| commit | e7e5b9bd38fbbf7058c0183e5d1d9bbe1588bc63 | [log] [tgz] |
|---|---|---|
| author | Greg Kerr <kerrnel@chromium.org> | Thu Jan 26 23:09:31 2017 |
| committer | chrome-bot <chrome-bot@chromium.org> | Tue Feb 21 22:07:37 2017 |
| tree | 1a9286c1be9cb183d9d23ecbb06996187ebc55f0 | |
| parent | 8becf5f5f191c7afcdb0d793a296c83e85a3078d [diff] |
Use privileged helper process to mount images.
Uses a privileged helper process to mount images, so that the untrusted
data is only read by the non-root, sandboxed main process.
BUG=chromium:682968
CQ-DEPEND=CL:434201
TEST=test_that -b ${BOARD} ${DUT_ip} platform_ImageLoaderServer
Change-Id: I7aa12d998065c0c2c81628f23ed52505333b4e8c
Reviewed-on: https://chromium-review.googlesource.com/434126
Commit-Ready: Greg Kerr <kerrnel@chromium.org>
Tested-by: Greg Kerr <kerrnel@chromium.org>
Reviewed-by: Jorge Lucangeli Obes <jorgelo@chromium.org>
This aims to provide a generic utility to verify and load (mount) signed disk images through DBUS IPC.
imageloaderimageloader handles the mounting of disk images. imageloader should be executed via the imageloader_wrapper script, which ensures that imageloader's storage exists and is owned by imageloaderd user. When imageloader is not running, DBus will automatically invoke it. After 20 seconds of inactivity, the service exits.