arc/setup/init/arcvm-per-board-features.conf - mirrors/cros/chromiumos/platform2 - Git at Google

 # Copyright 2020 The Chromium OS Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.

 description    "Set up the hardware configuration files for ARCVM"
 author         "chromium-os-dev@chromium.org"

 oom score -1000

 # Make this a task so that 'start arcvm-per-board-features' will block until
 # the script finishes.
 task

 # Execute generate_camera_profile and board_hardware_features scripts and
 # store the results in /run/arcvm/host_generated/oem.
 script
   die() {
     logger -t "${UPSTART_JOB}" "$1"
     exit 1
   }

   # /usr/sbin/arc-apply-per-board-config internally calls two scripts,
   # generate_camera_profile and /usr/sbin/board_hardware_features, to generate
   # 3 files,
   # /mnt/stateful_partition/encrypted/var/cache/camera/etc/media_profiles.xml,
   # /run/arcvm/host_generated/oem/etc/media_profiles.xml (copy of the first
   # one), and /run/arcvm/host_generated/oem/etc/permissions/platform.xml.
   #
   # /run/chromeos-config: /usr/bin/generate_camera_profile executes
   #     /usr/bin/cros_config on some boards and the command reads the directory.
   #     MS_REC is required since a squashfs image is mounted somewhere in the
   #     tree.
   # /mnt/stateful_partition/encrypted/var/cache/camera: generate_camera_profile
   #     writes results to the directory.
   # /var/cache/camera: generate_camera_profile reads a .json in the directory.
   #     Also, arc-apply-per-board-config adds camera.prop to the directory.
   # /sys: /usr/sbin/board_hardware_features for some boards reads /sys to
   #     detect the board's hardware. /usr/sbin/mosys command which
   #     generate_camera_profile script uses on some boards also depends on /sys.
   # /run/arcvm/host_generated/oem: Both arc-apply-per-board-config and
   #     board_hardware_features write results to the directory.
   exec /sbin/minijail0 \
       --profile=minimalistic-mountns --uts -e -l -p -N \
       -k 'tmpfs,/mnt,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \
       -k 'tmpfs,/run,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \
       -k 'tmpfs,/var,tmpfs,MS_NOSUID|MS_NODEV|MS_NOEXEC' \
       -k '/run/chromeos-config,/run/chromeos-config,none,MS_BIND|MS_REC' \
       -b /sys \
       -b /mnt/stateful_partition/encrypted/var/cache/camera,,1 \
       -b /run/arcvm/host_generated/oem,,1 \
       -b /var/cache/camera,,1 \
       -- /usr/sbin/arc-apply-per-board-config \
            --log_tag=arc-apply-per-board-config ||
       die "Failed to execute arc-apply-per-board-config"
 end script
	# Copyright 2020 The Chromium OS Authors. All rights reserved.
	# Use of this source code is governed by a BSD-style license that can be
	# found in the LICENSE file.

	description "Set up the hardware configuration files for ARCVM"
	author "chromium-os-dev@chromium.org"

	oom score -1000

	# Make this a task so that 'start arcvm-per-board-features' will block until
	# the script finishes.
	task

	# Execute generate_camera_profile and board_hardware_features scripts and
	# store the results in /run/arcvm/host_generated/oem.
	script
	die() {
	logger -t "${UPSTART_JOB}" "$1"
	exit 1
	}

	# /usr/sbin/arc-apply-per-board-config internally calls two scripts,
	# generate_camera_profile and /usr/sbin/board_hardware_features, to generate
	# 3 files,
	# /mnt/stateful_partition/encrypted/var/cache/camera/etc/media_profiles.xml,
	# /run/arcvm/host_generated/oem/etc/media_profiles.xml (copy of the first
	# one), and /run/arcvm/host_generated/oem/etc/permissions/platform.xml.
	#
	# /run/chromeos-config: /usr/bin/generate_camera_profile executes
	# /usr/bin/cros_config on some boards and the command reads the directory.
	# MS_REC is required since a squashfs image is mounted somewhere in the
	# tree.
	# /mnt/stateful_partition/encrypted/var/cache/camera: generate_camera_profile
	# writes results to the directory.
	# /var/cache/camera: generate_camera_profile reads a .json in the directory.
	# Also, arc-apply-per-board-config adds camera.prop to the directory.
	# /sys: /usr/sbin/board_hardware_features for some boards reads /sys to
	# detect the board's hardware. /usr/sbin/mosys command which
	# generate_camera_profile script uses on some boards also depends on /sys.
	# /run/arcvm/host_generated/oem: Both arc-apply-per-board-config and
	# board_hardware_features write results to the directory.
	exec /sbin/minijail0 \
	--profile=minimalistic-mountns --uts -e -l -p -N \
	-k 'tmpfs,/mnt,tmpfs,MS_NOSUID\|MS_NODEV\|MS_NOEXEC' \
	-k 'tmpfs,/run,tmpfs,MS_NOSUID\|MS_NODEV\|MS_NOEXEC' \
	-k 'tmpfs,/var,tmpfs,MS_NOSUID\|MS_NODEV\|MS_NOEXEC' \
	-k '/run/chromeos-config,/run/chromeos-config,none,MS_BIND\|MS_REC' \
	-b /sys \
	-b /mnt/stateful_partition/encrypted/var/cache/camera,,1 \
	-b /run/arcvm/host_generated/oem,,1 \
	-b /var/cache/camera,,1 \
	-- /usr/sbin/arc-apply-per-board-config \
	--log_tag=arc-apply-per-board-config \|\|
	die "Failed to execute arc-apply-per-board-config"
	end script