No-Execute (NX) and Execute Disable (XD) processor functions require PAE

Author: NetworkAdminKB.com
Created: 2008-01-23
Modified: 2008-12-05

Summary:

On AMD Processors the No-Execute (NX) bit is the 63rd bit of the page table entry.  This bit allows the operating system to specify which pages of the virtual address space can contain executable code and which cannot. An attempt to execute code from a page that is tagged "no execute" will result in a memory access violation.  The intent is to make it more difficult for malicious code to take control of the system via "buffer overrun" or "unchecked buffer" attacks. AMD was the first x86-family vendor to support no-execute in linear addressing mode.

 

The Execute Disabled (XD) feature provides the same functionality on recent Intel x86 processors

 

Both NX and XD require PAE (Page Address Extension) to be enabled on the Windows operating system.  This also applies to servers running in a virtual environment.  For example, VMWare documents this requirement in their “Guest OS Installation Guide”.

 

PAE (and therefore NX or XD) is only available on the following Windows Operating Systems.

  • Microsoft Windows 2000 Advanced Server
  • Microsoft Windows 2000 Datacenter Server
  • Microsoft Windows Server 2003, Enterprise Edition
  • Microsoft Windows Server 2003, Datacenter Edition

PAE (and therefore NX or XD) is not available on the following operating systems

  • Microsoft Windows 2000 Server
  • Microsoft Windows Server 2003, Standard Edition

More Information:

Physical Address Extension (PAE) was initially created to overcome the 4GB limit that 32 bit processors inherently have.  PAE effectively increases the affected data structures by including additional bits in order to be capable of addressing beyond the 4GB boundary.  Furthermore, these extended data structures contain a special NX bit that is not otherwise used during "normal" PAE mode.  When the NX bit is enable it is used to mark pieces of the stack and the heap as readable but non executable.  The intent is to prevent data that is moved to an overflowed stack from being executed.  The NX flag can be disabled and enabled on a per application basis.  The NX bit is only available x86 processors.

 

Sources:

x86-64 on Wapedia

 

NX bit on Wikipedia

 

Guest Operating System Installation Guide

 

Large memory support is available in Windows Server 2003 and in Windows 2000

 

Article ID: 50, Created On: 9/16/2011, Modified: 9/16/2011