| 1 |
On Wednesday 11 May 2005 09:02, Julian Rendell wrote: |
| 2 |
> I've just come across the following page: |
| 3 |
> http://d-sbd.alioth.debian.org/www/?page=pax |
| 4 |
> which states: |
| 5 |
> On i386, there is no NX bit in hardware; thus, one is emulated for a |
| 6 |
> nominal cost. There are two emulation methods, PAGEEXEC and SEGMEXEC. |
| 7 |
> Each method has its own faults and its own merits. It should be noted, |
| 8 |
> however, that on k6-2, PAGEEXEC cannot properly function and SHOULD |
| 9 |
> NOT be enabled. This is due to the k6-2 having a different TLB |
| 10 |
> architecture which in most cases is compatible with other i386 |
| 11 |
> processors; the advanced use that PAGEEXEC makes of the TLB is NOT |
| 12 |
> compatible with the k6-2 TLB architecture. |
| 13 |
> |
| 14 |
> Is the hardened tool-chain set to use PageExec? |
| 15 |
> If so, how can I change it to use SEGMEXEC? |
| 16 |
> Are there any stages pre-compiled with SEGMEXEC? |
| 17 |
|
| 18 |
it's a kernel option. under security options -> PaX options -> memory |
| 19 |
protection (or similar) -> page based exec protection /segmentation based |
| 20 |
exec protection. |
| 21 |
|
| 22 |
regards, |
| 23 |
pedro venda. |
| 24 |
-- |
| 25 |
|
| 26 |
Pedro João Lopes Venda |
| 27 |
email: pjvenda < at > arrakis.dhis.org |
| 28 |
http://arrakis.dhis.org |
Archives