The Tor Browser / file revision

security/sandbox/chromium/base/shim/sdkdecls.h@925c144e1f1f

security/sandbox/chromium/base/shim/sdkdecls.h

Fri, 16 Jan 2015 18:13:44 +0100

author
Michael Schloh von Bennewitz <michael@schloh.com>
date
Fri, 16 Jan 2015 18:13:44 +0100
branch
TOR_BUG_9701
changeset 14
925c144e1f1f
permissions
-rw-r--r--

Integrate suggestion from review to improve consistency with existing code.

     1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */

     2 /* vim: set ts=2 et sw=2 tw=80: */

     3 /* This Source Code Form is subject to the terms of the Mozilla Public

     4  * License, v. 2.0. If a copy of the MPL was not distributed with this

     5  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */

     6 

     7 #ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_

     8 #define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_

     9 

    10 #include <windows.h>

    11 

    12 // This file contains definitions required for things dynamically loaded

    13 // while building or targetting lower platform versions or lower SDKs.

    14 

    15 #if (_WIN32_WINNT < 0x0600)

    16 typedef struct _STARTUPINFOEXA {

    17     STARTUPINFOA StartupInfo;

    18     LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;

    19 } STARTUPINFOEXA, *LPSTARTUPINFOEXA;

    20 typedef struct _STARTUPINFOEXW {

    21     STARTUPINFOW StartupInfo;

    22     LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;

    23 } STARTUPINFOEXW, *LPSTARTUPINFOEXW;

    24 #ifdef UNICODE

    25 typedef STARTUPINFOEXW STARTUPINFOEX;

    26 typedef LPSTARTUPINFOEXW LPSTARTUPINFOEX;

    27 #else

    28 typedef STARTUPINFOEXA STARTUPINFOEX;

    29 typedef LPSTARTUPINFOEXA LPSTARTUPINFOEX;

    30 #endif // UNICODE

    31 

    32 #define PROC_THREAD_ATTRIBUTE_NUMBER    0x0000FFFF

    33 #define PROC_THREAD_ATTRIBUTE_THREAD    0x00010000  // Attribute may be used with thread creation

    34 #define PROC_THREAD_ATTRIBUTE_INPUT     0x00020000  // Attribute is input only

    35 #define PROC_THREAD_ATTRIBUTE_ADDITIVE  0x00040000  // Attribute may be "accumulated," e.g. bitmasks, counters, etc.

    36 

    37 #define ProcThreadAttributeValue(Number, Thread, Input, Additive) \

    38     (((Number) & PROC_THREAD_ATTRIBUTE_NUMBER) | \

    39      ((Thread != FALSE) ? PROC_THREAD_ATTRIBUTE_THREAD : 0) | \

    40      ((Input != FALSE) ? PROC_THREAD_ATTRIBUTE_INPUT : 0) | \

    41      ((Additive != FALSE) ? PROC_THREAD_ATTRIBUTE_ADDITIVE : 0))

    42 

    43 #define ProcThreadAttributeHandleList 2

    44 

    45 #define PROC_THREAD_ATTRIBUTE_HANDLE_LIST \

    46     ProcThreadAttributeValue (ProcThreadAttributeHandleList, FALSE, TRUE, FALSE)

    47 

    48 #define PROCESS_DEP_ENABLE                          0x00000001

    49 #define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION     0x00000002

    50 

    51 #endif // (_WIN32_WINNT >= 0x0600)

    52 

    53 #if (_WIN32_WINNT < 0x0601)

    54 #define ProcThreadAttributeMitigationPolicy 7

    55 #define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY \

    56     ProcThreadAttributeValue (ProcThreadAttributeMitigationPolicy, FALSE, TRUE, FALSE)

    57 

    58 #define PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE            0x01

    59 #define PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE  0x02

    60 #define PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE          0x04

    61 #endif // (_WIN32_WINNT >= 0x0601)

    62 

    63 #if (_WIN32_WINNT < 0x0602)

    64 #define ProcThreadAttributeSecurityCapabilities 9

    65 #define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \

    66     ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, FALSE, TRUE, FALSE)

    67 

    68 #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_MASK                     (0x00000003 <<  8)

    69 #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_DEFER                    (0x00000000 <<  8)

    70 #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON                (0x00000001 <<  8)

    71 #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_OFF               (0x00000002 <<  8)

    72 #define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS     (0x00000003 <<  8)

