Re: NX bit versus standard permissions?
From: Ed Beroset (spamtrap_at_crayne.org)
Date: 09/12/04
- Next message: Herman Dullink: "Re: NX bit versus standard permissions?"
- Previous message: Ed Beroset : "Re: masm32"
- In reply to: Bob Masta: "NX bit versus standard permissions?"
- Next in thread: Phil Carmody: "Re: NX bit versus standard permissions?"
- Reply: Phil Carmody: "Re: NX bit versus standard permissions?"
- Reply: Ivan Korotkov : "Re: NX bit versus standard permissions?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Date: Sun, 12 Sep 2004 17:10:01 +0000 (UTC)
Bob Masta wrote:
> Hello, all.
>
> I have been trying without luck to figure out what the heck this
> NX bit business is all about (besides marketing). Everything I've
> seen so far says something like "it will prevent code from executing
> from data areas". But I thought we already had that, with the
> standard protected mode privileges. The .data and BSS areas
> are normally not given execution privileges, only the code segment.
>
> So, what's new about the NX scheme?
The NX bit (or Intel calls it XD - eXecute Disable) is part of the page
translation tables. When the processor attempts to load into the
instruction TLB, it checks this bit. If the bit is set (i.e. this is
NOT an exectuable page) then the processor throws a page fault
exception. Previously, it only checked to see if it was readable, and
that's the only difference. Lots of hype surrounding all of this, but
it's really a pretty simple mechanism.
One interesting aspect to this is that Intel's original privilege and
protection scheme was built around segments. For example, within the
processor itself, there are (and have been) several flags that determine
the permissions available for a given segment. The code segment, for
example, is never writable.
However, to my understanding, all of the popular x86 operating systems
(all flavors of Windows, Linux, FreeBSD) all set up one huge flat
segment for the code segment, so it is not useful as a protection
mechanism basis. I.e. if your entire addressable memory space is valid
(in terms of the segmentation limit) as executable code, you can't use
that mechanism.
So, here we are a decade or so later, and reinventing these mechanisms
based on translation tables. I have long thought it might be
interesting to create an OS which used a segment-based approach along
the lines of the original Intel assumptions, just to see how that might
work. I'd be interested if anyone knows of such an experiment.
Ed
- Next message: Herman Dullink: "Re: NX bit versus standard permissions?"
- Previous message: Ed Beroset : "Re: masm32"
- In reply to: Bob Masta: "NX bit versus standard permissions?"
- Next in thread: Phil Carmody: "Re: NX bit versus standard permissions?"
- Reply: Phil Carmody: "Re: NX bit versus standard permissions?"
- Reply: Ivan Korotkov : "Re: NX bit versus standard permissions?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Relevant Pages
|
