rules: UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG property (#3714)

Sometimes, the persistent storage rules should be skipped for a subset of devices. For example, the Qubes operating system prevents dom0 from parsing untrusted block device content (such as filesystem metadata) by shipping a custom 60-persistent-storage.rules, patched to bail out early if the device name matches a hardcoded pattern. As a less brittle and more flexible alternative, this commit adds a line to the two relevant .rules files which makes them test the value of the UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG device property, modeled after the various DM_UDEV_DISABLE_*_RULES_FLAG properties.
2025-02-23 13:57:33 +03:00 · 2016-07-15 16:47:42 +00:00 · 2016-07-15 16:47:42 +00:00 · 542127ea96
commit 542127ea96
parent 2ed968802c
2 changed files with 2 additions and 0 deletions
--- a/rules/60-persistent-storage-tape.rules
+++ b/rules/60-persistent-storage-tape.rules
@ -3,6 +3,7 @@
 # persistent storage links: /dev/tape/{by-id,by-path}

 ACTION=="remove", GOTO="persistent_storage_tape_end"
+ENV{UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG}=="1", GOTO="persistent_storage_tape_end"

 # type 8 devices are "Medium Changers"
 SUBSYSTEM=="scsi_generic", SUBSYSTEMS=="scsi", ATTRS{type}=="8", IMPORT{program}="scsi_id --sg-version=3 --export --whitelisted -d $devnode", \
--- a/rules/60-persistent-storage.rules
+++ b/rules/60-persistent-storage.rules
@ -4,6 +4,7 @@
 # scheme based on "Linux persistent device names", 2004, Hannes Reinecke <hare@suse.de>

 ACTION=="remove", GOTO="persistent_storage_end"
+ENV{UDEV_DISABLE_PERSISTENT_STORAGE_RULES_FLAG}=="1", GOTO="persistent_storage_end"

 SUBSYSTEM!="block", GOTO="persistent_storage_end"
 KERNEL!="loop*|mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|nvme*|sd*|sr*|vd*|xvd*|bcache*|cciss*|dasd*|ubd*|scm*|pmem*", GOTO="persistent_storage_end"