PROCESS_MITIGATION_ASLR_POLICY { |
| michael@0 | 128 | union { |
| michael@0 | 129 | DWORD Flags; |
| michael@0 | 130 | struct { |
| michael@0 | 131 | DWORD EnableBottomUpRandomization : 1; |
| michael@0 | 132 | DWORD EnableForceRelocateImages : 1; |
| michael@0 | 133 | DWORD EnableHighEntropy : 1; |
| michael@0 | 134 | DWORD DisallowStrippedImages : 1; |
| michael@0 | 135 | DWORD ReservedFlags : 28; |
| michael@0 | 136 | }; |
| michael@0 | 137 | }; |
| michael@0 | 138 | } PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY; |
| michael@0 | 139 | |
| michael@0 | 140 | typedef struct _PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY { |
| michael@0 | 141 | union { |
| michael@0 | 142 | DWORD Flags; |
| michael@0 | 143 | struct { |
| michael@0 | 144 | DWORD RaiseExceptionOnInvalidHandleReference : 1; |
| michael@0 | 145 | DWORD HandleExceptionsPermanentlyEnabled : 1; |
| michael@0 | 146 | DWORD ReservedFlags : 30; |
| michael@0 | 147 | }; |
| michael@0 | 148 | }; |
| michael@0 | 149 | } PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, *PPROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY; |
| michael@0 | 150 | |
| michael@0 | 151 | typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY { |
| michael@0 | 152 | union { |
| michael@0 | 153 | DWORD Flags; |
| michael@0 | 154 | struct { |
| michael@0 | 155 | DWORD DisallowWin32kSystemCalls : 1; |
| michael@0 | 156 | DWORD ReservedFlags : 31; |
| michael@0 | 157 | }; |
| michael@0 | 158 | }; |
| michael@0 | 159 | } PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY; |
| michael@0 | 160 | |
| michael@0 | 161 | typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY { |
| michael@0 | 162 | union { |
| michael@0 | 163 | DWORD Flags; |
| michael@0 | 164 | struct { |
| michael@0 | 165 | DWORD DisableExtensionPoints : 1; |
| michael@0 | 166 | DWORD ReservedFlags : 31; |
| michael@0 | 167 | }; |
| michael@0 | 168 | }; |
| michael@0 | 169 | } PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY; |
| michael@0 | 170 | |
| michael@0 | 171 | #endif // NTDDI_WIN8 |
| michael@0 | 172 | #endif // (_WIN32_WINNT < 0x0602) |
| michael@0 | 173 | #endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ |
