From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ml01.01.org (Postfix) with ESMTPS id 47F2981E45 for ; Thu, 10 Nov 2016 08:22:21 -0800 (PST) Received: from int-mx09.intmail.prod.int.phx2.redhat.com (int-mx09.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 6AFA098C26; Thu, 10 Nov 2016 16:22:24 +0000 (UTC) Received: from lacos-laptop-7.usersys.redhat.com (ovpn-116-106.phx2.redhat.com [10.3.116.106]) by int-mx09.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id uAAGMMtY024249; Thu, 10 Nov 2016 11:22:22 -0500 To: Paolo Bonzini , "Yao, Jiewen" References: <1478251854-14660-1-git-send-email-jiewen.yao@intel.com> <08406bf5-4377-63a1-8dd9-34479c015d4b@redhat.com> <74D8A39837DF1E4DA445A8C0B3885C50386C0CB8@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C50386CE375@shsmsx102.ccr.corp.intel.com> <74D8A39837DF1E4DA445A8C0B3885C50386CE6AA@shsmsx102.ccr.corp.intel.com> <2492b3b2-1eb7-2563-642f-9a888d9e7fbd@redhat.com> Cc: "Tian, Feng" , "edk2-devel@ml01.01.org" , "Kinney, Michael D" , "Fan, Jeff" , "Zeng, Star" From: Laszlo Ersek Message-ID: <305270ae-51ee-07ba-fb6b-1d66cc5ba8fc@redhat.com> Date: Thu, 10 Nov 2016 17:22:21 +0100 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: <2492b3b2-1eb7-2563-642f-9a888d9e7fbd@redhat.com> X-Scanned-By: MIMEDefang 2.68 on 10.5.11.22 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.28]); Thu, 10 Nov 2016 16:22:24 +0000 (UTC) Subject: Re: [PATCH V2 0/6] Enable SMM page level protection. X-BeenThere: edk2-devel@lists.01.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: EDK II Development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 10 Nov 2016 16:22:21 -0000 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit On 11/10/16 15:53, Paolo Bonzini wrote: > > > On 10/11/2016 15:48, Yao, Jiewen wrote: >> I cannot reproduce it before, because all my real hardware supports XD. >> My Windows QEMU also supports XD (to my surprise.) > > QEMU can be configured to support XD or not. Possibly Laszlo was using > some different default, or testing both cases. When QEMU emulates an Ia32 (32-bit) target, the SMM state save area has no room for capturing the fact whether NX is set or clear. This is an issue that dates back to the inception of OVMF's SMM support. The explanation was given by Paolo, actually :) https://www.mail-archive.com/edk2-devel@lists.01.org/msg00970.html We adjusted the OvmfPkg/README file accordingly: > * QEMU binary and options specific to 32-bit guests: > > $ qemu-system-i386 -cpu coreduo,-nx \ > > or > > $ qemu-system-x86_64 -cpu ,-lm,-nx \ > Note the "-nx" bit. And, in my recent KVM / QEMU usage instructions for Jiewen: https://www.mail-archive.com/edk2-devel@lists.01.org/msg19446.html I provided the following settings: > # Settings for Ia32 only: > [...] > QEMU_COMMAND="qemu-system-i386 -cpu coreduo,-nx" > > # Settings for Ia32X64 only: > [...] > QEMU_COMMAND=qemu-system-x86_64 I guess the "-nx" bit can be left off with TCG, but AFAIR it is required for KVM. Thanks! Laszlo