Google Git
Sign in
cos / third_party / platform / vboot_reference / 35f4cb027230e03af30a6206cbea8e638d9dd0d0
commit35f4cb027230e03af30a6206cbea8e638d9dd0d0[log] [tgz]
authorJosh Horwich <jhorwich@google.com>Thu Jun 23 16:40:09 2022 -0700
committerChromeos LUCI <chromeos-scoped@luci-project-accounts.iam.gserviceaccount.com>Tue Jul 12 20:56:19 2022 +0000
tree5279c68276a0260f21d5609904896d68171626fb
parent61f16fca1def81c486c1283f8c0b1325fbdad7bc [diff]
signer: Preserve capabilities on Android system image

Since crrev.com/c/2511121 we no longer use xattrs when using
unsquashfs on the Android system image. A side-effect of this change
is the loss of capabilities for a handful of Android binaries such as
/system/bin/run-as.

This change records the capabilities on the system image and applies
them manually to the output system image.

BUG=b:179170462
BRANCH=None
TEST=unittests
TEST=Locally sign hatch (ARC R) and kevin (ARC P) base images and
     verify signed base image's system.raw.img contents

Signed-off-by: Josh Horwich <jhorwich@chromium.org>

Change-Id: Ied824d5ebf7a5139e71341abca810b14e67623e0
Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/3723017
Reviewed-by: Allen Webb <allenwebb@google.com>
Tested-by: Josh Horwich <jhorwich@chromium.org>
Reviewed-by: Prameet Shah <phshah@chromium.org>
Commit-Queue: Josh Horwich <jhorwich@chromium.org>
Reviewed-by: Yury Khmel <khmel@google.com>
Reviewed-by: Yury Khmel <khmel@chromium.org>
1 file changed
tree: 5279c68276a0260f21d5609904896d68171626fb
  1. cgpt/
  2. firmware/
  3. futility/
  4. host/
  5. rust/
  6. scripts/
  7. tests/
  8. utility/
  9. .checkpatch.conf
  10. .clang-format
  11. .gitignore
  12. Android.mk
  13. emerge_test.sh
  14. LICENSE
  15. Makefile
  16. OWNERS
  17. PRESUBMIT.cfg
  18. README
  19. unblocked_terms.txt
  20. vboot_host.pc.in