    73 #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_MASK                            (0x00000003 << 12)

    74 #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_DEFER                           (0x00000000 << 12)

    75 #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON                       (0x00000001 << 12)

    76 #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_OFF                      (0x00000002 << 12)

    77 #define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_RESERVED                        (0x00000003 << 12)

    78 #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_MASK                            (0x00000003 << 16)

    79 #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_DEFER                           (0x00000000 << 16)

    80 #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON                       (0x00000001 << 16)

    81 #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF                      (0x00000002 << 16)

    82 #define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_RESERVED                        (0x00000003 << 16)

    83 #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_MASK                         (0x00000003 << 20)

    84 #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_DEFER                        (0x00000000 << 20)

    85 #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON                    (0x00000001 << 20)

    86 #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF                   (0x00000002 << 20)

    87 #define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_RESERVED                     (0x00000003 << 20)

    88 #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_MASK                      (0x00000003 << 24)

    89 #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_DEFER                     (0x00000000 << 24)

    90 #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON                 (0x00000001 << 24)

    91 #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_OFF                (0x00000002 << 24)

    92 #define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_RESERVED                  (0x00000003 << 24)

    93 #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_MASK                (0x00000003 << 28)

    94 #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_DEFER               (0x00000000 << 28)

    95 #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON           (0x00000001 << 28)

    96 #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_OFF          (0x00000002 << 28)

    97 #define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED            (0x00000003 << 28)

    98 #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK                   (0x00000003ui64 << 32)

    99 #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER                  (0x00000000ui64 << 32)

   100 #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON              (0x00000001ui64 << 32)

   101 #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF             (0x00000002ui64 << 32)

   102 #define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED               (0x00000003ui64 << 32)

   103 

   104 // Check if we're including >= win8 winnt.h

   105 #ifndef NTDDI_WIN8

   106 

   107 typedef struct _SECURITY_CAPABILITIES {

   108     PSID AppContainerSid;

   109     PSID_AND_ATTRIBUTES Capabilities;

   110     DWORD CapabilityCount;

   111     DWORD Reserved;

   112 } SECURITY_CAPABILITIES, *PSECURITY_CAPABILITIES, *LPSECURITY_CAPABILITIES;

   113 

   114 typedef enum _PROCESS_MITIGATION_POLICY {

   115   ProcessDEPPolicy,

   116   ProcessASLRPolicy,

   117   ProcessReserved1MitigationPolicy,

   118   ProcessStrictHandleCheckPolicy,

   119   ProcessSystemCallDisablePolicy,

   120   ProcessMitigationOptionsMask,

   121   ProcessExtensionPointDisablePolicy,

   122   MaxProcessMitigationPolicy

   123 } PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;

   124 

   125 #define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000

   126 

   127 typedef struct _PROCESS_MITIGATION_ASLR_POLICY {

   128   union {

   129     DWORD  Flags;

   130     struct {

   131       DWORD EnableBottomUpRandomization : 1;

   132       DWORD EnableForceRelocateImages : 1;

   133       DWORD EnableHighEntropy : 1;

   134       DWORD DisallowStrippedImages : 1;

   135       DWORD ReservedFlags : 28;

   136     };

   137   };

   138 } PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY;

   139 

   140 typedef struct _PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY {

   141   union {

   142     DWORD  Flags;

   143     struct {

   144       DWORD RaiseExceptionOnInvalidHandleReference : 1;

   145       DWORD HandleExceptionsPermanentlyEnabled : 1;

   146       DWORD ReservedFlags : 30;

   147     };

   148   };

   149 } PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, *PPROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY;

   150 

   151 typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {

   152   union {

   153     DWORD  Flags;

   154     struct {

   155       DWORD DisallowWin32kSystemCalls : 1;

   156       DWORD ReservedFlags : 31;

   157     };

   158   };

   159 } PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;

   160 

   161 typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY {

   162   union {

   163     DWORD  Flags;

   164     struct {

   165       DWORD DisableExtensionPoints : 1;

   166       DWORD ReservedFlags : 31;

   167     };

   168   };

   169 } PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY;

   170 

   171 #endif // NTDDI_WIN8

   172 #endif // (_WIN32_WINNT < 0x0602)

   173 #endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_

Mercurial Repository: The Tor Browser

Europalab SCM Repository Server

mercurial