From 1a2314a94c5428462bca2b179f5da75536ab3003 Mon Sep 17 00:00:00 2001 From: rickshaw5724 Date: Thu, 31 Aug 2023 08:19:05 -0400 Subject: [PATCH] Added a static Boolean on the SocketOptions class to avoid using the opcode injection technique for reading the time stamp counter. --- src/NetMQ/Core/Utils/OpCode.cs | 2 ++ src/NetMQ/SocketOptions.cs | 10 ++++++++++ 2 files changed, 12 insertions(+) diff --git a/src/NetMQ/Core/Utils/OpCode.cs b/src/NetMQ/Core/Utils/OpCode.cs index 7228fcfc3..f2ae43658 100644 --- a/src/NetMQ/Core/Utils/OpCode.cs +++ b/src/NetMQ/Core/Utils/OpCode.cs @@ -11,6 +11,8 @@ internal static class Opcode public static bool Open() { + if (SocketOptions.DoNotUseRDTSC) + return false; #if NETSTANDARD1_1_OR_GREATER || NET471_OR_GREATER if (RuntimeInformation.ProcessArchitecture != Architecture.X86 && RuntimeInformation.ProcessArchitecture != Architecture.X64) diff --git a/src/NetMQ/SocketOptions.cs b/src/NetMQ/SocketOptions.cs index 38ed476d5..3844e3ca0 100644 --- a/src/NetMQ/SocketOptions.cs +++ b/src/NetMQ/SocketOptions.cs @@ -12,6 +12,16 @@ namespace NetMQ /// public class SocketOptions { + /// + /// If set, the time stamp counter is not read directly through opcode injection, + /// rather is used. + /// When false, the time stamp counter is read by allocating a few bytes on the heap with + /// read/write/execute privilege. OpCode is copied to this allocated memory and invoked to read + /// the time stamp counter, (which is a register available on most modern CPUs). While this is + /// an accurate way to read the time stamp counter, because it injects code onto the heap, this + /// can be detected as a malware technique by some anti-virus defenders. + /// + public static bool DoNotUseRDTSC; /// /// The NetMQSocket that this SocketOptions is referencing. ///