Hide or expose NX/XD bit

AMD NX (No Execute) and Intel XD (Execute Disable) are technologies used in CPUs to mark certain areas of memory as non-executable, in order to prevent malicious software exploits and buffer overflow attacks. These technologies are turned on (exposed) by default for all guest operating systems that support them.

In order to increase the vMotion compatibility between hosts, you can mask (hide) the NX/XD bit. For example, if you have two otherwise compatible hosts with the NX/XD bit mismatch, you can mask the NX/XD bit from the VM. Masking this bit tells the VM that there’s no NX/XD bit present. If the VM doesn’t know there’s an NX or XD bit on one of the hosts, it won’t care if the target host has or doesn’t have that bit if you migrate that VM using vMotion.

You can change the NX/XD setting using vSphere Web Client:

1. Select the VM from the inventory and select the Edit Settings option:

vm edit settings

2. On the Virtual Hardware tab, expand the CPU tab. The NX/XD bit settings are specified under the CPUID Mask option:

nx xd bit settings


VMware ESXi course

Geek University 2022