HOME

TheInfoList



Click Here for Items Related To - NX bit
OR:
NX bit on:   [Wikipedia]   [Google]   [Amazon]

The NX bit (no-execute bit) is a processor feature that separates areas of a
virtual address space In computing, a virtual address space (VAS) or address space is the set of ranges of virtual addresses that an operating system makes available to a process. The range of virtual addresses usually starts at a low address and can extend to the h ...
(the memory layout a program uses) into sections for storing data or program instructions. An
operating system An operating system (OS) is system software that manages computer hardware and software resources, and provides common daemon (computing), services for computer programs. Time-sharing operating systems scheduler (computing), schedule tasks for ...
supporting the NX bit can mark certain areas of the virtual address space as non-executable, preventing the processor from running any code stored there. This technique, known as executable space protection or Write XOR Execute, protects computers from malicious software that attempts to insert harmful code into another program’s data storage area and execute it, such as in a buffer overflow attack. The term "NX bit" was introduced by
Advanced Micro Devices Advanced Micro Devices, Inc. (AMD) is an American multinational corporation and technology company headquartered in Santa Clara, California and maintains significant operations in Austin, Texas. AMD is a Information technology, hardware and F ...
(AMD) as a marketing term.
Intel Intel Corporation is an American multinational corporation and technology company headquartered in Santa Clara, California, and Delaware General Corporation Law, incorporated in Delaware. Intel designs, manufactures, and sells computer compo ...
markets this feature as the XD bit (execute disable), while the
MIPS architecture MIPS (Microprocessor without Interlocked Pipelined Stages) is a family of reduced instruction set computer (RISC) instruction set architectures (ISA)Price, Charles (September 1995). ''MIPS IV Instruction Set'' (Revision 3.2), MIPS Technologies ...
refers to it as the XI bit (execute inhibit). In the
ARM architecture ARM (stylised in lowercase as arm, formerly an acronym for Advanced RISC Machines and originally Acorn RISC Machine) is a family of reduced instruction set computer, RISC instruction set architectures (ISAs) for central processing unit, com ...
, introduced in ARMv6, it is known as XN (execute never). The term NX bit is often used broadly to describe similar executable space protection technologies in other processors.


Architecture support


x86

x86 x86 (also known as 80x86 or the 8086 family) is a family of complex instruction set computer (CISC) instruction set architectures initially developed by Intel, based on the 8086 microprocessor and its 8-bit-external-bus variant, the 8088. Th ...
processors, since the 80286, included a similar capability implemented at the segment level. However, almost all operating systems for the 80386 and later x86 processors implement the flat memory model, so they cannot use this capability. There was no "Executable" flag in the page table entry (page descriptor) in those processors, until, to make this capability available to operating systems using the flat memory model, AMD added a "no-execute" or NX bit to the page table entry in its AMD64 architecture, providing a mechanism that can control execution per
page Page most commonly refers to: * Page (paper), one side of a leaf of paper, as in a book Page, PAGE, pages, or paging may also refer to: Roles * Page (assistance occupation), a professional occupation * Page (servant), traditionally a young m ...
rather than per whole segment. Intel implemented a similar feature in its Itanium (''Merced'') processor—having IA-64 architecture—in 2001, but did not bring it to the more popular x86 processor families (
Pentium Pentium is a series of x86 architecture-compatible microprocessors produced by Intel from 1993 to 2023. The Pentium (original), original Pentium was Intel's fifth generation processor, succeeding the i486; Pentium was Intel's flagship proce ...
,
Celeron Celeron is a series of IA-32 and x86-64 computer microprocessor, microprocessors targeted at low-cost Personal computer, personal computers, manufactured by Intel from 1998 until 2023. The first Celeron-branded CPU was introduced on April 15, ...
,
Xeon Xeon (; ) is a brand of x86 microprocessors designed, manufactured, and marketed by Intel, targeted at the non-consumer workstation, server, and embedded markets. It was introduced in June 1998. Xeon processors are based on the same archite ...
, etc.). In the x86 architecture it was first implemented by AMD, as the ''NX bit'', for use by its AMD64 line of processors, such as the Athlon 64 and Opteron. After AMD's decision to include this functionality in its AMD64 instruction set, Intel implemented the similar XD bit feature in x86 processors beginning with the
Pentium 4 Pentium 4 is a series of single-core central processing unit, CPUs for Desktop computer, desktops, laptops and entry-level Server (computing), servers manufactured by Intel. The processors were shipped from November 20, 2000 until August 8, 20 ...
processors based on later iterations of the Prescott core. The NX bit specifically refers to bit number 63 (i.e. the most significant bit) of a 64-bit entry in the page table. If this bit is set to 0, then code can be executed from that page; if set to 1, code cannot be executed from that page, and anything residing there is assumed to be data. It is only available with the long mode (64-bit mode) or legacy
Physical Address Extension In computing, Physical Address Extension (PAE), sometimes referred to as Page Address Extension, is a memory management feature for the x86 architecture. PAE was first introduced by Intel in the Pentium Pro, and later by AMD in the Athlon process ...
(PAE) page-table formats, but not x86's original 32-bit page table format because page table entries in that format lack the 64th bit used to disable and enable execution. Windows XP SP2 and later support Data Execution Prevention (DEP).


