From a63794ccd64a0d98b7d3658441c91e1ce5a957e2 Mon Sep 17 00:00:00 2001 From: XMRig Date: Thu, 17 Jan 2019 20:43:25 +0700 Subject: [PATCH 1/4] v2.9.4-dev --- src/version.h | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/version.h b/src/version.h index a401f5173..eb520447f 100644 --- a/src/version.h +++ b/src/version.h @@ -28,7 +28,7 @@ #define APP_ID "xmrig" #define APP_NAME "XMRig" #define APP_DESC "XMRig CPU miner" -#define APP_VERSION "2.9.3" +#define APP_VERSION "2.9.4-dev" #define APP_DOMAIN "xmrig.com" #define APP_SITE "www.xmrig.com" #define APP_COPYRIGHT "Copyright (C) 2016-2019 xmrig.com" @@ -36,7 +36,7 @@ #define APP_VER_MAJOR 2 #define APP_VER_MINOR 9 -#define APP_VER_PATCH 3 +#define APP_VER_PATCH 4 #ifdef _MSC_VER # if (_MSC_VER >= 1910) From 897ff83dcdc0f4320c5475f3734a015d01835cde Mon Sep 17 00:00:00 2001 From: XMRig Date: Fri, 18 Jan 2019 21:44:44 +0700 Subject: [PATCH 2/4] #913 Increase max blob size for MSR secor upgrade. --- src/common/net/Job.h | 8 ++++++-- src/workers/MultiWorker.h | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/common/net/Job.h b/src/common/net/Job.h index 394727dfe..6922b0cee 100644 --- a/src/common/net/Job.h +++ b/src/common/net/Job.h @@ -6,7 +6,7 @@ * Copyright 2016 Jay D Dee * Copyright 2017-2018 XMR-Stak , * Copyright 2018 Lee Clagett - * Copyright 2018 SChernykh + * Copyright 2018-2019 SChernykh * Copyright 2016-2019 XMRig , * * This program is free software: you can redistribute it and/or modify @@ -38,6 +38,10 @@ class Job { public: + // Max blob size is 84 (75 fixed + 9 variable), aligned to 96. https://github.com/xmrig/xmrig/issues/1 Thanks fireice-uk. + // SECOR increase requirements for blob size: https://github.com/xmrig/xmrig/issues/913 + static constexpr const size_t kMaxBlobSize = 128; + Job(); Job(int poolId, bool nicehash, const xmrig::Algorithm &algorithm, const xmrig::Id &clientId); ~Job(); @@ -95,7 +99,7 @@ private: size_t m_size; uint64_t m_diff; uint64_t m_target; - uint8_t m_blob[96]; // Max blob size is 84 (75 fixed + 9 variable), aligned to 96. https://github.com/xmrig/xmrig/issues/1 Thanks fireice-uk. + uint8_t m_blob[kMaxBlobSize]; xmrig::Algorithm m_algorithm; xmrig::Id m_clientId; xmrig::Id m_id; diff --git a/src/workers/MultiWorker.h b/src/workers/MultiWorker.h index b9d07b52a..a186f5370 100644 --- a/src/workers/MultiWorker.h +++ b/src/workers/MultiWorker.h @@ -6,7 +6,7 @@ * Copyright 2016 Jay D Dee * Copyright 2017-2018 XMR-Stak , * Copyright 2018 Lee Clagett - * Copyright 2018 SChernykh + * Copyright 2018-2019 SChernykh * Copyright 2016-2019 XMRig , * * This program is free software: you can redistribute it and/or modify @@ -60,7 +60,7 @@ private: struct State { - alignas(16) uint8_t blob[96 * N]; + alignas(16) uint8_t blob[Job::kMaxBlobSize * N]; Job job; }; From 31a571dc70134c2de943e87580f9d5dfcb2cb06f Mon Sep 17 00:00:00 2001 From: SChernykh Date: Sat, 19 Jan 2019 11:22:54 +0100 Subject: [PATCH 3/4] Make JIT memory read-only after patching is done --- src/Mem.h | 1 + src/Mem_unix.cpp | 6 ++++++ src/Mem_win.cpp | 7 +++++++ src/workers/CpuThread.cpp | 1 + 4 files changed, 15 insertions(+) diff --git a/src/Mem.h b/src/Mem.h index 21616a405..9e39e963c 100644 --- a/src/Mem.h +++ b/src/Mem.h @@ -61,6 +61,7 @@ public: static void release(cryptonight_ctx **ctx, size_t count, MemInfo &info); static void *allocateExecutableMemory(size_t size); + static void protectExecutableMemory(void *p, size_t size); static void flushInstructionCache(void *p, size_t size); static inline bool isHugepagesAvailable() { return (m_flags & HugepagesAvailable) != 0; } diff --git a/src/Mem_unix.cpp b/src/Mem_unix.cpp index a30d9f720..833c200c1 100644 --- a/src/Mem_unix.cpp +++ b/src/Mem_unix.cpp @@ -100,6 +100,12 @@ void *Mem::allocateExecutableMemory(size_t size) } +void Mem::protectExecutableMemory(void *p, size_t size) +{ + mprotect(p, size, PROT_READ | PROT_EXEC); +} + + void Mem::flushInstructionCache(void *p, size_t size) { # ifndef __FreeBSD__ diff --git a/src/Mem_win.cpp b/src/Mem_win.cpp index c43b2ce46..27c1348b0 100644 --- a/src/Mem_win.cpp +++ b/src/Mem_win.cpp @@ -191,6 +191,13 @@ void *Mem::allocateExecutableMemory(size_t size) } +void Mem::protectExecutableMemory(void *p, size_t size) +{ + DWORD oldProtect; + VirtualProtect(p, size, PAGE_EXECUTE_READ, &oldProtect); +} + + void Mem::flushInstructionCache(void *p, size_t size) { ::FlushInstructionCache(GetCurrentProcess(), p, size); diff --git a/src/workers/CpuThread.cpp b/src/workers/CpuThread.cpp index 082effe2d..db02bda7a 100644 --- a/src/workers/CpuThread.cpp +++ b/src/workers/CpuThread.cpp @@ -118,6 +118,7 @@ void xmrig::CpuThread::patchAsmVariants() patchCode(cn_half_mainloop_bulldozer_asm, cnv2_mainloop_bulldozer_asm, xmrig::CRYPTONIGHT_HALF_ITER, xmrig::CRYPTONIGHT_MASK); patchCode(cn_half_double_mainloop_sandybridge_asm, cnv2_double_mainloop_sandybridge_asm, xmrig::CRYPTONIGHT_HALF_ITER, xmrig::CRYPTONIGHT_MASK); + Mem::protectExecutableMemory(base, allocation_size); Mem::flushInstructionCache(base, allocation_size); } #endif From 4faa95b460032e4d51771ec68301c64df162aaba Mon Sep 17 00:00:00 2001 From: xmrig Date: Sat, 19 Jan 2019 23:53:39 +0700 Subject: [PATCH 4/4] Update CHANGELOG.md --- CHANGELOG.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 8e880f873..7a672d9c4 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,7 @@ +# v2.9.4 +- [#913](https://github.com/xmrig/xmrig/issues/913) Fixed Masari (MSR) support (this update required for upcoming fork). +- [#915](https://github.com/xmrig/xmrig/pull/915) Improved security, JIT memory now read-only after patching. + # v2.9.3 - [#909](https://github.com/xmrig/xmrig/issues/909) Fixed compile errors on FreeBSD. - [#912](https://github.com/xmrig/xmrig/pull/912) Fixed, C++ implementation of `cn/half` was produce up to 13% of invalid hashes.