mirror of
https://github.com/classilla/tenfourfox.git
synced 2024-10-22 02:25:05 +00:00
174 lines
8.5 KiB
C
174 lines
8.5 KiB
C
/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
|
|
/* vim: set ts=2 et sw=2 tw=80: */
|
|
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
#ifndef _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
|
|
#define _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
|
|
|
|
#include <windows.h>
|
|
|
|
// This file contains definitions required for things dynamically loaded
|
|
// while building or targetting lower platform versions or lower SDKs.
|
|
|
|
#if (_WIN32_WINNT < 0x0600)
|
|
typedef struct _STARTUPINFOEXA {
|
|
STARTUPINFOA StartupInfo;
|
|
LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;
|
|
} STARTUPINFOEXA, *LPSTARTUPINFOEXA;
|
|
typedef struct _STARTUPINFOEXW {
|
|
STARTUPINFOW StartupInfo;
|
|
LPPROC_THREAD_ATTRIBUTE_LIST lpAttributeList;
|
|
} STARTUPINFOEXW, *LPSTARTUPINFOEXW;
|
|
#ifdef UNICODE
|
|
typedef STARTUPINFOEXW STARTUPINFOEX;
|
|
typedef LPSTARTUPINFOEXW LPSTARTUPINFOEX;
|
|
#else
|
|
typedef STARTUPINFOEXA STARTUPINFOEX;
|
|
typedef LPSTARTUPINFOEXA LPSTARTUPINFOEX;
|
|
#endif // UNICODE
|
|
|
|
#define PROC_THREAD_ATTRIBUTE_NUMBER 0x0000FFFF
|
|
#define PROC_THREAD_ATTRIBUTE_THREAD 0x00010000 // Attribute may be used with thread creation
|
|
#define PROC_THREAD_ATTRIBUTE_INPUT 0x00020000 // Attribute is input only
|
|
#define PROC_THREAD_ATTRIBUTE_ADDITIVE 0x00040000 // Attribute may be "accumulated," e.g. bitmasks, counters, etc.
|
|
|
|
#define ProcThreadAttributeValue(Number, Thread, Input, Additive) \
|
|
(((Number) & PROC_THREAD_ATTRIBUTE_NUMBER) | \
|
|
((Thread != FALSE) ? PROC_THREAD_ATTRIBUTE_THREAD : 0) | \
|
|
((Input != FALSE) ? PROC_THREAD_ATTRIBUTE_INPUT : 0) | \
|
|
((Additive != FALSE) ? PROC_THREAD_ATTRIBUTE_ADDITIVE : 0))
|
|
|
|
#define ProcThreadAttributeHandleList 2
|
|
|
|
#define PROC_THREAD_ATTRIBUTE_HANDLE_LIST \
|
|
ProcThreadAttributeValue (ProcThreadAttributeHandleList, FALSE, TRUE, FALSE)
|
|
|
|
#define PROCESS_DEP_ENABLE 0x00000001
|
|
#define PROCESS_DEP_DISABLE_ATL_THUNK_EMULATION 0x00000002
|
|
|
|
#endif // (_WIN32_WINNT >= 0x0600)
|
|
|
|
#if (_WIN32_WINNT < 0x0601)
|
|
#define ProcThreadAttributeMitigationPolicy 7
|
|
#define PROC_THREAD_ATTRIBUTE_MITIGATION_POLICY \
|
|
ProcThreadAttributeValue (ProcThreadAttributeMitigationPolicy, FALSE, TRUE, FALSE)
|
|
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ENABLE 0x01
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_DEP_ATL_THUNK_ENABLE 0x02
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_SEHOP_ENABLE 0x04
|
|
#endif // (_WIN32_WINNT >= 0x0601)
|
|
|
|
#if (_WIN32_WINNT < 0x0602)
|
|
#define ProcThreadAttributeSecurityCapabilities 9
|
|
#define PROC_THREAD_ATTRIBUTE_SECURITY_CAPABILITIES \
|
|
ProcThreadAttributeValue (ProcThreadAttributeSecurityCapabilities, FALSE, TRUE, FALSE)
|
|
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_MASK (0x00000003 << 8)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_DEFER (0x00000000 << 8)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON (0x00000001 << 8)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_OFF (0x00000002 << 8)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS (0x00000003 << 8)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_MASK (0x00000003 << 12)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_DEFER (0x00000000 << 12)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON (0x00000001 << 12)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_OFF (0x00000002 << 12)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_RESERVED (0x00000003 << 12)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_MASK (0x00000003 << 16)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_DEFER (0x00000000 << 16)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON (0x00000001 << 16)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_OFF (0x00000002 << 16)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_RESERVED (0x00000003 << 16)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_MASK (0x00000003 << 20)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_DEFER (0x00000000 << 20)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON (0x00000001 << 20)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_OFF (0x00000002 << 20)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_RESERVED (0x00000003 << 20)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_MASK (0x00000003 << 24)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_DEFER (0x00000000 << 24)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON (0x00000001 << 24)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_OFF (0x00000002 << 24)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_RESERVED (0x00000003 << 24)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_MASK (0x00000003 << 28)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_DEFER (0x00000000 << 28)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON (0x00000001 << 28)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_OFF (0x00000002 << 28)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_RESERVED (0x00000003 << 28)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_MASK (0x00000003ui64 << 32)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_DEFER (0x00000000ui64 << 32)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON (0x00000001ui64 << 32)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_OFF (0x00000002ui64 << 32)
|
|
#define PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_RESERVED (0x00000003ui64 << 32)
|
|
|
|
// Check if we're including >= win8 winnt.h
|
|
#ifndef NTDDI_WIN8
|
|
|
|
typedef struct _SECURITY_CAPABILITIES {
|
|
PSID AppContainerSid;
|
|
PSID_AND_ATTRIBUTES Capabilities;
|
|
DWORD CapabilityCount;
|
|
DWORD Reserved;
|
|
} SECURITY_CAPABILITIES, *PSECURITY_CAPABILITIES, *LPSECURITY_CAPABILITIES;
|
|
|
|
typedef enum _PROCESS_MITIGATION_POLICY {
|
|
ProcessDEPPolicy,
|
|
ProcessASLRPolicy,
|
|
ProcessReserved1MitigationPolicy,
|
|
ProcessStrictHandleCheckPolicy,
|
|
ProcessSystemCallDisablePolicy,
|
|
ProcessMitigationOptionsMask,
|
|
ProcessExtensionPointDisablePolicy,
|
|
MaxProcessMitigationPolicy
|
|
} PROCESS_MITIGATION_POLICY, *PPROCESS_MITIGATION_POLICY;
|
|
|
|
#define LOAD_LIBRARY_SEARCH_DEFAULT_DIRS 0x00001000
|
|
|
|
typedef struct _PROCESS_MITIGATION_ASLR_POLICY {
|
|
union {
|
|
DWORD Flags;
|
|
struct {
|
|
DWORD EnableBottomUpRandomization : 1;
|
|
DWORD EnableForceRelocateImages : 1;
|
|
DWORD EnableHighEntropy : 1;
|
|
DWORD DisallowStrippedImages : 1;
|
|
DWORD ReservedFlags : 28;
|
|
};
|
|
};
|
|
} PROCESS_MITIGATION_ASLR_POLICY, *PPROCESS_MITIGATION_ASLR_POLICY;
|
|
|
|
typedef struct _PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY {
|
|
union {
|
|
DWORD Flags;
|
|
struct {
|
|
DWORD RaiseExceptionOnInvalidHandleReference : 1;
|
|
DWORD HandleExceptionsPermanentlyEnabled : 1;
|
|
DWORD ReservedFlags : 30;
|
|
};
|
|
};
|
|
} PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY, *PPROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY;
|
|
|
|
typedef struct _PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY {
|
|
union {
|
|
DWORD Flags;
|
|
struct {
|
|
DWORD DisallowWin32kSystemCalls : 1;
|
|
DWORD ReservedFlags : 31;
|
|
};
|
|
};
|
|
} PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY, *PPROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY;
|
|
|
|
typedef struct _PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY {
|
|
union {
|
|
DWORD Flags;
|
|
struct {
|
|
DWORD DisableExtensionPoints : 1;
|
|
DWORD ReservedFlags : 31;
|
|
};
|
|
};
|
|
} PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY, *PPROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY;
|
|
|
|
#endif // NTDDI_WIN8
|
|
#endif // (_WIN32_WINNT < 0x0602)
|
|
#endif // _SECURITY_SANDBOX_BASE_SHIM_SDKDECLS_H_
|