ARM

In ARMv6, a new page table entry format was introduced; it includes an "execute never" bit. For ARMv8-A, VMSAv8-64 block and page descriptors, and VMSAv8-32 long-descriptor block and page descriptors, for stage 1 translations have "execute never" bits for both privileged and unprivileged modes, and block and page descriptors for stage 2 translations have a single "execute never" bit (two bits due to ARMv8.2-TTS2UXN feature); VMSAv8-32 short-descriptor translation table descriptors at level 1 have "execute never" bits for both privileged and unprivileged mode and at level 2 have a single "execute never" bit.


Alpha

As of the Fourth Edition of the Alpha Architecture manual, DEC (now HP)
Alpha Alpha (uppercase , lowercase ) is the first letter of the Greek alphabet. In the system of Greek numerals, it has a value of one. Alpha is derived from the Phoenician letter ''aleph'' , whose name comes from the West Semitic word for ' ...
has a Fault on Execute bit in page table entries with the
OpenVMS OpenVMS, often referred to as just VMS, is a multi-user, multiprocessing and virtual memory-based operating system. It is designed to support time-sharing, batch processing, transaction processing and workstation applications. Customers using Op ...
,
Tru64 UNIX Tru64 UNIX is a discontinued 64-bit UNIX operating system for the DEC Alpha, Alpha instruction set architecture (ISA), currently owned by Hewlett-Packard (HP). Previously, Tru64 UNIX was a product of Compaq, and before that, Digital Equipment Corp ...
, and Alpha Linux
PALcode PALcode (Privileged Architecture Library code) is the name used by DEC in the DEC Alpha, Alpha instruction set architecture (ISA) for a set of functions in the System Reference Manual (SRM) or AlphaBIOS firmware, providing a hardware abstraction la ...
.


SPARC

The SPARC Reference MMU for Sun SPARC version 8 has permission values of Read Only, Read/Write, Read/Execute, and Read/Write/Execute in page table entries, although not all SPARC processors have a SPARC Reference MMU. A SPARC version 9 MMU may provide, but is not required to provide, any combination of read/write/execute permissions. A Translation Table Entry in a Translation Storage Buffer in Oracle SPARC Architecture 2011, Draft D1.0.0 has separate Executable and Writable bits.


PowerPC/Power ISA

Page table entries for
IBM International Business Machines Corporation (using the trademark IBM), nicknamed Big Blue, is an American Multinational corporation, multinational technology company headquartered in Armonk, New York, and present in over 175 countries. It is ...
PowerPC PowerPC (with the backronym Performance Optimization With Enhanced RISC – Performance Computing, sometimes abbreviated as PPC) is a reduced instruction set computer (RISC) instruction set architecture (ISA) created by the 1991 Apple Inc., App ...
's hashed page tables have a no-execute page bit. Page table entries for radix-tree page tables in the Power ISA have separate permission bits granting read/write and execute access.


PA-RISC

Translation lookaside buffer (TLB) entries and page table entries in
PA-RISC Precision Architecture reduced instruction set computer, RISC (PA-RISC) or Hewlett Packard Precision Architecture (HP/PA or simply HPPA), is a computer, general purpose computer instruction set architecture (ISA) developed by Hewlett-Packard f ...
1.1 and PA-RISC 2.0 support read-only, read/write, read/execute, and read/write/execute pages.


Itanium

TLB entries in Itanium support read-only, read/write, read/execute, and read/write/execute pages.


z/Architecture

As of the twelfth edition of the z/Architecture Principles of Operation, z/Architecture processors may support the Instruction-Execution Protection facility, which adds a bit in page table entries that controls whether instructions from a given region, segment, or page can be executed.


See also

* Executable space protection * W^X


References


External links


AMD, Intel put antivirus tech into chips

Microsoft Interviewed on Trustworthy Computing and NX



''Changes to Functionality in Microsoft Windows XP Service Pack 2'' Part 3: Memory Protection Technologies

Microsoft Security Developer Center: Windows XP SP 2: Execution Protection
{{CPU technologies Central processing unit Operating system security X86 architecture