Skip to content

Fix debugger disable performance regression #10269

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
TravisEz13 merged 2 commits into from
Aug 5, 2019
Merged

Fix debugger disable performance regression #10269

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
35719aa
Fix debugger disable perf regression
PaulHigin Jul 31, 2019
28b7ecb
Change comment
PaulHigin Aug 5, 2019
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
22 changes: 18 additions & 4 deletions src/System.Management.Automation/engine/debugger/debugger.cs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1692,6 +1692,9 @@ internal void Clear()
private volatile int _processingRunspaceDebugQueue;
private ManualResetEventSlim _runspaceDebugCompleteEvent;

// System is locked down when true. Used to disable debugger on lock down.
private bool? _isSystemLockedDown;

private static readonly string s_processDebugPromptMatch;

#endregion private members
Expand Down Expand Up @@ -2109,16 +2112,27 @@ private bool CanDisableDebugger
}
}

private static bool IsSystemLockedDown
private bool IsSystemLockedDown
{
get
{
return (System.Management.Automation.Security.SystemPolicy.GetSystemLockdownPolicy() ==
System.Management.Automation.Security.SystemEnforcementMode.Enforce);
if (_isSystemLockedDown == null)
{
lock (_syncObject)
{
if (_isSystemLockedDown == null)
{
_isSystemLockedDown = (System.Management.Automation.Security.SystemPolicy.GetSystemLockdownPolicy() ==
System.Management.Automation.Security.SystemEnforcementMode.Enforce);
}
}
}

return _isSystemLockedDown.Value;
}
}

private static void CheckForBreakpointSupport()
private void CheckForBreakpointSupport()
{
if (IsSystemLockedDown)
{
Expand Down
187 changes: 29 additions & 158 deletions test/powershell/Modules/Microsoft.PowerShell.Security/ConstrainedLanguageDebugger.Tests.ps1
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -22,85 +22,6 @@ try

BeforeAll {

# Invoke-LanguageModeTestingSupportCmdlet definition
$languageModeCmdletDef = @'
using System;
using System.Globalization;
using System.Reflection;
using System.Collections;
using System.Collections.Generic;
using System.IO;
using System.Security;
using System.Runtime.InteropServices;
using System.Threading;
using System.Management.Automation;

/// <summary>Adds a new type to the Application Domain</summary>
[Cmdlet("Invoke", "LanguageModeTestingSupportCmdlet")]
public sealed class InvokeLanguageModeTestingSupportCmdlet : PSCmdlet
{
[Parameter()]
public SwitchParameter EnableFullLanguageMode
{
get { return enableFullLanguageMode; }
set { enableFullLanguageMode = value; }
}
private SwitchParameter enableFullLanguageMode;

[Parameter()]
public SwitchParameter SetLockdownMode
{
get { return setLockdownMode; }
set { setLockdownMode = value; }
}
private SwitchParameter setLockdownMode;

[Parameter()]
public SwitchParameter RevertLockdownMode
{
get { return revertLockdownMode; }
set { revertLockdownMode = value; }
}
private SwitchParameter revertLockdownMode;

protected override void BeginProcessing()
{
if(enableFullLanguageMode)
{
SessionState.LanguageMode = PSLanguageMode.FullLanguage;
}

if(setLockdownMode)
{
Environment.SetEnvironmentVariable("__PSLockdownPolicy", "0x80000007", EnvironmentVariableTarget.Machine);
}

if(revertLockdownMode)
{
Environment.SetEnvironmentVariable("__PSLockdownPolicy", null, EnvironmentVariableTarget.Machine);
}
}
}
'@

if (-not (Get-Command Invoke-LanguageModeTestingSupportCmdlet -ea Ignore))
{
$languageModeModuleName = "LanguageModeModule"
$modulePath = [System.IO.Path]::GetFileNameWithoutExtension([IO.Path]::GetRandomFileName())
$script:moduleDirectory = join-path "$PSScriptRoot\$modulePath" $languageModeModuleName
if (-not (Test-Path $moduleDirectory))
{
$null = New-Item -ItemType Directory $moduleDirectory -Force
}

try
{
Add-Type -TypeDefinition $languageModeCmdletDef -OutputAssembly $moduleDirectory\TestCmdletForConstrainedLanguage.dll -ErrorAction Ignore
} catch {}

