From mboxrd@z Thu Jan 1 00:00:00 1970 Return-path: From: Michael Olbrich Date: Thu, 9 Apr 2020 09:37:31 +0200 Message-Id: <20200409073731.31677-3-m.olbrich@pengutronix.de> In-Reply-To: <20200409073731.31677-1-m.olbrich@pengutronix.de> References: <20200409073731.31677-1-m.olbrich@pengutronix.de> MIME-Version: 1.0 Subject: [DistroKit] [PATCH 2/2] platform-v7a: run: use security_model=mapped-file when possible List-Id: DistroKit Mailinglist List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: distrokit-bounces@pengutronix.de Sender: "DistroKit" To: distrokit@pengutronix.de Cc: Michael Olbrich PTXdist can now provide the necessary metadata files for security_model=mapped-file. With this enabled, the rootfs on 9p has the correct ownership and permissions. Signed-off-by: Michael Olbrich --- configs/platform-v7a/run | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/configs/platform-v7a/run b/configs/platform-v7a/run index 3a65c43da7be..1dc4fd645d88 100755 --- a/configs/platform-v7a/run +++ b/configs/platform-v7a/run @@ -67,6 +67,12 @@ fi BASE_CMDLINE="console=ttyAMA0,115200 loglevel=5 systemd.log_level=warning systemd.show_status=auto" +if [ -d "${PTXDIST_PLATFORMDIR}/root/.virtfs_metadata" ]; then + security_model="mapped-file" +else + security_model="none" +fi + # Machine to emulate QEMU_ARGS=( -machine vexpress-a9 -cpu cortex-a9 -smp 4 -m 1024M ) # disable graphics output @@ -122,7 +128,7 @@ check_flash() { run_qemu_9p() { exec ${QEMU_EXEC} \ "${QEMU_ARGS[@]}" \ - -fsdev local,id=rootfs,path=${PTXDIST_PLATFORMDIR}/root,security_model=none \ + -fsdev local,id=rootfs,path=${PTXDIST_PLATFORMDIR}/root,security_model="${security_model}" \ -device virtio-9p-device,fsdev=rootfs,mount_tag=/dev/root \ "${QEMU_EXTRA_ARGS[@]}" \ "${QEMU_LINUX_ARGS[@]}" \ @@ -164,9 +170,9 @@ run_qemu_barebox() { exec ${QEMU_EXEC} \ "${QEMU_ARGS[@]}" \ -smp 1 \ - -fsdev local,id=rootfs,path=${PTXDIST_PLATFORMDIR}/root,security_model=none \ + -fsdev local,id=rootfs,path=${PTXDIST_PLATFORMDIR}/root,security_model="${security_model}" \ -device virtio-9p-device,fsdev=rootfs,mount_tag=/dev/root \ - -fsdev local,id=images,path=${PTXDIST_PLATFORMDIR}/images,security_model=none \ + -fsdev local,id=images,path=${PTXDIST_PLATFORMDIR}/images,security_model="${security_model}" \ -device virtio-9p-device,fsdev=images,mount_tag=/dev/images \ -drive if=sd,format=raw,file=${PTXDIST_PLATFORMDIR}/images/vexpress.hdimg,id=mmc0 \ -drive if=pflash,format=raw,file=${PTXDIST_PLATFORMDIR}/images/vexpress.norimg,id=nor0 \ -- 2.20.1 _______________________________________________ DistroKit mailing list DistroKit@pengutronix.de