Code:
/ 4.0 / 4.0 / DEVDIV_TFS / Dev10 / Releases / RTMRel / ndp / clr / src / BCL / System / Security / SecurityRuntime.cs / 1305376 / SecurityRuntime.cs
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// [....]
//
namespace System.Security {
using System;
using System.Globalization;
using System.Threading;
using System.Reflection;
using System.Collections;
using System.Runtime.CompilerServices;
using System.Security.Permissions;
using System.Runtime.Versioning;
using System.Diagnostics.Contracts;
internal class SecurityRuntime
{
private SecurityRuntime(){}
// Returns the security object for the caller of the method containing
// 'stackMark' on its frame.
//
// THE RETURNED OBJECT IS THE LIVE RUNTIME OBJECT. BE CAREFUL WITH IT!
//
// Internal only, do not doc.
//
[System.Security.SecurityCritical] // auto-generated
[ResourceExposure(ResourceScope.None)]
[MethodImplAttribute(MethodImplOptions.InternalCall)]
internal static extern
FrameSecurityDescriptor GetSecurityObjectForFrame(ref StackCrawlMark stackMark,
bool create);
// Constants used to return status to native
internal const bool StackContinue = true;
internal const bool StackHalt = false;
// Returns the number of negative overrides(deny/permitonly) in this secDesc
private static int OverridesHelper(FrameSecurityDescriptor secDesc)
{
// check imperative
int count = OverridesHelper2(secDesc, false);
// add declarative
count += OverridesHelper2(secDesc, true);
return count;
}
private static int OverridesHelper2(FrameSecurityDescriptor secDesc, bool fDeclarative)
{
PermissionSet permSet;
int count = 0;
permSet = secDesc.GetPermitOnly(fDeclarative);
if (permSet != null)
count++;
permSet = secDesc.GetDenials(fDeclarative);
if (permSet != null)
count++;
return count;
}
// this method is a big perf hit, so don't call unnecessarily
[System.Security.SecurityCritical] // auto-generated
internal static MethodInfo GetMethodInfo(RuntimeMethodHandleInternal rmh)
{
if (rmh.IsNullHandle())
return null;
#if _DEBUG
try
{
#endif
// Assert here because reflection will check grants and if we fail the check,
// there will be an infinite recursion that overflows the stack.
PermissionSet.s_fullTrust.Assert();
return (System.RuntimeType.GetMethodBase(RuntimeMethodHandle.GetDeclaringType(rmh), rmh) as MethodInfo);
#if _DEBUG
}
catch(Exception)
{
return null;
}
#endif
}
[System.Security.SecurityCritical] // auto-generated
private static bool FrameDescSetHelper(FrameSecurityDescriptor secDesc,
PermissionSet demandSet,
out PermissionSet alteredDemandSet,
RuntimeMethodHandleInternal rmh)
{
return secDesc.CheckSetDemand(demandSet, out alteredDemandSet, rmh);
}
[System.Security.SecurityCritical] // auto-generated
private static bool FrameDescHelper(FrameSecurityDescriptor secDesc,
IPermission demandIn,
PermissionToken permToken,
RuntimeMethodHandleInternal rmh)
{
return secDesc.CheckDemand((CodeAccessPermission) demandIn, permToken, rmh);
}
//
// API for PermissionSets
//
[System.Security.SecurityCritical] // auto-generated
internal static void Assert(PermissionSet permSet, ref StackCrawlMark stackMark)
{
// Note: if the "AssertPermission" is not a permission that implements IUnrestrictedPermission
// you need to change the fourth parameter to a zero.
FrameSecurityDescriptor secObj = CodeAccessSecurityEngine.CheckNReturnSO(
CodeAccessSecurityEngine.AssertPermissionToken,
CodeAccessSecurityEngine.AssertPermission,
ref stackMark,
1 );
Contract.Assert(secObj != null,"Failure in SecurityRuntime.Assert() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.HasImperativeAsserts())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetAssert(permSet);
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void AssertAllPossible(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj =
SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true);
Contract.Assert(secObj != null, "Failure in SecurityRuntime.AssertAllPossible() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.GetAssertAllPossible())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetAssertAllPossible();
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void Deny(PermissionSet permSet, ref StackCrawlMark stackMark)
{
#if FEATURE_CAS_POLICY
// Deny is only valid in legacy mode
if (!AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_CasDeny"));
}
#endif // FEATURE_CAS_POLICY
FrameSecurityDescriptor secObj =
SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true);
Contract.Assert(secObj != null, "Failure in SecurityRuntime.Deny() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.HasImperativeDenials())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetDeny(permSet);
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void PermitOnly(PermissionSet permSet, ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj =
SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true);
Contract.Assert(secObj != null, "Failure in SecurityRuntime.PermitOnly() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.HasImperativeRestrictions())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetPermitOnly(permSet);
}
}
//
// Revert API
//
[System.Security.SecurityCritical] // auto-generated
internal static void RevertAssert(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertAssert();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void RevertDeny(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertDeny();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void RevertPermitOnly(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertPermitOnly();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void RevertAll(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertAll();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
// ==++==
//
// Copyright (c) Microsoft Corporation. All rights reserved.
