projects / ostree.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 59a653c) | patch
Add ostree=aboot for signed Android Boot Images
authorEric Curtin <ecurtin@redhat.com>
Thu, 8 Jun 2023 11:40:28 +0000 (12:40 +0100)
committerEric Curtin <ecurtin@redhat.com>
Thu, 8 Jun 2023 14:27:07 +0000 (15:27 +0100)
commitaa72caffb540114a0e8635ab2990b9c8b0b8f9db
tree0c51c129e648e0f35b724c8077b491ad55e14348tree | snapshot
parent59a653c9dd3aa7aa5f0b5b49c6bec288c6cd747acommit | diff
Add ostree=aboot for signed Android Boot Images

Some kernel images are delivered in a signed kernel + cmdline +
initramfs + dtb blob. When this is added to the commit server side, only
after this do you know what the cmdline is, this creates a recursion
issue. To avoid this, in the case where we have ostree=aboot karg
set, create a symlink after deploy to the correct ostree target in the
rootfs, as the cmdline can't be malleable and secured client-side at
the same time.
src/switchroot/ostree-mount-util.h diff | blob | history
src/switchroot/ostree-prepare-root.c diff | blob | history
src/switchroot/ostree-system-generator.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.