Permalink
Browse files

Implement better semantics for unverifiable code.

	* verify.c (mono_method_verify_with_current_settings): Add
	extra param telling if the method should be treated as fulltrust
	regardless of verifier settings.

	The only implication of this is that fulltrust verification
	can't stop on the first unverifiable error like verifiable
	code can. This only impact unverifiable methods running
	on non standard verification setups.

	* mini.c (mini_method_verify): If the verifier is enabled
	and the method belongs to an assembly with a valid skip
	verification token (the UnverifiableCodeAttribute cattr)
	the code will be checked now for errors instead of simply
	been ignored.

	This patch gives --verify-all much more saner behavior
	for assemblies with unsafe code.

	Fixes #676054
  • Loading branch information...
1 parent a9ad5a5 commit bb57dab84f9ce8e0c2bf91424e68b550661202b8 @kumpera kumpera committed Mar 1, 2011
Showing with 9 additions and 9 deletions.
  1. +1 −1 mono/metadata/verify-internals.h
  2. +3 −3 mono/metadata/verify.c
  3. +5 −5 mono/mini/mini.c
@@ -26,7 +26,7 @@ gboolean mono_verifier_is_method_valid_generic_instantiation (MonoMethod *method
gboolean mono_verifier_verify_class (MonoClass *klass) MONO_INTERNAL;
-GSList* mono_method_verify_with_current_settings (MonoMethod *method, gboolean skip_visibility) MONO_INTERNAL;
+GSList* mono_method_verify_with_current_settings (MonoMethod *method, gboolean skip_visibility, gboolean is_fulltrust) MONO_INTERNAL;
gboolean mono_verifier_verify_pe_data (MonoImage *image, GSList **error_list) MONO_INTERNAL;
gboolean mono_verifier_verify_cli_data (MonoImage *image, GSList **error_list) MONO_INTERNAL;
@@ -5883,11 +5883,11 @@ mono_verifier_is_class_full_trust (MonoClass *klass)
}
GSList*
-mono_method_verify_with_current_settings (MonoMethod *method, gboolean skip_visibility)
+mono_method_verify_with_current_settings (MonoMethod *method, gboolean skip_visibility, gboolean is_fulltrust)
{
return mono_method_verify (method,
(verifier_mode != MONO_VERIFIER_MODE_STRICT ? MONO_VERIFY_NON_STRICT: 0)
- | (!mono_verifier_is_method_full_trust (method) ? MONO_VERIFY_FAIL_FAST : 0)
+ | (!is_fulltrust && !mono_verifier_is_method_full_trust (method) ? MONO_VERIFY_FAIL_FAST : 0)
| (skip_visibility ? MONO_VERIFY_SKIP_VISIBILITY : 0));
}
@@ -6172,7 +6172,7 @@ mono_verifier_verify_class (MonoClass *class)
}
GSList*
-mono_method_verify_with_current_settings (MonoMethod *method, gboolean skip_visibility)
+mono_method_verify_with_current_settings (MonoMethod *method, gboolean skip_visibility, gboolean is_fulltrust)
{
/* The verifier was disabled at compile time */
return NULL;
View
@@ -1489,12 +1489,13 @@ mini_method_verify (MonoCompile *cfg, MonoMethod *method, gboolean fail_compile)
if (method->verification_success)
return FALSE;
- is_fulltrust = mono_verifier_is_method_full_trust (method);
-
if (!mono_verifier_is_enabled_for_method (method))
return FALSE;
- res = mono_method_verify_with_current_settings (method, cfg->skip_visibility);
+ /*skip verification implies the assembly must be */
+ is_fulltrust = mono_verifier_is_method_full_trust (method) || mini_assembly_can_skip_verification (cfg->domain, method);
+
+ res = mono_method_verify_with_current_settings (method, cfg->skip_visibility, is_fulltrust);
if ((error = mono_loader_get_last_error ())) {
if (fail_compile)
@@ -1541,8 +1542,7 @@ gboolean
mono_compile_is_broken (MonoCompile *cfg, MonoMethod *method, gboolean fail_compile)
{
MonoMethod *method_definition = method;
- gboolean dont_verify = mini_assembly_can_skip_verification (cfg->domain, method);
- dont_verify |= method->klass->image->assembly->corlib_internal;
+ gboolean dont_verify = method->klass->image->assembly->corlib_internal;
while (method_definition->is_inflated) {
MonoMethodInflated *imethod = (MonoMethodInflated *) method_definition;

0 comments on commit bb57dab

Please sign in to comment.