Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Disable CET enforcement #409

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Disable CET enforcement #409

wants to merge 1 commit into from

Conversation

EmulationEnjoyer
Copy link
Contributor

@EmulationEnjoyer EmulationEnjoyer commented Dec 20, 2024
edited
Loading

Since canary build 1.2.97 when the project was moved to .NET 9 (ref: ff66281), Ryujinx has been failing to launch. The cause is the "Control-flow Enforcement Technology Shadow Stack (.NET 9+)" feature introduced in .NET 9

This specifically affects Windows 10, and more specifically an install of Windows 10 that is not fully up-to-date

This fix allows (Windows 10) systems that are not completely up to date as of the current .NET 9 runtime release to launch Ryujinx. Without this fix the user will receive the following output and an application crash:

CLR: Assert failure(PID 10616 [0x00002978], Thread: 11424 [0x2ca0]): !AreShadowStacksEnabled() || UseSpecialUserModeApc()
File: D:\a_work\1\s\src\coreclr\vm\threads.cpp:7938
Image: Ryujinx.exe

Possible fixes to this issue:

  1. User updates their system on top of installing the .NET 9 runtime
  2. User disables Control-Flow Guard exploit protection in the Exploit Protection section of the Windows Security applet
  3. Merge this pull request to disable CET enforcement by Ryujinx

refs:

dotnet/runtime#108589
dotnet/docs#42600
https://learn.microsoft.com/en-us/dotnet/core/compatibility/interop/9.0/cet-support
https://learn.microsoft.com/en-us/dotnet/core/deploying/native-aot/security#control-flow-enforcement-technology-shadow-stack-net-9

edit:

Disabling CFG exploit protection does not allow Ryujinx to launch with CET enforcement enabled

@EmulationEnjoyer
Disable CET enforcement
2591f8c 
Allows (Windows 10) systems that are not fully up to date as of the current .NET 9 runtime release to launch Ryujinx

https://learn.microsoft.com/en-us/dotnet/core/deploying/native-aot/security#control-flow-enforcement-technology-shadow-stack-net-9
@github-actions github-actions bot added the gui Affects the Avalonia UI or translations. label Dec 20, 2024
@github-actions GitHub Actions
Copy link

Download the artifacts for this pull request:

GUI-less
Only for Developers

@EmulationEnjoyer
Copy link
Contributor Author

For anyone experiencing this issue:

To allow the .NET 9 Ryujinx builds to launch under the condition you are running Windows 10 and the operating system is not fully up-to-date:

  1. Open the 'Settings' applet in Windows
  2. Search for and open the 'Exploit Protection' panel in the 'Windows Security' applet
  3. Select the 'Program settings' column
  4. Click 'Add program to customize' and 'Choose exact path'
  5. Select the 'Ryujinx.exe' executable file
  6. Scroll down to the 'Hardware-enforced Stack Protection' and check the 'Override system settings' option
  7. Ensure the toggle is set to 'Off' (even if it was set to 'Off' before checking the 'Override system settings' option, the 'Override system settings' option must still be enabled for it to take affect)

cet_workaround

This will allow you to launch and update Ryujinx normally without an immediate crash

(CET was not available in any prior .NET core framework that Ryujinx was compiled against, why is it necessary now?)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
gui Affects the Avalonia UI or translations.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@EmulationEnjoyer