commit | e7e5b9bd38fbbf7058c0183e5d1d9bbe1588bc63 | [log] [tgz] |
---|---|---|
author | Greg Kerr <kerrnel@chromium.org> | Thu Jan 26 23:09:31 2017 |
committer | chrome-bot <chrome-bot@chromium.org> | Tue Feb 21 22:07:37 2017 |
tree | 1a9286c1be9cb183d9d23ecbb06996187ebc55f0 | |
parent | 8becf5f5f191c7afcdb0d793a296c83e85a3078d [diff] |
Use privileged helper process to mount images. Uses a privileged helper process to mount images, so that the untrusted data is only read by the non-root, sandboxed main process. BUG=chromium:682968 CQ-DEPEND=CL:434201 TEST=test_that -b ${BOARD} ${DUT_ip} platform_ImageLoaderServer Change-Id: I7aa12d998065c0c2c81628f23ed52505333b4e8c Reviewed-on: https://chromium-review.googlesource.com/434126 Commit-Ready: Greg Kerr <kerrnel@chromium.org> Tested-by: Greg Kerr <kerrnel@chromium.org> Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
This aims to provide a generic utility to verify and load (mount) signed disk images through DBUS IPC.
imageloader
imageloader
handles the mounting of disk images. imageloader
should be executed via the imageloader_wrapper
script, which ensures that imageloader's storage exists and is owned by imageloaderd
user. When imageloader
is not running, DBus will automatically invoke it. After 20 seconds of inactivity, the service exits.