[{"id":38385,"web_url":"https://patchwork.libcamera.org/comment/38385/","msgid":"<177428605771.4036272.9974907367623356513@ping.linuxembedded.co.uk>","date":"2026-03-23T17:14:17","subject":"Re: [PATCH] ipa: fall back to in-process mode when isolation fails","submitter":{"id":4,"url":"https://patchwork.libcamera.org/api/people/4/","name":"Kieran Bingham","email":"kieran.bingham@ideasonboard.com"},"content":"Quoting Frederic Laing (2026-03-23 17:07:58)\n> When the isolated IPA proxy fails to start (e.g. because fork() is\n> blocked by a sandbox's seccomp filter), fall back to loading the IPA\n> module in-process using the Threaded proxy instead of failing entirely.\n\nI'm sorry - but I don't think we can do this.\n\n\n> This enables libcamera to work inside Flatpak and other sandboxed\n> environments where process isolation via clone3() with CLONE_NEWUSER\n> and CLONE_NEWNET is not permitted.\n> \n> When isolation is explicitly forced via LIBCAMERA_IPA_FORCE_ISOLATION\n> or the ipa.force_isolation configuration option, the fallback is\n> suppressed and the proxy creation fails with an error instead, to\n> preserve the intended security policy.\n\nBut the isolation for unsigned modules *is* the default intended\nsecurity policy. This patch would completely bypass it.\n\nI feel bad, as I would rarely do this but:\n\nNacked-by: Kieran Bingham \n\n\n\n\n> \n> Tested on OnePlus 6T (Qualcomm SDM845) with IMX371 front camera.\n> Tested on Google Pixel 3a (Qualcomm SDM670) with IMX355 front camera.\n\n\nBut why are you hitting this ? If you are running on those platforms you\nshould be running with the softIPA with signatures - so you should not\nbe running an isolated module.\n\nThis makes me suspect you have a build configuration issue rather than a\nsecurity issue here to solve.\n\n--\nKieran\n\n\n\n> \n> Signed-off-by: Frederic Laing \n> ---\n> include/libcamera/internal/ipa_manager.h | 29 ++++++++++++++++++++++--\n> 1 file changed, 27 insertions(+), 2 deletions(-)\n> \n> diff --git a/include/libcamera/internal/ipa_manager.h b/include/libcamera/internal/ipa_manager.h\n> index f8ce7801..03553711 100644\n> --- a/include/libcamera/internal/ipa_manager.h\n> +++ b/include/libcamera/internal/ipa_manager.h\n> @@ -48,8 +48,33 @@ public:\n> auto proxy = [&]() -> std::unique_ptr {\n> if (self->isSignatureValid(m))\n> return std::make_unique(m, configuration);\n> - else\n> - return std::make_unique(m, configuration);\n> +\n> + auto isolated = std::make_unique(m, configuration);\n> + if (isolated->isValid())\n> + return isolated;\n> +\n> +#if HAVE_IPA_PUBKEY\n> + if (self->forceIsolation_) {\n> + LOG(IPAManager, Error)\n> + << \"IPA process isolation failed for \"\n> + << m->path()\n> + << \" and isolation is forced\";\n> + return isolated;\n> + }\n> +#endif\n> +\n> + /*\n> + * Fall back to in-process loading when process\n> + * isolation fails. This typically happens inside\n> + * sandboxed environments (e.g. Flatpak) where\n> + * fork() is blocked by the seccomp filter.\n> + */\n> + LOG(IPAManager, Warning)\n> + << \"IPA process isolation failed for \"\n> + << m->path()\n> + << \", falling back to in-process mode\";\n> +\n> + return std::make_unique(m, configuration);\n> }();\n> \n> if (!proxy->isValid()) {\n> -- \n> 2.53.0\n> \n>","headers":{"Return-Path":"","X-Original-To":"parsemail@patchwork.libcamera.org","Delivered-To":"parsemail@patchwork.libcamera.org","Received":["from lancelot.ideasonboard.com (lancelot.ideasonboard.com\n\t[92.243.16.209])\n\tby patchwork.libcamera.org (Postfix) with ESMTPS id 95ECBBD87C\n\tfor ;\n\tMon, 23 Mar 2026 17:14:22 +0000 (UTC)","from lancelot.ideasonboard.com (localhost [IPv6:::1])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTP id A3C7262777;\n\tMon, 23 Mar 2026 18:14:21 +0100 (CET)","from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[IPv6:2001:4b98:dc2:55:216:3eff:fef7:d647])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 7F53B62647\n\tfor ;\n\tMon, 23 Mar 2026 18:14:20 +0100 (CET)","from monstersaurus.ideasonboard.com\n\t(cpc89244-aztw30-2-0-cust6594.18-1.cable.virginm.net [86.31.185.195])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id 9B2EE225;\n\tMon, 23 Mar 2026 18:13:03 +0100 (CET)"],"Authentication-Results":"lancelot.ideasonboard.com; dkim=pass (1024-bit key;\n\tunprotected) header.d=ideasonboard.com header.i=@ideasonboard.com\n\theader.b=\"qmFTluZY\"; dkim-atps=neutral","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1774285983;\n\tbh=VHxgWQcQlxjPwsgG5BlHl0BSdiuVQMg7HzBP4YyfUxc=;\n\th=In-Reply-To:References:Subject:From:Cc:To:Date:From;\n\tb=qmFTluZY9VfsF3/JBL6xpbn6vy4GmvvGFhQRHoDAnm4I05ky5+f6PDSOeKbjpE7wM\n\tzZIKtefcsMozqk0Rl4UaERtaEOuxK1TJrZQh1ukS/rTbeImUwghfquxn1x21w1gbwC\n\t00qqXrftLgwo5Ib9dDzfVd8Sh9nigWHyN/Gm08TY=","Content-Type":"text/plain; charset=\"utf-8\"","MIME-Version":"1.0","Content-Transfer-Encoding":"quoted-printable","In-Reply-To":"<20260323170700.105171-1-dev@fredfunk.tech>","References":"<20260323170700.105171-1-dev@fredfunk.tech>","Subject":"Re: [PATCH] ipa: fall back to in-process mode when isolation fails","From":"Kieran Bingham ","Cc":"Frederic Laing ","To":"Frederic Laing , libcamera-devel@lists.libcamera.org","Date":"Mon, 23 Mar 2026 17:14:17 +0000","Message-ID":"<177428605771.4036272.9974907367623356513@ping.linuxembedded.co.uk>","User-Agent":"alot/0.9.1","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Errors-To":"libcamera-devel-bounces@lists.libcamera.org","Sender":"\"libcamera-devel\" "}},{"id":38386,"web_url":"https://patchwork.libcamera.org/comment/38386/","msgid":"","date":"2026-03-23T17:24:02","subject":"Re: [PATCH] ipa: fall back to in-process mode when isolation fails","submitter":{"id":216,"url":"https://patchwork.libcamera.org/api/people/216/","name":"Barnabás Pőcze","email":"barnabas.pocze@ideasonboard.com"},"content":"Hi\n\n\nThanks for the patch.\n\n2026. 03. 23. 18:07 keltezéssel, Frederic Laing írta:\n> When the isolated IPA proxy fails to start (e.g. because fork() is\n> blocked by a sandbox's seccomp filter), fall back to loading the IPA\n> module in-process using the Threaded proxy instead of failing entirely.\n> \n> This enables libcamera to work inside Flatpak and other sandboxed\n> environments where process isolation via clone3() with CLONE_NEWUSER\n> and CLONE_NEWNET is not permitted.\n> \n> When isolation is explicitly forced via LIBCAMERA_IPA_FORCE_ISOLATION\n> or the ipa.force_isolation configuration option, the fallback is\n> suppressed and the proxy creation fails with an error instead, to\n> preserve the intended security policy.\n\nI am afraid I'll have to disagree here. As far as I understand, the security\npolicy is: no valid signature -> no in-process operation. This change obviously\nbreaks that.\n\n\n> \n> Tested on OnePlus 6T (Qualcomm SDM845) with IMX371 front camera.\n> Tested on Google Pixel 3a (Qualcomm SDM670) with IMX355 front camera.\n\nThose use the simple pipeline handler, no? In that case there should be\nno IPA isolation in the first place. If there is, that is a (partly) distribution\nissue. There is https://gitlab.freedesktop.org/camera/libcamera/-/issues/233\nto track the conflict with reproducible builds. It would be very helpful\nif you could determine why IPA isolation is chosen on your devices.\n\nFurthermore, the idea that a sandbox disallows fork but allows access to\nmedia and v4l2 devices seems somewhat odd. The latter is arguably a much\nlarger attack surface. Also, it's probably best to use pipewire to get\nvideo stream into a flatpak sandbox via the camera portal.