beautypg.com

2 execute-disable bit page protection – Intel IA-32 User Manual

Page 171

background image

Vol. 3A 4-41

PROTECTION

While the execute disable bit capability does not introduce new instructions, it does require
operating systems to use a PAE-enabled environment and establish a page-granular protection
policy for memory pages.

If the execute disable bit of a memory page is set, that page can be used only as data. An
attempt to execute code from a memory page with the execute-disable bit set causes a page-
fault exception.

The page sizes and physical address sizes supported by execute disable bit capability are shown
in Table 4-4. Existing page-level protection mechanisms (see Section 4.11, “Page-Level Protec-
tion”) con
tinue to apply to memory pages independent of the execute-disable bit setting.

4.13.1

Detecting and Enabling the Execute-Disable Bit Capability

Detect the presence of the execute disable bit capability using the CPUID instruction.
CPUID.80000001H. EDX[bit 20] = 1 indicates the bit is available.

If the bit is available and PAE is enabled, enable the execute disable bit capability by setting the
IA32_EFER.NXE[bit 11] = 1. IA32_EFER is available if CPUID.80000001H.EDX[bit 20 or
29] = 1.

If the execute disable bit capability is not available, a write to IA32_EFER.NXE produces a #GP
exception. See Table 4-5.

4.13.2

Execute-Disable Bit Page Protection

The execute-disable bit in paging structures enhances page protection for data pages. Memory
pages that contain data cannot be used to execute code if IA32_EFER.NXE =1 and the execute-
disable bit of the memory page is set. Table 4-6 lists the valid usage of a page in relation to the
value of execute-disable bit (bit 63) of the corresponding entry in each level of the paging struc-

Table 4-4. Page Sizes and Physical Address Sizes Supported by

Execute-Disable Bit Capability

PG Flag,

CR0

PAE Flag,

CR4

PS Flag,

PDE

CPUID Feature

Flag ECX[IA-32e]

Page Size

Physical Address Size

1

1

0

0

4 KBytes

Implementation specific

1

1

1

0

2 MBytes

Implementation specific

1

1

0

1

4 KBytes

40 Bits

1

1

1

1

2 MBytes

40 Bits

Table 4-5. Extended Feature Enable MSR (IA32_EFER)

63:12

11

10

9

8

7:1

0

Reserved

Execute-
disable bit
enable (NXE)

IA-32e mode
active (LMA)

Reserved

IA-32e mode
enable (LME)

Reserved

SysCall enable
(SCE)