Support umount in helper_process

Currently mount points cleanup is called directly in imageloader_main
without sandboxing. In order for cleanup to work in non-root user in
sandboxed environment (dbus call), I provide a method in helper_process
to perform umount in sandbox as root.

It also fixes a bug in message deserialization where message could be
cut shorter accidentally due to encoding with string delimeter in the
middle.

BUG=chromium:784031,chromium:782334
TEST=unittest, mount/umount images on DuT

Change-Id: Ib4c7522c96165c6ffae4cb0342137f8a0bdcc07b
Reviewed-on: https://chromium-review.googlesource.com/767024
Commit-Ready: Xiaochu Liu <xiaochu@chromium.org>
Tested-by: Xiaochu Liu <xiaochu@chromium.org>
Reviewed-by: Greg Kerr <kerrnel@chromium.org>
13 files changed
tree: 26a3051c85d5401290a097eb6b9266af8b8d0864
  1. .presubmitignore
  2. OWNERS
  3. README.md
  4. component.cc
  5. component.h
  6. component_unittest.cc
  7. dbus_adaptors/
  8. dbus_permissions/
  9. dbus_service/
  10. helper_process.cc
  11. helper_process.h
  12. imageloader-client.gyp
  13. imageloader-shutdown.conf
  14. imageloader.cc
  15. imageloader.conf
  16. imageloader.gyp
  17. imageloader.h
  18. imageloader_impl.cc
  19. imageloader_impl.h
  20. imageloader_main.cc
  21. imageloader_unittest.cc
  22. imageloader_wrapper
  23. ipc.proto
  24. libimageloader-client-test.pc.in
  25. libimageloader-client.pc.in
  26. mock_helper_process.h
  27. mock_verity_mounter.h
  28. mount_helper.cc
  29. mount_helper.h
  30. public_keys/
  31. run_tests.cc
  32. seccomp/
  33. test_utilities.cc
  34. test_utilities.h
  35. testdata/
  36. verity_mounter.cc
  37. verity_mounter.h
  38. verity_mounter_impl.cc
  39. verity_mounter_impl.h
  40. verity_mounter_unittest.cc
README.md

src/platform/imageloader

This aims to provide a generic utility to verify and load (mount) signed disk images through DBUS IPC.

Binaries

  • imageloader

imageloader handles the mounting of disk images. imageloader should be executed via the imageloader_wrapper script, which ensures that imageloader's storage exists and is owned by imageloaderd user. When imageloader is not running, DBus will automatically invoke it. After 20 seconds of inactivity, the service exits.