DEP/AlwaysOff performance impact

[meolsen]

I have been reading about Data Execution Prevention (DEP) in SP2. It is a software bit debugger that exploits a feature in AMD64 processors. I have seen some threads suggesting that the boot.ini file should be changed to "AlwaysOff" to eliminate this "feature" for better performance. I did understand that it could, when enabled, cause problems with older games and software like Unreal Tournament. But if you are not having problems in specific games, just occasional blue screens, is it better to turn this off and run without this AMD feature?

Anyone believe that this is a real vulnerability that needs to be addressed in DEP?

Thanks all,
Michael

 

[meolsen]

bump?

 

[tr1kstanc3]

with nvidia drivers you will experience bsod's when exiting unreal engine games with the 6800 series and amd64's. i leave it disabled for the most part. i noticed on my pentium-m laptop that leaving it enabled would crash media player. very very odd...

its caused more problems than anything for me. probably a driver issue more so than microsoft's fault tho.

 

[VirtualLarry]

There are two components of DEP in XP SP2. One is hardware, and requires support from your CPU - either an AMD64 with NX-bit support, or an Intel -J CPU with XD-bit support. The other is software, the system binaries in XP SP2 were compiled with an option for doing some stack-probe checks, among other things. I'm not aware of how much overhead the hardware support for DEP has, although I would assume that being in the CPU hardware, the overhead would be very slight. Not so with the software half of DEP. I don't believe that you can fully disable it either, to remove the overhead. If you are really that concerned about the overhead, and do not require the additional security that DEP could provide, then I suggest rolling back to XP SP1 + hotfixes.

There is no such thing as 100% overhead-free DEP. It does have a (minute) cost.

 

[johnh123]

With my just-built system, DEP was giving me all kinds of problems- bringing down explorer etc. I just disabled it boot.ini.

 

[VirtualLarry]

It seems like there are a lot of 3rd-party device-drivers and things that are not fully compatible with DEP yet. If there is a kernel-mode DEP exception, instead of displaying an error, the system will crash/reboot/BSOD too.