diff --git a/qemu/include/exec/memattrs.h b/qemu/include/exec/memattrs.h
index 1389b4b0..06fc4e64 100644
--- a/qemu/include/exec/memattrs.h
+++ b/qemu/include/exec/memattrs.h
@@ -29,7 +29,9 @@ typedef struct MemTxAttrs {
      * "didn't specify" if necessary.
      */
     unsigned int unspecified:1;
-    /* ARM/AMBA TrustZone Secure access */
+    /* ARM/AMBA TrustZone Secure access
+     * x86: System Management Mode access
+     */
     unsigned int secure:1;
     /* Memory access is usermode (unprivileged) */
     unsigned int user:1;
diff --git a/qemu/target-i386/cpu.h b/qemu/target-i386/cpu.h
index 15b9869d..f82dcb80 100644
--- a/qemu/target-i386/cpu.h
+++ b/qemu/target-i386/cpu.h
@@ -1284,6 +1284,13 @@ static inline void cpu_load_efer(CPUX86State *env, uint64_t val)
     }
 }
 
+static inline MemTxAttrs cpu_get_mem_attrs(CPUX86State *env)
+{
+    MemTxAttrs attrs = {0};
+    attrs.secure = (env->hflags & HF_SMM_MASK) != 0;
+    return attrs;
+}
+
 /* fpu_helper.c */
 void cpu_set_mxcsr(CPUX86State *env, uint32_t val);
 void cpu_set_fpuc(CPUX86State *env, uint16_t val);
diff --git a/qemu/target-i386/helper.c b/qemu/target-i386/helper.c
index 5041de37..add89c27 100644
--- a/qemu/target-i386/helper.c
+++ b/qemu/target-i386/helper.c
@@ -783,7 +783,8 @@ do_check_protect_pse36:
     paddr = vaddr;
     //printf(">>> map address %"PRIx64" to %"PRIx64"\n", vaddr, paddr);
 
-    tlb_set_page(cs, vaddr, paddr, prot, mmu_idx, page_size);
+    tlb_set_page_with_attrs(cs, vaddr, paddr, cpu_get_mem_attrs(env),
+                            prot, mmu_idx, page_size);
     return 0;
  do_fault_rsvd:
     error_code |= PG_ERROR_RSVD_MASK;