Sorry, my mistake, PAE is required yes, and then 32bit Linux Kernel
will have NX enabled:
PAE can be enabled with CONFIG_X86_PAE (and CONFIG_HIGHMEM64G -
possibly needed, which is what the kernel config file for Fedora Core
11 has):
In arch/x86/mm/init_32.c:
#ifdef CONFIG_X86_PAE
set_nx();
if (nx_enabled)
printk(KERN_INFO "NX (Execute Disable) protection: active\n");
#endif
On Tue, Mar 10, 2009 at 12:23 PM, NAHieu <nahieu@xxxxxxxxx> wrote:
> On Mon, Mar 9, 2009 at 11:50 PM, Peter Teoh <htmldeveloper@xxxxxxxxx> wrote:
>> as far as I can remember, in x86 architecture, hardware-wise, it is
>> NOT possible to enable NX. U may do anything via software, but it
>> will not be enabled. NX feature is only for 64bit OS.
>>
>
> No, NX is available for 32bit Linux, as long as PAE is enable.
>
> I am still stuck here (on 32bit Linux). It seems nobody can shed some
> lights in this problem?
>
> Thanks,
> H
>
>
>> On Mon, Mar 9, 2009 at 4:27 AM, NAHieu <nahieu@xxxxxxxxx> wrote:
>>> Hi,
>>>
>>> I inspect my Linux memory, and it seems that there is no area that
>>> prohibite execution like I expected (using NX bit in modern CPU). That
>>> really surprises me.
>>>
>>> I looked at some potential data areas exported in System.map file, like:
>>>
>>> - mark_rodata_ro
>>> - sysctl_data
>>> - new_cpu_data
>>> - boot_cpu_data
>>>
>>> And all of these areas allow to execute code (because NX=0 there). Is
>>> that really desirable?
>>>
>>> Anybody know for sure which area (easier to check if exported in
>>> System.map) doesnt allow execute?
>>>
>>> I can confirm that NX is active in my machine (reported in dmesg)
>>>
>
--
Regards,
Peter Teoh
--
To unsubscribe from this list: send an email with
"unsubscribe kernelnewbies" to ecartis@xxxxxxxxxxxx
Please read the FAQ at http://kernelnewbies.org/FAQ
