Module secmem_proc::macros

source ·
Expand description

This module contains a macro define_harden_function which allows to create a custom hardening function according to given configuration options. Under the hood this just uses the configuration API in crate::config.

Examples

The following code defines a hardening function harden with pub(crate) visibility using the default configuration. Calling harden is equivalent to crate::harden_process.

use secmem_proc::macros::define_harden_function;
define_harden_function! {
    pub(crate) fn harden {}
}

// in main:
harden().expect("error during process hardening");

The next example disables anti-tracing techniques and anything that requires file-system access:

use secmem_proc::macros::define_harden_function;
define_harden_function! {
    fn harden {
        anti_tracing = false,
        fs = false,
    }
}

// in main:
harden().expect("error during process hardening");

Configuration keys

  • anti_tracing (bool)
  • fs (bool)
  • fs.procfs (bool)
  • unstable (bool)
  • unstable.win.ntapi (bool)
  • unstable.win.kernelmem (bool)
  • unstable.assert_feature_enabled (true): compile time assert that the unstable crate feature is enabled
  • win.dacl: possible values:
    • default
    • empty
    • custom_user_perm(<something of type WinDaclProcessAccess>)
    • custom_fnptr(<fn ptr of type fn() -> crate::Result>)

Macros