"Execute Disable Bit" is not disabled in SLES11.2



Source

RETAIN tip: H21438

Symptom

The "Execute Disable Bit" function is always enabled, which can be verified by looking at the 'nx' bit with the following command in the SuSE Linux Enterprise Server 11 (SLES11) SP2 x86_64 operating system:

  cat /proc/cpuinfo | grep -i nx

This means that that the "Execute Disable Bit" function is always enabled regardless of the BIOS setup for this function.

Affected configurations

The system is configured with at least one of the following:

  • SUSE Linux Enterprise Server 11, Service Pack 2 x86_64

This tip is not system specific.

This tip is not option specific.

Note: This does not imply that the network operating system will work under all combinations of hardware and software.

Please see the compatibility page for more information:

http://www.ibm.com/systems/info/x86servers/serverproven/compat/us/

The system has the symptom described above.

Additional information

There is no way to disable this function for SLES11 SP2, and SLES11 SP3 also showed the same behavior. This means that SLES11 operating system will always enable the "Execute Disable Bit" function.

"Execute Disable Bit" is Intel technology that (when it was enabled) can prevent virus hack. More details can be found on:

 

Applicable countries and regions

 


Document id:  MIGR-5093228
Last modified:  2013-07-09
Copyright © 2014 IBM Corporation