| View previous topic :: View next topic |
| Author |
Message |
josephg
l33t
Joined: 10 Jan 2016
Posts: 783
Location: usually offline
|
 Posted: Wed Sep 21, 2016 5:40 am Post subject: Notice: NX protection cannot be enabled: non-PAE kernel! |
 |
|
i see this in dmesg. should i consider having those enabled?
| Code: | | Notice: NX (Execute Disable) protection cannot be enabled: non-PAE kernel! |
i think pae got disabled, as I don't have more than 4g ram. i do have the nx and pae flags in my cpu. my kernel is gentoo 32bit x86. |
|
| Back to top |
|
 |
s4e8
Guru
Joined: 29 Jul 2006
Posts: 311
|
| Posted: Wed Sep 21, 2016 7:28 am Post subject: |
|
|
| You must select HIGHMEM 64G or HIGHMEM off + PAE on. With PAE on you got max 64G highmem, and 4G PAE off, it's pointless with PAE on and limit HIGHMEM to 4G. |
|
| Back to top |
|
|
Ant P.
Watchman
Joined: 18 Apr 2009
Posts: 6920
|
| Posted: Wed Sep 21, 2016 3:48 pm Post subject: |
|
|
| If you're still using a 32-bit CPU, the added overhead of PAE probably isn't worth it. NX is mostly useful on precompiled distros. |
|
| Back to top |
|
|
josephg
l33t
Joined: 10 Jan 2016
Posts: 783
Location: usually offline
|
| Posted: Wed Sep 21, 2016 4:08 pm Post subject: |
|
|
| Ant P. wrote: | | If you're still using a 32-bit CPU, the added overhead of PAE probably isn't worth it. NX is mostly useful on precompiled distros. |
my cpu is 64bit, but i still prefer 32bit os as i find it more resource efficient and stable.
i was wondering about the pae overhead, and usefulness of nx. this was what i was debating.. about switching those overheads on vs the potential benefits. thanks for that.. if they are only useful on precompiled distros.. then i'm not too worried.
btw, why would nx protection be useful on precompiled distros, and not on the likes of gentoo? |
|
| Back to top |
|
|
NeddySeagoon
Administrator
Joined: 05 Jul 2003
Posts: 54237
Location: 56N 3W
|
| Posted: Wed Sep 21, 2016 4:25 pm Post subject: |
|
|
josephg,
You can run a 64 bit kernel under your 32 bit userspace if you really want to.
That avoids all the HIMEM work arounds in 32 bit if you have more than 1G RAM.
You just can't easily build a 64 bit kernel on a 32 bit install.
With 2G or more of RAM, you should go 64 bit anyway.
NX is useful against buggy software and things you didn't even know you had installed.
It stops code being run in areas of memory that should no be executable, like dynamically allocated RAM. A Programs data region and so on.
This causes a few badly designed programs to get killed. It also stops some classes of exploits.
_________________
Regards,
NeddySeagoon
Computer users fall into two groups:-
those that do backups
those that have never had a hard drive fail. |
|
| Back to top |
|
|
Hu
Moderator
Joined: 06 Mar 2007
Posts: 21633
|
| Posted: Thu Sep 22, 2016 12:55 am Post subject: |
|
|
| NX is useful everywhere, regardless of whether the distribution is precompiled. ASLR is also useful everywhere, but is more important on precompiled distributions, since an attacker can predict the exact contents of your programs because he can download the same copy you downloaded. If you have no ASLR and the attacker can predict memory layout, various attacks become much easier. Since Gentoo users tend to build everything locally, the attacker knows generally what your program will do, but may not be able to predict the exact layout of the program. This slightly reduces the need to have ASLR. However, in 64-bit mode, ASLR is free, so there is no reason not to have it. In 32-bit mode, ASLR requires building everything as PIC, which consumes one register on an architecture that is already register starved. You should only run 32-bit if your CPU is incapable of 64-bit mode. |
|
| Back to top |
|
|
josephg
l33t
Joined: 10 Jan 2016
Posts: 783
Location: usually offline
|
| Posted: Thu Sep 22, 2016 4:19 pm Post subject: |
|
|
| Hu wrote: | | In 32-bit mode, ASLR requires building everything as PIC, which consumes one register on an architecture that is already register starved. You should only run 32-bit if your CPU is incapable of 64-bit mode. |
guess, aslr is overkill for me.
i don't need the 64b overheads on memory or diskspace. i don't have more than 4g ram to justify moving to 64bit. and i don't think i can have a pure 64b os either. so even though my cpu is 64b, keeping myself pure 32b is more efficient.
| NeddySeagoon wrote: | You can run a 64 bit kernel under your 32 bit userspace if you really want to.
That avoids all the HIMEM work arounds in 32 bit if you have more than 1G RAM. |
i was thinking that keeping my system pure 32bit would be the most efficient. is 32bit userpace running on a 64bit kernel more efficient if more than 1g ram?
_________________
"Growth for the sake of growth is the ideology of the cancer cell." Edward Abbey |
|
| Back to top |
|
|
|
Kernel & Hardware
