From owner-freebsd-security@FreeBSD.ORG Tue Apr 3 15:08:26 2007 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id AE45016A404 for ; Tue, 3 Apr 2007 15:08:26 +0000 (UTC) (envelope-from metadev@gmail.com) Received: from an-out-0708.google.com (an-out-0708.google.com [209.85.132.242]) by mx1.freebsd.org (Postfix) with ESMTP id 6A9AC13C45A for ; Tue, 3 Apr 2007 15:08:26 +0000 (UTC) (envelope-from metadev@gmail.com) Received: by an-out-0708.google.com with SMTP id c24so1720305ana for ; Tue, 03 Apr 2007 08:08:25 -0700 (PDT) DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta; h=domainkey-signature:received:received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=EL+4TQgE2TPMJjXxIzlxzDOrb3S2FFQGOV7ykUwDS8kn7xGT5zRwTsR1+p9QCrOCD+9ShpEncHyQx6znu6UQ2/AgH5udlY1RYv9m16S8sgtnzKCh1XTFMyc2edwxqN8sJVBu00YFyxxjI8QX7xXwwzihEO6kVo7zROVIhkytWsk= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=WMobeKDIqytDVeuBiEbmT4Vhx6kUG00HBsAljTEKlhEazVVTlSI8Cal1ue+avIBtxvMKQzoc7ghyortC/548KwVuiwZ/rOr/yqv1m0s5cEcJlgGiGkrAbwbCPUR0ovpXgVPXDrq8c0GVTCMoNpIWX/2nHGuaYcpAUHCF6XDn+jk= Received: by 10.100.173.19 with SMTP id v19mr4398575ane.1175611388966; Tue, 03 Apr 2007 07:43:08 -0700 (PDT) Received: by 10.100.166.14 with HTTP; Tue, 3 Apr 2007 07:43:08 -0700 (PDT) Message-ID: <323b75e10704030743x46b25c41p6108dce5e93d58a8@mail.gmail.com> Date: Tue, 3 Apr 2007 17:43:08 +0300 From: metadev To: freebsd-security@freebsd.org In-Reply-To: <20070330100318.wbqww1rilcksskok@webmail.leidinger.net> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: quoted-printable Content-Disposition: inline References: <86648johpj.fsf@dwp.des.no> <20070330100318.wbqww1rilcksskok@webmail.leidinger.net> Subject: Re: nx-bit and TPM X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Apr 2007 15:08:26 -0000 On 3/30/07, Alexander Leidinger wrote: > Quoting Dag-Erling Sm=F8rgrav (from Thu, 29 Mar 2007 > 23:36:24 +0200): > > > Igor writes: > >> I'm was looking through handbook and wikipedia and it appears FreeBSD > >> doesn't support hardware (nor software) nx bit. > >> There also doesn't seem to be any support for TPM (Trusted Platform Mo= dule). > > > > I believe NX support was never implemented because Intel's version of > > AMD64 didn't support it. As for TPM, I don't see the point. > > This should not stop us in using it on amd64 if available. I think one > of the problem was/is the lack of time/man-power. So if someone comes > up with a good (enough) implementation which works on our supported > hardware, I don't think it will be rejected. > Please see this post for more info on the implications of using a non-executable stack http://lists.freebsd.org/pipermail/freebsd-security/2005-November/003318.ht= ml Bogdan