AC_ARG_ENABLE(minimal, [ --enable-minimal=LIST drop support for LIST subsystems.
LIST is a comma-separated list from: aot, profiler, decimal, pinvoke, debug, appdomains, verifier,
reflection_emit, reflection_emit_save, large_code, logging, com, ssa, generics, attach, jit, simd, soft_debug, perfcounters, normalization, assembly_remapping, shared_perfcounters, remoting,
- sgen_remset, sgen_marksweep_par, sgen_marksweep_fixed, sgen_marksweep_fixed_par, sgen_copying.],
+ security, sgen_remset, sgen_marksweep_par, sgen_marksweep_fixed, sgen_marksweep_fixed_par, sgen_copying.],
[
for feature in `echo "$enable_minimal" | sed -e "s/,/ /g"`; do
eval "mono_feature_disable_$feature='yes'"
AC_MSG_NOTICE([Disabled remoting])
fi
+if test "x$mono_feature_disable_security" = "xyes"; then
+ AC_DEFINE(DISABLE_SECURITY, 1, [Disable CAS/CoreCLR security])
+ AC_MSG_NOTICE([Disabled CAS/CoreCLR security manager (used e.g. for Moonlight)])
+fi
+
if test "x$mono_feature_disable_sgen_remset" = "xyes"; then
AC_DEFINE(DISABLE_SGEN_REMSET, 1, [Disable wbarrier=remset support in SGEN.])
AC_MSG_NOTICE([Disabled wbarrier=remset support in SGEN.])
mono_secman_inheritancedemand_method (cm, im);
}
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_check_override (class, cm, im);
+
TRACE_INTERFACE_VTABLE (printf ("[NAME CHECK OK]"));
if (is_wcf_hack_disabled () && !mono_method_can_access_method_full (cm, im, NULL)) {
char *body_name = mono_method_full_name (cm, TRUE);
mono_secman_inheritancedemand_method (cm, im);
}
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_check_override (class, cm, im);
-
+
TRACE_INTERFACE_VTABLE (printf ("[INJECTED INTERFACE CHECK OK]"));
if (is_wcf_hack_disabled () && !mono_method_can_access_method_full (cm, im, NULL)) {
char *body_name = mono_method_full_name (cm, TRUE);
int i, max_vtsize = 0, max_iid, cur_slot = 0;
GPtrArray *ifaces = NULL;
GHashTable *override_map = NULL;
- gboolean security_enabled = mono_is_security_manager_active ();
+ gboolean security_enabled = mono_security_enabled ();
MonoMethod *cm;
gpointer class_iter;
#if (DEBUG_INTERFACE_VTABLE_CODE|TRACE_INTERFACE_VTABLE_CODE)
g_hash_table_insert (override_map, overrides [i * 2], overrides [i * 2 + 1]);
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_check_override (class, vtable [dslot], decl);
}
}
mono_secman_inheritancedemand_method (cm, m1);
}
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_check_override (class, cm, m1);
slot = mono_method_get_vtable_slot (m1);
mono_method_full_name (overrides [i * 2 + 1], 1), overrides [i * 2 + 1]));
g_hash_table_insert (override_map, decl, overrides [i * 2 + 1]);
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_check_override (class, vtable [decl->slot], decl);
}
}
}
/* CAS - SecurityAction.InheritanceDemand */
- if (mono_is_security_manager_active () && class->parent && (class->parent->flags & TYPE_ATTRIBUTE_HAS_SECURITY)) {
+ if (mono_security_enabled () && class->parent && (class->parent->flags & TYPE_ATTRIBUTE_HAS_SECURITY)) {
mono_secman_inheritancedemand_class (class, class->parent);
}
setup_interface_offsets (class, 0, TRUE);
}
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_check_inheritance (class);
if (mono_loader_get_last_error ()) {
init_com_from_comimport (MonoClass *class)
{
/* we don't always allow COM initialization under the CoreCLR (e.g. Moonlight does not require it) */
- if ((mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)) {
+ if (mono_security_core_clr_enabled ()) {
/* but some other CoreCLR user could requires it for their platform (i.e. trusted) code */
if (!mono_security_core_clr_determine_platform_image (class->image)) {
/* but it can not be made available for application (i.e. user code) since all COM calls
return;
}
}
+
/* FIXME : we should add an extra checks to ensure COM can be initialized properly before continuing */
mono_init_com_types ();
}
gpointer exception_data = mono_class_get_exception_data (klass);
switch (klass->exception_type) {
+#ifndef DISABLE_SECURITY
case MONO_EXCEPTION_SECURITY_INHERITANCEDEMAND: {
MonoDomain *domain = mono_domain_get ();