//
// ==--==
// [....]
//
namespace System.Security {
using System;
using System.Globalization;
using System.Threading;
using System.Reflection;
using System.Collections;
using System.Runtime.CompilerServices;
using System.Security.Permissions;
using System.Runtime.Versioning;
using System.Diagnostics.Contracts;
internal class SecurityRuntime
{
private SecurityRuntime(){}
// Returns the security object for the caller of the method containing
// 'stackMark' on its frame.
//
// THE RETURNED OBJECT IS THE LIVE RUNTIME OBJECT. BE CAREFUL WITH IT!
//
// Internal only, do not doc.
//
[System.Security.SecurityCritical] // auto-generated
[ResourceExposure(ResourceScope.None)]
[MethodImplAttribute(MethodImplOptions.InternalCall)]
internal static extern
FrameSecurityDescriptor GetSecurityObjectForFrame(ref StackCrawlMark stackMark,
bool create);
// Constants used to return status to native
internal const bool StackContinue = true;
internal const bool StackHalt = false;
// Returns the number of negative overrides(deny/permitonly) in this secDesc
private static int OverridesHelper(FrameSecurityDescriptor secDesc)
{
// check imperative
int count = OverridesHelper2(secDesc, false);
// add declarative
count += OverridesHelper2(secDesc, true);
return count;
}
private static int OverridesHelper2(FrameSecurityDescriptor secDesc, bool fDeclarative)
{
PermissionSet permSet;
int count = 0;
permSet = secDesc.GetPermitOnly(fDeclarative);
if (permSet != null)
count++;
permSet = secDesc.GetDenials(fDeclarative);
if (permSet != null)
count++;
return count;
}
// this method is a big perf hit, so don't call unnecessarily
[System.Security.SecurityCritical] // auto-generated
internal static MethodInfo GetMethodInfo(RuntimeMethodHandleInternal rmh)
{
if (rmh.IsNullHandle())
return null;
#if _DEBUG
try
{
#endif
// Assert here because reflection will check grants and if we fail the check,
// there will be an infinite recursion that overflows the stack.
PermissionSet.s_fullTrust.Assert();
return (System.RuntimeType.GetMethodBase(RuntimeMethodHandle.GetDeclaringType(rmh), rmh) as MethodInfo);
#if _DEBUG
}
catch(Exception)
{
return null;
}
#endif
}
[System.Security.SecurityCritical] // auto-generated
private static bool FrameDescSetHelper(FrameSecurityDescriptor secDesc,
PermissionSet demandSet,
out PermissionSet alteredDemandSet,
RuntimeMethodHandleInternal rmh)
{
return secDesc.CheckSetDemand(demandSet, out alteredDemandSet, rmh);
}
[System.Security.SecurityCritical] // auto-generated
private static bool FrameDescHelper(FrameSecurityDescriptor secDesc,
IPermission demandIn,
PermissionToken permToken,
RuntimeMethodHandleInternal rmh)
{
return secDesc.CheckDemand((CodeAccessPermission) demandIn, permToken, rmh);
}
//
// API for PermissionSets
//
[System.Security.SecurityCritical] // auto-generated
internal static void Assert(PermissionSet permSet, ref StackCrawlMark stackMark)
{
// Note: if the "AssertPermission" is not a permission that implements IUnrestrictedPermission
// you need to change the fourth parameter to a zero.
FrameSecurityDescriptor secObj = CodeAccessSecurityEngine.CheckNReturnSO(
CodeAccessSecurityEngine.AssertPermissionToken,
CodeAccessSecurityEngine.AssertPermission,
ref stackMark,
1 );
Contract.Assert(secObj != null,"Failure in SecurityRuntime.Assert() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.HasImperativeAsserts())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetAssert(permSet);
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void AssertAllPossible(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj =
SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true);
Contract.Assert(secObj != null, "Failure in SecurityRuntime.AssertAllPossible() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.GetAssertAllPossible())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetAssertAllPossible();
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void Deny(PermissionSet permSet, ref StackCrawlMark stackMark)
{
#if FEATURE_CAS_POLICY
// Deny is only valid in legacy mode
if (!AppDomain.CurrentDomain.IsLegacyCasPolicyEnabled)
{
throw new NotSupportedException(Environment.GetResourceString("NotSupported_CasDeny"));
}
#endif // FEATURE_CAS_POLICY
FrameSecurityDescriptor secObj =
SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true);
Contract.Assert(secObj != null, "Failure in SecurityRuntime.Deny() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.HasImperativeDenials())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetDeny(permSet);
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void PermitOnly(PermissionSet permSet, ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj =
SecurityRuntime.GetSecurityObjectForFrame(ref stackMark, true);
Contract.Assert(secObj != null, "Failure in SecurityRuntime.PermitOnly() - secObj != null");
if (secObj == null)
{
// Security: REQ_SQ flag is missing. Bad compiler ?
