Make HVM=y release build behavior prone against array overrun, by
(ab)using array_access_nospec(). This is in particular to guard against
e.g. SH_type_unused making it here unintentionally.
Signed-off-by: Jan Beulich <jbeul...@suse.com>
---
v2: New.
--- a/xen/arch/x86/mm/shadow/private.h
+++ b/xen/arch/x86/mm/shadow/private.h
@@ -27,6 +27,7 @@
// been included...
#include <asm/page.h>
#include <xen/domain_page.h>
+#include <xen/nospec.h>
#include <asm/x86_emulate.h>
#include <asm/hvm/support.h>
#include <asm/atomic.h>
@@ -368,7 +369,7 @@ shadow_size(unsigned int shadow_type)
{
#ifdef CONFIG_HVM
ASSERT(shadow_type < ARRAY_SIZE(sh_type_to_size));
- return sh_type_to_size[shadow_type];
+ return array_access_nospec(sh_type_to_size, shadow_type);
#else
ASSERT(shadow_type < SH_type_unused);
return shadow_type != SH_type_none;
