[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [fedora-virt] Re: [PATCH] xen: do not set NX bit when making initial pagetables readonly



Hi list,

Thanks for all your efforts in trying to resolve the NX CPU capability
issue.

Turns out that in our circumstance, IBM xSeries 336 machines had
Irwindale? CPUs. Intel documentation says this was one of the first CPUs
to have Execute Disable (XD).

Herein lies some misunderstanding. NX really means XD that is:
"No Execute" is "Execute Disable" in IntelSpeak. Armed with this
knowledge I went into the bios and "Enabled Execute Disable".

The NX capability is now in the /proc/cpuinfo listing. The F10 kernel
works on the F8 host in 64 bit mode.

For IBM xSeries 336 owners, Execute Disable was Disabled by default (on
delivery).

Hope this helps someone out there.
Cheers
Phill.

On Fri, 2009-01-30 at 19:07 +0000, Ian Campbell wrote:
> On Fri, 2009-01-30 at 10:56 -0800, Jeremy Fitzhardinge wrote:
> > Ian Campbell wrote:
> > > __supported_pte_mask has not been correctly configured at this point
> > > and Xen prevents us from using the NX bit if the hardware does not
> > > support it. Some BIOSes seem to offer the option to disable NX.
> > >   
> > Could we sniff EFER and update __supported_pte_mask accordingly?
> 
> Perhaps, we might also have to handle the various noexec= command line
> options? I don't suppose they matter so much in a guest though.
> 
> The equivalent native seems to use _KERNPG_TABLE as well (e.g.
> head_64.S) -- is there something later on which comes along and tries to
> apply the NX bit to those pages which didn't get it at start of day?
> 
> Ian.
> 
> _______________________________________________
> Fedora-virt mailing list
> Fedora-virt redhat com
> https://www.redhat.com/mailman/listinfo/fedora-virt
> 


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]