[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH] x86/efi: Remove NX check from efi-boot.h
- To: Julian Vetter <julian.vetter@xxxxxxxxxx>, xen-devel@xxxxxxxxxxxxxxxxxxxx
- From: Andrew Cooper <andrew.cooper3@xxxxxxxxxx>
- Date: Thu, 27 Nov 2025 15:20:31 +0000
- Arc-authentication-results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=citrix.com; dmarc=pass action=none header.from=citrix.com; dkim=pass header.d=citrix.com; arc=none
- Arc-message-signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=ktYr8Eeeo4+2LU7GQU9mI9cwA34liA6BGKyXsUgbKao=; b=PAbIZ9tkNqZMDIVxadP8OT5DGr+O+i/3/fXvqFAq8x7edEu4HPnsZWGo0nAG7r0UfVmQMyjHvvPj5ljdlUIoKj1rLAUeIilZfbfv/VevyNUfngYKwjVFSzTdlplenb/zSsjx21MpEy1j1GZteEQf3NrGTxU3BFqr2WNl+42x6T9TcxgjJ4/v1Uu7ARXXULe/36kxutErt6SWgvTqeCjtvEU+4ywQRVrlFbiwcapJZM6OebiYLD8v2pefXvEGRO8f1Woum4H6vlyl9Gj5uaVN5SYH+XjkUkPus/bhj/VfgXQjH4eOsyZlavDQ7VptWPmE1Qv5R9pAenCpryzuV+AD3g==
- Arc-seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=F2Ir1G/4j2bdasQcsVjtlkM13g+WtIej6267FPF2rQxfrsE2s7SVoeb9IOyBZOmw4k5LUdO1FcYJ3nq3RnT0nOMwzLD6V5qp7AXmjbcXRt1IrVSaJ2z0RoEcYm6zFq7My2q+jxw/ItMMfzX/UPSjHU38Ht9WoQ9XxEjawHjVhdMEhmW6V9Winijsuv5S8m74Dtm1effJeywVFf8pWVO9dRG0TUn7sPKFx2VFR7B9Kt0k5vUAZ1X2NCDdjzgx8/cMkMKcNzddgwSfA8TMSMVa7vTIBhiLLloS82F10yzYHy/SZ0spU3knHkZaXXOy1t/Ps8FoTKEU4NqI2oHwP5Yw0Q==
- Authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=citrix.com;
- Cc: andrew.cooper3@xxxxxxxxxx, Jan Beulich <jbeulich@xxxxxxxx>, Roger Pau Monné <roger.pau@xxxxxxxxxx>, "Daniel P . Smith" <dpsmith@xxxxxxxxxxxxxxxxxxxx>, Marek Marczykowski-Górecki <marmarek@xxxxxxxxxxxxxxxxxxxxxx>, Teddy Astie <teddy.astie@xxxxxxxxxx>
- Delivery-date: Thu, 27 Nov 2025 15:20:53 +0000
- List-id: Xen developer discussion <xen-devel.lists.xenproject.org>
On 27/11/2025 2:31 pm, Julian Vetter wrote:
> Currently Intel CPUs in EFI mode with the "Execute Disable Bit" disabled
> and the 'CONFIG_REQUIRE_NX=y' fail to boot, because this check is
> performed before trampoline_setup is called, which determines if NX is
> supported or if it's hidden by 'MSR_IA32_MISC_ENABLE[34] = 1' (if so,
> re-enables NX).
>
> Signed-off-by: Julian Vetter <julian.vetter@xxxxxxxxxx>
Lovely... This isn't the only bug; there's another one from the Vates
forums about AMD CPUs which I haven't gotten around to fixing yet.
Do you have any more information about which system looks like this?
trampoline_setup isn't executed on all EFI boots. I had a different fix
in mind, but it's a little more complicated.
If I do the key prep patch, would you mind trying to tackle the AMD side
too?
~Andrew
|
