Re: [announce] [patch] NX (No eXecute) support for x86, 2.6.7-rc2-bk2

[Suresh Siddha]

On Thursday 03 June 2004 05:44, Ingo Molnar wrote:
> 
> * Ingo Molnar <mingo@xxxxxxx> wrote:
> 
> > > And do we have some way of on a per-process basis say "avoid NX
> > > because this old version of Oracle/flash/whatever-binary-thing doesn't
> > > run with it"?
> 
> [...]
> > 2) via a runtime method: via the i386 personality. So an application can
> >    trigger the 'legacy' Linux VM layout by e.g doing 'i386 java
> >    ./test.class'.
> > 
> > this is a hack in Fedora - we wanted to have a finegrained runtime
> > mechanism just in case. But it would be nice to have this upstream too -
> > e.g. via a PERSONALITY_3G?
> 
> i've attached a patch that provides a cleaner solution. It does 3
> changes:
> 
> - it adds a ADDR_SPACE_EXECUTABLE bit to the personality 'bug bits'
> section. This bit if set will make the stack executable. (if in the
> future we decide to make the malloc() heap non-exec [which i definitely
> think we should], that property will also listen to this bit.)

Ingo,

What do you mean by "in the future"? on x86, with the current no execute 
patch, malloc() will be non-exec

thanks,
suresh
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/