MonoSecurityManager* secman = mono_security_manager_get_methods ();
mono_runtime_invoke (secman->inheritsecurityexception, NULL, args, &exc);
return (MonoException*) exc;
}
+#endif
case MONO_EXCEPTION_TYPE_LOAD: {
MonoString *name;
MonoException *ex;
/* extra safety under CoreCLR - the runtime does not verify the strongname signatures
* anywhere so untrusted friends are not safe to access platform's code internals */
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR) {
+ if (mono_security_core_clr_enabled ()) {
if (!mono_security_core_clr_can_access_internals (accessing->image, accessed->image))
return FALSE;
}
mono_raise_exception (mono_get_exception_invalid_operation (
"It is illegal to get the value on a field on a type loaded using the ReflectionOnly methods."));
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_ensure_reflection_access_field (cf);
return mono_field_get_value_object (domain, cf, obj);
mono_raise_exception (mono_get_exception_invalid_operation (
"It is illegal to set the value on a field on a type loaded using the ReflectionOnly methods."));
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_ensure_reflection_access_field (cf);
type = mono_field_get_type_checked (cf, &error);
*exc = NULL;
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
mono_security_core_clr_ensure_reflection_access_method (m);
if (!(m->flags & METHOD_ATTRIBUTE_STATIC)) {
if (type->type == MONO_TYPE_CLASS) {
MonoClass *klass = mono_type_get_class (type);
- if (mono_is_security_manager_active () && !klass->exception_type)
+ if (mono_security_enabled () && !klass->exception_type)
/* Some security problems are detected during generic vtable construction */
mono_class_setup_vtable (klass);
+
/* need to report exceptions ? */
if (throwOnError && klass->exception_type) {
/* report SecurityException (or others) that occured when loading the assembly */
MonoException *exc = mono_class_get_exception_for_failure (klass);
mono_loader_clear_error ();
mono_raise_exception (exc);
- } else if (klass->exception_type == MONO_EXCEPTION_SECURITY_INHERITANCEDEMAND) {
+ } else if (mono_security_enabled () && klass->exception_type == MONO_EXCEPTION_SECURITY_INHERITANCEDEMAND) {
return NULL;
}
}
mono_assert (delegate_class->parent == mono_defaults.multicastdelegate_class);
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR) {
+ if (mono_security_core_clr_enabled ()) {
if (!mono_security_core_clr_ensure_delegate_creation (method, throwOnBindFailure))
return NULL;
}
static gboolean
mono_verifier_is_corlib (MonoImage *image)
{
- gboolean trusted_location = (mono_security_get_mode () != MONO_SECURITY_MODE_CORE_CLR) ?
+ gboolean trusted_location = !mono_security_core_clr_enabled () ?
TRUE : mono_security_core_clr_is_platform_image (image);
return trusted_location && image->module_name && !strcmp ("mscorlib.dll", image->module_name);
mono_loader_unlock ();
/* Initialization is now complete, we can throw if the InheritanceDemand aren't satisfied */
- if (mono_is_security_manager_active () && (class->exception_type == MONO_EXCEPTION_SECURITY_INHERITANCEDEMAND) && raise_on_error)
+ if (mono_security_enabled () && (class->exception_type == MONO_EXCEPTION_SECURITY_INHERITANCEDEMAND) && raise_on_error)
mono_raise_exception (mono_class_get_exception_for_failure (class));
/* make sure the parent is initialized */
ref = resolve_object (mb->module->image, obj, &handle_class, NULL);
if (!ref)
ex = mono_get_exception_type_load (NULL, NULL);
- else if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ else if (mono_security_core_clr_enabled ())
ex = mono_security_core_clr_ensure_dynamic_method_resolved_object (ref, handle_class);
if (ex) {
gboolean mono_security_core_clr_test = FALSE;
+static MonoSecurityCoreCLROptions security_core_clr_options = MONO_SECURITY_CORE_CLR_OPTIONS_DEFAULT;
+
+/**
+ * mono_security_core_clr_set_options:
+ * @options: the new options for the coreclr system to use
+ *
+ * By default, the CoreCLRs security model forbids execution trough reflection of methods not visible from the calling code.
