x86_32: don't allow use of nested HVM

There are (indirect) uses of map_domain_page() in the nested HVM code
that are unsafe when not just using the 1:1 mapping.

This is XSA-34 / CVE-2013-0151.

Signed-off-by: Jan Beulich <jbeulich@suse.com>

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index 7311fdc9827ad69d73c6d5585ece73c2664a5197..adbe0793908af22c0cdebecad4eb2d08034b74c3 100644 (file)
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3862,6 +3862,10 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE(void) arg)
                     rc = -EINVAL;
                 break;
             case HVM_PARAM_NESTEDHVM:
+#ifdef __i386__
+                if ( a.value )
+                    rc = -EINVAL;
+#else
                 if ( a.value > 1 )
                     rc = -EINVAL;
                 if ( !is_hvm_domain(d) )
@@ -3876,6 +3880,7 @@ long do_hvm_op(unsigned long op, XEN_GUEST_HANDLE(void) arg)
                     for_each_vcpu(d, v)
                         if ( rc == 0 )
                             rc = nestedhvm_vcpu_initialise(v);
+#endif
                 break;
             case HVM_PARAM_BUFIOREQ_EVTCHN:
                 rc = -EINVAL;