Skip to content

Commit

Permalink
move code_integrity to internal module, fix formatting
Browse files Browse the repository at this point in the history
  • Loading branch information
@rdw-msft
rdw-msft committed Aug 20, 2024
1 parent 384234e commit 7cfafd5
Show file tree
Hide file tree
Showing 5 changed files with 19 additions and 22 deletions.
0 lib/code_integrity.js → lib/internal/code_integrity.js
View file
File renamed without changes.
2 changes: 1 addition & 1 deletion lib/internal/main/eval_string.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,7 +24,7 @@ const {
},
} = require('internal/errors');

const ci = require('code_integrity');
const ci = require('internal/code_integrity');
if (ci.isSystemEnforcingCodeIntegrity()) {
throw new ERR_CODE_INTEGRITY_BLOCKED('"eval"');
}
Expand Down
2 changes: 1 addition & 1 deletion lib/internal/modules/cjs/loader.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -199,7 +199,7 @@ const onRequire = getLazy(() => tracingChannel('module.require'));

const relativeResolveCache = { __proto__: null };

const ci = require('code_integrity');
const ci = require('internal/code_integrity');

let requireDepth = 0;
let isPreloading = false;
Expand Down
29 changes: 13 additions & 16 deletions src/node_code_integrity.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -24,9 +24,7 @@ static PCWSTR NODEJS = L"Node.js";
static PCWSTR ENFORCE_CODE_INTEGRITY_SETTING_NAME = L"EnforceCodeIntegrity";

void InitWldp(Environment* env) {

if (isWldpInitialized)
{
if (isWldpInitialized) {
return;
}

Expand All @@ -53,7 +51,7 @@ void InitWldp(Environment* env) {
(pfnWldpQuerySecurityPolicy)GetProcAddress(
wldp_module,
"WldpQuerySecurityPolicy");

isWldpInitialized = true;
}

Expand Down Expand Up @@ -113,8 +111,7 @@ static void IsSystemEnforcingCodeIntegrity(
InitWldp(env);
}

if (WldpGetApplicationSettingBoolean != nullptr)
{
if (WldpGetApplicationSettingBoolean != nullptr) {
BOOL ret;
HRESULT hr = WldpGetApplicationSettingBoolean(
NODEJS,
Expand All @@ -125,14 +122,15 @@ static void IsSystemEnforcingCodeIntegrity(
args.GetReturnValue().Set(
Boolean::New(env->isolate(), ret));
return;
} else if (hr != E_NOTFOUND) {
// If the setting is not found, continue through to attempt WldpQuerySecurityPolicy,
// as the setting may be defined in the old settings format
} else if (hr != E_NOTFOUND) {
// If the setting is not found, continue through to attempt
// WldpQuerySecurityPolicy, as the setting may be defined
// in the old settings format
args.GetReturnValue().Set(Boolean::New(env->isolate(), false));
return;
}
}
}

// WldpGetApplicationSettingBoolean is the preferred way for applications to
// query security policy values. However, this method only exists on Windows
// versions going back to circa Win10 2023H2. In order to support systems
Expand Down Expand Up @@ -162,7 +160,7 @@ static void IsSystemEnforcingCodeIntegrity(
Boolean::New(env->isolate(), static_cast<bool>(ret)));
}
}
#endif // _WIN32
#endif // _WIN32

#ifndef _WIN32
static void IsFileTrustedBySystemCodeIntegrityPolicy(
Expand All @@ -174,7 +172,7 @@ static void IsSystemEnforcingCodeIntegrity(
const FunctionCallbackInfo<Value>& args) {
args.GetReturnValue().Set(false);
}
#endif // ifndef _WIN32
#endif // ifndef _WIN32

void Initialize(Local<Object> target,
Local<Value> unused,
Expand All @@ -194,15 +192,14 @@ void Initialize(Local<Object> target,
}

void RegisterExternalReferences(ExternalReferenceRegistry* registry) {
//BindingData::RegisterExternalReferences(registry);

registry->Register(IsFileTrustedBySystemCodeIntegrityPolicy);
registry->Register(IsSystemEnforcingCodeIntegrity);
}

} // namespace codeintegrity
} // namespace node

NODE_BINDING_CONTEXT_AWARE_INTERNAL(code_integrity,
node::codeintegrity::Initialize)
NODE_BINDING_EXTERNAL_REFERENCE(code_integrity,
node::codeintegrity::RegisterExternalReferences)
node::codeintegrity::RegisterExternalReferences)
8 changes: 4 additions & 4 deletions src/node_code_integrity.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,10 +34,10 @@ typedef HRESULT(WINAPI* pfnWldpCanExecuteFile)(
typedef HRESULT(WINAPI* pfnWldpCanExecuteBuffer)(
_In_ REFGUID host,
_In_ WLDP_EXECUTION_EVALUATION_OPTIONS options,
_In_reads_(bufferSize) const BYTE *buffer,
_In_reads_(bufferSize) const BYTE* buffer,
_In_ ULONG bufferSize,
_In_opt_ PCWSTR auditInfo,
_Out_ WLDP_EXECUTION_POLICY *result);
_Out_ WLDP_EXECUTION_POLICY* result);

typedef HRESULT(WINAPI* pfnWldpGetApplicationSettingBoolean)(
_In_ PCWSTR id,
Expand Down Expand Up @@ -77,11 +77,11 @@ typedef HRESULT(WINAPI* pfnWldpQuerySecurityPolicy)(
const WCHAR _var ## _buffer[] = _string; \
const UNICODE_STRING _var = \
{ sizeof(_string) - sizeof(WCHAR), sizeof(_string), (PWCH) _var ## _buffer }
#endif
#endif

#ifndef E_NOTFOUND
#define E_NOTFOUND 0x80070490
#endif

#endif // _WIN32
#endif // SRC_NODE_CODE_INTEGRITY_H_
#endif // SRC_NODE_CODE_INTEGRITY_H_

0 comments on commit 7cfafd5

Please sign in to comment.