View Single Post
Old 03-01-04, 10:50 PM   #23
SnapIT
Registered User
 
Join Date: Jun 2003
Posts: 154
Default

Quote:
Originally posted by J.F.
Actually, a sw fix is pretty easy with only a small performance hit. When a page fault occurs, set the MMU tables and do an access to force the TLBs to load the entry, then go back and use the test registers to invalidate the instruction TLB for that page. This leaves the data TLB with a valid translation, but any instruction accesses will cause another page fault. In the second page fault, simulate the no-execute. This works on x86 CPUs allowing access to the TLB through the test registers AND uses separate TLBs for data and code access. This means you can simulate NX with a little extra code in the page fault handler of Pentium and newer chips, but not on the 486 or older. The 486 allows the access of the TLB via the test registers, but only had one TLB to handle both data and code.
Actually, no, it does not work like that as the software can only control its own instructions if NX is only in software, malicious code can be run at any overload, your program will crash and the code can run, i can see some heavy problems coming with that...

There is no bit to set NX if it is not implemented so...

Now, for the ia32 implementation this is no biggie as you can easily simulate NX, but that will not work on AM-64, so there IS a very real problem with this...
SnapIT is offline   Reply With Quote