/// <summary>
/// Get a mitigation policy raw value
/// </summary>
/// <param name="policy">The policy to get</param>
/// <returns>The raw policy value</returns>
public int GetProcessMitigationPolicy(ProcessMitigationPolicy policy)
{
switch (policy)
{
case ProcessMitigationPolicy.ProcessDEPPolicy:
case ProcessMitigationPolicy.ProcessReserved1Policy:
case ProcessMitigationPolicy.ProcessMitigationOptionsMask:
throw new ArgumentException("Invalid mitigation policy");
}
MitigationPolicy p = new MitigationPolicy();
p.Policy = policy;
using (var buffer = p.ToBuffer())
{
int return_length;
NtStatus status = NtSystemCalls.NtQueryInformationProcess(Handle, ProcessInfoClass.ProcessMitigationPolicy, buffer, buffer.Length, out return_length);
if (!status.IsSuccess())
{
if (status != NtStatus.STATUS_INVALID_PARAMETER && status != NtStatus.STATUS_NOT_SUPPORTED)
{
status.ToNtException();
}
return(0);
}
return(buffer.Result.Result);
}
}
/// <summary>
/// Disable dynamic code policy on another process.
/// </summary>
public void DisableDynamicCodePolicy()
{
if (!NtToken.EnableDebugPrivilege())
{
throw new InvalidOperationException("Must have Debug privilege to disable code policy");
}
MitigationPolicy p = new MitigationPolicy();
p.Policy = ProcessMitigationPolicy.ProcessDynamicCodePolicy;
using (var buffer = p.ToBuffer())
{
NtSystemCalls.NtSetInformationProcess(Handle, ProcessInfoClass.ProcessMitigationPolicy, buffer, buffer.Length).ToNtException();
}
}
