Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Sets the specified mitigation policy for the specified image.
NTSYSAPI NTSTATUS NTAPI RtlSetImageMitigationPolicy(
_In_opt_ PCWSTR ImagePathName,
_In_ IMAGE_MITIGATION_POLICY MitigationPolicy,
_In_ ULONG Flags,
_In_reads_bytes_opt_(BufferSize) PVOID Buffer,
_In_ ULONG BufferSize
)
Parameters
ImagePathName
The name of the image on which mitigation policy is set. If ImagePathName is NULL, the system mitigation policy is being set.
MitigationPolicy
The mitigation policy that is to be set. This parameter supports the following enumeration values:
| Field name | Value | Description |
|---|---|---|
| ImageUserShadowStackPolicy | 15 | The policy regarding user-mode, hardware-enforced, stack protection for the process. The SetProcessMitigationPolicy function sets the policy flags for user-mode, hardware-enforced, stack protection when a PROCESS_MITIGATION_USER_SHADOW_STACK_POLICY structure is provided. |
Flags
Flags that control the behavior of the set operation. Supported flags for this parameter include:
| Flag | Value | Description |
|---|---|---|
| MITIGATION_POLICY_FLAG_RESET_VALUE | 0x0 | Resets the policy value to the default for the system |
| MITIGATION_POLICY_FLAG_USE_AUDIT_POLICY | 0x8 | Used to get/set the audit policy for the given mitigation |
Buffer
A pointer to the buffer that holds the policy data.
BufferSize
The length in bytes of the buffer provided in Buffer.
Return value
Returns an NTSTATUS success or error code.
Remarks
This API is not defined in a Windows SDK header file and must be manually declared. The API is exported from ntdll.dll.
Requirements
| Requirement | Value |
|---|---|
| Minimum supported client | Windows 10, version 1709 |
| DLL | Ntdll.dll |