I'm going to buy a new laptop for linux (x86-64), and I'm currently investigating
if laptops with nvidia graphics are an option or not.
Specifically, the question is whether the nvidia driver conforms to our security guidelines:
* Statically linked kernel with no module loader is a must.
Can the nvidia driver be linked statically into the kernel,
or must it be loaded as a kernel module?
* Strict execute protection (PaX/Grsecurity) is also a must:
All stack and data segments are set to non-executable,
and all mmaps may be either writeable or executable, but never both.
* Textrels could be enabled if really necessary,
but currently they are disallowed (turned off in the kernel).
Is there any chance to meet the above criteria,
or is this impossible with the nvidia driver?