+ * Even if the method being called is not in a platform assembly. For non moonlight CoreCLR users this restriction does not
+ * make a lot of sense, since the author could have just changed the non platform assembly to allow the method to be called.
+ * This function allows specific relaxations from the default behaviour to be set.
+ *
+ * Use MONO_SECURITY_CORE_CLR_OPTIONS_DEFAULT for the default coreclr coreclr behaviour as used in Moonlight.
+ *
+ * Use MONO_SECURITY_CORE_CLR_OPTIONS_RELAX_REFLECTION to allow transparent code to execute methods and access
+ * fields that are not in platformcode, even if those methods and fields are private or otherwise not visible to the calling code.
+ *
+ * Use MONO_SECURITY_CORE_CLR_OPTIONS_RELAX_DELEGATE to allow delegates to be created that point at methods that are not in
+ * platformcode even if those methods and fields are private or otherwise not visible to the calling code.
+ *
+ */
+void
+mono_security_core_clr_set_options (MonoSecurityCoreCLROptions options) {
+ security_core_clr_options = options;
+}
+
+/**
+ * mono_security_core_clr_get_options:
+ *
+ * Retrieves the current options used by the coreclr system.
+ */
+
+MonoSecurityCoreCLROptions
+mono_security_core_clr_get_options ()
+{
+ return security_core_clr_options;
+}
+
+/*
+ * default_platform_check:
+ *
+ * Default platform check. Always TRUE for current corlib (minimum
+ * trust-able subset) otherwise return FALSE. Any real CoreCLR host
+ * should provide its own callback to define platform code (i.e.
+ * this default is meant for test only).
+ */
+static gboolean
+default_platform_check (const char *image_name)
+{
+ if (mono_defaults.corlib) {
+ return (strcmp (mono_defaults.corlib->name, image_name) == 0);
+ } else {
+ /* this can get called even before we load corlib (e.g. the EXE itself) */
+ const char *corlib = "mscorlib.dll";
+ int ilen = strlen (image_name);
+ int clen = strlen (corlib);
+ return ((ilen >= clen) && (strcmp ("mscorlib.dll", image_name + ilen - clen) == 0));
+ }
+}
+
+static MonoCoreClrPlatformCB platform_callback = default_platform_check;
+
+/*
+ * mono_security_core_clr_determine_platform_image:
+ *
+ * Call the supplied callback (from mono_security_set_core_clr_platform_callback)
+ * to determine if this image represents platform code.
+ */
+gboolean
+mono_security_core_clr_determine_platform_image (MonoImage *image)
+{
+ return platform_callback (image->name);
+}
+
+/*
+ * mono_security_set_core_clr_platform_callback:
+ *
+ * Set the callback function that will be used to determine if an image
+ * is part, or not, of the platform code.
+ */
+void
+mono_security_set_core_clr_platform_callback (MonoCoreClrPlatformCB callback)
+{
+ platform_callback = callback;
+}
+
+/*
+ * mono_security_core_clr_is_platform_image:
+ *
+ * Return the (cached) boolean value indicating if this image represent platform code
+ */
+gboolean
+mono_security_core_clr_is_platform_image (MonoImage *image)
+{
+ return image->core_clr_platform_code;
+}
+
+/* Note: The above functions are outside this guard so that the public API isn't affected. */
+
+#ifndef DISABLE_SECURITY
+
static MonoClass*
security_critical_attribute (void)
{
}
-static MonoSecurityCoreCLROptions security_core_clr_options = MONO_SECURITY_CORE_CLR_OPTIONS_DEFAULT;
-
-/**
- * mono_security_core_clr_set_options:
- * @options: the new options for the coreclr system to use
- *
- * By default, the CoreCLRs security model forbids execution trough reflection of methods not visible from the calling code.
- * Even if the method being called is not in a platform assembly. For non moonlight CoreCLR users this restriction does not
- * make a lot of sense, since the author could have just changed the non platform assembly to allow the method to be called.
- * This function allows specific relaxations from the default behaviour to be set.
- *
- * Use MONO_SECURITY_CORE_CLR_OPTIONS_DEFAULT for the default coreclr coreclr behaviour as used in Moonlight.
