-
Notifications
You must be signed in to change notification settings - Fork 748
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Avoid reading time stamp counter #1074
Avoid reading time stamp counter #1074
Conversation
…opcode injection technique for reading the time stamp counter.
…e Time Stamp Counter and altering the implementation to read an Environment variable.
// The application can set this environment variable when this code is running in a system where | ||
// it is not desirable to read the processor's time stamp counter. | ||
// While this is supported in modern CPUs, the technique used for allocating executable memory, copying OP Code | ||
// for the read of the time stamp and invoking the OP Code can be detected as Malware by some anti-virus vendors. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please include a link to the original issue here so that we can more easily see the motivation for this feature in future:
// for the read of the time stamp and invoking the OP Code can be detected as Malware by some anti-virus vendors. | |
// for the read of the time stamp and invoking the OP Code can be detected as Malware by some anti-virus vendors. | |
// https://github.com/zeromq/netmq/issues/1071 |
src/NetMQ/Core/Utils/OpCode.cs
Outdated
var val = Environment.GetEnvironmentVariable("NETQM_SUPPRESS_RDTSC"); | ||
if ("TRUE".Equals(val, StringComparison.OrdinalIgnoreCase)) | ||
return false; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
What do you think about supporting any value in this environment variable? It's not uncommon to want to set a variable like this to 1
. We could just check for any non-null
value.
var val = Environment.GetEnvironmentVariable("NETQM_SUPPRESS_RDTSC"); | |
if ("TRUE".Equals(val, StringComparison.OrdinalIgnoreCase)) | |
return false; | |
if (Environment.GetEnvironmentVariable("NETQM_SUPPRESS_RDTSC") is not null) | |
return false; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The downside of this approach would be that setting the value to false
would not do what you expect.
I'm happy with whatever you decide.
…n just "true". Added a reference to the github issue.
I made the change to use any value set to the environment variable as suggested and added a link to the github issue. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks great, thanks very much!
The implementations using an environment variable rather than a static flag on an unrelated class.
Fixes #1071