Future-proof NvENC & NvFBC patcher (Linux/Windows)

Related tags

Miscellaneous nvlax
Overview

target os: linux license: GPL v3 powered by: CMake powered by: CPM powered by: Zydis powered by: LIEF

nvlax

Future-proof NvENC & NvFBC patcher

Requirements

  • Working internet connection during configuration (i.e cloning does NOT include dependencies)
  • CMake
  • C++ compiler

Building

git clone 'https://github.com/illnyang/nvlax.git'
cd nvlax
mkdir build && cd build
cmake ..
make

Protip: use WSL if you're using Windows.

Example of usage

Patch NvENC in-place:

Linux:
# nvlax_encode -i /usr/lib/libnvidia-encode.so.495.44 -o /usr/lib/libnvidia-encode.so.495.44
Windows:
# nvlax_encode -i nvEncodeAPI64.dll -o nvEncodeAPI64.dll
# nvlax_encode -i nvEncodeAPI.dll -o nvEncodeAPI.dll

Patch NvFBC in-place:

Linux:
# nvlax_fbc -i /usr/lib/libnvidia-fbc.so.495.44 -o /usr/lib/libnvidia-fbc.so.495.44

FAQ

How is this more future-proof?

This patcher performs assembly-level heuristics instead of naive pattern-matching. The patching itself works more/less the same way as in keylase/nvidia-patch.

Which driver versions are supported?

I have tested this patcher against the following versions (on Linux):

  • 470.74
  • 495.29.05
  • 495.44

It should work on previous versions as well. Please don't open-up new issues if you're using ancient drivers, thanks.

Windows support?

nvlax_encode accepts NVIDIA DLLs as input files. NvFBC patching is not supported yet, though.

Credits

keylase/nvidia-patch - this project wouldn't exist if it wasn't for their outstanding reverse-engineering efforts. thanks!

Issues
  • Cannot perform NvFBC patch on 495.44

    Cannot perform NvFBC patch on 495.44

    Built according to unstructions, ran the commands: cp /usr/lib/libnvidia-fbc.so.495.44 . ./nvlax_fbc -i ./libnvidia-fbc.so.495.44 -o ./libnvidia-fbc.so.495.44

    Got:

    [+] libnvidia-fbc.so
    Assertion 'found' failed (ERROR)
      in file lax_fbc.cc, line 77
      function: int main(int, char**)
    terminate called after throwing an instance of 'ppk::assert::AssertionException'
      what():  
    [1]    24138 IOT instruction (core dumped)  ./nvlax_fbc -i /usr/lib/libnvidia-fbc.so.495.44 -o
    
    opened by itsTyrion 5
  • Can't compile on Ubuntu 21.10

    Can't compile on Ubuntu 21.10

    Even having installed liblief-dev, it refuses to compile properly:

    gitstore/nvlax/src/lax_encode.cc:45:78: error: ‘class LIEF::Symbol’ has no member named ‘value’
       45 |         auto v_func_bytes = bin->get_content_from_virtual_address(f_nvenc_ci.value(), 0x260);
          |                                                                              ^~~~~
    gitstore/nvlax/src/lax_encode.cc:53:37: error: ‘class LIEF::Symbol’ has no member named ‘value’
       53 |                 offset = f_nvenc_ci.value() +
          |```
    opened by cybik 5
  • nvlax_encode: command not found (Windows 10 / WSL2)

    nvlax_encode: command not found (Windows 10 / WSL2)

    I'm getting the error nvlax_encode: command not found after building via cmake, platform in this case is Windows 10 and I'm using WSL2.

    What am I missing?

    https://i.imgur.com/RzwTLxS.png

    opened by Ninbura 3
  • Add patch to fix NvFBC not requesting proper Vulkan API version

    Add patch to fix NvFBC not requesting proper Vulkan API version

    Hello,

    There is an issue with NvFBC: it's using the Vulkan API without requesting the proper API version. It didn't cause any harm until Vulkan was updated to version 1.3.204 which introduced a regression that made this improper use of its API starting to cause errors.

    A patch for NvFBC was proposed to correct the API misuse, here's a link to the Vulkan-Loader issue with all the details (including the patch): https://github.com/KhronosGroup/Vulkan-Loader/issues/894#issuecomment-1083388959

    Could this patch be added to nvlax?

    Regards, Jules

    opened by JPenuchot 1
  • Nvlax doesn't build even with Zydis patch

    Nvlax doesn't build even with Zydis patch

    This occurs both when compiling from source with Zydis patch in #14 and installing any nvlax AUR package with any utility (pamac, yay, paru).

