1 #include <linux/spinlock.h> 2 #include <linux/errno.h> 3 #include <linux/init.h> 4 5 #include <asm/pgtable.h> 6 #include <asm/proto.h> 7 #include <asm/cpufeature.h> 8 9 static int disable_nx; 10 11 /* 12 * noexec = on|off 13 * 14 * Control non-executable mappings for processes. 15 * 16 * on Enable 17 * off Disable 18 */ noexec_setup(char * str)19static int __init noexec_setup(char *str) 20 { 21 if (!str) 22 return -EINVAL; 23 if (!strncmp(str, "on", 2)) { 24 disable_nx = 0; 25 } else if (!strncmp(str, "off", 3)) { 26 disable_nx = 1; 27 } 28 x86_configure_nx(); 29 return 0; 30 } 31 early_param("noexec", noexec_setup); 32 x86_configure_nx(void)33void x86_configure_nx(void) 34 { 35 if (boot_cpu_has(X86_FEATURE_NX) && !disable_nx) 36 __supported_pte_mask |= _PAGE_NX; 37 else 38 __supported_pte_mask &= ~_PAGE_NX; 39 } 40 x86_report_nx(void)41void __init x86_report_nx(void) 42 { 43 if (!boot_cpu_has(X86_FEATURE_NX)) { 44 printk(KERN_NOTICE "Notice: NX (Execute Disable) protection " 45 "missing in CPU!\n"); 46 } else { 47 #if defined(CONFIG_X86_64) || defined(CONFIG_X86_PAE) 48 if (disable_nx) { 49 printk(KERN_INFO "NX (Execute Disable) protection: " 50 "disabled by kernel command line option\n"); 51 } else { 52 printk(KERN_INFO "NX (Execute Disable) protection: " 53 "active\n"); 54 } 55 #else 56 /* 32bit non-PAE kernel, NX cannot be used */ 57 printk(KERN_NOTICE "Notice: NX (Execute Disable) protection " 58 "cannot be enabled: non-PAE kernel!\n"); 59 #endif 60 } 61 } 62