1.1 --- /dev/null Thu Jan 01 00:00:00 1970 +0000
1.2 +++ b/security/sandbox/chromium/base/shim/sdkdecls.h Wed Dec 31 06:09:35 2014 +0100
1.3 @@ -0,0 +1,173 @@
1.4 +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
1.5 +/* vim: set ts=2 et sw=2 tw=80: */
1.6 +/* This Source Code Form is subject to the terms of the Mozilla Public
1.7 + * License, v. 2.0. If a copy of the MPL was not distributed with this
1.8 + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
1.9 +
1.10 +#ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
1.11 +#define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
1.12 +
1.13 +#include <windows.h>
1.14 +
1.15 +// This file contains definitions required for things dynamically loaded
1.16 +// while building or targetting lower platform versions or lower SDKs.
1.17 +
1.18 +#if (_WIN32_WINNT < 0x0600)
1.19 +typedef struct _STARTUPINFOEXA {
1.20 + STARTUPINFOA StartupInfo;
1.21 + LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;
1.22 +} STARTUPINFOEXA, *LPSTARTUPINFOEXA;
1.23 +typedef struct _STARTUPINFOEXW {
1.24 + STARTUPINFOW StartupInfo;
1.25 + LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;
1.26 +} STARTUPINFOEXW, *LPSTARTUPINFOEXW;
1.27 +#ifdef UNICODE
1.28 +typedef STARTUPINFOEXW STARTUPINFOEX;
1.29 +typedef LPSTARTUPINFOEXW LPSTARTUPINFOEX;
1.30 +#else
1.31 +typedef STARTUPINFOEXA STARTUPINFOEX;
1.32 +typedef LPSTARTUPINFOEXA LPSTARTUPINFOEX;
1.33 +#endif // UNICODE
1.34 +
1.35 +#define PROC_THREAD_ATTRIBUTE_NUMBER 0x0000FFFF
1.36 +#define PROC_THREAD_ATTRIBUTE_THREAD 0x00010000 // Attribute may be used with thread creation
1.37 +#define PROC_THREAD_ATTRIBUTE_INPUT 0x00020000 // Attribute is input only
1.38 +#define PROC_THREAD_ATTRIBUTE_ADDITIVE 0x00040000 // Attribute may be "accumulated," e.g. bitmasks, counters, etc.
1.39 +
1.40 +#define ProcThreadAttributeValue(Number, Thread, Input, Additive) \
1.41 + (((Number) & PROC_THREAD_ATTRIBUTE_NUMBER) | \
1.42 + ((Thread != FALSE) ? PROC_THREAD_ATTRIBUTE_THREAD : 0) | \
1.43 + ((Input != FALSE) ? PROC_THREAD_ATTRIBUTE_INPUT : 0) | \
1.44 + ((Additive != FALSE) ? PROC_THREAD_ATTRIBUTE_ADDITIVE : 0))
1.45 +
1.46 +#define ProcThreadAttributeHandleList 2
1.47 +
1.48 +#define PROC_THREAD_ATTRIBUTE_HANDLE_LIST \
1.49 + ProcThreadAttributeValue (ProcThreadAttributeHandleList, FALSE, TRUE, FALSE)
1.50 +
1.51 +#define PROCESS_DEP_ENABLE 0x00000001
1.52 +#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
1.53 +
1.54 +#endif // (_WIN32_WINNT >= 0x0600)
1.55 +
1.56 +#if (_WIN32_WINNT < 0x0601)
1.57 +#define ProcThreadAttributeMitigationPolicy 7
1.58 +#define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY \
1.59 + ProcThreadAttributeValue (ProcThreadAttributeMitigationPolicy, FALSE, TRUE, FALSE)
1.60 +
1.61 +#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE 0x01
1.62 +#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE 0x02
1.63 +#define PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE 0x04
1.64 +#endif // (_WIN32_WINNT >= 0x0601)
1.65 +
1.66 +#if (_WIN32_WINNT < 0x0602)
1.67 +#define ProcThreadAttributeSecurityCapabilities 9
1.68 +#define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \
1.69 + ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, FALSE, TRUE, FALSE)
1.70 +
1.71 +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_MASK (0x00000003 << 8)
1.72 +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_DEFER (0x00000000 << 8)
1.73 +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000001 << 8)
1.74 +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_OFF (0x00000002 << 8)
1.75 +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS (0x00000003 << 8)
1.76 +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_MASK (0x00000003 << 12)
1.77 +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_DEFER (0x00000000 << 12)
1.78 +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON (0x00000001 << 12)
1.79 +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_OFF (0x00000002 << 12)
1.80 +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_RESERVED (0x00000003 << 12)
1.81 +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_MASK (0x00000003 << 16)
1.82 +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_DEFER (0x00000000 << 16)