    [ 95%] Building CXX object CMakeFiles/nvlax_encode.dir/src/lax_encode.cc.o
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_fbc.cc: In function ‘int main(int, char**)’:
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_fbc.cc:40:27: error: request for member ‘virtual_address’ in ‘s_rodata’, which is of pointer type ‘LIEF::ELF::Section*’ (maybe you meant to use ‘->’ ?)
       40 |         offset = s_rodata.virtual_address() + s_rodata.search("This hardware does not support NvFBC");
          |                           ^~~~~~~~~~~~~~~
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_fbc.cc:40:56: error: request for member ‘search’ in ‘s_rodata’, which is of pointer type ‘LIEF::ELF::Section*’ (maybe you meant to use ‘->’ ?)
       40 |         offset = s_rodata.virtual_address() + s_rodata.search("This hardware does not support NvFBC");
          |                                                        ^~~~~~
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_fbc.cc:52:38: error: request for member ‘content’ in ‘s_text’, which is of pointer type ‘LIEF::ELF::Section*’ (maybe you meant to use ‘->’ ?)
       52 |         auto v_text_content = s_text.content();
          |                                      ^~~~~~~
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_fbc.cc:61:38: error: request for member ‘virtual_address’ in ‘s_text’, which is of pointer type ‘LIEF::ELF::Section*’ (maybe you meant to use ‘->’ ?)
       61 |                 size_t temp = s_text.virtual_address() +
          |                                      ^~~~~~~~~~~~~~~
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_fbc.cc:67:37: error: request for member ‘virtual_address’ in ‘s_text’, which is of pointer type ‘LIEF::ELF::Section*’ (maybe you meant to use ‘->’ ?)
       67 |                     offset = s_text.virtual_address() + data - v_text_content.data();
          |                                     ^~~~~~~~~~~~~~~
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_encode.cc: In function ‘void patch_linux(LIEF::ELF::Binary*)’:
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_encode.cc:45:78: error: request for member ‘value’ in ‘f_nvenc_ci’, which is of pointer type ‘LIEF::Symbol*’ (maybe you meant to use ‘->’ ?)
       45 |         auto v_func_bytes = bin->get_content_from_virtual_address(f_nvenc_ci.value(), 0x260);
          |                                                                              ^~~~~
    /var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/src/lax_encode.cc:53:37: error: request for member ‘value’ in ‘f_nvenc_ci’, which is of pointer type ‘LIEF::Symbol*’ (maybe you meant to use ‘->’ ?)
       53 |                 offset = f_nvenc_ci.value() +
          |                                     ^~~~~
    make[2]: *** [CMakeFiles/nvlax_fbc.dir/build.make:90: CMakeFiles/nvlax_fbc.dir/src/lax_fbc.cc.o] Error 1
    make[2]: Leaving directory '/var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/build'
    make[1]: *** [CMakeFiles/Makefile2:219: CMakeFiles/nvlax_fbc.dir/all] Error 2
    make[1]: *** Waiting for unfinished jobs....
    make[2]: *** [CMakeFiles/nvlax_encode.dir/build.make:90: CMakeFiles/nvlax_encode.dir/src/lax_encode.cc.o] Error 1
    make[2]: Leaving directory '/var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/build'
    make[1]: *** [CMakeFiles/Makefile2:190: CMakeFiles/nvlax_encode.dir/all] Error 2
    make[1]: Leaving directory '/var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/build'
    make: *** [Makefile:136: all] Error 2
    make: Leaving directory '/var/tmp/pamac-build-constbur/nvlax-git/src/nvlax/build'
    ==> ERROR: A failure occurred in build().
        Aborting...
    
    opened by ConstBur 1
  • ABEND while trying to patch 470.103.1 drivers

    ABEND while trying to patch 470.103.1 drivers

    Got nvlax-git from AUR, which includes the rollback to an older Zydis version, yet i'm clueless for this one

    [[email protected] ~]$ nvlax_fbc -i /usr/lib/libnvidia-fbc.so.470.94 -o /usr/lib/libnvidia-fbc.so.470.94
    [+] libnvidia-fbc.so
    Assertion 'instr.mnemonic == ZYDIS_MNEMONIC_JNB' failed (ERROR)
      in file lax_fbc.cc, line 90
      function: int main(int, char**)
    terminate called after throwing an instance of 'ppk::assert::AssertionException'
      what():  
    Аварийный останов (стек памяти сброшен на диск)
    
    opened by big-lip-bob 1
  • .so file?

