2 execute-disable bit page protection – Intel IA-32 User Manual
Page 171
Vol. 3A 4-41
PROTECTION
While the execute disable bit capability does not introduce new instructions, it does require
operating systems to use a PAE-enabled environment and establish a page-granular protection
policy for memory pages.
If the execute disable bit of a memory page is set, that page can be used only as data. An
attempt to execute code from a memory page with the execute-disable bit set causes a page-
fault exception.
The page sizes and physical address sizes supported by execute disable bit capability are shown
in Table 4-4. Existing page-level protection mechanisms (see Section 4.11, “Page-Level Protec-
tion”) continue to apply to memory pages independent of the execute-disable bit setting.
4.13.1
Detecting and Enabling the Execute-Disable Bit Capability
Detect the presence of the execute disable bit capability using the CPUID instruction.
CPUID.80000001H. EDX[bit 20] = 1 indicates the bit is available.
If the bit is available and PAE is enabled, enable the execute disable bit capability by setting the
IA32_EFER.NXE[bit 11] = 1. IA32_EFER is available if CPUID.80000001H.EDX[bit 20 or
29] = 1.
If the execute disable bit capability is not available, a write to IA32_EFER.NXE produces a #GP
exception. See Table 4-5.
4.13.2
Execute-Disable Bit Page Protection
The execute-disable bit in paging structures enhances page protection for data pages. Memory
pages that contain data cannot be used to execute code if IA32_EFER.NXE =1 and the execute-
disable bit of the memory page is set. Table 4-6 lists the valid usage of a page in relation to the
value of execute-disable bit (bit 63) of the corresponding entry in each level of the paging struc-
Table 4-4. Page Sizes and Physical Address Sizes Supported by
Execute-Disable Bit Capability
PG Flag,
CR0
PAE Flag,
CR4
PS Flag,
PDE
CPUID Feature
Flag ECX[IA-32e]
Page Size
Physical Address Size
1
1
0
0
4 KBytes
Implementation specific
1
1
1
0
2 MBytes
Implementation specific
1
1
0
1
4 KBytes
40 Bits
1
1
1
1
2 MBytes
40 Bits
Table 4-5. Extended Feature Enable MSR (IA32_EFER)
63:12
11
10
9
8
7:1
0
Reserved
Execute-
disable bit
enable (NXE)
IA-32e mode
active (LMA)
Reserved
IA-32e mode
enable (LME)
Reserved
SysCall enable
(SCE)