public void CreateSortedVersionDictionary_OverlappingVersionRange_ThrowsException(string firstRange, string secondRange) { var versionList = new PropertiesDictionary(); versionList.Add(firstRange, (CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); versionList.Add(secondRange, (CompilerMitigations.QSpectreAvailable).ToString()); Assert.Throws <InvalidOperationException>(() => EnableSpectreMitigations.CreateSortedVersionDictionary(versionList)); }
private void AddCompilerMitigationDataToDictionary(PropertiesDictionary dictionary, CompilerVersionToMitigation data) { string start = data.MinimalSupportedVersion.ToString().Replace(int.MaxValue.ToString(), "*"); string end = data.MaximumSupportedVersion.ToString().Replace(int.MaxValue.ToString(), "*"); string key = start + " - " + end; dictionary.Add(key, data.SupportedMitigations.ToString()); }
public void CreateSortedVersionDictionary_BadVersionRange_ThrowsException() { var versionList = new PropertiesDictionary(); versionList.Add("8.0.0.0 - 1.0.0.0", (CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); Assert.Throws <InvalidOperationException>(() => EnableSpectreMitigations.CreateSortedVersionDictionary(versionList)); }
private void AddFakeConfigTestData(PropertiesDictionary policy) { PropertiesDictionary BA2024Config = new PropertiesDictionary(); PropertiesDictionary mitigatedCompilers = new PropertiesDictionary(); PropertiesDictionary fakeX86Data = GenerateMachineFamilyData(); PropertiesDictionary fakeArmData = new PropertiesDictionary(); fakeArmData.Add("1.0.0.0 - 1.8.*.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable).ToString()); fakeArmData.Add("2.0.0.0 - 2.0.0.*", (CompilerMitigations.NonoptimizedCodeMitigated | CompilerMitigations.QSpectreAvailable).ToString()); fakeArmData.Add("2.0.1.0 - 2.*.*.*", (CompilerMitigations.NonoptimizedCodeMitigated | CompilerMitigations.QSpectreAvailable).ToString()); mitigatedCompilers.Add(MachineFamily.X86.ToString(), fakeX86Data); mitigatedCompilers.Add(MachineFamily.Arm.ToString(), fakeArmData); BA2024Config.Add("MitigatedCompilers", mitigatedCompilers); policy.Add("BA2024.EnableSpectreMitigations.Options", BA2024Config); }
private TempFile CreateTempConfigFile(string ruleId, object parameter) { var propertiesDictionary = new PropertiesDictionary(); if (IsSarifRule(ruleId)) { var rulePropertiesDictionary = new PropertiesDictionary(); SarifValidationSkimmerBase rule = GetRuleFromId(ruleId); RuleEnabledState ruleEnabledState = GetRuleEnabledState(rule); rulePropertiesDictionary.Add(nameof(DefaultDriverOptions.RuleEnabled), ruleEnabledState); if (parameter is KeyValuePair <string, object> pair) { rulePropertiesDictionary.Add(pair.Key, pair.Value); } propertiesDictionary.Add($"{rule.Moniker}.Options", rulePropertiesDictionary); } var tempFile = new TempFile(".xml"); propertiesDictionary.SaveToXml(tempFile.Name); return(tempFile); }
public void ContentService_Published(Umbraco.Core.Services.IContentService sender, Umbraco.Core.Events.ContentPublishedEventArgs e) { foreach (var item in e.PublishedEntities) { var properties = new PropertiesDictionary(item); var publisher = Current.Services.UserService.GetUserById(item.PublisherId.GetValueOrDefault()); if (publisher != null) { properties.Add("publisher", publisher.Name); } AsyncUtil.RunSync(() => _messagingService.SendMessageAsync("contentService", "published", properties, publisher)); } }
/// <summary> /// Logs a specific message with Log4Net. /// </summary> /// <param name="level">The level of the entry.</param> /// <param name="message">The message to log.</param> /// <param name="correlation">The correlation id to log.</param> /// <param name="area">The area to log.</param> /// <param name="category">The category to log.</param> /// <param name="eventId">The event id to log.</param> /// <param name="when">The time to log.</param> private static void LogData(Level level, string message, Guid correlation, string area, string category, string eventId, DateTime when) { IDictionary props = new PropertiesDictionary(); props.Add("Area", area); props.Add("Category", category); props.Add("EventID", eventId); props.Add("Correlation", correlation); var data = new LoggingEventData { TimeStampUtc = when, LoggerName = Log.Logger.Name, Level = level, Message = FilterMessage(message), ExceptionString = string.Empty, Properties = (PropertiesDictionary)props }; var loggingEvent = new LoggingEvent(LogDeclaringType, Log.Logger.Repository, data); Log.Logger.Log(loggingEvent); }