\n\n\nRegards,\nBarnabás Pőcze\n\n\n> \n> Signed-off-by: Frederic Laing \n> ---\n> include/libcamera/internal/ipa_manager.h | 29 ++++++++++++++++++++++--\n> 1 file changed, 27 insertions(+), 2 deletions(-)\n> \n> diff --git a/include/libcamera/internal/ipa_manager.h b/include/libcamera/internal/ipa_manager.h\n> index f8ce7801..03553711 100644\n> --- a/include/libcamera/internal/ipa_manager.h\n> +++ b/include/libcamera/internal/ipa_manager.h\n> @@ -48,8 +48,33 @@ public:\n> \t\tauto proxy = [&]() -> std::unique_ptr {\n> \t\t\tif (self->isSignatureValid(m))\n> \t\t\t\treturn std::make_unique(m, configuration);\n> -\t\t\telse\n> -\t\t\t\treturn std::make_unique(m, configuration);\n> +\n> +\t\t\tauto isolated = std::make_unique(m, configuration);\n> +\t\t\tif (isolated->isValid())\n> +\t\t\t\treturn isolated;\n> +\n> +#if HAVE_IPA_PUBKEY\n> +\t\t\tif (self->forceIsolation_) {\n> +\t\t\t\tLOG(IPAManager, Error)\n> +\t\t\t\t\t<< \"IPA process isolation failed for \"\n> +\t\t\t\t\t<< m->path()\n> +\t\t\t\t\t<< \" and isolation is forced\";\n> +\t\t\t\treturn isolated;\n> +\t\t\t}\n> +#endif\n> +\n> +\t\t\t/*\n> +\t\t\t * Fall back to in-process loading when process\n> +\t\t\t * isolation fails. This typically happens inside\n> +\t\t\t * sandboxed environments (e.g. Flatpak) where\n> +\t\t\t * fork() is blocked by the seccomp filter.\n> +\t\t\t */\n> +\t\t\tLOG(IPAManager, Warning)\n> +\t\t\t\t<< \"IPA process isolation failed for \"\n> +\t\t\t\t<< m->path()\n> +\t\t\t\t<< \", falling back to in-process mode\";\n> +\n> +\t\t\treturn std::make_unique(m, configuration);\n> \t\t}();\n> \n> \t\tif (!proxy->isValid()) {","headers":{"Return-Path":"","X-Original-To":"parsemail@patchwork.libcamera.org","Delivered-To":"parsemail@patchwork.libcamera.org","Received":["from lancelot.ideasonboard.com (lancelot.ideasonboard.com\n\t[92.243.16.209])\n\tby patchwork.libcamera.org (Postfix) with ESMTPS id 47C79BE086\n\tfor ;\n\tMon, 23 Mar 2026 17:24:08 +0000 (UTC)","from lancelot.ideasonboard.com (localhost [IPv6:::1])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTP id 6B1EA62777;\n\tMon, 23 Mar 2026 18:24:07 +0100 (CET)","from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[213.167.242.64])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 6197162647\n\tfor ;\n\tMon, 23 Mar 2026 18:24:06 +0100 (CET)","from [192.168.33.33] (185.221.143.129.nat.pool.zt.hu\n\t[185.221.143.129])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id C019978C;\n\tMon, 23 Mar 2026 18:22:49 +0100 (CET)"],"Authentication-Results":"lancelot.ideasonboard.com; dkim=pass (1024-bit key;\n\tunprotected) header.d=ideasonboard.com header.i=@ideasonboard.com\n\theader.b=\"Q29QBbIc\"; dkim-atps=neutral","DKIM-Signature":"v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1774286569;\n\tbh=5b00NJuDcqlp39+igqcFbkZoeCTZvV2fJJcxSx3QgeI=;\n\th=Date:Subject:To:References:From:In-Reply-To:From;\n\tb=Q29QBbIcUyMmWaHc3XPdxzxCk/ApNg4jsa/WChrWWmK2Mji1qCTISRzLtQBAW40ju\n\tsTJzreZcurQMF+2ftiE6omfCmpxGPuLlUomjOet9Z53wluiZrOI2xtRbi6rOuCCSI4\n\tusunEr1epPKI5nacu+U8jP5q29nXAM8wwHUynQ+Q=","Message-ID":"","Date":"Mon, 23 Mar 2026 18:24:02 +0100","MIME-Version":"1.0","User-Agent":"Mozilla Thunderbird","Subject":"Re: [PATCH] ipa: fall back to in-process mode when isolation fails","To":"Frederic Laing , libcamera-devel@lists.libcamera.org","References":"<20260323170700.105171-1-dev@fredfunk.tech>","From":"=?utf-8?q?Barnab=C3=A1s_P=C5=91cze?= ","Content-Language":"en-US, hu-HU","In-Reply-To":"<20260323170700.105171-1-dev@fredfunk.tech>","Content-Type":"text/plain; charset=UTF-8; format=flowed","Content-Transfer-Encoding":"8bit","X-BeenThere":"libcamera-devel@lists.libcamera.org","X-Mailman-Version":"2.1.29","Precedence":"list","List-Id":"","List-Unsubscribe":",\n\t","List-Archive":"","List-Post":"","List-Help":"","List-Subscribe":",\n\t","Errors-To":"libcamera-devel-bounces@lists.libcamera.org","Sender":"\"libcamera-devel\" "}}]