1// Licensed to the .NET Foundation under one or more agreements.
2// The .NET Foundation licenses this file to you under the MIT license.
3// See the LICENSE file in the project root for more information.
4
5/*
6 * COM+99 Declarative Security Header
7 *
8 * HISTORY: Created, 4/15/98
9 */
10
11#ifndef _DECLSEC_H
12#define _DECLSEC_H
13//
14// PSECURITY_PROPS and PSECURITY_VALUES are opaque types (void*s) defined in cor.h
15// so that cor.h does not need to know about these structures. This file relates
16// the opaque types in cor.h to concrete types, which are also defined here.
17//
18// a PSECURITY_PROPS is a pSecurityProperties
19// a PSECURITY_VALUE is a pSecurityValue
20//
21
22#include "cor.h"
23
24// First, some flag values
25
26#define DECLSEC_DEMANDS 0x00000001
27#define DECLSEC_ASSERTIONS 0x00000002
28#define DECLSEC_DENIALS 0x00000004
29#define DECLSEC_INHERIT_CHECKS 0x00000008
30#define DECLSEC_LINK_CHECKS 0x00000010
31#define DECLSEC_PERMITONLY 0x00000020
32#define DECLSEC_REQUESTS 0x00000040
33#define DECLSEC_UNMNGD_ACCESS_DEMAND 0x00000080 // Used by PInvoke/Interop
34#define DECLSEC_NONCAS_DEMANDS 0x00000100
35#define DECLSEC_NONCAS_LINK_DEMANDS 0x00000200
36#define DECLSEC_NONCAS_INHERITANCE 0x00000400
37#define DECLSEC_LINK_CHECKS_HPONLY 0x00000800 // If the DECLSEC_LINK_CHECKS flag is set due to HPA (and not due to any CAS linkdemand), this flag is set
38
39#define DECLSEC_NULL_OFFSET 16
40
41#define DECLSEC_NULL_INHERIT_CHECKS (DECLSEC_INHERIT_CHECKS << DECLSEC_NULL_OFFSET)
42#define DECLSEC_NULL_LINK_CHECKS (DECLSEC_LINK_CHECKS << DECLSEC_NULL_OFFSET)
43
44#define DECLSEC_RUNTIME_ACTIONS (DECLSEC_DEMANDS | \
45 DECLSEC_NONCAS_DEMANDS | \
46 DECLSEC_ASSERTIONS | \
47 DECLSEC_DENIALS | \
48 DECLSEC_PERMITONLY | \
49 DECLSEC_UNMNGD_ACCESS_DEMAND)
50
51#define DECLSEC_FRAME_ACTIONS (DECLSEC_ASSERTIONS | \
52 DECLSEC_DENIALS | \
53 DECLSEC_PERMITONLY)
54
55#define DECLSEC_OVERRIDES (DECLSEC_DENIALS | \
56 DECLSEC_PERMITONLY)
57
58#define DECLSEC_NON_RUNTIME_ACTIONS (DECLSEC_REQUESTS | \
59 DECLSEC_INHERIT_CHECKS | \
60 DECLSEC_LINK_CHECKS | \
61 DECLSEC_NONCAS_LINK_DEMANDS | \
62 DECLSEC_NONCAS_INHERITANCE)
63
64#define BIT_TST(I,B) ((I) & (B))
65#define BIT_SET(I,B) ((I) |= (B))
66#define BIT_CLR(I,B) ((I) &= (~(B)))
67
68class LoaderHeap;
69
70class SecurityProperties
71{
72#ifdef DACCESS_COMPILE
73 friend class NativeImageDumper;
74#endif
75private:
76 DWORD dwFlags ;
77// PermList plDemands ;
78
79public:
80 void *operator new(size_t size, LoaderHeap *pHeap);
81 void operator delete(void *pMem);
82
83 SecurityProperties ()
84 {
85 LIMITED_METHOD_CONTRACT;
86 dwFlags = 0 ;
87 }
88 SecurityProperties(DWORD _dwFlags)
89 {
90 LIMITED_METHOD_CONTRACT;
91 dwFlags = _dwFlags;
92 }
93 ~SecurityProperties ()
94 {
95 LIMITED_METHOD_CONTRACT;
96 dwFlags = 0 ;
97 }
98 inline BOOL FDemandsOnly()
99 {
100 LIMITED_METHOD_CONTRACT;
101 return ( (dwFlags & ~(DECLSEC_DEMANDS|DECLSEC_UNMNGD_ACCESS_DEMAND)) == 0);
102 }
103 inline BOOL FDeclarationsExist()
104 {
105 LIMITED_METHOD_CONTRACT;
106 return dwFlags;
107 }
108 inline BOOL FDemandsExist()
109 {
110 LIMITED_METHOD_CONTRACT;
111 return BIT_TST(dwFlags, DECLSEC_DEMANDS);
112 }
113 inline void SetDemandsExist()
114 {
115 LIMITED_METHOD_CONTRACT;
116 BIT_SET(dwFlags, DECLSEC_DEMANDS);
117 }
118 inline void ResetDemandsExist()
119 {
120 LIMITED_METHOD_CONTRACT;
121 BIT_CLR(dwFlags, DECLSEC_DEMANDS);
122 }
123
124 inline BOOL FAssertionsExist()
125 {
126 LIMITED_METHOD_CONTRACT;
127 return BIT_TST(dwFlags, DECLSEC_ASSERTIONS);
