public static void InheritDefaults(this Application app) { app.RecalibrationEvent += (target) => { // // Inherit address bits from operating system (if not specified). // if (target.Application.AddressBits == null) { target.Application.AddressBits = target.OperatingSystem.AddressBits; } // // Inherit OS NX, ASLR, and heap policies. // foreach (MemoryRegion region in Enum.GetValues(typeof(MemoryRegion))) { MitigationPolicy osPolicy = MitigationPolicy.NotSupported; MitigationPolicy appPolicy = MitigationPolicy.NotSupported; target.OperatingSystem.MemoryRegionASLRPolicy.TryGetValue(region, out osPolicy); target.Application.MemoryRegionASLRPolicy.TryGetValue(region, out appPolicy); target.Application.MemoryRegionASLRPolicy[region] = appPolicy.EffectivePolicy(osPolicy); target.OperatingSystem.MemoryRegionNXPolicy.TryGetValue(region, out osPolicy); target.Application.MemoryRegionNXPolicy.TryGetValue(region, out appPolicy); target.Application.MemoryRegionNXPolicy[region] = appPolicy.EffectivePolicy(osPolicy); } foreach (HeapFeature feature in Enum.GetValues(typeof(HeapFeature))) { MitigationPolicy osPolicy = MitigationPolicy.NotSupported; MitigationPolicy appPolicy = MitigationPolicy.NotSupported; target.OperatingSystem.UserHeapPolicy.TryGetValue(feature, out osPolicy); target.Application.UserHeapPolicy.TryGetValue(feature, out appPolicy); target.Application.UserHeapPolicy[feature] = appPolicy.EffectivePolicy(osPolicy); } // // Inherit default stack protection settings. // if (target.Application.DefaultStackProtectionEnabled == null) { target.Application.DefaultStackProtectionEnabled = target.OperatingSystem.DefaultStackProtectionEnabled; target.Application.DefaultStackProtectionVersion = target.OperatingSystem.DefaultStackProtectionVersion; target.Application.DefaultStackProtectionEntropyBits = target.OperatingSystem.DefaultStackProtectionEntropyBits; } }; }
public static MitigationPolicy EffectivePolicy(this MitigationPolicy policy, MitigationPolicy basePolicy) { switch (basePolicy) { case MitigationPolicy.On: return(MitigationPolicy.On); case MitigationPolicy.Off: return(MitigationPolicy.Off); case MitigationPolicy.NotSupported: return(MitigationPolicy.NotSupported); case MitigationPolicy.OptIn: if (policy == MitigationPolicy.On) { return(policy); } else { return(MitigationPolicy.Off); } case MitigationPolicy.OptOut: if (policy == MitigationPolicy.Off) { return(policy); } else { return(MitigationPolicy.On); } default: throw new NotSupportedException(); } }
public static bool IsOff(this MitigationPolicy policy) { return(policy == MitigationPolicy.Off || policy == MitigationPolicy.NotSupported || policy == MitigationPolicy.OptIn); }
public static bool IsOn(this MitigationPolicy policy) { return(policy == MitigationPolicy.On || policy == MitigationPolicy.OptOut); }
public static bool IsSupported(this MitigationPolicy policy) { return(policy != MitigationPolicy.NotSupported); }
public static bool IsDisabledOrNotSupported(this MitigationPolicy policy) { return(policy >= MitigationPolicy.Off); }
public static bool IsEnabled(this MitigationPolicy policy) { return(policy < MitigationPolicy.Off); }