PROCESS_MITIGATION_DYNAMIC_CODE_POLICY structure

Contains process mitigation policy settings for restricting dynamic code generation and modification.

Syntax

typedef struct _PROCESS_MITIGATION_DYNAMIC_CODE_POLICY {
  union {
    DWORD Flags;
    struct {
      DWORD ProhibitDynamicCode : 1;
      DWORD AllowThreadOptOut : 1;
      DWORD AllowRemoteDowngrade : 1;
      DWORD AuditProhibitDynamicCode : 1;
      DWORD ReservedFlags : 28;
    } DUMMYSTRUCTNAME;
  } DUMMYUNIONNAME;
} PROCESS_MITIGATION_DYNAMIC_CODE_POLICY, *PPROCESS_MITIGATION_DYNAMIC_CODE_POLICY;

Members

DUMMYUNIONNAME

DUMMYUNIONNAME.Flags

Reserved for system use.

DUMMYUNIONNAME.DUMMYSTRUCTNAME

DUMMYUNIONNAME.DUMMYSTRUCTNAME.ProhibitDynamicCode

Set (0x1) to prevent the process from generating dynamic code or modifying existing executable code; otherwise leave unset (0x0).

DUMMYUNIONNAME.DUMMYSTRUCTNAME.AllowThreadOptOut

Set (0x1) to allow threads to opt out of the restrictions on dynamic code generation by calling the SetThreadInformation function with the ThreadInformation parameter set to ThreadDynamicCodePolicy; otherwise leave unset (0x0). You should not use the AllowThreadOptOut and ThreadDynamicCodePolicy settings together to provide strong security. These settings are only intended to enable applications to adapt their code more easily for full dynamic code restrictions.

DUMMYUNIONNAME.DUMMYSTRUCTNAME.AllowRemoteDowngrade

Set (0x1) to allow non-AppContainer processes to modify all of the dynamic code settings for the calling process, including relaxing dynamic code restrictions after they have been set.

DUMMYUNIONNAME.DUMMYSTRUCTNAME.AuditProhibitDynamicCode

DUMMYUNIONNAME.DUMMYSTRUCTNAME.ReservedFlags

Reserved for system use.

Requirements

   
Minimum supported client Windows 8.1 [desktop apps only]
Minimum supported server Windows Server 2016 [desktop apps only]
Header winnt.h

See Also

GetProcessMitigationPolicy

SetProcessMitigationPolicy