linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
* IA64/x86-64 and execution protection support?
@ 2003-11-03 14:49 Joseph Pingenot
  2003-11-03 16:49 ` David Mosberger
  2003-11-03 20:21 ` Bryan O'Sullivan
  0 siblings, 2 replies; 4+ messages in thread
From: Joseph Pingenot @ 2003-11-03 14:49 UTC (permalink / raw)
  To: linux-kernel

Hello.

I was reading El Reg this morning when they discussed "execution protection"
  on the new Intel (IA64) and AMD (K8 and above) chips.
Does the Linux kernel have support for preventing execution of certain
  memory regions on those architectures?
Also, I know that some implementations of x86 stack protection are out there;
  I've not seen them in the vanilla kernels; is there any plan to implement
  them?

Thank you!
-Joseph
-- 
Joseph===============================================trelane@digitasaru.net
"Asked by CollabNet CTO Brian Behlendorf whether Microsoft will enforce its
 patents against open source projects, Mundie replied, 'Yes, absolutely.'
 An audience member pointed out that many open source projects aren't
 funded and so can't afford legal representation to rival Microsoft's. 'Oh
 well,' said Mundie. 'Get your money, and let's go to court.' 
Microsoft's patents only defensive? http://swpat.ffii.org/players/microsoft

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: IA64/x86-64 and execution protection support?
  2003-11-03 14:49 IA64/x86-64 and execution protection support? Joseph Pingenot
@ 2003-11-03 16:49 ` David Mosberger
  2003-11-03 20:21 ` Bryan O'Sullivan
  1 sibling, 0 replies; 4+ messages in thread
From: David Mosberger @ 2003-11-03 16:49 UTC (permalink / raw)
  To: trelane; +Cc: linux-kernel

>>>>> On Mon, 3 Nov 2003 08:49:33 -0600, Joseph Pingenot <trelane@digitasaru.net> said:

  Joseph> Hello.  I was reading El Reg this morning when they
  Joseph> discussed "execution protection" on the new Intel (IA64) and
  Joseph> AMD (K8 and above) chips.  Does the Linux kernel have
  Joseph> support for preventing execution of certain memory regions
  Joseph> on those architectures?

Yes, on ia64, data and stack do not get mapped executable by default.
Also, return addresses (under the discretion of the compiler) are
virtually always stored on a separate register stack, making it more
difficult to use memory stack overflows to overwrite return addresses.

	--daviid

^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: IA64/x86-64 and execution protection support?
  2003-11-03 14:49 IA64/x86-64 and execution protection support? Joseph Pingenot
  2003-11-03 16:49 ` David Mosberger
@ 2003-11-03 20:21 ` Bryan O'Sullivan
  1 sibling, 0 replies; 4+ messages in thread
From: Bryan O'Sullivan @ 2003-11-03 20:21 UTC (permalink / raw)
  To: trelane; +Cc: linux-kernel

On Mon, 2003-11-03 at 06:49, Joseph Pingenot wrote:

> Does the Linux kernel have support for preventing execution of certain
>   memory regions on those architectures?

It does on x86_64, yes.  This can be enabled or disabled via command
line options.

	<b


^ permalink raw reply	[flat|nested] 4+ messages in thread
* Re: IA64/x86-64 and execution protection support?
       [not found] <20031103144932.GC31953@digitasaru.net.suse.lists.linux.kernel>
@ 2003-11-03 20:20 ` Andi Kleen
  0 siblings, 0 replies; 4+ messages in thread
From: Andi Kleen @ 2003-11-03 20:20 UTC (permalink / raw)
  To: Joseph Pingenot; +Cc: linux-kernel

Joseph Pingenot <trelane@digitasaru.net> writes:

> Does the Linux kernel have support for preventing execution of certain
>   memory regions on those architectures?
> Also, I know that some implementations of x86 stack protection are out there;
>   I've not seen them in the vanilla kernels; is there any plan to implement
>   them?

The x86-64 port supports no-execution for stack and heap and other
memory areas, but it is not enabled by default because it breaks some 
software. You can enable it with the noexec= boot parameter. See 
Documentation/x86_64/boot-options.txt for details.

-Andi

^ permalink raw reply	[flat|nested] 4+ messages in thread
end of thread, other threads:[~2003-11-18 13:56 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2003-11-03 14:49 IA64/x86-64 and execution protection support? Joseph Pingenot
2003-11-03 16:49 ` David Mosberger
2003-11-03 20:21 ` Bryan O'Sullivan
     [not found] <20031103144932.GC31953@digitasaru.net.suse.lists.linux.kernel>
2003-11-03 20:20 ` Andi Kleen

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).