kernel-PAE and NX (No eXecute)
Dave Jones
davej at redhat.com
Sat Nov 17 01:47:08 UTC 2007
On Wed, Nov 14, 2007 at 10:00:09AM +0100, Till Maas wrote:
> On Mi November 14 2007, Dave Jones wrote:
> > On Mon, Nov 12, 2007 at 08:08:08PM +0100, Till Maas wrote:
>
> > > I read
> > > that the 2.6.23 kernel supports NX without the need to activate 64G
> > > memory support?
> >
> > not true.
>
> Here is a kernel git changelog entry that says it is true:
>
> | i386: divorce CONFIG_X86_PAE from CONFIG_HIGHMEM64G
> |
> | PAE is useful for more than supporting more than 4GB RAM. It supports
> | expanded swapspace and NX executable protections. Some users may want NX
> | or expanded swapspace support without the overhead or instability of
> | highmem. For these reasons, the following patch divorces CONFIG_X86_PAE
> | from CONFIG_HIGHMEM64G.
>
> http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=c673f1a9d994de501b674b2bb6a48bd5e912afe0
That's a really terrible exaggerated changelog entry.
The 'overhead' is still there because you need to use 3-level 64bit pagetables.
As for 'instability', well if there are bugs, how about we fix them?
(crazy idea I know, it'll never catch on).
So all this really buys you is the inability to use memory past 4G
if present. For people with <4G, it's no different. They still
need PAE enabled to use NX.
Dave
--
http://www.codemonkey.org.uk
More information about the fedora-devel-list
mailing list