1.83 +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00000001 << 16)
1.84 +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00000002 << 16)
1.85 +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_RESERVED (0x00000003 << 16)
1.86 +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_MASK (0x00000003 << 20)
1.87 +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_DEFER (0x00000000 << 20)
1.88 +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON (0x00000001 << 20)
1.89 +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF (0x00000002 << 20)
1.90 +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_RESERVED (0x00000003 << 20)
1.91 +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_MASK (0x00000003 << 24)
1.92 +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_DEFER (0x00000000 << 24)
1.93 +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON (0x00000001 << 24)
1.94 +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_OFF (0x00000002 << 24)
1.95 +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_RESERVED (0x00000003 << 24)
1.96 +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_MASK (0x00000003 << 28)
1.97 +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_DEFER (0x00000000 << 28)
1.98 +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON (0x00000001 << 28)
1.99 +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_OFF (0x00000002 << 28)
1.100 +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28)
1.101 +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32)
1.102 +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32)
1.103 +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32)
1.104 +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32)
1.105 +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32)
1.106 +
1.107 +// Check if we're including >= win8 winnt.h
1.108 +#ifndef NTDDI_WIN8
1.109 +
1.110 +typedef struct _SECURITY_CAPABILITIES {
1.111 + PSID AppContainerSid;
1.112 + PSID_AND_ATTRIBUTES Capabilities;
1.113 + DWORD CapabilityCount;
1.114 + DWORD Reserved;
1.115 +} SECURITY_CAPABILITIES, *PSECURITY_CAPABILITIES, *LPSECURITY_CAPABILITIES;
1.116 +
1.117 +typedef enum _PROCESS_MITIGATION_POLICY {
1.118 + ProcessDEPPolicy,
1.119 + ProcessASLRPolicy,
1.120 + ProcessReserved1MitigationPolicy,
1.121 + ProcessStrictHandleCheckPolicy,
1.122 + ProcessSystemCallDisablePolicy,
1.123 + ProcessMitigationOptionsMask,
1.124 + ProcessExtensionPointDisablePolicy,
1.125 + MaxProcessMitigationPolicy
1.126 +} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
1.127 +
1.128 +#define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000
1.129 +
1.130 +typedef struct _PROCESS_MITIGATION_ASLR_POLICY {
1.131 + union {
1.132 + DWORD Flags;
1.133 + struct {
1.134 + DWORD EnableBottomUpRandomization : 1;
1.135 + DWORD EnableForceRelocateImages : 1;
1.136 + DWORD EnableHighEntropy : 1;
1.137 + DWORD DisallowStrippedImages : 1;
1.138 + DWORD ReservedFlags : 28;
1.139 + };
1.140 + };
1.141 +} PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY;
1.142 +
1.143 +typedef struct _PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY {
1.144 + union {
1.145 + DWORD Flags;
1.146 + struct {
1.147 + DWORD RaiseExceptionOnInvalidHandleReference : 1;
1.148 + DWORD HandleExceptionsPermanentlyEnabled : 1;
1.149 + DWORD ReservedFlags : 30;
1.150 + };
1.151 + };
1.152 +} PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, *PPROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY;
1.153 +
1.154 +typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
1.155 + union {
1.156 + DWORD Flags;
1.157 + struct {
1.158 + DWORD DisallowWin32kSystemCalls : 1;
1.159 + DWORD ReservedFlags : 31;
1.160 + };
1.161 + };
1.162 +} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
1.163 +
1.164 +typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY {
1.165 + union {
1.166 + DWORD Flags;
1.167 + struct {
1.168 + DWORD DisableExtensionPoints : 1;
1.169 + DWORD ReservedFlags : 31;
1.170 + };
1.171 + };
1.172 +} PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY;
1.173 +
1.174 +#endif // NTDDI_WIN8
1.175 +#endif // (_WIN32_WINNT < 0x0602)
1.176 +#endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