- *
- * Use MONO_SECURITY_CORE_CLR_OPTIONS_RELAX_REFLECTION to allow transparent code to execute methods and access
- * fields that are not in platformcode, even if those methods and fields are private or otherwise not visible to the calling code.
- *
- * Use MONO_SECURITY_CORE_CLR_OPTIONS_RELAX_DELEGATE to allow delegates to be created that point at methods that are not in
- * platformcode even if those methods and fields are private or otherwise not visible to the calling code.
- *
- */
-
-void
-mono_security_core_clr_set_options (MonoSecurityCoreCLROptions options) {
- security_core_clr_options = options;
-}
-
-/**
- * mono_security_core_clr_get_options:
- *
- * Retrieves the current options used by the coreclr system.
- */
-
-MonoSecurityCoreCLROptions
-mono_security_core_clr_get_options ()
-{
- return security_core_clr_options;
-}
-
-
/*
* check_field_access:
*
}
/*
- * mono_security_core_clr_is_platform_image:
+ * mono_security_enable_core_clr:
*
- * Return the (cached) boolean value indicating if this image represent platform code
+ * Enable the verifier and the CoreCLR security model
*/
-gboolean
-mono_security_core_clr_is_platform_image (MonoImage *image)
+void
+mono_security_enable_core_clr ()
{
- return image->core_clr_platform_code;
+ mono_verifier_set_mode (MONO_VERIFIER_MODE_VERIFIABLE);
+ mono_security_set_mode (MONO_SECURITY_MODE_CORE_CLR);
}
-/*
- * default_platform_check:
- *
- * Default platform check. Always TRUE for current corlib (minimum
- * trust-able subset) otherwise return FALSE. Any real CoreCLR host
- * should provide its own callback to define platform code (i.e.
- * this default is meant for test only).
- */
-static gboolean
-default_platform_check (const char *image_name)
+#else
+
+void
+mono_security_core_clr_check_inheritance (MonoClass *class)
{
- if (mono_defaults.corlib) {
- return (strcmp (mono_defaults.corlib->name, image_name) == 0);
- } else {
- /* this can get called even before we load corlib (e.g. the EXE itself) */
- const char *corlib = "mscorlib.dll";
- int ilen = strlen (image_name);
- int clen = strlen (corlib);
- return ((ilen >= clen) && (strcmp ("mscorlib.dll", image_name + ilen - clen) == 0));
- }
}
-static MonoCoreClrPlatformCB platform_callback = default_platform_check;
+void
+mono_security_core_clr_check_override (MonoClass *class, MonoMethod *override, MonoMethod *base)
+{
+}
-/*
- * mono_security_core_clr_determine_platform_image:
- *
- * Call the supplied callback (from mono_security_set_core_clr_platform_callback)
- * to determine if this image represents platform code.
- */
gboolean
-mono_security_core_clr_determine_platform_image (MonoImage *image)
+mono_security_core_clr_require_elevated_permissions (void)
{
- return platform_callback (image->name);
+ return FALSE;
}
-/*
- * mono_security_enable_core_clr:
- *
- * Enable the verifier and the CoreCLR security model
- */
void
-mono_security_enable_core_clr ()
+mono_security_core_clr_ensure_reflection_access_field (MonoClassField *field)
{
- mono_verifier_set_mode (MONO_VERIFIER_MODE_VERIFIABLE);
- mono_security_set_mode (MONO_SECURITY_MODE_CORE_CLR);
}
-/*
- * mono_security_set_core_clr_platform_callback:
- *
- * Set the callback function that will be used to determine if an image
- * is part, or not, of the platform code.
