From 7aa1eeccf7563f0a11ba7ee2ba93d9e1b734c830 Mon Sep 17 00:00:00 2001
From: Funda Wang <fundawang@yeah.net>
Date: Mon, 23 Jun 2025 10:34:21 +0800
Subject: [PATCH] Harden temporary private mounts (CVE-2025-6019)

---
 ...slinuxfilesystemhelpers_nodev,nosuid.patch | 43 +++++++++++++++++++
 udisks2.spec                                  | 40 ++++++++---------
 2 files changed, 62 insertions(+), 21 deletions(-)
 create mode 100644 0004-udiskslinuxfilesystemhelpers_nodev,nosuid.patch

diff --git a/0004-udiskslinuxfilesystemhelpers_nodev,nosuid.patch b/0004-udiskslinuxfilesystemhelpers_nodev,nosuid.patch
new file mode 100644
index 0000000..d6b0f9a
--- /dev/null
+++ b/0004-udiskslinuxfilesystemhelpers_nodev,nosuid.patch
@@ -0,0 +1,43 @@
+From 5e7277debea926370e587408517560afe87d28c9 Mon Sep 17 00:00:00 2001
+From: Tomas Bzatek <tbzatek@redhat.com>
+Date: Wed, 4 Jun 2025 15:26:46 +0200
+Subject: [PATCH] udiskslinuxfilesystemhelpers: Mount private mounts with
+ 'nodev,nosuid'
+
+The private mount done in take_filesystem_ownership() should always
+default to 'nodev,nosuid' for security and 'errors=remount-ro' for
+selected filesystem types to handle an corrupted filesystem. This is
+consistent with mount options calculation for regular mounts.
+---
+ src/udiskslinuxfilesystemhelpers.c | 10 +++++++++-
+ 1 file changed, 9 insertions(+), 1 deletion(-)
+
+diff --git a/src/udiskslinuxfilesystemhelpers.c b/src/udiskslinuxfilesystemhelpers.c
+index 7c5fc037c4..9eb7742c77 100644
+--- a/src/udiskslinuxfilesystemhelpers.c
++++ b/src/udiskslinuxfilesystemhelpers.c
+@@ -123,6 +123,7 @@ take_filesystem_ownership (const gchar  *device,
+ 
+ {
+   gchar *mountpoint = NULL;
++  const gchar *mount_opts;
+   GError *local_error = NULL;
+   gboolean unmount = FALSE;
+   gboolean success = TRUE;
+@@ -151,8 +152,15 @@ take_filesystem_ownership (const gchar  *device,
+               goto out;
+             }
+ 
++          mount_opts = "nodev,nosuid";
++          if (g_strcmp0 (fstype, "ext2") == 0 ||
++              g_strcmp0 (fstype, "ext3") == 0 ||
++              g_strcmp0 (fstype, "ext4") == 0 ||
++              g_strcmp0 (fstype, "jfs") == 0)
++            mount_opts = "nodev,nosuid,errors=remount-ro";
++
+           /* TODO: mount to a private mount namespace */
+-          if (!bd_fs_mount (device, mountpoint, fstype, NULL, NULL, &local_error))
++          if (!bd_fs_mount (device, mountpoint, fstype, mount_opts, NULL, &local_error))
+             {
+               g_set_error (error, UDISKS_ERROR, UDISKS_ERROR_FAILED,
+                            "Cannot mount %s at %s: %s",
diff --git a/udisks2.spec b/udisks2.spec
index bbf469c..1aba69e 100644
--- a/udisks2.spec
+++ b/udisks2.spec
@@ -10,7 +10,6 @@
 %define with_btrfs                      1
 %define with_lsm                        1
 
-%define is_fedora                       (0%{?rhel} == 0) && (0%{?openeuler} == 0)
 %define is_git                          %(git show > /dev/null 2>&1 && echo 1 || echo 0)
 %define git_hash                        %(git log -1 --pretty=format:"%h" || true)
 %define build_date                      %(date '+%Y%m%d')
@@ -19,8 +18,8 @@
 Name:    udisks2
 Summary: Disk Manager
 Version: 2.10.1
-Release: 4
-License: GPL-2.0+ and LGPL-2.0+
+Release: 5
+License: GPL-2.0-or-later
 Group:   System Environment/Libraries
 URL:     https://github.com/storaged-project/udisks
 Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2
@@ -28,6 +27,7 @@ Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{v
 Patch0001: 0001-mdraid-Expose-consistency_policy-sysfs-value.patch
 Patch0002: 0002-udiskslinuxmanager-use-dbus-interface-after-free.patch
 Patch0003: 0003-udiskslinuxblock-Fix-leaking-string.patch
+Patch0004: 0004-udiskslinuxfilesystemhelpers_nodev,nosuid.patch
 
 BuildRequires: make
 BuildRequires: glib2-devel >= %{glib2_version}
@@ -91,13 +91,11 @@ Requires: libmount
 Requires: polkit >= %{polkit_version}
 
 # For mkntfs (not available on rhel or on ppc/ppc64) and f2fs
-%if %{is_fedora}
 Recommends: f2fs-tools
 Recommends: nilfs-utils
 %ifnarch ppc ppc64
 Recommends: ntfsprogs
 %endif
-%endif
 Recommends: ntfs-3g
 
 # btrfs
@@ -107,6 +105,7 @@ Recommends: btrfs-progs
 
 Provides:  storaged = %{version}-%{release}
 Obsoletes: storaged < %{version}-%{release}
+%{?systemd_requires}
 
 %description
 The Udisks project provides a daemon, tools and libraries to access and
@@ -114,7 +113,7 @@ manipulate disks, storage devices and technologies.
 