Import-Module -Name $moduleDirectory\TestCmdletForConstrainedLanguage.dll
}

# Debugger test type definition
$debuggerTestTypeDef = @'
using System;
Expand Down Expand Up @@ -146,6 +67,26 @@ try

# Define debugger test type
Add-Type -TypeDefinition $debuggerTestTypeDef

# Test cases
$TestCasesDisableDebugger = @(
@{
testName = 'Verifies that Set-PSBreakpoint Line is disabled on locked down system'
scriptText = 'Set-PSBreakpoint -Script {0} -Line 1' -f $scriptFilePath
},
@{
testName = 'Verifies that Set-PSBreakpoint Statement is disabled on locked down system'
scriptText = 'Set-PSBreakpoint -Script {0} -Line 1 -Column 1' -f $scriptFilePath
},
@{
testName = 'Verifies that Set-PSBreakpoint Command is disabled on locked down system'
scriptText = 'Set-PSBreakpoint -Command {0}' -f $scriptFilePath
},
@{
testName = 'Verifies that Set-PSBreakpoint Variable is disabled on locked down system'
scriptText = 'Set-PSBreakpoint -Variable HelloVar'
}
)
}

AfterAll {
Expand All @@ -156,93 +97,23 @@ try
}
}

It "Verifies that Set-PSBreakpoint Line is disabled on locked down system" {
It "<testName>" -TestCases $TestCasesDisableDebugger {

try
{
Invoke-LanguageModeTestingSupportCmdlet -SetLockdownMode
$ExecutionContext.SessionState.LanguageMode = "ConstrainedLanguage"
param ($scriptText)

Set-PSBreakpoint -Script $scriptFilePath -Line 1
throw "No Exception!"
}
catch
{
$expectedError = $_
}
finally
{
Invoke-LanguageModeTestingSupportCmdlet -RevertLockdownMode
Invoke-LanguageModeTestingSupportCmdlet -EnableFullLanguageMode
}

$expectedError.FullyQualifiedErrorId | Should Be 'NotSupported,Microsoft.PowerShell.Commands.SetPSBreakpointCommand'
}

It "Verifies that Set-PSBreakpoint Statement is disabled on locked down system" {

try
{
Invoke-LanguageModeTestingSupportCmdlet -SetLockdownMode
$ExecutionContext.SessionState.LanguageMode = "ConstrainedLanguage"

Set-PSBreakpoint -Script $scriptFilePath -Line 1 -Column 1
throw "No Exception!"
}
catch
{
$expectedError = $_
}
finally
{
Invoke-LanguageModeTestingSupportCmdlet -RevertLockdownMode
Invoke-LanguageModeTestingSupportCmdlet -EnableFullLanguageMode
}

$expectedError.FullyQualifiedErrorId | Should Be 'NotSupported,Microsoft.PowerShell.Commands.SetPSBreakpointCommand'
}

It "Verifies that Set-PSBreakpoint Command is disabled on locked down system" {

try
try
{
Invoke-LanguageModeTestingSupportCmdlet -SetLockdownMode
$ExecutionContext.SessionState.LanguageMode = "ConstrainedLanguage"

Set-PSBreakpoint -Command $scriptFilePath
throw "No Exception!"
}
catch
{
$expectedError = $_
# Run script in new runspace created within lock down mode.
[powershell] $ps = [powershell]::Create([System.Management.Automation.RunspaceMode]::NewRunspace);
$ps.AddScript($scriptText).Invoke()
$expectedError = $ps.Streams.Error[0]
}
finally
{
Invoke-LanguageModeTestingSupportCmdlet -RevertLockdownMode
Invoke-LanguageModeTestingSupportCmdlet -EnableFullLanguageMode
}

$expectedError.FullyQualifiedErrorId | Should Be 'NotSupported,Microsoft.PowerShell.Commands.SetPSBreakpointCommand'
}

It "Verifies that Set-PSBreakpoint Variable is disabled on locked down system" {

try
{
Invoke-LanguageModeTestingSupportCmdlet -SetLockdownMode
$ExecutionContext.SessionState.LanguageMode = "ConstrainedLanguage"

Set-PSBreakpoint -Variable HelloVar
throw "No Exception!"
}
catch
{
$expectedError = $_
}
finally
{
Invoke-LanguageModeTestingSupportCmdlet -RevertLockdownMode
Invoke-LanguageModeTestingSupportCmdlet -EnableFullLanguageMode
Invoke-LanguageModeTestingSupportCmdlet -RevertLockdownMode -EnableFullLanguageMode
if ($ps -ne $null) { $ps.Dispose() }
}

$expectedError.FullyQualifiedErrorId | Should Be 'NotSupported,Microsoft.PowerShell.Commands.SetPSBreakpointCommand'
Expand Down