[Mono-devel-list] CAS - patch for declarative stack modifiers

Tue Nov 30 09:32:55 EST 2004

On 11/29/04 Sebastien Pouliot wrote:
> ===================================================================
> --- mono/mini/mini.c	(revision 36780)
> +++ mono/mini/mini.c	(working copy)
> @@ -8440,6 +8441,8 @@
>  				ves_icall_get_frame_info);
>  	mono_add_internal_call ("System.Diagnostics.StackTrace::get_trace", 
>  				ves_icall_get_trace);
> +	mono_add_internal_call ("System.Security.SecurityFrame::_GetSecurityFrameInformation",
> +				ves_icall_System_Security_SecurityFrame_GetSecurityFrameInformation);

Nothing wrong with this change: it just occurred to me that we might
want to start dropping support for mint, since that would need an equivalent 
icall (and it will need generics support and tons of other stuff that we're
unlikely to do, unless somebody from the community steps up to maintain it).

> Index: mono/mini/mini-exceptions.c
> ===================================================================
> --- mono/mini/mini-exceptions.c	(revision 36773)
> +++ mono/mini/mini-exceptions.c	(working copy)
> @@ -243,6 +243,73 @@
>  	return TRUE;
>  }
>  
> +MonoBoolean
> +ves_icall_System_Security_SecurityFrame_GetSecurityFrameInformation (gint32 skip, MonoReflectionMethod **method, gint32 *flags)
> +{
> +	MonoDomain *domain = mono_domain_get ();
> +	MonoJitTlsData *jit_tls = TlsGetValue (mono_jit_tls_id);
> +	MonoLMF *lmf = jit_tls->lmf;
> +	MonoJitInfo *ji, rji;
> +	MonoContext ctx, new_ctx;
> +
> +	mono_arch_flush_register_windows ();
> +
> +	MONO_CONTEXT_SET_IP (&ctx, ves_icall_System_Security_SecurityFrame_GetSecurityFrameInformation);
> +	MONO_CONTEXT_SET_BP (&ctx, __builtin_frame_address (0));

It's not a good idea to duplicate this code.

> +	do {
> +		ji = mono_find_jit_info (domain, jit_tls, &rji, NULL, &ctx, &new_ctx, NULL, &lmf, NULL, NULL);
> +
> +		ctx = new_ctx;
> +		
> +		if (!ji || ji == (gpointer)-1 || MONO_CONTEXT_GET_BP (&ctx) >= jit_tls->end_of_stack)
> +			return FALSE;
> +
> +		/* skip all wrappers */

And you likely don't want to skip the wrappers: we should also make sure that
the security attributes of the wrapped methods are reflected in the wrappers,
otherwise we're going to lose some security checks.
This interface may also be too slow: it requires an icall for each stack frame.
Isn't it possible to design a different one that can return all the needed info
at once?

> --- mono/mini/declsec.h	(revision 36773)
> +++ mono/mini/declsec.h	(working copy)
> @@ -13,9 +13,22 @@
>  #include <string.h>
>  
>  #include "mono/metadata/class-internals.h"
> +#include "mono/metadata/domain-internals.h"
>  #include "mono/metadata/object.h"
>  #include "mono/metadata/tabledefs.h"
>  
> +
> +/* Definitions */
> +
> +/* limited flags used in MonoJitInfo for stack modifiers */
> +#define MONO_JITINFO_STACKMOD_ASSERT		0x01
> +#define MONO_JITINFO_STACKMOD_DENY		0x02
> +#define MONO_JITINFO_STACKMOD_PERMITONLY	0x04

Use an enum.

lupus

-- 
-----------------------------------------------------------------
lupus at debian.org                                     debian/rules
lupus at ximian.com                             Monkeys do it better