Am Montag, den 27.07.2009, 13:24 +0900 schrieb Dmitry Timoshkov:
"Michael Karcher" wine@mkarcher.dialup.fu-berlin.de wrote:
The meaning of "enable" is the same in Windows and Wine: it enables the execute permission, not the data execution prevention.
JFYI, I based my original patch on the information at http://www.uninformed.org/?v=2&a=4 (To enable NX support, the MEM_EXECUTE_OPTION_DISABLE flag (0x1) is specified. To disable NX support, the MEM_EXECUTE_OPTION_ENABLE flag (0x2) is specified) and Chromium sources: http://src.chromium.org/viewvc/chrome/trunk/src/sandbox/src/dep.cc
The information you used is right. MEM_EXECUTE_OPTION_ENABLE disables NX support. But the parameter to the function VIRTUAL_SetForceExec does not tell whether to enable NX, but whether to enable execution permission on data pages. So to disable NX (i.e. MEM_EXECUTE_OPTION_ENABLE), execute permission on data pages must be forced, so SetForceExec must be called with TRUE.
Thanks for review, Michael Karcher