From: Charles Giessen <charles@lunarg.com>
Date: Mon, 21 Nov 2022 22:08:59 +0000 (-0700)
Subject: Use integrity_level >= HIGH for is_high_integrity
X-Git-Tag: upstream/1.3.240~35
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=76529312e0b872e86f60519243ee66a209461996;p=platform%2Fupstream%2FVulkan-Loader.git

Use integrity_level >= HIGH for is_high_integrity

Previously it used integrity_level > MEDIUM, which causes issues since
occasionally windows elevates certain regular user mode processes to
be MEDIUM + 0x100 or similar, causing the `is_high_integrity()` to
return true even though it isn't an admin level process.
---

diff --git a/loader/loader_environment.c b/loader/loader_environment.c
index ff0c1187..d4f7e046 100644
--- a/loader/loader_environment.c
+++ b/loader/loader_environment.c
@@ -100,7 +100,7 @@ bool is_high_integrity() {
             const DWORD integrity_level = *GetSidSubAuthority(mandatory_label->Label.Sid, sub_authority_count - 1);
 
             CloseHandle(process_token);
-            return integrity_level > SECURITY_MANDATORY_MEDIUM_RID;
+            return integrity_level >= SECURITY_MANDATORY_HIGH_RID;
         }
 
         CloseHandle(process_token);