public void GetClosestCompilerVersionWithSpectreMitigations_UnsupportedOnMachine() { BinaryAnalyzerContext context = new BinaryAnalyzerContext(); context.Policy = new PropertiesDictionary(); PropertiesDictionary BA2024Config = new PropertiesDictionary(); PropertiesDictionary mitigatedCompilers = new PropertiesDictionary(); PropertiesDictionary fakeX86Data = GenerateMachineFamilyData(); mitigatedCompilers.Add(MachineFamily.X86.ToString(), fakeX86Data); BA2024Config.Add("MitigatedCompilers", mitigatedCompilers); context.Policy.Add("BA2024.EnableSpectreMitigations.Options", BA2024Config); Assert.Null(EnableSpectreMitigations.GetClosestCompilerVersionWithSpectreMitigations(context, ExtendedMachine.Arm, new Version(1, 0, 100, 5))); }
private static PropertiesDictionary BuildMitigatedCompilersData() { // As per https://blogs.msdn.microsoft.com/vcblog/2018/01/15/spectre-mitigations-in-msvc/ /* * In current versions of the MSVC compiler, the /Qspectre switch only works on optimized code. * You should make sure to compile your code with any of the optimization switches (e.g., /O2 or /O1 but NOT /Od) to have the mitigation applied. * Similarly, inspect any code that uses #pragma optimize([stg], off). Work is ongoing now to make the /Qspectre mitigation work on unoptimized code. * * AND * * What versions of MSVC support the /Qspectre switch? * All versions of Visual Studio 2017 version 15.5 and all Previews of Visual Studio version 15.6 already include an undocumented switch, /d2guardspecload, that is currently equivalent to /Qspectre. * You can use /d2guardspecload to apply the same mitigations to your code. * Please update to using /Qspectre as soon as you get a compiler that supports the switch as the /Qspectre switch will be maintained with new mitigations going forward. * * The /Qspectre switch will be available in MSVC toolsets included in all future releases of Visual Studio (including Previews). * We will also release updates to some existing versions of Visual Studio to include support for /Qspectre. * Releases of Visual Studio and Previews are announced on the Visual Studio Blog; update notifications are included in the Notification Hub. * Visual Studio updates that include support for /Qspectre will be announced on the Visual C++ Team Blog and the @visualc Twitter feed. * * We initially plan to include support for /Qspectre in the following: * Visual Studio 2017 version 15.6 Preview 4 * An upcoming servicing update to Visual Studio 2017 version 15.5 * A servicing update to Visual Studio 2017 “RTW” * A servicing update to Visual Studio 2015 Update 3 * * If you’re using an older version of MSVC we strongly encourage you to upgrade to a more recent compiler for this and other security improvements that have been developed in the last few years. * Additionally, you’ll benefit from increased conformance, code quality, and faster compile times as well as many productivity improvements in Visual Studio. * */ // UPDATED version and support information: https://blogs.msdn.microsoft.com/vcblog/2018/04/09/spectre-mitigation-changes-in-visual-studio-2017-version-15-7-preview-3/ /* * * With Visual Studio 2017 version 15.7 Preview 3 we have two new features to announce with regards to our Spectre mitigations. * First, the /Qspectre switch is now supported regardless of the selected optimization level. * Second, we have provided Spectre-mitigated implementations of the Microsoft Visual C++ libraries. * */ var compilersData = new PropertiesDictionary(); // Mitigations for x86 family of processors var x86Data = new PropertiesDictionary(); var armData = new PropertiesDictionary(); // Format of this data and the ranges: // ThrowIfMitigationDataIsInvalid requires a range here from the start of this support // to a version less than the compiler that implements the next level of mitigation support. // X86\X64 support // VS2015 15.0 Update 3 Versions // D2GuardSpecLoad version will not be back-ported // This terminates at 19.0 due to gaps in support in the 19.10 and 19.11 compilers x86Data.Add("19.00.24232.0 - 19.0.*.*", (CompilerMitigations.QSpectreAvailable).ToString()); // VS2017 RTM // This terminates at 19.10.25099 due to gaps in support in unreleased compilers x86Data.Add("19.10.25024.0 - 19.10.25099.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable).ToString()); // VS2017 - 15.5.x x86Data.Add("19.12.25830.2 - 19.12.25834.*", (CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); // This terminates at 19.12.*.* due to a gap in support for 15.6 early previews x86Data.Add("19.12.25835.0 - 19.12.*.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable).ToString()); // VS2017 - 15.6 Preview 3 x86Data.Add("19.13.26029.0 - 19.13.26117.*", (CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); // Version flows into 15.7 as there is no gap in support for these switches moving forwards x86Data.Add("19.13.26118.0 - 19.14.26328.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable).ToString()); // VS2017 15.7 Preview 3 // Add first support for mitigation under /Od as per https://blogs.msdn.microsoft.com/vcblog/2018/04/09/spectre-mitigation-changes-in-visual-studio-2017-version-15-7-preview-3/ // This assumes that future versions of Visual Studio (post 15.6) will always have these mitigations available. x86Data.Add("19.14.26329.0 - *.*.*.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable | CompilerMitigations.NonoptimizedCodeMitigated).ToString()); // ARM\ARM64 support // VS2017 - 15.6 Preview 4 armData.Add("19.13.26214.0 - 19.14.26328.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable).ToString()); // VS2017 15.7 Preview 3 armData.Add("19.14.26329.0 - *.*.*.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable | CompilerMitigations.NonoptimizedCodeMitigated).ToString()); compilersData.Add(MachineFamily.X86.ToString(), x86Data); compilersData.Add(MachineFamily.Arm.ToString(), armData); return(compilersData); }
