]> Projects (at) Tadryanom (dot) Me - AdrOS.git/commit
projects / AdrOS.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: b38533a) | patch
kernel: implement NX (No-Execute) support via IA32_EFER.NXE
authorTulio A M Mendes <[email protected]>
Mon, 25 May 2026 19:57:13 +0000 (16:57 -0300)
committerTulio A M Mendes <[email protected]>
Mon, 25 May 2026 19:57:13 +0000 (16:57 -0300)
commit5d72805d2fc354ff07910f20d8c46b9e10b7a84e
tree9e006cd0b26ca67e53549da45f1d777dfa169659tree | snapshot
parentb38533a8c3f21545c17cb405765424ce5562d8c9commit | diff
kernel: implement NX (No-Execute) support via IA32_EFER.NXE

Fix A01 (W^X/NX) which was deferred due to IA32_EFER.NXE MSR instability.
Root cause: NX bit was being set in PTEs without NXE enabled, causing
undefined behavior and kernel panic.

Changes:
- boot.S: Check CPUID.0x80000001:EDX bit 20 for NX support before enabling
- boot.S: Enable IA32_EFER.NXE (MSR 0xC0000080, bit 11) if NX supported
- vmm.c: Add g_nxe_enabled flag and check_nxe_enabled() function
- vmm.c: Conditionalize X86_PTE_NX usage based on g_nxe_enabled
- vmm.c: Print NX status in vmm_init()
- Makefile: Add -cpu qemu32,+nx to expose NX support in QEMU
- smoke_test.exp: Add -cpu qemu32,+nx for testing

Behavior:
- With NX support: NXE enabled, VMM uses NX bit for non-executable pages
- Without NX support: NXE not enabled, VMM ignores VMM_FLAG_NX
- W^X now works correctly for ELF loading, mmap/mprotect, etc.

Test: 119/119 PASS (SMP=4)
Makefile diff | blob | blame | history
src/arch/x86/boot.S diff | blob | blame | history
src/arch/x86/vmm.c diff | blob | blame | history
tests/smoke_test.exp diff | blob | blame | history
AdrOS - A Unix-like Operating System for hobby/academic study.