Remove dynamic code optouts.

M2Team · Feb 8, 2024 · 943cd82 · 943cd82
1 parent a1618ac
commit 943cd82
Show file tree

Hide file tree

Showing 4 changed files with 2 additions and 61 deletions.
diff --git a/NanaZip.Shared/Mitigations.cpp b/NanaZip.Shared/Mitigations.cpp
@@ -53,49 +53,19 @@ namespace
             dwLength);
     }
 
-    static BOOL SetThreadInformationWrapper(
-        _In_ HANDLE hThread,
-        _In_ THREAD_INFORMATION_CLASS ThreadInformationClass,
-        _In_ LPVOID ThreadInformation,
-        _In_ DWORD ThreadInformationSize)
-    {
-        static FARPROC CachedProcAddress = ([]() -> FARPROC
-        {
-            HMODULE ModuleHandle = ::GetKernel32ModuleHandle();
-            if (ModuleHandle)
-            {
-                return ::GetProcAddress(
-                    ModuleHandle,
-                    "SetThreadInformation");
-            }
-            return nullptr;
-        }());
-
-        if (!CachedProcAddress)
-        {
-            return FALSE;
-        }
-
-        using ProcType = decltype(::SetThreadInformation)*;
-
-        return reinterpret_cast<ProcType>(CachedProcAddress)(
-            hThread,
-            ThreadInformationClass,
-            ThreadInformation,
-            ThreadInformationSize);
-    }
-
     static bool IsWindows8OrLater()
     {
         static bool CachedResult = ::MileIsWindowsVersionAtLeast(6, 2, 0);
         return CachedResult;
     }
 
+#ifdef NDEBUG
     static bool IsWindows8Point1OrLater()
     {
         static bool CachedResult = ::MileIsWindowsVersionAtLeast(6, 3, 0);
         return CachedResult;
     }
+#endif
 
     static bool IsWindows10OrLater()
     {
@@ -135,7 +105,6 @@ EXTERN_C BOOL WINAPI NanaZipEnableMitigations()
     {
         PROCESS_MITIGATION_DYNAMIC_CODE_POLICY Policy = { 0 };
         Policy.ProhibitDynamicCode = 1;
-        Policy.AllowThreadOptOut = 1;
         if (!::SetProcessMitigationPolicyWrapper(
             ProcessDynamicCodePolicy,
             &Policy,
@@ -163,21 +132,6 @@ EXTERN_C BOOL WINAPI NanaZipEnableMitigations()
     return TRUE;
 }
 
-EXTERN_C BOOL WINAPI NanaZipThreadDynamicCodeAllow()
-{
-    if (!::IsWindows8Point1OrLater())
-    {
-        return TRUE;
-    }
-
-    DWORD ThreadPolicy = THREAD_DYNAMIC_CODE_ALLOW;
-    return ::SetThreadInformationWrapper(
-        ::GetCurrentThread(),
-        ThreadDynamicCodePolicy,
-        &ThreadPolicy,
-        sizeof(DWORD));
-}
-
 EXTERN_C BOOL WINAPI NanaZipDisableChildProcesses()
 {
     if (!::IsWindows10_1709OrLater())

diff --git a/NanaZip.Shared/Mitigations.h b/NanaZip.Shared/Mitigations.h
@@ -15,7 +15,6 @@
 #include <Windows.h>
 
 EXTERN_C BOOL WINAPI NanaZipEnableMitigations();
-EXTERN_C BOOL WINAPI NanaZipThreadDynamicCodeAllow();
 EXTERN_C BOOL WINAPI NanaZipDisableChildProcesses();
 
 #endif // !NANAZIP_SHARED_MITIGATIONS
diff --git a/NanaZip.UI.Classic/SevenZip/CPP/7zip/UI/FileManager/FM.cpp b/NanaZip.UI.Classic/SevenZip/CPP/7zip/UI/FileManager/FM.cpp
@@ -682,12 +682,6 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE /* hPrevInstance */,
     ErrorMessage("Cannot enable security mitigations");
   }
 
-#ifdef NDEBUG
-  // opt out of dynamic code policy on UI thread to prevent Explorer extension incompatibility
-  // ignore errors since they shouldn't be fatal
-  ::NanaZipThreadDynamicCodeAllow();
-#endif
-
   try
   {
     try

diff --git a/NanaZip.UI.Modern/SevenZip/CPP/7zip/UI/FileManager/FM.cpp b/NanaZip.UI.Modern/SevenZip/CPP/7zip/UI/FileManager/FM.cpp
@@ -688,12 +688,6 @@ int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE /* hPrevInstance */,
     ErrorMessage("Cannot enable security mitigations");
   }
 
-#ifdef NDEBUG
-  // opt out of dynamic code policy on UI thread to prevent Explorer extension incompatibility
-  // ignore errors since they shouldn't be fatal
-  ::NanaZipThreadDynamicCodeAllow();
-#endif
-
   try
   {
     try