Hi
Here are some news about this issue :
I have found the faulty commit : 8e029fcdd8702719c9179317cae9ef84ebe7027e, on branch 'x86-trampoline-for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
The problem is that with this change, the NX flag is being activated. In my case, it appears that my 2 CPUs are slightly different :
Code: Select all
processor : 0
vendor_id : GenuineIntel
cpu family : 15
model : 4
model name : Intel(R) Xeon(TM) CPU 3.40GHz
stepping : 1
microcode : 0x5
cpu MHz : 2800.000
cache size : 1024 KB
physical id : 0
siblings : 2
core id : 0
cpu cores : 1
apicid : 0
initial apicid : 0
fpu : yes
fpu_exception : yes
cpuid level : 5
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall nx lm constant_tsc pebs bts nopl pni dtes64 monitor ds_cpl est cid cx16 xtpr
bogomips : 6800.52
clflush size : 64
cache_alignment : 128
address sizes : 36 bits physical, 48 bits virtual
power management:
processor : 1
vendor_id : GenuineIntel
cpu family : 15
model : 3
model name : Intel(R) Xeon(TM) CPU 3.40GHz
stepping : 4
microcode : 0xe
cpu MHz : 2800.000
cache size : 1024 KB
physical id : 3
siblings : 2
core id : 0
cpu cores : 1
apicid : 6
initial apicid : 6
fpu : yes
fpu_exception : yes
cpuid level : 5
wp : yes
flags : fpu vme de pse tsc msr pae mce cx8 apic sep mtrr pge mca cmov pat pse36 clflush dts acpi mmx fxsr sse sse2 ss ht tm pbe syscall lm constant_tsc pebs bts nopl pni dtes64 monitor ds_cpl est tm2 cid xtpr
bogomips : 6800.71
clflush size : 64
cache_alignment : 128
address sizes : 36 bits physical, 48 bits virtual
power management:
and while the first one supports the NX flag, the second does not... Seems that I got those CPUs just when Intel started to support the NX flag, and unfortunately, I have 2 different revisions.
I tried to rebuild a kernel without setting this flag, and it works fine. However, it is probably not great for security, as NX is all about malicious softwares...
Another workaround I found is to start with nosmp. In that case, I only use the first cpu, which supports NX, but I loose all the benefit of my dual cpu. Maybe physically switching my 2 CPU would also help, as the CPU 0 would then be the one not supporting NX... I did not had a look where the CPU flags are tested in the code.
I filled a bug report here :
https://bugzilla.kernel.org/show_bug.cgi?id=207919