On 13/05/2021 13:22, Olaf Hering wrote: > Am Thu, 13 May 2021 13:11:10 +0100 > schrieb Andrew Cooper <andrew.coop...@citrix.com>: > >> If I'm counting bits correctly, that is Xen rejecting the use of the NX >> bit, which is suspicious. Do you have the full Xen boot log on this >> box? I wonder if we've some problem clobbing the XD-disable bit. > > Yes, it was attached. > Is there any other Xen cmdline knob to enable more debug?
Urgh sorry - I've not had enough coffee yet today. Warning: NX (Execute Disable) protection not active And this is an AMD box not an Intel box, so no XD-disable nonsense (that I'm aware of). So, the two options are: 1) This box legitimately doesn't have NX, and the dom0 kernel is buggy for trying to use it. 2) This box does actually have NX, Xen has failed to turn it on, and dom0 (through non CPUID means) thinks that NX is usable. Can we first establish whether this box really does, or does not, have NX ? ~Andrew