How should anaconda check for PAE? (was Re: arch fun.)

Roland McGrath roland at redhat.com
Tue Feb 24 23:38:42 UTC 2009


> If we have NX (which anything made in the last few years will)
> it's a performance win to use the hardware NX instead of the
> segment limit hack we implemented in execshield.

It's more than performance.  The segment limit hack is a hack, and does not
actually do full enforcement in all cases (though we have already bent over
backward to ensure that these cases do not come up by default).  
Hardware NX is 100% reliable.

> Syscalls in particular should be a lot faster, as you get to
> use the sysenter/sysexit instructions which are faster than using
> the int 80h entrypoint. (The way the segment limits work is
> incompatible with sysenter/sysexit).

This is indeed quite a big hit.


Thanks,
Roland




More information about the Fedora-kernel-list mailing list