trust: Forcibly mark "Default Trust" read-only

The "Default Trust" token is typically mounted as $datadir, which is considered as read-only on modern OSes. Suggestd by Kai Engert in: https://bugzilla.redhat.com/show_bug.cgi?id=1523630
p11-glue · Jan 19, 2018 · de847aa · de847aa
1 parent 031d3c7
commit de847aa
Show file tree

Hide file tree

Showing 3 changed files with 18 additions and 6 deletions.
diff --git a/trust/module.c b/trust/module.c
@@ -194,10 +194,11 @@ create_tokens_inlock (p11_array *tokens,
 	struct {
 		const char *prefix;
 		const char *label;
+		bool readonly;
 	} labels[] = {
-		{ "~/", "User Trust" },
-		{ DATA_DIR, "Default Trust" },
-		{ SYSCONFDIR, "System Trust" },
+		{ "~/", "User Trust", false },
+		{ DATA_DIR, "Default Trust", true },
+		{ SYSCONFDIR, "System Trust", false },
 		{ NULL },
 	};
 
@@ -206,6 +207,7 @@ create_tokens_inlock (p11_array *tokens,
 	CK_SLOT_ID slot;
 	const char *path;
 	const char *label;
+	bool readonly;
 	char *alloc;
 	char *remaining;
 	char *base;
@@ -233,12 +235,14 @@ create_tokens_inlock (p11_array *tokens,
 
 			label = NULL;
 			base = NULL;
+			readonly = false;
 
 			/* Claim the various labels based on prefix */
 			for (i = 0; label == NULL && labels[i].prefix != NULL; i++) {
 				if (strncmp (path, labels[i].prefix, strlen (labels[i].prefix)) == 0) {
 					label = labels[i].label;
 					labels[i].label = NULL;
+					readonly = labels[i].readonly;
 				}
 			}
 
@@ -248,7 +252,7 @@ create_tokens_inlock (p11_array *tokens,
 				return_val_if_fail (base != NULL, false);
 			}
 
-			token = p11_token_new (slot, path, label);
+			token = p11_token_new (slot, path, label, readonly);
 			return_val_if_fail (token != NULL, false);
 
 			if (!p11_array_push (tokens, token))

diff --git a/trust/token.c b/trust/token.c
@@ -817,7 +817,8 @@ p11_token_free (p11_token *token)
 p11_token *
 p11_token_new (CK_SLOT_ID slot,
                const char *path,
-               const char *label)
+               const char *label,
+               bool readonly)
 {
 	p11_token *token;
 
@@ -859,6 +860,12 @@ p11_token_new (CK_SLOT_ID slot,
 
 	token->slot = slot;
 
+	if (readonly) {
+		token->checked_path = true;
+		token->make_directory = false;
+		token->is_writable = false;
+	}
+
 	load_builtin_objects (token);
 
 	p11_debug ("token: %s: %s", token->label, token->path);

diff --git a/trust/token.h b/trust/token.h
@@ -44,7 +44,8 @@ typedef struct _p11_token p11_token;
 
 p11_token *     p11_token_new         (CK_SLOT_ID slot,
                                        const char *path,
-                                       const char *label);
+                                       const char *label,
+                                       bool readonly);
 
 void            p11_token_free        (p11_token *token);