From: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Date: Wed, 9 Sep 2015 15:08:56 +0000 (+0200)
Subject: x86/pvh: do not allow 32-bit PVH guests to clear CR4's PAE bit
X-Git-Tag: archive/raspbian/4.8.0-1+rpi1~1^2~2569
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=476cf36ac0de41bd5070f902c430d5ce90c7f590;p=xen.git

x86/pvh: do not allow 32-bit PVH guests to clear CR4's PAE bit

.. since we only support 32-bit PV(H) guests in PAE mode.

Signed-off-by: Boris Ostrovsky <boris.ostrovsky@oracle.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
---

diff --git a/xen/arch/x86/hvm/hvm.c b/xen/arch/x86/hvm/hvm.c
index a38c302aa7..c6d2e59169 100644
--- a/xen/arch/x86/hvm/hvm.c
+++ b/xen/arch/x86/hvm/hvm.c
@@ -3522,11 +3522,19 @@ int hvm_set_cr4(unsigned long value, bool_t may_defer)
         goto gpf;
     }
 
-    if ( !(value & X86_CR4_PAE) && hvm_long_mode_enabled(v) )
+    if ( !(value & X86_CR4_PAE) )
     {
-        HVM_DBG_LOG(DBG_LEVEL_1, "Guest cleared CR4.PAE while "
-                    "EFER.LMA is set");
-        goto gpf;
+        if ( hvm_long_mode_enabled(v) )
+        {
+            HVM_DBG_LOG(DBG_LEVEL_1, "Guest cleared CR4.PAE while "
+                        "EFER.LMA is set");
+            goto gpf;
+        }
+        if ( is_pvh_vcpu(v) )
+        {
+            HVM_DBG_LOG(DBG_LEVEL_1, "32-bit PVH guest cleared CR4.PAE");
+            goto gpf;
+        }
     }
 
     old_cr = v->arch.hvm_vcpu.guest_cr[4];