diff options
-rw-r--r-- | Makefile | 7 | ||||
-rw-r--r-- | udev/bcachefs.rules | 13 |
2 files changed, 19 insertions, 1 deletions
@@ -59,7 +59,7 @@ CFLAGS+=$(call cc-disable-warning, zero-length-array) CFLAGS+=$(call cc-disable-warning, shift-overflow) CFLAGS+=$(call cc-disable-warning, enum-conversion) -PKGCONFIG_LIBS="blkid uuid liburcu libsodium zlib liblz4 libzstd libudev libkeyutils" +PKGCONFIG_LIBS="blkid uuid liburcu libsodium zlib liblz4 libzstd libudev libkeyutils udev" ifdef BCACHEFS_FUSE PKGCONFIG_LIBS+="fuse3 >= 3.7" CFLAGS+=-DBCACHEFS_FUSE @@ -73,6 +73,10 @@ PKGCONFIG_LDLIBS:=$(shell $(PKG_CONFIG) --libs $(PKGCONFIG_LIBS)) ifeq (,$(PKGCONFIG_LDLIBS)) $(error pkg-config error, command: $(PKG_CONFIG) --libs $(PKGCONFIG_LIBS)) endif +PKGCONFIG_UDEVRULESDIR:=$(shell $(PKG_CONFIG) --variable=udev_dir udev) +ifeq (,$(PKGCONFIG_UDEVRULESDIR)) + $(error pkg-config error, command: $(PKG_CONFIG) --variable=udev_dir udev) +endif CFLAGS+=$(PKGCONFIG_CFLAGS) LDLIBS+=$(PKGCONFIG_LDLIBS) @@ -157,6 +161,7 @@ install: bcachefs $(INSTALL) -m0644 -D bcachefs.8 -t $(DESTDIR)$(PREFIX)/share/man/man8/ $(INSTALL) -m0755 -D initramfs/script $(DESTDIR)$(INITRAMFS_SCRIPT) $(INSTALL) -m0755 -D initramfs/hook $(DESTDIR)$(INITRAMFS_HOOK) + $(INSTALL) -m0644 -D udev/bcachefs.rules -t $(DESTDIR)$(PKGCONFIG_UDEVRULESDIR)/ $(LN) -sfr $(DESTDIR)$(ROOT_SBINDIR)/bcachefs $(DESTDIR)$(ROOT_SBINDIR)/mkfs.bcachefs $(LN) -sfr $(DESTDIR)$(ROOT_SBINDIR)/bcachefs $(DESTDIR)$(ROOT_SBINDIR)/fsck.bcachefs $(LN) -sfr $(DESTDIR)$(ROOT_SBINDIR)/bcachefs $(DESTDIR)$(ROOT_SBINDIR)/mount.bcachefs diff --git a/udev/bcachefs.rules b/udev/bcachefs.rules new file mode 100644 index 00000000..ca1f3818 --- /dev/null +++ b/udev/bcachefs.rules @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: GPL-2.0-or-later +# +# Copyright (C) 2024 Oracle. All rights reserved. +# Author: Darrick J. Wong <djwong@kernel.org> +# +# Don't let udisks automount bcachefs filesystems without even asking a user. +# This doesn't eliminate filesystems as an attack surface; it only prevents +# evil maid attacks when all sessions are locked. +# +# According to http://storaged.org/doc/udisks2-api/latest/udisks.8.html, +# supplying UDISKS_AUTO=0 here changes the HintAuto property of the block +# device abstraction to mean "do not automatically start" (e.g. mount). +SUBSYSTEM=="block", ENV{ID_FS_TYPE}=="bcachefs", ENV{UDISKS_AUTO}="0" |