private static PropertiesDictionary BuildMitigatedCompilersData() { // As per https://blogs.msdn.microsoft.com/vcblog/2018/01/15/spectre-mitigations-in-msvc/ /* * In current versions of the MSVC compiler, the /Qspectre switch only works on optimized code. * You should make sure to compile your code with any of the optimization switches (e.g., /O2 or /O1 but NOT /Od) to have the mitigation applied. * Similarly, inspect any code that uses #pragma optimize([stg], off). Work is ongoing now to make the /Qspectre mitigation work on unoptimized code. * * AND * * What versions of MSVC support the /Qspectre switch? * All versions of Visual Studio 2017 version 15.5 and all Previews of Visual Studio version 15.6 already include an undocumented switch, /d2guardspecload, that is currently equivalent to /Qspectre. * You can use /d2guardspecload to apply the same mitigations to your code. * Please update to using /Qspectre as soon as you get a compiler that supports the switch as the /Qspectre switch will be maintained with new mitigations going forward. * * The /Qspectre switch will be available in MSVC toolsets included in all future releases of Visual Studio (including Previews). * We will also release updates to some existing versions of Visual Studio to include support for /Qspectre. * Releases of Visual Studio and Previews are announced on the Visual Studio Blog; update notifications are included in the Notification Hub. * Visual Studio updates that include support for /Qspectre will be announced on the Visual C++ Team Blog and the @visualc Twitter feed. * * We initially plan to include support for /Qspectre in the following: * Visual Studio 2017 version 15.6 Preview 4 * An upcoming servicing update to Visual Studio 2017 version 15.5 * A servicing update to Visual Studio 2017 “RTW” * A servicing update to Visual Studio 2015 Update 3 * * If you’re using an older version of MSVC we strongly encourage you to upgrade to a more recent compiler for this and other security improvements that have been developed in the last few years. * Additionally, you’ll benefit from increased conformance, code quality, and faster compile times as well as many productivity improvements in Visual Studio. */ var compilersData = new PropertiesDictionary(); // Mitigations for x86 family of processors var x86Data = new PropertiesDictionary(); // VS2015 15.0 Update 3 Versions // TODO: Uncomment and update QSpectre minimum version once we have the official build. // https://github.com/Microsoft/binskim/issues/134 // // D2GuardSpecLoad version will not be back-ported // x86Data.Add("19.0.*.* - 19.0.*.*", // (CompilerMitigations.QSpectreAvailable).ToString()); // VS2017 RTM // TODO: Uncomment and update QSpectre minimum version once we have the official build. // https://github.com/Microsoft/binskim/issues/134 // // D2GuardSpecLoad version will not be back-ported // // x86Data.Add("19.10.*.* - 19.10.*.*", // (CompilerMitigations.QSpectreAvailable).ToString()); // VS2017 - 15.5 // https://github.com/Microsoft/binskim/issues/134 x86Data.Add("19.12.25830.2-19.12.*.*", (CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); // // TODO: Update QSpectre minimum version once we have the official build. // x86Data.Add("19.12.*.* - 19.12.*.*", // (CompilerMitigations.QSpectreAvailable | CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); // VS2017 - 15.6 Preview x86Data.Add("19.13.26029.0 - 19.13.26029.*", (CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); // TODO: Update when we have an official build supporting QSpectre. // x86Data.Add("19.13.*.* - 19.13.*.*", // (CompilerMitigations.QSpectreAvailable | CompilerMitigations.D2GuardSpecLoadAvailable).ToString()); // This assumes that future versions of Visual Studio (post 15.6) will always have these mitigations available. x86Data.Add("19.14.0.0 - *.*.*.*", (CompilerMitigations.D2GuardSpecLoadAvailable | CompilerMitigations.QSpectreAvailable).ToString()); compilersData.Add(MachineFamily.X86.ToString(), x86Data); // TODO--Update when ARM mitigations are available. compilersData.Add(MachineFamily.Arm.ToString(), new PropertiesDictionary()); return(compilersData); }