1 files changed, 47 insertions, 41 deletions

diff --git a/sound_card_init/sound_card_init.conf b/sound_card_init/sound_card_init.conf
index 7ab0211e..40bc88f8 100644
--- a/sound_card_init/sound_card_init.conf
+++ b/sound_card_init/sound_card_init.conf
@@ -31,44 +31,50 @@ pre-start script
   fi
 end script
 
-# Here (in order) are a list of the args added:
-# --uts: Create and enter new UTS namespace (hostname/NIS domain name).
-# -e: doesn't need network access.
-# -l: process doesn't use SysV shared memory or IPC.
-# -N: doesn't need to modify control groups settings.
-# -v: run inside a new VFS namespace.
-# -p -r: process doesn't need to access other processes in the system.
-# -n: process doesn't need new privileges.
-# -P: set /mnt/empty as the root fs.
-# -b: bind /
-# -k: Get a writeable and empty /run tmpfs path.
-# -b: need /run/cras to connect cras.
-# -b: /run/systemd/journal: needed for syslog.
-# -b: need /dev to send ioctls to the system's block devices.
-# -k: empty /sys tmpfs path.
-# -b: need /sys/firmware/vpd/ro/ access to read the default calibration value in vpd.
-# -k: get a writeable and empty /var tmpfs path.
-# -b: need /var/lib/sound_card_init/$SOUND_CARD_ID writable access for datastore update.
-# -b: need /var/lib/cras readable
-exec minijail0 \
-    --uts \
-    -e \
-    -l \
-    -N \
-    -v \
-    -p -r \
-    -n \
-    -P /mnt/empty \
-    -b / \
-    -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
-    -b /run/cras \
-    -b /run/systemd/journal \
-    -b /dev \
-    -k 'tmpfs,/sys,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
-    -b /sys/firmware/vpd/ro/ \
-    -k 'tmpfs,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
-    -b /var/lib/sound_card_init/"${SOUND_CARD_ID}"/,,1 \
-    -b /var/lib/cras/ \
-    -u sound_card_init -g sound_card_init -G \
-    -S /usr/share/policy/sound_card_init-seccomp.policy \
-    /usr/bin/sound_card_init "--id=${SOUND_CARD_ID}"
+
+script
+  CONFIG="$(cros_config /audio/main sound-card-init-conf)"
+  if [ -f /etc/sound_card_init/"${CONFIG}" ]; then
+    # Here (in order) are a list of the args added:
+    # --uts: Create and enter new UTS namespace (hostname/NIS domain name).
+    # -e: doesn't need network access.
+    # -l: process doesn't use SysV shared memory or IPC.
+    # -N: doesn't need to modify control groups settings.
+    # -v: run inside a new VFS namespace.
+    # -p -r: process doesn't need to access other processes in the system.
+    # -n: process doesn't need new privileges.
+    # -P: set /mnt/empty as the root fs.
+    # -b: bind /
+    # -k: Get a writeable and empty /run tmpfs path.
+    # -b: need /run/cras to connect cras.
+    # -b: need /dev to send ioctls to the system's block devices.
+    # -k: empty /sys tmpfs path.
+    # -b: need /sys/firmware/vpd/ro/ access to read the default calibration
+    #     value in vpd.
+    # -k: get a writeable and empty /var tmpfs path.
+    # -b: need /var/lib/sound_card_init/$SOUND_CARD_ID writable access for
+    #     datastore update.
+    # -b: need /var/lib/cras readable
+    exec minijail0 \
+        --uts \
+        -e \
+        -l \
+        -N \
+        -v \
+        -p -r \
+        -n \
+        -P /mnt/empty \
+        -b / \
+        -k 'tmpfs,/run,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
+        -b /run/cras \
+        -b /dev \
+        -k 'tmpfs,/sys,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
+        -b /sys/firmware/vpd/ro/ \
+        -k 'tmpfs,/var,tmpfs,MS_NODEV|MS_NOEXEC|MS_NOSUID,mode=755,size=10M' \
+        -b /var/lib/sound_card_init/"${SOUND_CARD_ID}"/,,1 \
+        -b /var/lib/cras/ \
+        -u sound_card_init -g sound_card_init -G \
+        -S /usr/share/policy/sound_card_init-seccomp.policy \
+        /usr/bin/sound_card_init "--id=${SOUND_CARD_ID}" "--conf=${CONFIG}"
+  fi
+end script
\ No newline at end of file