Red Hat's latest NX patch is written with the assistance of Intel engineers:

http://www.linuxelectrons.com/articl...40606105136214

"The patch is based on a prototype NX patch written for 2.4 by Intel -
special thanks go to Suresh Siddha and Jun Nakajima @ Intel. The existing NX
support in the 64-bit x86_64 kernels has been written by Andi Kleen and this
patch is modeled after his code. "

Also it looks like this patch is able to catch kernel code that is being
executed off of the stack:

"Furthermore, the patch also implements 'NX protection' for kernelspace
code: only the kernel code and modules are executable - so even kernel-space
overflows are harder (in some cases, impossible) to exploit. Here is how
kernel code that tries to execute off the stack is stopped ..."

Yousuf Khan

--
Humans: contact me at ykhan at rogers dot com
Spambots: just reply to this email address ;-)

Yousuf Khan wrote:

> Red Hat's latest NX patch is written with the assistance of Intel
> engineers:
>
> http://www.linuxelectrons.com/articl...40606105136214
>
> "The patch is based on a prototype NX patch written for 2.4 by Intel -
> special thanks go to Suresh Siddha and Jun Nakajima @ Intel. The existing
> NX support in the 64-bit x86_64 kernels has been written by Andi Kleen and
> this patch is modeled after his code. "

Read this paragraph once more.
* The existing NX support in 64-bit x86_64 kernels.
* Andi Kleen, I think he works for SuSE, not Intel.

It is not NX support for AMD64 that Intel has helped with, it is NX like
support for iA32

Anyway that is how I read the original announcement (and thread) at
http://www.ussg.iu.edu/hypermail/lin...06.0/0497.html

/RogerL

--
Roger Larsson
Skellefteå
Sweden