After spending many hours debuging my page allocation code, I found out that the execute disable bit is checked to be 0 when it isn't enabled (in the EFER MSR). This creates a problem for me, since the code that detects features and enables them on my APs doesn't (and can't) run before they need to use their stacks, which have the execute disable bit set.
Could I safely assume that there will always be execute disable bit support in x64 processors?
Execute Disable and You (and x64)
-
JohnnyTheDon
- Member
- Posts: 524
- Joined: Sun Nov 09, 2008 2:55 am
- Location: Pennsylvania, USA
Re: Execute Disable and You (and x64)
Some early Intel models don't have it.
Re: Execute Disable and You (and x64)
I have had some experience with the execute disable bit, and uncovered a rather nasty fact.
First of all, you can check if the CPU supports the execute disable bit through CPUID/EAX=80000001h, bit 20 of EDX. This is the same for Intel (called XD) and AMD (called NX). If this bit is set to 1 you can then safely set the execute disable/no execute enable bit (great names, huh?), which is bit 11 in the EFER MSR. Great, you can find this out easily enough reading the Intel/AMD specs.
The catch! I was testing my operating system with QEMU (emulating AMD64) and then with my Intel laptop (Core 2 Duo T7500). I tried setting the NX/XD enable bit in the EFER MSR, which worked fine in QEMU but crashed the laptop! Although the T7500 is known to have the XD bit feature (its a Merom type), sure enough bit 20 of EDX in the CPUID/EAX=800000001h was 0! How was this possible?
Well, apparently someone at Intel decided that having the ability to disable the execute disable enable bit capability through an Intel specific (IA-32) MSR was a great idea. When you set bit 34 of the 0x01A0 MSR on an Intel processor you clear the bit 20 of EDX for CPUID/EAX=800000001h, disabling your ability to enable the execute disable bit. The Intel specs clearly say that the default state of the bit is 0 and that a BIOS should NOT mess with it, which would make the system function normally. Why does the bit even exist then? It appears that the guys who wrote my laptop BIOS ignored Intel and set the bit anyway, causing me hours of strife, after which I of course set that damn bit back to 0 so that everything worked fine.
To summarize: No, never assume that the XD bit can be enabled, even when you know the processor has the capability. Although inserting vendor specific code to handle a series of dubious decisions by developers from different vendors is not that much fun, your alternative is a triple fault.
First of all, you can check if the CPU supports the execute disable bit through CPUID/EAX=80000001h, bit 20 of EDX. This is the same for Intel (called XD) and AMD (called NX). If this bit is set to 1 you can then safely set the execute disable/no execute enable bit (great names, huh?), which is bit 11 in the EFER MSR. Great, you can find this out easily enough reading the Intel/AMD specs.
The catch! I was testing my operating system with QEMU (emulating AMD64) and then with my Intel laptop (Core 2 Duo T7500). I tried setting the NX/XD enable bit in the EFER MSR, which worked fine in QEMU but crashed the laptop! Although the T7500 is known to have the XD bit feature (its a Merom type), sure enough bit 20 of EDX in the CPUID/EAX=800000001h was 0! How was this possible?
Well, apparently someone at Intel decided that having the ability to disable the execute disable enable bit capability through an Intel specific (IA-32) MSR was a great idea. When you set bit 34 of the 0x01A0 MSR on an Intel processor you clear the bit 20 of EDX for CPUID/EAX=800000001h, disabling your ability to enable the execute disable bit. The Intel specs clearly say that the default state of the bit is 0 and that a BIOS should NOT mess with it, which would make the system function normally. Why does the bit even exist then? It appears that the guys who wrote my laptop BIOS ignored Intel and set the bit anyway, causing me hours of strife, after which I of course set that damn bit back to 0 so that everything worked fine.
To summarize: No, never assume that the XD bit can be enabled, even when you know the processor has the capability. Although inserting vendor specific code to handle a series of dubious decisions by developers from different vendors is not that much fun, your alternative is a triple fault.
-
JohnnyTheDon
- Member
- Posts: 524
- Joined: Sun Nov 09, 2008 2:55 am
- Location: Pennsylvania, USA
Re: Execute Disable and You (and x64)
My BIOS has an option for disabling EXB, I guess thats how it does it. I have decided just to assume EXB capability because it streamlines my paging code and *almost* all 64-bit processors support it.
Re: Execute Disable and You (and x64)
Assuming is the biggest mistake you can do!
You should better emulate the behaviour.
Btw, how does Windows handle this emulation? The same way as OpenBSD?
You should better emulate the behaviour.
Btw, how does Windows handle this emulation? The same way as OpenBSD?