New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 728856 link

Starred by 0 users
Status: Fixed
Owner:
vapier@chromium.org
Closed: Jul 2017
Cc:
kerrnel@chromium.org
vapier@chromium.org
ejcaruso@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Chrome
Pri: 3
Type: Feature



Sign in to add a comment

imageloader should mount images in place

Project Member Reported by vapier@chromium.org, Jun 1 2017 
since dm-verity provides guarantees wrt integrity, we shouldn't need to duplicate the disk images into /var/imageloader/

the current system also has collisions between users as containers are copied into a flat namespace

Comment 1 by kerrnel@chromium.org, Jun 1 2017

Owner: kerrnel@chromium.org
Status: Assigned (was: Available)
We discussed this offline and it makes sense because dm-verity provides the integrity checking. That being said, for something like Flash player, it still makes sense to copy disk images into /var/imageloader.

So this should just add a new API:

bool LoadComponentAtPath(const std::string& component_path, const std::string& mount_path);

Does that fit your needs? I can implement that very easily.

Comment 2 by vapier@chromium.org, Jun 1 2017 

if you want to support both modes, that's fine.  that API looks like it should work since we now stuff all the container stuff inside the imageloader image.

Comment 3 by kerrnel@chromium.org, Jun 2 2017 

The one 'gotcha' that I see: do you have a plan to make sure imageloaderd has read access to the component?

Comment 4 by vapier@chromium.org, Jun 2 2017 

the chronos-access group should have read access granted, and the imageloaderd is part of that group, so i think it should be fine

Comment 5 by ejcaruso@chromium.org, Jun 2 2017 

The extensions dir is group chronos, not chronos-access, though. mount_extension_image copies the directory somewhere else first to get around this.
Project Member

Comment 7 by bugdroid1@chromium.org, Jun 27 2017 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromiumos/third_party/autotest/+/202d81a2f3cbf7171d4e3e5ec20a7c0e9c6aef0f

commit 202d81a2f3cbf7171d4e3e5ec20a7c0e9c6aef0f
Author: Greg Kerr <kerrnel@chromium.org>
Date: Tue Jun 27 17:55:45 2017

Add test for LoadComponentAtPath.

Adds a test for the new LoadComponentAtPath method which supports
loading a component from a path outside of the /var/lib/imageloader
reserved storage.

BUG= chromium:728856 
CQ-DEPEND=CL:538924
TEST=test_that -b ${BOARD} platform_ImageLoaderServer

Change-Id: I00a99980a8536e1e4bbbc44028c17f3d051c8560
Reviewed-on: https://chromium-review.googlesource.com/549218
Commit-Ready: Greg Kerr <kerrnel@chromium.org>
Tested-by: Greg Kerr <kerrnel@chromium.org>
Reviewed-by: Eric Caruso <ejcaruso@chromium.org>

[modify] https://crrev.com/202d81a2f3cbf7171d4e3e5ec20a7c0e9c6aef0f/client/site_tests/platform_ImageLoader/platform_ImageLoader.py

Comment 8 by kerrnel@chromium.org, Jul 5 2017

Owner: vapier@chromium.org
Status: Fixed (was: Assigned)
Mike, does what I landed work for you or do you need anything else added?

Comment 9 by dchan@chromium.org, Jan 22 2018

Status: Archived (was: Fixed)

Comment 10 by vapier@chromium.org, May 9 2018

Components: OS>Systems>Containers

Comment 11 by vapier@chromium.org, Jun 21 2018

Status: Fixed (was: Archived)

Sign in to add a comment