Skip to content

Commit

Permalink
crypto: fix PaX issue on NetBSD with CNv4 JIT
Browse files Browse the repository at this point in the history
  • Loading branch information
@moneromooo-monero
moneromooo-monero committed Mar 7, 2019
1 parent 89b1630 commit 7632ded
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 9 deletions.
13 changes: 13 additions & 0 deletions src/crypto/CryptonightR_JIT.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,9 @@
#include <string.h>
#include <stdio.h>
#include <unistd.h>
#if !(defined(_MSC_VER) || defined(__MINGW32__))
#include <sys/mman.h>
#endif

#include "int-util.h"
#include "hash-ops.h"
Expand Down Expand Up @@ -58,6 +61,11 @@ int v4_generate_JIT_code(const struct V4_Instruction* code, v4_random_math_JIT_f
uint8_t* JIT_code = (uint8_t*) buf;
const uint8_t* JIT_code_end = JIT_code + buf_size;

#if !(defined(_MSC_VER) || defined(__MINGW32__))
if (mprotect((void*)buf, buf_size, PROT_READ | PROT_WRITE))
return 1;
#endif

APPEND_CODE(prologue, sizeof(prologue));

uint32_t prev_rot_src = 0xFFFFFFFFU;
Expand Down Expand Up @@ -101,6 +109,11 @@ int v4_generate_JIT_code(const struct V4_Instruction* code, v4_random_math_JIT_f

APPEND_CODE(epilogue, sizeof(epilogue));

#if !(defined(_MSC_VER) || defined(__MINGW32__))
if (mprotect((void*)buf, buf_size, PROT_READ | PROT_EXEC))
return 1;
#endif

__builtin___clear_cache((char*)buf, (char*)JIT_code);

return 0;
Expand Down
20 changes: 11 additions & 9 deletions src/crypto/slow-hash.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -756,10 +756,10 @@ void slow_hash_allocate_state(void)
#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || \
defined(__DragonFly__) || defined(__NetBSD__)
hp_state = mmap(0, MEMORY, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANON, 0, 0);
MAP_PRIVATE | MAP_ANON, -1, 0);
#else
hp_state = mmap(0, MEMORY, PROT_READ | PROT_WRITE,
MAP_PRIVATE | MAP_ANONYMOUS | MAP_HUGETLB, 0, 0);
MAP_PRIVATE | MAP_ANONYMOUS | MAP_HUGETLB, -1, 0);
#endif
if(hp_state == MAP_FAILED)
hp_state = NULL;
Expand All @@ -778,11 +778,16 @@ void slow_hash_allocate_state(void)
#else
#if defined(__APPLE__) || defined(__FreeBSD__) || defined(__OpenBSD__) || \
defined(__DragonFly__) || defined(__NetBSD__)
hp_jitfunc_memory = mmap(0, 4096 + 4095, PROT_READ | PROT_WRITE | PROT_EXEC,
MAP_PRIVATE | MAP_ANON, 0, 0);
#ifdef __NetBSD__
#define RESERVED_FLAGS PROT_MPROTECT(PROT_EXEC)
#else
hp_jitfunc_memory = mmap(0, 4096 + 4095, PROT_READ | PROT_WRITE | PROT_EXEC,
MAP_PRIVATE | MAP_ANONYMOUS, 0, 0);
#define RESERVED_FLAGS 0
#endif
hp_jitfunc_memory = mmap(0, 4096 + 4096, PROT_READ | PROT_WRITE | RESERVED_FLAGS,
MAP_PRIVATE | MAP_ANON, -1, 0);
#else
hp_jitfunc_memory = mmap(0, 4096 + 4096, PROT_READ | PROT_WRITE | PROT_EXEC,
MAP_PRIVATE | MAP_ANONYMOUS, -1, 0);
#endif
if(hp_jitfunc_memory == MAP_FAILED)
hp_jitfunc_memory = NULL;
Expand All @@ -794,9 +799,6 @@ void slow_hash_allocate_state(void)
hp_jitfunc_memory = malloc(4096 + 4095);
}
hp_jitfunc = (v4_random_math_JIT_func)((size_t)(hp_jitfunc_memory + 4095) & ~4095);
#if !(defined(_MSC_VER) || defined(__MINGW32__))
mprotect(hp_jitfunc, 4096, PROT_READ | PROT_WRITE | PROT_EXEC);
#endif
}

/**
Expand Down

0 comments on commit 7632ded

Please sign in to comment.