File _service:tar_git:0010-Allow-whitelisting-filesystems-that-can-be-mounted.patch of Package udisks2

From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
From: Raine Makelainen <raine.makelainen@jolla.com>
Date: Fri, 15 Feb 2019 15:15:48 +0200
Subject: [PATCH] Allow whitelisting filesystems that can be mounted

If whitelist is empty when 'well-know', '/proc/filesystems/', and
'/etc/filesystems' are used like before.

Signed-off-by: Raine Makelainen <raine.makelainen@jolla.com>
---
 configure.ac                |  5 +++
 src/Makefile.am             |  3 ++
 src/udiskslinuxfilesystem.c | 65 +++++++++++++++++++++++++++++++++++--
 3 files changed, 71 insertions(+), 2 deletions(-)

diff --git a/configure.ac b/configure.ac
index 6e09a1c0..a9156d7e 100644
--- a/configure.ac
+++ b/configure.ac
@@ -183,6 +183,11 @@ if test "x$enable_daemon" = "xyes"; then
       ])
       ])])
 
+
+  PKG_CHECK_MODULES(DCONF, [dconf >= 0.28.0])
+  AC_SUBST(DCONF_CFLAGS)
+  AC_SUBST(DCONF_LIBS)
+
   PKG_CHECK_MODULES(LIBMOUNT, [mount >= 2.18])
   AC_SUBST(LIBMOUNT_CFLAGS)
   AC_SUBST(LIBMOUNT_LIBS)
diff --git a/src/Makefile.am b/src/Makefile.am
index 1aed534a..eb7d912b 100644
--- a/src/Makefile.am
+++ b/src/Makefile.am
@@ -27,6 +27,7 @@ CPPFLAGS =                                                                     \
 	$(GIO_CFLAGS)                                                          \
 	$(GMODULE_CFLAGS)                                                      \
 	$(BLOCKDEV_CFLAGS)                                                     \
+	$(DCONF_CFLAGS)                                                        \
 	$(WARN_CFLAGS)                                                         \
 	$(NULL)
 
@@ -151,6 +152,7 @@ libudisks_daemon_la_LIBADD =                                                   \
 	$(LIBELOGIND_LIBS)                                                     \
 	$(PART_LDFLAGS)                                                        \
 	$(SWAP_LIBS)                                                           \
+	$(DCONF_LIBS)                                                          \
 	$(top_builddir)/udisks/libudisks2.la                                   \
 	$(NULL)
 
@@ -172,6 +174,7 @@ udisksd_LDADD =                                                                \
 	$(GIO_LIBS)                                                            \
 	$(GMODULE_LIBS)                                                        \
 	$(BLOCKDEV_LIBS)                                                       \
+	$(DCONF_LIBS)                                                          \
 	libudisks-daemon.la                                                    \
 	$(NULL)
 
diff --git a/src/udiskslinuxfilesystem.c b/src/udiskslinuxfilesystem.c
index 64057c72..833f9b1c 100644
--- a/src/udiskslinuxfilesystem.c
+++ b/src/udiskslinuxfilesystem.c
@@ -41,6 +41,8 @@
 
 #include <glib/gstdio.h>
 
+#include <dconf.h>
+
 #include "udiskslogging.h"
 #include "udiskslinuxfilesystem.h"
 #include "udiskslinuxfilesystemhelpers.h"
@@ -369,15 +371,61 @@ is_well_known_filesystem (const gchar *fstype)
   return ret;
 }
 
+static gboolean read_whitelist = FALSE;
+static gsize num_whitelite_fs = 0;
+static gchar **whitelisted_filesystems = NULL;
+
+static void
+build_filesystem_whitelist (void)
+{
+  if (!read_whitelist)
+    {
+      DConfClient *client = dconf_client_new();
+      GVariant *value = dconf_client_read(client, "/org/freedesktop/udisks2/filesystem/whitelist");
+      if (value)
+        {
+          const GVariantType *type = g_variant_get_type(value);
+          if (g_variant_type_equal(type, G_VARIANT_TYPE_STRING_ARRAY))
+            {
+              whitelisted_filesystems = g_variant_dup_strv(value, &num_whitelite_fs);
+            }
+          g_variant_unref(value);
+        }
+
+      if (client)
+        {
+          g_object_unref(client);
+        }
+      read_whitelist = TRUE;
+    }
+};
+
 /* this is not a very efficient implementation but it's very rarely
  * called so no real point in optimizing it...
  */
 static gboolean
 is_allowed_filesystem (const gchar *fstype)
 {
-  return is_well_known_filesystem (fstype) ||
+  gboolean allowed = FALSE;
+  gsize i = 0;
+
+  // Builds fs whitelist only once.
+  build_filesystem_whitelist();
+
+  allowed = (num_whitelite_fs == 0);
+
+  for (i = 0; i < num_whitelite_fs; ++i)
+    {
+      if (g_strcmp0 (whitelisted_filesystems[i], fstype) == 0)
+        {
+          allowed = TRUE;
+          break;
+        }
+    }
+
+  return allowed && (is_well_known_filesystem (fstype) ||
     is_in_filesystem_file ("/proc/filesystems", fstype) ||
-    is_in_filesystem_file ("/etc/filesystems", fstype);
+    is_in_filesystem_file ("/etc/filesystems", fstype));
 }
 
 /* ---------------------------------------------------------------------------------------------------- */
@@ -456,6 +504,19 @@ calculate_fs_type (UDisksBlock  *block,
  out:
   g_assert (fs_type_to_use == NULL || g_utf8_validate (fs_type_to_use, -1, NULL));
 
+  // If we have whitelist in use test that fs_type_to_use is part of allowed types.
+  if ((*error == NULL) && !is_allowed_filesystem (fs_type_to_use))
+    {
+      g_set_error (error,
+                   UDISKS_ERROR,
+                   UDISKS_ERROR_OPTION_NOT_PERMITTED,
+                   "Requested filesystem type `%s' is neither well-known nor "
+                   "in /proc/filesystems nor in /etc/filesystems",
+                   fs_type_to_use);
+      g_free(fs_type_to_use);
+      fs_type_to_use = NULL;
+    }
+
   return fs_type_to_use;
 }
 
-- 
2.33.1