- */
void
-mono_security_set_core_clr_platform_callback (MonoCoreClrPlatformCB callback)
+mono_security_core_clr_ensure_reflection_access_method (MonoMethod *method)
+{
+}
+
+gboolean
+mono_security_core_clr_ensure_delegate_creation (MonoMethod *method, gboolean throwOnBindFailure)
+{
+ return TRUE;
+}
+
+MonoException*
+mono_security_core_clr_ensure_dynamic_method_resolved_object (gpointer ref, MonoClass *handle_class)
+{
+ return NULL;
+}
+
+gboolean
+mono_security_core_clr_can_access_internals (MonoImage *accessing, MonoImage* accessed)
+{
+ return TRUE;
+}
+
+MonoException*
+mono_security_core_clr_is_field_access_allowed (MonoMethod *caller, MonoClassField *field)
+{
+ return NULL;
+}
+
+MonoException*
+mono_security_core_clr_is_call_allowed (MonoMethod *caller, MonoMethod *callee)
+{
+ return NULL;
+}
+
+MonoSecurityCoreCLRLevel
+mono_security_core_clr_class_level (MonoClass *class)
+{
+ return MONO_SECURITY_CORE_CLR_TRANSPARENT;
+}
+
+MonoSecurityCoreCLRLevel
+mono_security_core_clr_method_level (MonoMethod *method, gboolean with_class_level)
+{
+ return MONO_SECURITY_CORE_CLR_TRANSPARENT;
+}
+
+void
+mono_security_enable_core_clr ()
{
- platform_callback = callback;
}
+#endif /* DISABLE_SECURITY */
#include "security-manager.h"
-
-/* Internal stuff */
-
-static MonoSecurityManager secman;
+static MonoSecurityMode mono_security_mode = MONO_SECURITY_MODE_NONE;
static MonoBoolean mono_security_manager_activated = FALSE;
static MonoBoolean mono_security_manager_enabled = TRUE;
static MonoBoolean mono_security_manager_execution = TRUE;
-static MonoSecurityMode mono_security_mode = MONO_SECURITY_MODE_NONE;
-
-
-/* Public stuff */
void
mono_security_set_mode (MonoSecurityMode mode)
return mono_security_mode;
}
+/*
+ * Note: The security manager is activate once when executing the Mono. This
+ * is not meant to be a turn on/off runtime switch.
+ */
+void
+mono_activate_security_manager (void)
+{
+ mono_security_manager_activated = TRUE;
+}
+
+gboolean
+mono_is_security_manager_active (void)
+{
+ return mono_security_manager_activated;
+}
+
+#ifndef DISABLE_SECURITY
+
+static MonoSecurityManager secman;
+
MonoSecurityManager*
mono_security_manager_get_methods (void)
{
}
}
+#else
+
+MonoSecurityManager*
+mono_security_manager_get_methods (void)
+{
+ return NULL;
+}
-/*
- * Note: The security manager is activate once when executing the Mono. This
- * is not meant to be a turn on/off runtime switch.
- */
void
-mono_activate_security_manager (void)
+mono_secman_inheritancedemand_class (MonoClass *klass, MonoClass *parent)
{
- mono_security_manager_activated = TRUE;
}
-gboolean
-mono_is_security_manager_active (void)
+void
+mono_secman_inheritancedemand_method (MonoMethod *override, MonoMethod *base)
{
- return mono_security_manager_activated;
}
+#endif /* DISABLE_SECURITY */
+
/*
* @publickey An encoded (with header) public key
* @size The length of the public key
MonoClass *suppressunmanagedcodesecurity; /* System.Security.SuppressUnmanagedCodeSecurityAttribute */
} MonoSecurityManager;
-/* Initialization/utility functions */
-void mono_activate_security_manager (void) MONO_INTERNAL;
-gboolean mono_is_security_manager_active (void) MONO_INTERNAL;
-MonoSecurityManager* mono_security_manager_get_methods (void) MONO_INTERNAL;
gboolean mono_is_ecma_key (const char *publickey, int size) MONO_INTERNAL;
MonoMethod* mono_get_context_capture_method (void) MONO_INTERNAL;
void mono_secman_inheritancedemand_class (MonoClass *klass, MonoClass *parent) MONO_INTERNAL;
void mono_secman_inheritancedemand_method (MonoMethod *override, MonoMethod *base) MONO_INTERNAL;
+/* Initialization/utility functions */
+void mono_activate_security_manager (void) MONO_INTERNAL;
+MonoSecurityManager* mono_security_manager_get_methods (void) MONO_INTERNAL;
+
/* Security mode */
+gboolean mono_is_security_manager_active (void) MONO_INTERNAL;
void mono_security_set_mode (MonoSecurityMode mode) MONO_INTERNAL;
MonoSecurityMode mono_security_get_mode (void) MONO_INTERNAL;
void ves_icall_System_Security_SecurityManager_set_CheckExecutionRights (MonoBoolean value) MONO_INTERNAL;
MonoBoolean ves_icall_System_Security_SecurityManager_GetLinkDemandSecurity (MonoReflectionMethod *m, MonoDeclSecurityActions *kactions, MonoDeclSecurityActions *mactions) MONO_INTERNAL;
+#ifndef DISABLE_SECURITY
+#define mono_security_enabled() (mono_is_security_manager_active ())
+#define mono_security_cas_enabled() (mono_security_get_mode () == MONO_SECURITY_MODE_CAS)
+#define mono_security_core_clr_enabled() (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+#define mono_security_smcs_hack_enabled() (mono_security_get_mode () == MONO_SECURITY_MODE_SMCS_HACK)
+#else
+#define mono_security_enabled() (FALSE)
+#define mono_security_cas_enabled() (FALSE)
+#define mono_security_core_clr_enabled() (FALSE)
+#define mono_security_smcs_hack_enabled() (FALSE)
+#endif
#endif /* _MONO_METADATA_SECURITY_MANAGER_H_ */
mono_verifier_is_class_full_trust (MonoClass *klass)
{
/* under CoreCLR code is trusted if it is part of the "platform" otherwise all code inside the GAC is trusted */
- gboolean trusted_location = (mono_security_get_mode () != MONO_SECURITY_MODE_CORE_CLR) ?