    .so file?

    Maybe I'm using this wrong, but the nvidia patch I saw your post in creates an SO file that can be used as an OBS plugin for shadowplay recording. does this utility do that? I dont see it anywhere when I make it.

    opened by Hindquarterz 0
  • Nvlax can no longer be built because Zydis has made breaking changes

    Nvlax can no longer be built because Zydis has made breaking changes

    Zydis as introduces breaking changes that prevent nvlax from being compiled.

    For the time being, you could use CPMAddPackage("gh:zyantific/zydis#55dd08c210722aed81b38132f5fd4a04ec1943b5") or CPMAddPackage("gh:zyantific/zydis#v3.2.1") with some regression changes needed, rather than CPMAddPackage("gh:zyantific/zydis#master") or make the needed changes to nvlax.

    opened by tytan652 6
  • Patching WSL2-imported .so

    Patching WSL2-imported .so

    Hi! Since I have system's DLL patched correctly (your patcher doesn't seem to pick up even 472.12, that's last patched driver by keylase/nvidia-patch), and from Windows itself invoking ffmpeg w/ nvenc accel doesn't result in session limiting, yet I still see session limiter in WSL itself: image I tried your patcher on /usr/lib/wsl/lib/libnvidia-encode.so.1 that's imported from host's %windir%\System32\DriverStore\FileRepository\nvmdi*\libnvidia-encode.so.1, and to my surprise, it seems as though this .so doesn't use libnvcuvid.so: image

    I looked at other issues in the repository, and it seems like providing .so would be helpful, so here it is: libnvidia-encode.so.1.zip

    opened by mostm 1
  • Error running nvlax_encode

    Error running nvlax_encode

    ➜ ./nvlax_encode -i /usr/lib/libnvidia-encode.so.495.44 -o /usr/lib/libnvidia-encode.so.495.44
    [+] libnvidia-encode.so
    Assertion 'found' failed (ERROR)
      in file lax_encode.cc, line 98
      function: void patch_linux(LIEF::ELF::Binary*)
    terminate called after throwing an instance of 'ppk::assert::AssertionException'
      what():  
    [1]    11117 abort (core dumped)  ./nvlax_encode -i /usr/lib/libnvidia-encode.so.495.44 -o
    

    Followed the build instructions from the readme. Not sure what wrong.

    opened by TinyBabyOwl 5
  • Patch appears successful but has no affect (Windows / 496.49)

    Patch appears successful but has no affect (Windows / 496.49)

    Looks like I spoke too soon, if I run more than 3 encodes via FFmpeg I get the [h264_nvenc @ 0000022742a41300] OpenEncodeSessionEx failed: out of memory (10): (no details) error.

    Re-installed the driver restarted and patched again, still not working. This is the output when running the patch:

    [email protected]:~/nvlax/build# ./nvlax_encode -i /mnt/c/Windows/System32/nvEncodeAPI64.dll -o /mnt/c/Windows/System32/nvEncodeAPI64.dll
    Unable to find the section associated with CERTIFICATE_TABLE
    [+] nvEncodeAPI64.dll
    [+] patched successfully
    [email protected]:~/nvlax/build# ./nvlax_encode -i /mnt/c/Windows/SysWOW64/nvEncodeAPI.dll -o /mnt/c/Windows/SysWOW64/nvEncodeAPI.dll
    Unable to find the section associated with CERTIFICATE_TABLE
    [+] nvEncodeAPI.dll
    [+] patched successfully
    

    Maybe something to do with patching in place?

    PS: driver version is 496.49.

    Originally posted by @Ninbura in https://github.com/illnyang/nvlax/issues/5#issuecomment-955179993

    Thought I'd open a new issue as the issue explained in this message was not related to the original issue.

    opened by Ninbura 5
Owner
Illyan Garte
through the looking glass
Illyan Garte
🎨 A secure boot compatible in-memory UxTheme patcher

SecureUxTheme About SecureUxTheme is a software that removes signature verification of styles from Windows. Features No system file modifications No d

null 1.3k Jul 28, 2022
A configurable in-memory binary patcher.

