diff options
Diffstat (limited to 'security/sandbox/chromium-shim/base/win/sdkdecls.h')
-rw-r--r-- | security/sandbox/chromium-shim/base/win/sdkdecls.h | 191 |
1 files changed, 191 insertions, 0 deletions
diff --git a/security/sandbox/chromium-shim/base/win/sdkdecls.h b/security/sandbox/chromium-shim/base/win/sdkdecls.h new file mode 100644 index 000000000..e999ab967 --- /dev/null +++ b/security/sandbox/chromium-shim/base/win/sdkdecls.h @@ -0,0 +1,191 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ +#define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ + +#include <windows.h> + +// This file contains definitions required for things dynamically loaded +// while building or targetting lower platform versions or lower SDKs. + +#if (_WIN32_WINNT < 0x0600) +typedef struct _STARTUPINFOEXA { + STARTUPINFOA StartupInfo; + LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList; +} STARTUPINFOEXA, *LPSTARTUPINFOEXA; +typedef struct _STARTUPINFOEXW { + STARTUPINFOW StartupInfo; + LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList; +} STARTUPINFOEXW, *LPSTARTUPINFOEXW; +#ifdef UNICODE +typedef STARTUPINFOEXW STARTUPINFOEX; +typedef LPSTARTUPINFOEXW LPSTARTUPINFOEX; +#else +typedef STARTUPINFOEXA STARTUPINFOEX; +typedef LPSTARTUPINFOEXA LPSTARTUPINFOEX; +#endif // UNICODE + +#define PROC_THREAD_ATTRIBUTE_NUMBER 0x0000FFFF +#define PROC_THREAD_ATTRIBUTE_THREAD 0x00010000 // Attribute may be used with thread creation +#define PROC_THREAD_ATTRIBUTE_INPUT 0x00020000 // Attribute is input only +#define PROC_THREAD_ATTRIBUTE_ADDITIVE 0x00040000 // Attribute may be "accumulated," e.g. bitmasks, counters, etc. + +#define ProcThreadAttributeValue(Number, Thread, Input, Additive) \ + (((Number) & PROC_THREAD_ATTRIBUTE_NUMBER) | \ + ((Thread != FALSE) ? PROC_THREAD_ATTRIBUTE_THREAD : 0) | \ + ((Input != FALSE) ? PROC_THREAD_ATTRIBUTE_INPUT : 0) | \ + ((Additive != FALSE) ? PROC_THREAD_ATTRIBUTE_ADDITIVE : 0)) + +#define ProcThreadAttributeHandleList 2 + +#define PROC_THREAD_ATTRIBUTE_HANDLE_LIST \ + ProcThreadAttributeValue (ProcThreadAttributeHandleList, FALSE, TRUE, FALSE) + +#define PROCESS_DEP_ENABLE 0x00000001 +#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002 + +// They dynamically load these, but they still use the functions to describe the +// function pointers! +WINBASEAPI +int +WINAPI +GetUserDefaultLocaleName( + _Out_writes_(cchLocaleName) LPWSTR lpLocaleName, + _In_ int cchLocaleName +); + +WINBASEAPI +BOOL +WINAPI +QueryThreadCycleTime( + _In_ HANDLE ThreadHandle, + _Out_ PULONG64 CycleTime + ); + +#endif // (_WIN32_WINNT >= 0x0600) + +#if (_WIN32_WINNT < 0x0601) +#define ProcThreadAttributeMitigationPolicy 7 +#define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY \ + ProcThreadAttributeValue (ProcThreadAttributeMitigationPolicy, FALSE, TRUE, FALSE) + +#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE 0x01 +#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE 0x02 +#define PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE 0x04 +#endif // (_WIN32_WINNT >= 0x0601) + +#if (_WIN32_WINNT < 0x0602) +#define ProcThreadAttributeSecurityCapabilities 9 +#define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \ + ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, FALSE, TRUE, FALSE) + +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_MASK (0x00000003 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_DEFER (0x00000000 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000001 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_OFF (0x00000002 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS (0x00000003 << 8) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_MASK (0x00000003 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_DEFER (0x00000000 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON (0x00000001 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_OFF (0x00000002 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_RESERVED (0x00000003 << 12) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_MASK (0x00000003 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_DEFER (0x00000000 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00000001 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00000002 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_RESERVED (0x00000003 << 16) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_MASK (0x00000003 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_DEFER (0x00000000 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON (0x00000001 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF (0x00000002 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_RESERVED (0x00000003 << 20) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_MASK (0x00000003 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_DEFER (0x00000000 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON (0x00000001 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_OFF (0x00000002 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_RESERVED (0x00000003 << 24) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_MASK (0x00000003 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_DEFER (0x00000000 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON (0x00000001 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_OFF (0x00000002 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32) +#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32) + +// Check if we're including >= win8 winnt.h +#ifndef NTDDI_WIN8 + +typedef struct _SECURITY_CAPABILITIES { + PSID AppContainerSid; + PSID_AND_ATTRIBUTES Capabilities; + DWORD CapabilityCount; + DWORD Reserved; +} SECURITY_CAPABILITIES, *PSECURITY_CAPABILITIES, *LPSECURITY_CAPABILITIES; + +typedef enum _PROCESS_MITIGATION_POLICY { + ProcessDEPPolicy, + ProcessASLRPolicy, + ProcessReserved1MitigationPolicy, + ProcessStrictHandleCheckPolicy, + ProcessSystemCallDisablePolicy, + ProcessMitigationOptionsMask, + ProcessExtensionPointDisablePolicy, + MaxProcessMitigationPolicy +} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY; + +#define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000 + +typedef struct _PROCESS_MITIGATION_ASLR_POLICY { + union { + DWORD Flags; + struct { + DWORD EnableBottomUpRandomization : 1; + DWORD EnableForceRelocateImages : 1; + DWORD EnableHighEntropy : 1; + DWORD DisallowStrippedImages : 1; + DWORD ReservedFlags : 28; + }; + }; +} PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY; + +typedef struct _PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY { + union { + DWORD Flags; + struct { + DWORD RaiseExceptionOnInvalidHandleReference : 1; + DWORD HandleExceptionsPermanentlyEnabled : 1; + DWORD ReservedFlags : 30; + }; + }; +} PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, *PPROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY; + +typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY { + union { + DWORD Flags; + struct { + DWORD DisallowWin32kSystemCalls : 1; + DWORD ReservedFlags : 31; + }; + }; +} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY; + +typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY { + union { + DWORD Flags; + struct { + DWORD DisableExtensionPoints : 1; + DWORD ReservedFlags : 31; + }; + }; +} PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY; + +#endif // NTDDI_WIN8 +#endif // (_WIN32_WINNT < 0x0602) +#endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_ |