Adds the common tools include folder to the -I compile flags
of libfsimage. This allows us to use:
xen-tools/common-macros.h:BUILD_BUG_ON()
With it, statically assert a sanitized "blocklog - SECTOR_BITS" cannot
underflow.
This is part of XSA-443 / CVE-2023-34325
Signed-off-by: Alejandro Vallejo <alejandro.vallejo@cloud.com>
Reviewed-by: Jan Beulich <jbeulich@suse.com>
include $(XEN_ROOT)/tools/Rules.mk
FSDIR := $(libdir)/xenfsimage
-CFLAGS += -Wno-unknown-pragmas -I$(XEN_ROOT)/tools/libfsimage/common/ -DFSIMAGE_FSDIR=\"$(FSDIR)\"
+CFLAGS += -Wno-unknown-pragmas -I$(XEN_ROOT)/tools/libfsimage/common/ $(CFLAGS_xeninclude) -DFSIMAGE_FSDIR=\"$(FSDIR)\"
CFLAGS += -D_GNU_SOURCE
LDFLAGS += -L../common/
#include <stddef.h>
#include <stdbool.h>
#include <xenfsimage_grub.h>
+#include <xen-tools/common-macros.h>
#include "xfs.h"
#define MAX_LINK_COUNT 8
xfs.agblklog = super.sb_agblklog;
/* Derived from sanitized parameters */
+ BUILD_BUG_ON(XFS_SB_BLOCKLOG_MIN < SECTOR_BITS);
+ xfs.bdlog = super.sb_blocklog - SECTOR_BITS;
xfs.bsize = 1 << super.sb_blocklog;
xfs.blklog = super.sb_blocklog;
- xfs.bdlog = super.sb_blocklog - SECTOR_BITS;
xfs.isize = 1 << super.sb_inodelog;
xfs.dirbsize = 1 << (super.sb_blocklog + super.sb_dirblklog);
xfs.inopblog = super.sb_blocklog - super.sb_inodelog;
projects / xen.git / commitdiff