* John Richard Moser <[EMAIL PROTECTED]> wrote: > On a final note, isn't PaX the only technology trying to apply NX > protections to kernel space? [...]
NX protection for kernel-space overflows on x86 has been part of the mainline kernel as of June 2004 (released in 2.6.8), on CPUs that support the NX bit - i.e. latest AMD and Intel CPUs. Let me quote from the commit log: http://linux.bkbits.net:8080/linux-2.5/[EMAIL PROTECTED] [...] furthermore, the patch also implements 'NX protection' for kernelspace code: only the kernel code and modules are executable - so even kernel-space overflows are harder (in some cases, impossible) to exploit. Here is how kernel code that tries to execute off the stack is stopped: kernel tried to access NX-protected page - exploit attempt? (uid: 500) Unable to handle kernel paging request at virtual address f78d0f40 printing eip: ... implemented, split out and brought to you by yours truly, as part of the exec-shield project. (You know, the one not developed by that 'scheduler developer' ;-) Ingo - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
