PROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY structure (winnt.h)

Contains process mitigation policy settings for Control Flow Guard (CFG). The GetProcessMitigationPolicy and SetProcessMitigationPolicy functions use this structure.

Syntax

typedef struct _PROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY {
  union {
    DWORD Flags;
    struct {
      DWORD EnableControlFlowGuard : 1;
      DWORD EnableExportSuppression : 1;
      DWORD StrictMode : 1;
      DWORD EnableXfg : 1;
      DWORD EnableXfgAuditMode : 1;
      DWORD ReservedFlags : 27;
    } DUMMYSTRUCTNAME;
  } DUMMYUNIONNAME;
} PROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY, *PPROCESS_MITIGATION_CONTROL_FLOW_GUARD_POLICY;

Members

DUMMYUNIONNAME

DUMMYUNIONNAME.Flags

This member is reserved for system use.

DUMMYUNIONNAME.DUMMYSTRUCTNAME

DUMMYUNIONNAME.DUMMYSTRUCTNAME.EnableControlFlowGuard

CFG is enabled for the process if this flag is set. This field cannot be changed via SetProcessMitigationPolicy.

DUMMYUNIONNAME.DUMMYSTRUCTNAME.EnableExportSuppression

If TRUE, exported functions will be treated as invalid indirect call targets by default. Exported functions only become valid indirect call targets if they are dynamically resolved via GetProcAddress. This field cannot be changed via SetProcessMitigationPolicy.

DUMMYUNIONNAME.DUMMYSTRUCTNAME.StrictMode

If TRUE, all DLLs that are loaded must enable CFG. If a DLL does not enable CFG then the image will fail to load. This policy can be enabled after a process has started by calling SetProcessMitigationPolicy. It cannot be disabled once enabled.

DUMMYUNIONNAME.DUMMYSTRUCTNAME.EnableXfg

DUMMYUNIONNAME.DUMMYSTRUCTNAME.EnableXfgAuditMode

DUMMYUNIONNAME.DUMMYSTRUCTNAME.ReservedFlags

This member is reserved for system use.

Requirements

Requirement	Value
Minimum supported client	Windows 8.1 [desktop apps only]
Minimum supported server	Windows Server 2016 [desktop apps only]
Header	winnt.h