 %package -n lib%{name}
 Summary: Dynamic library to access the udisksd daemon
-License: LGPLv2+
+License: LGPL-2.0-or-later
 Provides:  libstoraged = %{version}-%{release}
 Obsoletes: libstoraged < %{version}-%{release}
 
@@ -125,7 +124,7 @@ access to the udisksd daemon.
 %package -n %{name}-lvm2
 Summary: Module for LVM2
 Requires: %{name}%{?_isa} = %{version}-%{release}
-License: LGPLv2+
+License: LGPL-2.0-or-later
 Requires: lvm2
 Requires: libblockdev-lvm >= %{libblockdev_version}
 BuildRequires: libblockdev-lvm-devel >= %{libblockdev_version}
@@ -138,7 +137,7 @@ This package contains module for LVM2 configuration.
 %package -n lib%{name}-devel
 Summary: Development files for lib%{name}
 Requires: lib%{name}%{?_isa} = %{version}-%{release}
-License: LGPLv2+
+License: LGPL-2.0-or-later
 Provides:  libstoraged-devel = %{version}-%{release}
 Obsoletes: libstoraged-devel < %{version}-%{release}
 
@@ -150,7 +149,7 @@ a dynamic library, which provides access to the udisksd daemon.
 %package -n %{name}-btrfs
 Summary: Module for BTRFS
 Requires: %{name}%{?_isa} = %{version}-%{release}
-License: LGPLv2+
+License: LGPL-2.0-or-later
 Requires: libblockdev-btrfs >= %{libblockdev_version}
 BuildRequires: libblockdev-btrfs-devel >= %{libblockdev_version}
 Provides:  storaged-btrfs = %{version}-%{release}
@@ -164,7 +163,7 @@ This package contains module for BTRFS configuration.
 %package -n %{name}-lsm
 Summary: Module for LSM
 Requires: %{name}%{?_isa} = %{version}-%{release}
-License: LGPLv2+
+License: LGPL-2.0-or-later
 Requires: libstoragemgmt
 BuildRequires: libstoragemgmt-devel
 BuildRequires: libconfig-devel
@@ -186,6 +185,7 @@ sed -i data/builtin_mount_options.conf -e 's/ntfs_drivers=ntfs3,ntfs/ntfs_driver
 # autoreconf -ivf
 # modules need to be explicitly enabled
 %configure            \
+    --disable-static  \
 %if %{with_gtk_doc}
     --enable-gtk-doc  \
 %else
@@ -198,16 +198,15 @@ sed -i data/builtin_mount_options.conf -e 's/ntfs_drivers=ntfs3,ntfs/ntfs_driver
     --enable-lsm      \
 %endif
     --enable-lvm2
-make %{?_smp_mflags}
+%make_build
 
 %install
-make install DESTDIR=%{buildroot}
+%make_install
+%delete_la
 %if %{with_gtk_doc} == 0
 rm -fr %{buildroot}/%{_datadir}/gtk-doc/html/udisks2
 %endif
 
-find %{buildroot} -name \*.la -o -name \*.a | xargs rm
-
 chrpath --delete %{buildroot}/%{_sbindir}/umount.udisks2
 chrpath --delete %{buildroot}/%{_bindir}/udisksctl
 chrpath --delete %{buildroot}/%{_libexecdir}/udisks2/udisksd
@@ -217,7 +216,7 @@ chrpath --delete %{buildroot}/%{_libexecdir}/udisks2/udisksd
 %check
 make check
 
-%post -n %{name}
+%post
 %systemd_post udisks2.service
 # skip retriggering if udevd isn't even accessible, e.g. containers or
 # rpm-ostree-based systems
@@ -226,22 +225,18 @@ if [ -S /run/udev/control ]; then
     udevadm trigger
 fi
 
-%preun -n %{name}
+%preun
 %systemd_preun udisks2.service
 
-%postun -n %{name}
+%postun
 %systemd_postun_with_restart udisks2.service
 
-%ldconfig_scriptlets -n lib%{name}
-
 %files -f udisks2.lang
 %doc README.md AUTHORS NEWS HACKING
 %license COPYING
 
 %dir %{_sysconfdir}/udisks2
-%if %{is_fedora}
 %dir %{_sysconfdir}/udisks2/modules.conf.d
-%endif
 %{_sysconfdir}/udisks2/udisks2.conf
 %{_sysconfdir}/udisks2/mount_options.conf.example
 
@@ -318,6 +313,9 @@ fi
 
 
 %changelog
+* Sat Jun 21 2025 Funda Wang <fundawang@yeah.net> - 2.10.1-5
+- Harden temporary private mounts (CVE-2025-6019)
+
 * Tue Aug 13 2024 cenhuilin <cenhuilin@kylinos.cn> - 2.10.1-4
 - udiskslinuxblock: Fix leaking string
 
-- 
Gitee