Patch Detail
Show a patch.
GET /api/1.1/patches/3442/?format=api
{ "id": 3442, "url": "https://patchwork.libcamera.org/api/1.1/patches/3442/?format=api", "web_url": "https://patchwork.libcamera.org/patch/3442/", "project": { "id": 1, "url": "https://patchwork.libcamera.org/api/1.1/projects/1/?format=api", "name": "libcamera", "link_name": "libcamera", "list_id": "libcamera_core", "list_email": "libcamera-devel@lists.libcamera.org", "web_url": "", "scm_url": "", "webscm_url": "" }, "msgid": "<20200413133047.11913-10-laurent.pinchart@ideasonboard.com>", "date": "2020-04-13T13:30:45", "name": "[libcamera-devel,v2,09/11] libcamera: ipa_manager: Embed IPA module signing public key", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "2939097c92e3daffb71009a5b37c4bb68847cc10", "submitter": { "id": 2, "url": "https://patchwork.libcamera.org/api/1.1/people/2/?format=api", "name": "Laurent Pinchart", "email": "laurent.pinchart@ideasonboard.com" }, "delegate": null, "mbox": "https://patchwork.libcamera.org/patch/3442/mbox/", "series": [ { "id": 804, "url": "https://patchwork.libcamera.org/api/1.1/series/804/?format=api", "web_url": "https://patchwork.libcamera.org/project/libcamera/list/?series=804", "date": "2020-04-13T13:30:37", "name": "Sign IPA modules instead of checking their advertised license", "version": 2, "mbox": "https://patchwork.libcamera.org/series/804/mbox/" } ], "comments": "https://patchwork.libcamera.org/api/patches/3442/comments/", "check": "pending", "checks": "https://patchwork.libcamera.org/api/patches/3442/checks/", "tags": {}, "headers": { "Return-Path": "<laurent.pinchart@ideasonboard.com>", "Received": [ "from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[213.167.242.64])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id D126A62E1D\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tMon, 13 Apr 2020 15:31:07 +0200 (CEST)", "from pendragon.bb.dnainternet.fi (81-175-216-236.bb.dnainternet.fi\n\t[81.175.216.236])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id 6D7E224B\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tMon, 13 Apr 2020 15:31:07 +0200 (CEST)" ], "Authentication-Results": "lancelot.ideasonboard.com; dkim=pass (1024-bit key; \n\tunprotected) header.d=ideasonboard.com\n\theader.i=@ideasonboard.com\n\theader.b=\"tVtX70Ze\"; dkim-atps=neutral", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1586784667;\n\tbh=WQKDBRT4Y4nfWhIaQV8LNqdBNQ9aHt8YHLpCS4m4XR8=;\n\th=From:To:Subject:Date:In-Reply-To:References:From;\n\tb=tVtX70Ze+WhYMjjG7qtsF6iYglROZiCe4qSRSrlYokL+lRiNlAliLowETtrpn0n+n\n\tx4duxFi6ZSPQPaNe/26DEAXhzQDx6vLry+G8ZFaHWzLWC1so2gAYR229X40ASQnLG2\n\tkTKYIONm6nsCU68H7v34jTxsac5FCAFZG4c9PJ2c=", "From": "Laurent Pinchart <laurent.pinchart@ideasonboard.com>", "To": "libcamera-devel@lists.libcamera.org", "Date": "Mon, 13 Apr 2020 16:30:45 +0300", "Message-Id": "<20200413133047.11913-10-laurent.pinchart@ideasonboard.com>", "X-Mailer": "git-send-email 2.24.1", "In-Reply-To": "<20200413133047.11913-1-laurent.pinchart@ideasonboard.com>", "References": "<20200413133047.11913-1-laurent.pinchart@ideasonboard.com>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=UTF-8", "Content-Transfer-Encoding": "8bit", "Subject": "[libcamera-devel] [PATCH v2 09/11] libcamera: ipa_manager: Embed\n\tIPA module signing public key", "X-BeenThere": "libcamera-devel@lists.libcamera.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "<libcamera-devel.lists.libcamera.org>", "List-Unsubscribe": "<https://lists.libcamera.org/options/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>", "List-Archive": "<https://lists.libcamera.org/pipermail/libcamera-devel/>", "List-Post": "<mailto:libcamera-devel@lists.libcamera.org>", "List-Help": "<mailto:libcamera-devel-request@lists.libcamera.org?subject=help>", "List-Subscribe": "<https://lists.libcamera.org/listinfo/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>", "X-List-Received-Date": "Mon, 13 Apr 2020 13:31:10 -0000" }, "content": "In preparation for verifying the signature of IPA modules, generate a\npublic key from the private signing key and embed it in the IPAManager\nclass.