+ gboolean trusted_location = !mono_security_core_clr_enabled () ?
(klass->image->assembly && klass->image->assembly->in_gac) : mono_security_core_clr_is_platform_image (klass->image);
if (verify_all && verifier_mode == MONO_VERIFIER_MODE_OFF)
if (assembly->image->dynamic || assembly->ref_only)
return;
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS)
+ if (mono_security_cas_enabled ())
return;
mono_aot_lock ();
#include "declsec.h"
#include "mini.h"
-#ifndef DISABLE_VERIFIER
+#ifndef DISABLE_SECURITY
+
/*
* Does the methods (or it's class) as any declarative security attribute ?
* Is so are they applicable ? (e.g. static class constructor)
return violation;
}
-#else /* DISABLE_JIT */
+#else /* DISABLE_SECURITY */
void
mono_declsec_cache_stack_modifiers (MonoJitInfo *jinfo)
guint32 mono_declsec_linkdemand (MonoDomain *domain, MonoMethod *caller, MonoMethod *callee) MONO_INTERNAL;
+#ifndef DISABLE_SECURITY
+#define mono_security_method_has_declsec(method) (mono_method_has_declsec(method))
+#else
+#define mono_security_method_has_declsec(method) (FALSE)
+#endif
+
#endif /* _MONO_MINI_DECLSEC_H_ */
" --runtime=VERSION Use the VERSION runtime, instead of autodetecting\n"
" --optimize=OPT Turns on or off a specific optimization\n"
" Use --list-opt to get a list of optimizations\n"
+#ifndef DISABLE_SECURITY
" --security[=mode] Turns on the unsupported security manager (off by default)\n"
" mode is one of cas, core-clr, verifiable or validil\n"
+#endif
" --attach=OPTIONS Pass OPTIONS to the attach agent in the runtime.\n"
" Currently the only supported option is 'disable'.\n"
" --llvm, --nollvm Controls whenever the runtime uses LLVM to compile code.\n"
opt->mdb_optimizations = TRUE;
enable_debugging = TRUE;
} else if (strcmp (argv [i], "--security") == 0) {
+#ifndef DISABLE_SECURITY
mono_verifier_set_mode (MONO_VERIFIER_MODE_VERIFIABLE);
mono_security_set_mode (MONO_SECURITY_MODE_CAS);
mono_activate_security_manager ();
+#else
+ fprintf (stderr, "error: --security: not compiled with security manager support");
+ return 1;
+#endif
} else if (strncmp (argv [i], "--security=", 11) == 0) {
+ /* Note: temporary-smcs-hack, validil, and verifiable need to be
+ accepted even if DISABLE_SECURITY is defined. */
+
if (strcmp (argv [i] + 11, "temporary-smcs-hack") == 0) {
mono_security_set_mode (MONO_SECURITY_MODE_SMCS_HACK);
} else if (strcmp (argv [i] + 11, "core-clr") == 0) {
+#ifndef DISABLE_SECURITY
mono_verifier_set_mode (MONO_VERIFIER_MODE_VERIFIABLE);
mono_security_set_mode (MONO_SECURITY_MODE_CORE_CLR);
+#else
+ fprintf (stderr, "error: --security: not compiled with CoreCLR support");
+ return 1;
+#endif
} else if (strcmp (argv [i] + 11, "core-clr-test") == 0) {
+#ifndef DISABLE_SECURITY
/* fixme should we enable verifiable code here?*/
mono_security_set_mode (MONO_SECURITY_MODE_CORE_CLR);
mono_security_core_clr_test = TRUE;
- } else if (strcmp (argv [i] + 11, "cas") == 0){
+#else
+ fprintf (stderr, "error: --security: not compiled with CoreCLR support");
+ return 1;
+#endif
+ } else if (strcmp (argv [i] + 11, "cas") == 0) {
+#ifndef DISABLE_SECURITY
mono_verifier_set_mode (MONO_VERIFIER_MODE_VERIFIABLE);
mono_security_set_mode (MONO_SECURITY_MODE_CAS);
mono_activate_security_manager ();
- } else if (strcmp (argv [i] + 11, "validil") == 0) {
+#else
+ fprintf (stderr, "error: --security: not compiled with CAS support");
+ return 1;
+#endif
+ } else if (strcmp (argv [i] + 11, "validil") == 0) {
