Signed-off-by: Kyle McMartin <[email protected]>
diff --git a/arch/i386/mm/init.c b/arch/i386/mm/init.c
index 84697df..fb61709 100644
--- a/arch/i386/mm/init.c
+++ b/arch/i386/mm/init.c
@@ -512,6 +512,9 @@ void __init paging_init(void)
set_nx();
if (nx_enabled)
printk("NX (Execute Disable) protection: active\n");
+#else
+ if (!disable_nx)
+ printk("NX (Execute Disable) only supported with CONFIG_HIGHMEM64G\n");
#endif
pagetable_init();
On second thought, this is probably better since most people will
presumably be booting non-PAE kernels, generating this message when
they've not tried to force the issue seems silly.
This way, the user will only see a warning if they actually go
out and specify "noexec=on" on the command line.
Sucks to have to do #ifdef #else though, I wonder if there's a
better way to initialize that.
Cheers,
Kyle
diff --git a/arch/i386/mm/init.c b/arch/i386/mm/init.c
index 84697df..ff389f1 100644
--- a/arch/i386/mm/init.c
+++ b/arch/i386/mm/init.c
@@ -422,7 +422,15 @@ void zap_low_mappings (void)
flush_tlb_all();
}
+/* disable_nx = 0 will generate unwanted warnings if it is
+ * the default case for non-PAE kernels, but we probably want
+ * NX by default on kernels built with PAE.
+ */
+#ifdef CONFIG_X86_PAE
static int disable_nx __initdata = 0;
+#else
+static int disable_nx __initdata = 1;
+#endif
u64 __supported_pte_mask __read_mostly = ~_PAGE_NX;
/*
@@ -512,6 +520,9 @@ void __init paging_init(void)
set_nx();
if (nx_enabled)
printk("NX (Execute Disable) protection: active\n");
+#else
+ if (!disable_nx)
+ printk("NX (Execute Disable) only supported with CONFIG_HIGHMEM64G\n");
#endif
pagetable_init();
On Mon, 2006-12-11 at 21:38 -0500, Kyle McMartin wrote:
> On second thought, this is probably better since most people will
> presumably be booting non-PAE kernels, generating this message when
> they've not tried to force the issue seems silly.
why not go the simple way, and just remove noexec=on entirely?
If your cpu can use NX, it'll get used automatically, and if not, it
won't. There's never any use for passing noexec=on .. at all since it
has no effect whatsoever.
On Mon, 2006-12-11 at 21:38 -0500, Kyle McMartin wrote:
> On second thought, this is probably better since most people will
> presumably be booting non-PAE kernels, generating this message when
> they've not tried to force the issue seems silly.
>
> This way, the user will only see a warning if they actually go
> out and specify "noexec=on" on the command line.
how about this instead?
noexec=on as kernel option makes no sense, nx is enabled by default
since a really long time. What it does achieve is that it gives certain
people the impression that it makes the impossible possible: using NX in
situations where either the CPU or the kernel configuration make it not
possible.
This patch just removes the option and all the code for it, it's bloat.
Signed-off-by: Arjan van de Ven <[email protected]>
---
Documentation/kernel-parameters.txt | 1 -
arch/i386/mm/init.c | 10 ++--------
arch/x86_64/kernel/setup64.c | 5 +----
3 files changed, 3 insertions(+), 13 deletions(-)
Index: linux-2.6/Documentation/kernel-parameters.txt
===================================================================
--- linux-2.6.orig/Documentation/kernel-parameters.txt
+++ linux-2.6/Documentation/kernel-parameters.txt
@@ -1032,7 +1032,6 @@ and is between 256 and 4096 characters.
noexec [IA-64]
noexec [IA-32,X86-64]
- noexec=on: enable non-executable mappings (default)
noexec=off: disable nn-executable mappings
nofxsr [BUGS=IA-32] Disables x86 floating point extended
Index: linux-2.6/arch/x86_64/kernel/setup64.c
===================================================================
--- linux-2.6.orig/arch/x86_64/kernel/setup64.c
+++ linux-2.6/arch/x86_64/kernel/setup64.c
@@ -50,10 +50,7 @@ static int __init nonx_setup(char *str)
{
if (!str)
return -EINVAL;
- if (!strncmp(str, "on", 2)) {
- __supported_pte_mask |= _PAGE_NX;
- do_not_nx = 0;
- } else if (!strncmp(str, "off", 3)) {
+ if (!strncmp(str, "off", 3)) {
do_not_nx = 1;
__supported_pte_mask &= ~_PAGE_NX;
}
Index: linux-2.6/arch/i386/mm/init.c
===================================================================
--- linux-2.6.orig/arch/i386/mm/init.c
+++ linux-2.6/arch/i386/mm/init.c
@@ -428,21 +428,15 @@ static int disable_nx __initdata = 0;
u64 __supported_pte_mask __read_mostly = ~_PAGE_NX;
/*
- * noexec = on|off
+ * noexec = off
*
* Control non executable mappings.
*
- * on Enable
* off Disable
*/
static int __init noexec_setup(char *str)
{
- if (!str || !strcmp(str, "on")) {
- if (cpu_has_nx) {
- __supported_pte_mask |= _PAGE_NX;
- disable_nx = 0;
- }
- } else if (!strcmp(str,"off")) {
+ if (!strcmp(str,"off")) {
disable_nx = 1;
__supported_pte_mask &= ~_PAGE_NX;
} else