From mboxrd@z Thu Jan  1 00:00:00 1970
From: Andy Smith <andy@strugglers.net>
Subject: Re: Xen Security Advisory 7 (CVE-2012-0217) - PV
 privilege escalation
Date: Tue, 12 Jun 2012 12:15:10 +0000
Message-ID: <20120612121510.GQ11695@bitfolk.com>
References: <20439.12248.291249.667993@mariner.uk.xensource.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Return-path: <xen-devel-bounces@lists.xen.org>
Content-Disposition: inline
In-Reply-To: <20439.12248.291249.667993@mariner.uk.xensource.com>
List-Unsubscribe: <http://lists.xen.org/cgi-bin/mailman/options/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=unsubscribe>
List-Post: <mailto:xen-devel@lists.xen.org>
List-Help: <mailto:xen-devel-request@lists.xen.org?subject=help>
List-Subscribe: <http://lists.xen.org/cgi-bin/mailman/listinfo/xen-devel>,
	<mailto:xen-devel-request@lists.xen.org?subject=subscribe>
Sender: xen-devel-bounces@lists.xen.org
Errors-To: xen-devel-bounces@lists.xen.org
To: xen-devel@lists.xen.org
List-Id: xen-devel@lists.xenproject.org

Hello,

A quick question with regard to XSA-7:

On Tue, Jun 12, 2012 at 01:02:32PM +0100, Xen.org security team wrote:
> MITIGATION
> ==========
> 
> This issue can be mitigated by running HVM (fully-virtualised)
> or 32 bit PV guests only.

Assuming 64-bit hypervisor and dom0, with PV guests booted using
pygrub, is there any way to restrict guests to 32-bit only?

Cheers,
Andy