mono_verifier_set_mode (MONO_VERIFIER_MODE_VALID);
- } else if (strcmp (argv [i] + 11, "verifiable") == 0) {
+ } else if (strcmp (argv [i] + 11, "verifiable") == 0) {
mono_verifier_set_mode (MONO_VERIFIER_MODE_VERIFIABLE);
- } else {
+ } else {
fprintf (stderr, "error: --security= option has invalid argument (cas, core-clr, verifiable or validil)\n");
return 1;
}
* CAS - do not inline methods with declarative security
* Note: this has to be before any possible return TRUE;
*/
- if (mono_method_has_declsec (method))
+ if (mono_security_method_has_declsec (method))
return FALSE;
#ifdef MONO_ARCH_SOFT_FLOAT
{
guint32 result;
- if ((cfg->method != caller) && mono_method_has_declsec (callee)) {
+ if ((cfg->method != caller) && mono_security_method_has_declsec (callee)) {
return TRUE;
}
dont_verify |= method->wrapper_type == MONO_WRAPPER_COMINTEROP;
dont_verify |= method->wrapper_type == MONO_WRAPPER_COMINTEROP_INVOKE;
- dont_verify |= mono_security_get_mode () == MONO_SECURITY_MODE_SMCS_HACK;
+ dont_verify |= mono_security_smcs_hack_enabled ();
/* still some type unsafety issues in marshal wrappers... (unknown is PtrToStructure) */
dont_verify_stloc = method->wrapper_type == MONO_WRAPPER_MANAGED_TO_NATIVE;
}
}
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS)
+ if (mono_security_cas_enabled ())
secman = mono_security_manager_get_methods ();
- security = (secman && mono_method_has_declsec (method));
+ security = (secman && mono_security_method_has_declsec (method));
/* at this point having security doesn't mean we have any code to generate */
if (security && (cfg->method == method)) {
/* Only Demand, NonCasDemand and DemandChoice requires code generation.
mono_emit_method_call (cfg, secman->demandunmanaged, NULL, NULL);
}
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR) {
+ if (mono_security_core_clr_enabled ()) {
/* check if this is native code, e.g. an icall or a p/invoke */
if (method->wrapper_type == MONO_WRAPPER_MANAGED_TO_NATIVE) {
MonoMethod *wrapped = mono_marshal_method_from_wrapper (method);
if (cfg->generic_sharing_context && mono_method_check_context_used (cmethod))
GENERIC_SHARING_FAILURE (CEE_JMP);
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS)
+ if (mono_security_cas_enabled ())
CHECK_CFG_EXCEPTION;
#ifdef MONO_ARCH_USE_OP_TAIL_CALL
METHOD_ACCESS_FAILURE;
}
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
ensure_method_is_allowed_to_call_method (cfg, method, cil_method, bblock, ip);
if (!virtual && (cmethod->flags & METHOD_ATTRIBUTE_ABSTRACT))
}
*/
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS) {
+ if (mono_security_cas_enabled ()) {
if (check_linkdemand (cfg, method, cmethod))
INLINE_FAILURE ("linkdemand");
CHECK_CFG_EXCEPTION;
context_used = mini_method_check_context_used (cfg, cmethod);
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS) {
+ if (mono_security_cas_enabled ()) {
if (check_linkdemand (cfg, method, cmethod))
INLINE_FAILURE ("linkdemand");
CHECK_CFG_EXCEPTION;
- } else if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR) {
+ } else if (mono_security_core_clr_enabled ()) {
ensure_method_is_allowed_to_call_method (cfg, method, cmethod, bblock, ip);
}
UNVERIFIED;
/* if the class is Critical then transparent code cannot access it's fields */
- if (!is_instance && mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (!is_instance && mono_security_core_clr_enabled ())
