rectify errors in the spec file

fix CVE-2021-3802

(cherry picked from commit fe771ddfb3c8ec603e85b3ac6d8bd2edf90279ce)

0002-CVE-2021-3802.patch

@@ -0,0 +1,59 @@
+From 38d90a433bda0fc0f2a409f6baa12c3958893571 Mon Sep 17 00:00:00 2001
+From: Tomas Bzatek <tbzatek@redhat.com>
+Date: Wed, 15 Sep 2021 14:34:49 +0200
+Subject: [PATCH] mount options: Always use errors=remount-ro for ext
+ filesystems
+
+Default mount options are focused primarily on data safety, mounting
+damaged ext2/3/4 filesystem as readonly would indicate something's wrong.
+
+(cherry picked from commit 2d5d2b7570b0f44c14b34b5dc831f174205c10f2)
+---
+ data/builtin_mount_options.conf            | 9 +++++++++
+ src/tests/dbus-tests/test_80_filesystem.py | 6 ++++++
+ 2 files changed, 15 insertions(+)
+
+diff --git a/data/builtin_mount_options.conf b/data/builtin_mount_options.conf
+index 989258d..d76fcf2 100644
+--- a/data/builtin_mount_options.conf
++++ b/data/builtin_mount_options.conf
+@@ -23,3 +23,12 @@ hfsplus_allow=uid=$UID,gid=$GID,creator,type,umask,session,part,decompose,nodeco
+ btrfs_allow=compress,compress-force,datacow,nodatacow,datasum,nodatasum,degraded,device,discard,nodiscard,subvol,subvolid,space_cache
+ 
+ f2fs_allow=discard,nodiscard,compress_algorithm,compress_log_size,compress_extension,alloc_mode
++
++ext2_defaults=errors=remount-ro
++ext2_allow=errors=remount-ro
++
++ext3_defaults=errors=remount-ro
++ext3_allow=errors=remount-ro
++
++ext4_defaults=errors=remount-ro
++ext4_allow=errors=remount-ro
+diff --git a/src/tests/dbus-tests/test_80_filesystem.py b/src/tests/dbus-tests/test_80_filesystem.py
+index c22855b..52feb02 100644
+--- a/src/tests/dbus-tests/test_80_filesystem.py
++++ b/src/tests/dbus-tests/test_80_filesystem.py
+@@ -320,6 +320,8 @@ class UdisksFSTestCase(udiskstestcase.UdisksTestCase):
+         _ret, out = self.run_command('mount | grep %s' % block_fs_dev)
+         self.assertIn(mnt_path, out)
+         self.assertIn('ro', out)
++        if self._fs_name.startswith('ext'):
++            self.assertIn('errors=remount-ro', out)
+ 
+         # dbus mountpoint
+         dbus_mounts = self.get_property(block_fs, '.Filesystem', 'MountPoints')
+@@ -477,6 +479,10 @@ class UdisksFSTestCase(udiskstestcase.UdisksTestCase):
+         if self._fs_name == "udf":
+             test_custom_option(self, False, None, False, "[defaults]\ndefaults=\nallow=exec,noexec,nodev,nosuid,atime,noatime,nodiratime,ro,rw,sync,dirsync,noload,uid=ignore,uid=forget\n")
+             test_custom_option(self, True, "uid=notallowed", True, "[defaults]\nallow=exec,noexec,nodev,nosuid,atime,noatime,nodiratime,ro,rw,sync,dirsync,noload,uid=ignore\n")
++        if self._fs_name.startswith("ext"):
++            test_custom_option(self, False, "errors=remount-ro", True, "", match_mount_option="errors=remount-ro")
++            test_custom_option(self, True, "errors=panic", False, "")
++            test_custom_option(self, True, "errors=continue", False, "")
+ 
+         # udev rules overrides
+         test_readonly(self, False, "", udev_rules_content = { "UDISKS_MOUNT_OPTIONS_DEFAULTS": "rw" })
+-- 
+2.23.0
+

udisks2.spec

@@ -59,17 +59,14 @@
 Name:    udisks2
 Summary: Disk Manager
 Version: 2.9.0
-%if %{is_git} == 0
-Release: 2
-%else
-Release: 0.%{build_date}git%{git_hash}%{?dist}
-%endif
+Release: 3
 License: GPLv2+
 Group:   System Environment/Libraries
 URL:     https://github.com/storaged-project/udisks
 Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2
 
 Patch1:  0001-udiskslinuxmountoptions-Prevent-a-memory-leak.patch
+Patch2:  0002-CVE-2021-3802.patch
 
 BuildRequires: glib2-devel >= %{glib2_version}
 BuildRequires: gobject-introspection-devel >= %{gobject_introspection_version}
@@ -259,7 +256,7 @@ This package contains module for VDO management.
 %endif
 
 %prep
-%setup -q -n udisks-%{version}
+%autosetup -p1 -n udisks-%{version}
 sed -i udisks/udisks2.conf.in -e "s/encryption=luks1/encryption=%{default_luks_encryption}/"
 
 %build
@@ -441,6 +438,10 @@ udevadm trigger
 %endif
 
 %changelog
+* Tue Jan 5 2022 yanglongkang <yanglongkang@huawei.com> -2.9.0-3
+- rectify errors in the spec file
+  fix CVE-2021-3802
+
 * Mon Jul 27 2020 Zhiqiang Liu <lzhq28@mail.ustc.edu.cn> - 2.9.0-2
 - update from 2.8.1 to 2.9.0