\n\nSigned-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>\nReviewed-by: Niklas Söderlund <niklas.soderlund@ragnatech.se>\n---\n src/libcamera/gen-ipa-pub-key.py | 46 +++++++++++++++++++++++++++++\n src/libcamera/include/ipa_manager.h | 5 ++++\n src/libcamera/ipa_pub_key.cpp.in | 20 +++++++++++++\n src/libcamera/meson.build | 8 +++++\n 4 files changed, 79 insertions(+)\n create mode 100755 src/libcamera/gen-ipa-pub-key.py\n create mode 100644 src/libcamera/ipa_pub_key.cpp.in", "diff": "diff --git a/src/libcamera/gen-ipa-pub-key.py b/src/libcamera/gen-ipa-pub-key.py\nnew file mode 100755\nindex 000000000000..ad575b18c922\n--- /dev/null\n+++ b/src/libcamera/gen-ipa-pub-key.py\n@@ -0,0 +1,46 @@\n+#!/usr/bin/env python3\n+# SPDX-License-Identifier: GPL-2.0-or-later\n+# Copyright (C) 2020, Google Inc.\n+#\n+# Author: Laurent Pinchart <laurent.pinchart@ideasonboard.com>\n+#\n+# ipa-gen-key.py - Generate the IPA module signing public key\n+\n+import string\n+import subprocess\n+import sys\n+\n+\n+def main(argv):\n+ if len(argv) != 4:\n+ print('Usage: %s priv-key template output' % argv[0])\n+ return 1\n+\n+ priv_key = argv[1]\n+ template = argv[2]\n+ output = argv[3]\n+\n+ try:\n+ ret = subprocess.run(['openssl', 'rsa', '-pubout', '-in', priv_key,\n+ '-outform', 'DER'],\n+ stdout=subprocess.PIPE)\n+ except FileNotFoundError:\n+ print('Please install openssl to sign IPA modules')\n+ return 1\n+\n+ ipa_key = ', '.join(['0x%02x' % c for c in ret.stdout])\n+ data = {'ipa_key': ipa_key}\n+\n+ template = open(template, 'rb').read()\n+ template = template.decode('utf-8')\n+ template = string.Template(template)\n+\n+ f = open(output, 'wb')\n+ f.write(template.substitute(data).encode('utf-8'))\n+ f.close()\n+\n+ return 0\n+\n+\n+if __name__ == '__main__':\n+ sys.exit(main(sys.argv))\ndiff --git a/src/libcamera/include/ipa_manager.h b/src/libcamera/include/ipa_manager.h\nindex 467658e40ce9..26edf087461e 100644\n--- a/src/libcamera/include/ipa_manager.h\n+++ b/src/libcamera/include/ipa_manager.h\n@@ -7,6 +7,7 @@\n #ifndef __LIBCAMERA_IPA_MANAGER_H__\n #define __LIBCAMERA_IPA_MANAGER_H__\n \n+#include <stdint.h>\n #include <vector>\n \n #include <ipa/ipa_interface.h>\n@@ -14,6 +15,7 @@\n \n #include \"ipa_module.h\"\n #include \"pipeline_handler.h\"\n+#include \"pub_key.h\"\n \n namespace libcamera {\n \n@@ -35,6 +37,9 @@ private:\n \tvoid parseDir(const char *libDir, unsigned int maxDepth,\n \t\t std::vector<std::string> &files);\n \tunsigned int addDir(const char *libDir, unsigned int maxDepth = 0);\n+\n+\tstatic const uint8_t publicKeyData_[];\n+\tstatic const PubKey pubKey_;\n };\n \n } /* namespace libcamera */\ndiff --git a/src/libcamera/ipa_pub_key.cpp.in b/src/libcamera/ipa_pub_key.cpp.in\nnew file mode 100644\nindex 000000000000..e1fe287c160e\n--- /dev/null\n+++ b/src/libcamera/ipa_pub_key.cpp.in\n@@ -0,0 +1,20 @@\n+/* SPDX-License-Identifier: LGPL-2.1-or-later */\n+/*\n+ * Copyright (C) 2020, Laurent Pinchart <laurent.pinchart@ideasonboard.com>\n+ *\n+ * ipa_key.cpp - IPA module signing public key\n+ *\n+ * This file is auto-generated. Do not edit.\n+ */\n+\n+#include \"ipa_manager.h\"\n+\n+namespace libcamera {\n+\n+const uint8_t IPAManager::publicKeyData_[] = {\n+\t${ipa_key}\n+};\n+\n+const PubKey IPAManager::pubKey_{ { IPAManager::publicKeyData_ } };\n+\n+} /* namespace libcamera */\ndiff --git a/src/libcamera/meson.build b/src/libcamera/meson.build\nindex c2a657e4938c..c502450c4b2d 100644\n--- a/src/libcamera/meson.build\n+++ b/src/libcamera/meson.build\n@@ -101,6 +101,14 @@ version_cpp = vcs_tag(command : [gen_version, meson.build_root()],\n \n libcamera_sources += version_cpp\n \n+gen_ipa_pub_key = files('gen-ipa-pub-key.py')\n+ipa_pub_key_cpp = custom_target('ipa_pub_key_cpp',\n+ input : [ ipa_priv_key, 'ipa_pub_key.cpp.in' ],\n+ output : 'ipa_pub_key.cpp',\n+ command : [ gen_ipa_pub_key, '@INPUT@', '@OUTPUT@' ])\n+\n+libcamera_sources += ipa_pub_key_cpp\n+\n libcamera_deps = [\n libatomic,\n libdl,\n", "prefixes": [ "libcamera-devel", "v2", "09/11" ] }