ensure_method_is_allowed_to_access_field (cfg, method, field, bblock, ip);
/* XXX this is technically required but, so far (SL2), no [SecurityCritical] types (not many exists) have
any visible *instance* field (in fact there's a single case for a static field in Marshal) XXX
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
ensure_method_is_allowed_to_access_field (cfg, method, field, bblock, ip);
*/
if (!dont_verify && !cfg->skip_visibility && !mono_method_can_access_method (method, cmethod))
METHOD_ACCESS_FAILURE;
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS) {
+ if (mono_security_cas_enabled ()) {
if (check_linkdemand (cfg, method, cmethod))
INLINE_FAILURE ("linkdemand");
CHECK_CFG_EXCEPTION;
- } else if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR) {
+ } else if (mono_security_core_clr_enabled ()) {
ensure_method_is_allowed_to_call_method (cfg, method, cmethod, bblock, ip);
- }
+ }
/*
* Optimize the common case of ldftn+delegate creation
target_ins = sp [-1];
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR)
+ if (mono_security_core_clr_enabled ())
ensure_method_is_allowed_to_call_method (cfg, method, ctor_method, bblock, ip);
if (!(cmethod->flags & METHOD_ATTRIBUTE_STATIC)) {
context_used = mini_method_check_context_used (cfg, cmethod);
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS) {
+ if (mono_security_cas_enabled ()) {
if (check_linkdemand (cfg, method, cmethod))
INLINE_FAILURE ("linkdemand");
CHECK_CFG_EXCEPTION;
- } else if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR) {
+ } else if (mono_security_core_clr_enabled ()) {
ensure_method_is_allowed_to_call_method (cfg, method, cmethod, bblock, ip);
}
return FALSE;
if (assembly->in_gac || assembly->image == mono_defaults.corlib)
return FALSE;
- if (mono_security_get_mode () != MONO_SECURITY_MODE_NONE)
+ if (mono_security_enabled ())
return FALSE;
return mono_assembly_has_skip_verification (assembly);
}
printf ("Number of try block holes %d\n", num_holes);
}
- if (mono_method_has_declsec (cfg->method_to_register)) {
+ if (mono_security_method_has_declsec (cfg->method_to_register)) {
cas_size = sizeof (MonoMethodCasInfo);
}
case MONO_EXCEPTION_FIELD_ACCESS:
ex = mono_exception_from_name_msg (mono_defaults.corlib, "System", "FieldAccessException", cfg->exception_message);
break;
+#ifndef DISABLE_SECURITY
/* this can only be set if the security manager is active */
case MONO_EXCEPTION_SECURITY_LINKDEMAND: {
MonoSecurityManager* secman = mono_security_manager_get_methods ();
ex = (MonoException*)exc;
break;
}
+#endif
case MONO_EXCEPTION_OBJECT_SUPPLIED: {
MonoException *exp = cfg->exception_ptr;
MONO_GC_UNREGISTER_ROOT (cfg->exception_ptr);
mono_domain_unlock (domain);
if (!info) {
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CORE_CLR) {
+ if (mono_security_core_clr_enabled ()) {
/*
* This might be redundant since mono_class_vtable () already does this,
* but keep it just in case for moonlight.
g_print ("JIT info table lookups: %ld\n", mono_stats.jit_info_table_lookup_count);
g_print ("Hazardous pointers: %ld\n", mono_stats.hazardous_pointer_count);
- if (mono_security_get_mode () == MONO_SECURITY_MODE_CAS) {
+ if (mono_security_cas_enabled ()) {
g_print ("\nDecl security check : %ld\n", mono_jit_stats.cas_declsec_check);
g_print ("LinkDemand (user) : %ld\n", mono_jit_stats.cas_linkdemand);
g_print ("LinkDemand (icall) : %ld\n", mono_jit_stats.cas_linkdemand_icall);