The Burroughs 5000 offered hardware support for executable-space protection on its introduction in 1961; that capability remained in its successors until at least 2006.
This helps to prevent certain buffer overflow exploits from succeeding, particularly those that inject and execute code, such as the Sasser and Blaster worms.
A technology supplying Architecture Independent emulation will be functional on all processors which aren't hardware supported.
Fedora Core 6 and Ubuntu 9.10 and later provide a kernel-PAE package which supports PAE and NX.
The Exec Shield patch was released to the Linux kernel mailing list on May 2, 2003, but was rejected for merging with the base kernel because it involved some intrusive changes to core code in order to handle the complex parts of the emulation.
Exec Shield's legacy CPU support approximates NX emulation by tracking the upper code segment limit.
For legacy CPUs without an NX bit, Exec Shield fails to protect pages below the code segment limit; an mprotect() call to mark higher memory, such as the stack, executable will mark all memory below that limit executable as well.
Exec Shield checks for two ELF header markings, which dictate whether the stack or heap needs to be executable.
PaX provides two methods of NX bit emulation, called SEGMEXEC and PAGEEXEC.
The SEGMEXEC method imposes a measurable but low overhead, typically less than 1%, which is a constant scalar incurred due to the virtual memory mirroring used for the separation between execution and data accesses.
This is not a problem until the task requires access to more than half the normal address space, which is rare.
In these cases, PaX falls back to the older, variable-overhead method used by PAGEEXEC to protect pages below the CS limit, which may become quite a high-overhead operation in certain memory access patterns.
[6] Architectures that have per-page granularity consist of: alpha, amd64, hppa, i386 (with PAE), powerpc (ibm4xx), sh5, sparc (sun4m, sun4d), sparc64.
A technology in the OpenBSD operating system, known as W^X, marks writable pages by default as non-executable on processors that support that.
Windows Vista DEP works by marking certain parts of memory as being intended to hold only data, which the NX or XD bit enabled processor then understands as non-executable.
Windows implements software DEP (without the use of the NX bit) through Microsoft's "Safe Structured Exception Handling" (SafeSEH).
The effect of this protection is that an attacker is not able to add his own exception handler which he has stored in a data page through unchecked program input.
Windows allows programs to control which pages disallow execution through its API as well as through the section headers in a PE file.
Despite the lack of previous x86 hardware support, both executable and non-executable page settings have been provided since the beginning.
Assuming the programmer complied with "best practices", applications should work correctly now that NX is actually enforced.