?? Lyptus ?? A configurable in-memory binary patcher. ?? Usage Set up the Lyptus config with a list of patches to apply, and inject the Lyptus DLL int

null 13 Jul 4, 2022
A small proof-of-concept for using disk devices for DMA on Windows.

ddma A small proof-of-concept for using disk devices for DMA on Windows. Why Some native hypervisors (i.e. Hyper-V) allow the guest unvirtualized devi

null 42 Jun 7, 2022
Fully Featured Time Circuits Display from Back to the Future

Time Circuits Display This Time Circuits Display has been meticulously reproduced to be as accurate as possible to the one seen in the Delorean Time M

John 52 Jun 27, 2022
Not a big fan of git. May create a nicer repo in the future.

os My x86-64 hobby operating system. Cooperative multitasking system with no user-mode support, everything runs on ring 0 (for now). Packed with a rea

tiagoporsch 13 Jul 26, 2022
A repository that includes common helper functions for writing applications in the DPDK. I will be using this for my future projects in the DPDK.

The DPDK Common (WIP) Description This project includes helpful functions and global variables for developing applications using the DPDK. I am using

Christian Deacon 11 May 31, 2022
Text - A spicy text library for C++ that has the explicit goal of enabling the entire ecosystem to share in proper forward progress towards a bright Unicode future.

ztd.text Because if text works well in two of the most popular systems programming languages, the entire world over can start to benefit properly. Thi

Shepherd's Oasis 204 Jul 25, 2022
bl_mcu_sdk is MCU software development kit provided by Bouffalo Lab Team for BL602/BL604, BL702/BL704/BL706 and other series of RISC-V based chips in the future.

bl mcu sdk is an MCU software development kit provided by the Bouffalo Lab Team for BL602/BL604, BL702/BL704/BL706 and other series of chips in the future

Bouffalo Lab 123 Jul 26, 2022
All lab practicals c++ source code will be stored here, for future references.

Karnataka-State-Ist-PU-LAB-practicals-source-code All lab practicals c++ source code will be stored here, for future references. Sourced from this web

Sachit 1 Feb 1, 2022
The source for the Linux kernel used in Windows Subsystem for Linux 2 (WSL2)

Introduction The WSL2-Linux-Kernel repo contains the kernel source code and configuration files for the WSL2 kernel. Reporting Bugs If you discover an

Microsoft 5.9k Aug 2, 2022
A refactored Proof-of-concept originally developed in 2017 to print all function calls with their arguments data types and values using Ptrace during program execution.

print-function-args-debugger A refactored Proof-of-concept originally developed in 2017 to print all function calls with their arguments data types an

*finixbit 15 Jun 17, 2022
Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)

Osiris This repository contains the implementation of the Osiris framework discussed in the research paper "Osiris: Automated Discovery of Microarchit

CISPA 37 Jul 22, 2022
anthemtotheego 342 Jul 23, 2022
Proof of concept Beacon Object File (BOF) that attempts to detect userland hooks in place by AV/EDR

Detect-Hooks Detect-Hooks is a proof of concept Beacon Object File (BOF) that attempts to detect userland API hooks in place by AV/EDR. The BOF will r

anthemtotheego 119 Jul 29, 2022
A proof-of-concept port of uxn to the STM32duino environment

ArdUxno-demo A quick-and-dirty proof-of-concept port of Devine Lu Linvega's amazing Uxn virtual stack machine to an STM32 microcontroller. uxn.c and u

Cass Smith 12 Feb 9, 2022
A proof-of-oncept module adding real-time Wren support to Godot

Godot Wren Module This module adds a new node, called WrenManager, that allows for executing Wren code in Godot during runtime! Wren is a cool lightwe

null 3 Nov 28, 2021
An implementation and proof-of-concept of Process Forking.

ForkPlayground A library to implement the Process Forking attack described in this blog post. ForkLib - C++ library that implements the Process Forkin

Bill Demirkapi 153 Jul 31, 2022
Zero-Knowledge Proof Toolbox

Zkrypt是一个开源的C语言零知识证明算法库,旨在向用户提供简洁、高效的非交互式零知识证明协议接口,用户可以通过调用接口实现完整的零知识证明协议的流程,包括公共参数设置、证明生成和验证等步骤。 本项目由北京大学关志的密码学研究组开发维护。 特性 支持多种零知识证明协议(包括Groth16, Plo

Zhi Guan 12 Jun 16, 2022
The Machinery IDL - Proof of Concept

The Machinery IDL - Proof of Concept This is a proof of concept for an Interface Description Language isomorphic with C for describing C11 ABI compati

null 6 Jul 21, 2022