128 }
129 inline void SetAssertionsExist()
130 {
131 LIMITED_METHOD_CONTRACT;
132 BIT_SET(dwFlags, DECLSEC_ASSERTIONS);
133 }
134 inline void ResetAssertionsExist()
135 {
136 LIMITED_METHOD_CONTRACT;
137 BIT_CLR(dwFlags, DECLSEC_ASSERTIONS);
138 }
139
140 inline BOOL FDenialsExist()
141 {
142 LIMITED_METHOD_CONTRACT;
143 return BIT_TST(dwFlags, DECLSEC_DENIALS);
144 }
145 inline void SetDenialsExist()
146 {
147 LIMITED_METHOD_CONTRACT;
148 BIT_SET(dwFlags, DECLSEC_DENIALS);
149 }
150 inline void ResetDenialsExist()
151 {
152 LIMITED_METHOD_CONTRACT;
153 BIT_CLR(dwFlags, DECLSEC_DENIALS);
154 }
155
156 inline BOOL FInherit_ChecksExist()
157 {
158 LIMITED_METHOD_CONTRACT;
159 return BIT_TST(dwFlags, DECLSEC_INHERIT_CHECKS);
160 }
161 inline void SetInherit_ChecksExist()
162 {
163 LIMITED_METHOD_CONTRACT;
164 BIT_SET(dwFlags, DECLSEC_INHERIT_CHECKS);
165 }
166 inline void ResetInherit_ChecksExist()
167 {
168 LIMITED_METHOD_CONTRACT;
169 BIT_CLR(dwFlags, DECLSEC_INHERIT_CHECKS);
170 }
171
172 // The class requires an inheritance check only if there are inherit checks and
173 // they aren't null.
174 inline BOOL RequiresCasInheritanceCheck () {LIMITED_METHOD_CONTRACT; return (dwFlags & (DECLSEC_INHERIT_CHECKS | DECLSEC_NULL_INHERIT_CHECKS))
175 == DECLSEC_INHERIT_CHECKS ;}
176
177 inline BOOL RequiresNonCasInheritanceCheck () {LIMITED_METHOD_CONTRACT; return dwFlags & DECLSEC_NONCAS_INHERITANCE;}
178
179
180 inline BOOL RequiresInheritanceCheck () {WRAPPER_NO_CONTRACT; return (RequiresCasInheritanceCheck() ||
181 RequiresNonCasInheritanceCheck()) ;}
182
183 inline BOOL FLink_ChecksExist()
184 {
185 LIMITED_METHOD_CONTRACT;
186 return BIT_TST(dwFlags, DECLSEC_LINK_CHECKS);
187 }
188 inline void SetLink_ChecksExist()
189 {
190 LIMITED_METHOD_CONTRACT;
191 BIT_SET(dwFlags, DECLSEC_LINK_CHECKS);
192 }
193 inline void ResetLink_ChecksExist()
194 {
195 LIMITED_METHOD_CONTRACT;
196 BIT_CLR(dwFlags, DECLSEC_LINK_CHECKS);
197 }
198
199 inline BOOL RequiresCasLinktimeCheck () {LIMITED_METHOD_CONTRACT; return (dwFlags & (DECLSEC_LINK_CHECKS | DECLSEC_NULL_LINK_CHECKS))
200 == DECLSEC_LINK_CHECKS ;}
201
202 inline BOOL RequiresNonCasLinktimeCheck () {LIMITED_METHOD_CONTRACT; return (dwFlags & DECLSEC_NONCAS_LINK_DEMANDS);}
203
204
205 inline BOOL RequiresLinktimeCheck () {WRAPPER_NO_CONTRACT; return RequiresCasLinktimeCheck() ||
206 RequiresNonCasLinktimeCheck();}
207 inline BOOL RequiresLinkTimeCheckHostProtectionOnly () {LIMITED_METHOD_CONTRACT; return (dwFlags & DECLSEC_LINK_CHECKS_HPONLY);}
208
209 inline BOOL FPermitOnlyExist()
210 {
211 LIMITED_METHOD_CONTRACT;
212 return BIT_TST(dwFlags, DECLSEC_PERMITONLY);
213 }
214 inline void SetPermitOnlyExist()
215 {
216 LIMITED_METHOD_CONTRACT;
217 BIT_SET(dwFlags, DECLSEC_PERMITONLY);
218 }
219 inline void ResetPermitOnlyExist()
220 {
221 LIMITED_METHOD_CONTRACT;
222 BIT_CLR(dwFlags, DECLSEC_PERMITONLY);
223 }
224
225 inline void SetFlags(DWORD dw)
226 {
227 LIMITED_METHOD_CONTRACT;
228 dwFlags = dw;
229 }
230
231 inline void SetFlags(DWORD dw, DWORD dwNull)
232 {
233 LIMITED_METHOD_CONTRACT;
234
235 dwFlags = (dw | (dwNull << DECLSEC_NULL_OFFSET));
236 }
237
238 inline DWORD GetRuntimeActions()
239 {
240 LIMITED_METHOD_CONTRACT;
241
242 return dwFlags & DECLSEC_RUNTIME_ACTIONS;
243 }
244
245 inline DWORD GetNullRuntimeActions()
246 {
247 LIMITED_METHOD_CONTRACT;
248
249 return (dwFlags >> DECLSEC_NULL_OFFSET) & DECLSEC_RUNTIME_ACTIONS;
250 }
251} ;
252
253typedef SecurityProperties * PSecurityProperties, ** PpSecurityProperties ;
254
255#endif
256