Exemple #1
0
/*
 * Ensure that the restrictions for partially trusted code are satisfied.
 *
 * @domain	The current application domain
 * @assembly	The assembly to query
 * return value: TRUE if the assembly is runnning at FullTrust, FALSE otherwise.
 */
static gboolean
mono_declsec_is_assembly_fulltrust (MonoDomain *domain, MonoAssembly *assembly)
{
	if (!MONO_SECMAN_FLAG_INIT (assembly->fulltrust)) {
		MonoReflectionAssembly *refass = (MonoReflectionAssembly*) mono_assembly_get_object (domain, assembly);
		MonoSecurityManager *secman = mono_security_manager_get_methods ();

		if (secman && refass) {
			MonoObject *res;
			gpointer args [1];
			args [0] = refass;

			res = mono_runtime_invoke (secman->linkdemandfulltrust, NULL, args, NULL);
			if (*(MonoBoolean *) mono_object_unbox(res)) {
				/* keep this value cached as it will be used very often */
				MONO_SECMAN_FLAG_SET_VALUE (assembly->fulltrust, TRUE);
				return TRUE;
			}
		}

		MONO_SECMAN_FLAG_SET_VALUE (assembly->fulltrust, FALSE);
		return FALSE;
	}

	return MONO_SECMAN_FLAG_GET_VALUE (assembly->fulltrust);
}
Exemple #2
0
static MonoReflectionAssembly *
ves_icall_VInvoke_LoadAssemblyFromVirtuoso (MonoAppDomain *ad, MonoString *message)
{
  char *asm_name;
  caddr_t name = NULL;
  caddr_t code = NULL;
  long len;

  MonoAssembly *ass;
  MonoDomain *domain = virtuoso_domain;
  MonoImage *image = NULL;
#ifdef OLD_KIT_1_1_5
  MonoImageOpenStatus *status;
#else
  MonoImageOpenStatus status;
#endif

  asm_name = mono_string_to_utf8 (message);
  name = box_copy (asm_name);

  code = mono_get_assembly_by_name (&name);

  if (!code)
    return NULL;

  len = box_length (code);

  image = mono_image_open_from_data (code, len, 0, NULL);

  if (!image)
    return NULL;

#ifdef OLD_KIT_1_1_5
  ass = mono_assembly_open ("", NULL, image);
#else
  ass = mono_assembly_load_from (image, "", &status);
#endif

  if (!ass && !status)
    return NULL;

  return mono_assembly_get_object (domain, ass);
}
Exemple #3
0
/*
 * Ensure that the restrictions for calling native code are satisfied.
 *
 * @domain	The current application domain
 * @caller	The method calling
 * @native	The native method called
 * return value: TRUE if a security violation is detected, FALSE otherwise.
 *
 * Executing Platform Invokes (P/Invoke) is a is a restricted operation.
 * The security policy must allow (SecurityPermissionFlag.UnmanagedCode)
 * an assembly to do this.
 *
 * This LinkDemand case is special because it only needs to call managed
 * code once per assembly. Further calls on this assembly will use a cached
 * flag for better performance. This is not done before the first call (e.g.
 * when loading the assembly) because that would break the lazy policy
 * evaluation that Mono use (another time saving optimization).
 *
 * Note: P/Invoke checks are ALWAYS (1) done at JIT time (as a LinkDemand). 
 * They are also checked at runtime, using a Demand (stack walk), unless the 
 * method or it's class has a [SuppressUnmanagedCodeSecurity] attribute.
 *
 * (1) well as long as the security manager is active (i.e. --security)
 */
static gboolean
mono_declsec_linkdemand_pinvoke (MonoDomain *domain, MonoMethod *caller, MonoMethod *native)
{
	MonoAssembly *assembly = mono_image_get_assembly (caller->klass->image);

	InterlockedIncrement (&mono_jit_stats.cas_linkdemand_pinvoke);

	/* Check for P/Invoke flag for the assembly */
	if (!MONO_SECMAN_FLAG_INIT (assembly->unmanaged)) {
		/* Check if we know (and have) or FullTrust status */
		if (MONO_SECMAN_FLAG_INIT (assembly->fulltrust) && MONO_SECMAN_FLAG_GET_VALUE (assembly->fulltrust)) {
			/* FullTrust includes UnmanagedCode permission */
			MONO_SECMAN_FLAG_SET_VALUE (assembly->unmanaged, TRUE);
			return FALSE;
		} else {
			MonoReflectionAssembly *refass = (MonoReflectionAssembly*) mono_assembly_get_object (domain, assembly);
			MonoSecurityManager* secman = mono_security_manager_get_methods ();
			if (secman && refass) {
				MonoObject *res;
				gpointer args [1];
				args [0] = refass;

				res = mono_runtime_invoke (secman->linkdemandunmanaged, NULL, args, NULL);
				if (*(MonoBoolean *) mono_object_unbox(res)) {
					MONO_SECMAN_FLAG_SET_VALUE (assembly->unmanaged, TRUE);
					return FALSE;
				}
			}
		}

		MONO_SECMAN_FLAG_SET_VALUE (assembly->unmanaged, FALSE);
	}

	if (MONO_SECMAN_FLAG_GET_VALUE (assembly->unmanaged))
		return FALSE;

	/* g_warning ("FAILURE *** JIT LinkDemand P/Invoke check *** %s.%s calls into %s.%s",
		caller->klass->name, caller->name, native->klass->name, native->name); */

	return TRUE;	/* i.e. throw new SecurityException(); */
}
Exemple #4
0
/*
 * Execute any LinkDemand, NonCasLinkDemand, LinkDemandChoice declarative
 * security attribute present on the called method or it's class.
 *
 * @domain	The current application domain
 * @caller	The method calling
 * @callee	The called method.
 * return value: TRUE if a security violation is detection, FALSE otherwise.
 *
 * Note: The execution is done in managed code in SecurityManager.LinkDemand
 */
static gboolean
mono_declsec_linkdemand_standard (MonoDomain *domain, MonoMethod *caller, MonoMethod *callee)
{
	MonoDeclSecurityActions linkclass, linkmethod;

	InterlockedIncrement (&mono_jit_stats.cas_linkdemand);

	if (mono_declsec_get_linkdemands (callee, &linkclass, &linkmethod)) {
		MonoAssembly *assembly = mono_image_get_assembly (caller->klass->image);
		MonoReflectionAssembly *refass = (MonoReflectionAssembly*) mono_assembly_get_object (domain, assembly);
		MonoSecurityManager *secman = mono_security_manager_get_methods ();
		MonoObject *res;
		gpointer args [3];

		args [0] = refass;
		args [1] = &linkclass;
		args [2] = &linkmethod;

		res = mono_runtime_invoke (secman->linkdemand, NULL, args, NULL);
		return !(*(MonoBoolean *) mono_object_unbox(res));
	}
	return FALSE;
}