System.Environment.FailFast(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
else
{
if (secObj.HasImperativeRestrictions())
throw new SecurityException( Environment.GetResourceString( "Security_MustRevertOverride" ) );
secObj.SetPermitOnly(permSet);
}
}
//
// Revert API
//
[System.Security.SecurityCritical] // auto-generated
internal static void RevertAssert(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertAssert();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void RevertDeny(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertDeny();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void RevertPermitOnly(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertPermitOnly();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
[System.Security.SecurityCritical] // auto-generated
internal static void RevertAll(ref StackCrawlMark stackMark)
{
FrameSecurityDescriptor secObj = GetSecurityObjectForFrame(ref stackMark, false);
if (secObj != null)
{
secObj.RevertAll();
}
else
{
throw new InvalidOperationException(Environment.GetResourceString("ExecutionEngine_MissingSecurityDescriptor"));
}
}
}
}
// File provided for Reference Use Only by Microsoft Corporation (c) 2007.
Link Menu
This book is available now!
Buy at Amazon US or
Buy at Amazon UK
- NativeMethodsOther.cs
- Boolean.cs
- PropertyToken.cs
- TextTrailingCharacterEllipsis.cs
- ChtmlTextWriter.cs
- SendActivityValidator.cs
- TextProviderWrapper.cs
- PerfCounterSection.cs
- Block.cs
- AssociationSet.cs
- AttachmentService.cs
- CreateSequence.cs
- LocalizationComments.cs
- EncoderNLS.cs
- ObjectParameterCollection.cs
- DataGridViewRowConverter.cs
- ConfigDefinitionUpdates.cs
- StandardCommands.cs
- COAUTHIDENTITY.cs
- SBCSCodePageEncoding.cs
- SizeValueSerializer.cs
- EndpointInstanceProvider.cs
- XmlParserContext.cs
- DataContractSet.cs
- MetafileHeaderWmf.cs
- SerializableAttribute.cs
- ListViewGroup.cs
- LineGeometry.cs
- ColorContext.cs
- TrackBarRenderer.cs
- DefaultAutoFieldGenerator.cs
- QuotaThrottle.cs
- UniqueSet.cs
- BaseCodeDomTreeGenerator.cs
- UInt16Storage.cs
- MatrixValueSerializer.cs
- ElementMarkupObject.cs
- RegexTree.cs
- PartialToken.cs
- MenuTracker.cs
- IChannel.cs
- AsymmetricSignatureFormatter.cs
- ActivityPreviewDesigner.cs
- HTTPNotFoundHandler.cs
- EmptyEnumerable.cs
- CodeFieldReferenceExpression.cs
- ApplicationServiceHelper.cs
- SerialStream.cs
- NullRuntimeConfig.cs
- RsaKeyIdentifierClause.cs
- X500Name.cs
- OleDbFactory.cs
- GridViewDeleteEventArgs.cs
- PresentationAppDomainManager.cs
- DES.cs
- DataGridTemplateColumn.cs
- COM2ComponentEditor.cs
- StringValueSerializer.cs
- DesignerVerbCollection.cs
- Binding.cs
- Transform3D.cs
- TraceSource.cs
- CodeDesigner.cs
- HyperLinkColumn.cs
- UnsafeNativeMethods.cs
- EmptyEnumerator.cs
- COM2PropertyDescriptor.cs
- AutomationPattern.cs
- FilterQuery.cs
- DoubleAnimationClockResource.cs
- MultipartIdentifier.cs
- ObjectResult.cs
- CompiledQuery.cs
- PathGeometry.cs
- XmlComplianceUtil.cs
- CodeGeneratorOptions.cs
- SocketElement.cs
- ScaleTransform.cs
- FrameworkContentElement.cs
- ProviderConnectionPointCollection.cs
- XmlWhitespace.cs
- SafeTokenHandle.cs
- ServiceNameElement.cs
- SessionStateContainer.cs
- IgnoreDataMemberAttribute.cs
- Tracking.cs
- EditorBrowsableAttribute.cs
- MobileControl.cs
- RequestCachingSection.cs
- CategoryNameCollection.cs
- DodSequenceMerge.cs
- CaretElement.cs
- TabletDeviceInfo.cs
- PrinterResolution.cs
- WebScriptMetadataMessage.cs
- Pair.cs
- SystemIcmpV6Statistics.cs
- Interfaces.cs
- StaticTextPointer.cs
- ArithmeticLiteral.cs