Google Git
Sign in
cos / mirrors / cros / chromiumos / overlays / chromiumos-overlay / e3180c7799b602ca26859e588f598f2f3b01ad37 / . / sys-apps / fwupd / files / fwupdtool-update.conf
blob: ad9edb0564a47c481c7dbe62913631c147ebd651 [file] [log] [blame]
# Copyright 2019 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
description "Updates devices using fwupdtool"
author "chromium-os-dev@chromium.org"
# This job is started by udev via custom events.
# Job duration is expected to be O(minutes) depending on the number of
# devices with pending updates.
start on fwupdtool-update
task
# Device GUID to be updated by fwupdtool update invocation.
import GUID
# FWUPD plugin to be used by fwupdtool update invokation.
import PLUGIN
env REGEX="^[0-9a-f]\{8\}-[0-9a-f]\{4\}-[0-9a-f]\{4\}-[0-9a-f]\{4\}-[0-9a-f]\{12\}$"
env MINIJAIL_ARGS="--uts -e -l -p -N \
-v -P /mnt/empty -b / -b /proc -r -t -b /dev,,1 -k run,/run,tmpfs \
-k /var,/var,tmpfs -b /var/cache/fwupd,,1 -b /var/lib/fwupd,,1 \
-b /sys -u fwupd -g fwupd"
env PLUGIN_ARGS=""
pre-start script
if [ $(expr "${GUID}" : "${REGEX}") -eq 0 ]; then
logger -p err -t "${UPSTART_JOB}" "Invalid GUID: ${GUID}"
exit 1
fi
mkdir -p /var/cache/fwupd /var/lib/fwupd
chown -R fwupd:fwupd /var/cache/fwupd /var/lib/fwupd
for plugin in ${PLUGIN}; do
if ! minijail0 ${MINIJAIL_ARGS} -- /usr/bin/fwupdtool get-plugins \
| grep -x -F "${plugin}"; then
logger -p err -t "${UPSTART_JOB}" "Unsupported plugin: ${plugin}"
exit 1
fi
done
end script
script
for plugin in ${PLUGIN}; do
case "${plugin}" in
"ccgx"|"dell_dock"|"synaptics_cxaudio"|"vli")
MINIJAIL_ARGS="${MINIJAIL_ARGS} --add-suppl-group usb"
;;
"flashrom_i2c")
MINIJAIL_ARGS="${MINIJAIL_ARGS} -k /run/lock,/run/lock,tmpfs --add-suppl-group i2c"
;;
"nvme")
# Grant cap_sys_admin for nvme plugin to issue admin ioctl commands.
MINIJAIL_ARGS="${MINIJAIL_ARGS} -c cap_dac_override,cap_sys_admin+e"
;;
"synaptics_mst")
MINIJAIL_ARGS="${MINIJAIL_ARGS} --add-suppl-group drm_dp_aux"
;;
"thunderbolt")
MINIJAIL_ARGS="${MINIJAIL_ARGS} -b /sys,,1"
;;
esac
PLUGIN_ARGS="${PLUGIN_ARGS} --plugins=${plugin}"
done
exec minijail0 ${MINIJAIL_ARGS} -- /usr/bin/fwupdtool update "${GUID}" \
${PLUGIN_ARGS} 2>&1 | logger -t "${UPSTART_JOB}"
end script