| blob | f1bc090c0affe9b09d0c2dc8d186111e75b7ad74 |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 #include <algorithm>
16 // Functions for enabling policies.
20 PROCESS_MITIGATION_POLICY mitigation_policy,
21 PVOID buffer,
22 SIZE_T length);
25 DWORD DirectoryFlags);
40 SetDefaultDllDirectoriesFunction set_default_dll_directories =
44 // Check for SetDefaultDllDirectories since it requires KB2533623.
49 }
50 }
51 }
53 // Set the heap to terminate on corruption
60 }
61 }
68 }
73 // DEP support is quirky on XP, so don't force a failure in that case.
79 SetProcessDEPPolicyFunction set_process_dep_policy =
86 }
88 // We're on XP sp2, so use the less standard approach.
89 // For reference: http://www.uninformed.org/?v=2&a=4
103 ProcessExecuteFlags,
107 }
108 }
109 }
110 #endif
112 // This is all we can do in Win7 and below.
116 SetProcessMitigationPolicyFunction set_process_mitigation_policy =
122 // Enable ASLR policies.
124 PROCESS_MITIGATION_ASLR_POLICY policy = {};
127 MITIGATION_RELOCATE_IMAGE_REQUIRED) ==
128 MITIGATION_RELOCATE_IMAGE_REQUIRED;
134 }
135 }
137 // Enable strict handle policies.
139 PROCESS_MITIGATION_STRICT_HANDLE_CHECK_POLICY policy = {};
147 }
148 }
150 // Enable system call policies.
152 PROCESS_MITIGATION_SYSTEM_CALL_DISABLE_POLICY policy = {};
159 }
160 }
162 // Enable system call policies.
164 PROCESS_MITIGATION_EXTENSION_POINT_DISABLE_POLICY policy = {};
171 }
172 }
175 }
182 #if defined(_WIN64)
184 #elif defined(_M_IX86)
185 // A 64-bit flags attribute is illegal on 32-bit Win 7 and below.
188 else
190 #else
191 #error This platform is not supported.
192 #endif
194 // Nothing for Win XP or Vista.
198 // DEP and SEHOP are not valid for 64-bit Windows
199 #if !defined(_WIN64)
204 }
208 #endif
210 // Win 7
216 PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON;
219 PROCESS_CREATION_MITIGATION_POLICY_FORCE_RELOCATE_IMAGES_ALWAYS_ON_REQ_RELOCS;
220 }
221 }
225 PROCESS_CREATION_MITIGATION_POLICY_HEAP_TERMINATE_ALWAYS_ON;
226 }
230 PROCESS_CREATION_MITIGATION_POLICY_BOTTOM_UP_ASLR_ALWAYS_ON;
231 }
235 PROCESS_CREATION_MITIGATION_POLICY_HIGH_ENTROPY_ASLR_ALWAYS_ON;
236 }
240 PROCESS_CREATION_MITIGATION_POLICY_STRICT_HANDLE_CHECKS_ALWAYS_ON;
241 }
245 PROCESS_CREATION_MITIGATION_POLICY_WIN32K_SYSTEM_CALL_DISABLE_ALWAYS_ON;
246 }
250 PROCESS_CREATION_MITIGATION_POLICY_EXTENSION_POINT_DISABLE_ALWAYS_ON;
251 }
252 }
257 // Windows XP SP2+.
260 MITIGATION_DEP_NO_ATL_THUNK);
261 }
263 // Windows Vista
266 MITIGATION_DLL_SEARCH_ORDER |
267 MITIGATION_HEAP_TERMINATE);
268 }
270 // Windows 7.
273 MITIGATION_DLL_SEARCH_ORDER |
274 MITIGATION_HEAP_TERMINATE);
275 }
277 // Windows 8 and above.
279 MITIGATION_DLL_SEARCH_ORDER);
280 }
283 MitigationFlags flags) {
284 // This is a hack to fake a weak bottom-up ASLR on 32-bit Windows.
285 #if !defined(_WIN64)
291 // Random range (512k-16.5mb) in 64k steps.
294 MEMORY_BASIC_INFORMATION memory_info;
302 }
303 }
304 #endif
307 }
310 // All of these mitigations can be enabled after startup.
312 MITIGATION_DEP |
313 MITIGATION_DEP_NO_ATL_THUNK |
314 MITIGATION_RELOCATE_IMAGE |
315 MITIGATION_RELOCATE_IMAGE_REQUIRED |
316 MITIGATION_BOTTOM_UP_ASLR |
317 MITIGATION_STRICT_HANDLE_CHECKS |
318 MITIGATION_EXTENSION_DLL_DISABLE |
319 MITIGATION_DLL_SEARCH_ORDER |
320 MITIGATION_HARDEN_TOKEN_IL_POLICY));
321 }
324 // These mitigations cannot be enabled prior to startup.
326 MITIGATION_DLL_SEARCH_ORDER));
327 }