Patch Detail
Show a patch.
GET /api/patches/3443/?format=api
{ "id": 3443, "url": "https://patchwork.libcamera.org/api/patches/3443/?format=api", "web_url": "https://patchwork.libcamera.org/patch/3443/", "project": { "id": 1, "url": "https://patchwork.libcamera.org/api/projects/1/?format=api", "name": "libcamera", "link_name": "libcamera", "list_id": "libcamera_core", "list_email": "libcamera-devel@lists.libcamera.org", "web_url": "", "scm_url": "", "webscm_url": "" }, "msgid": "<20200413133047.11913-11-laurent.pinchart@ideasonboard.com>", "date": "2020-04-13T13:30:46", "name": "[libcamera-devel,v2,10/11] libcamera: ipa_manager: Verify IPA module signature", "commit_ref": null, "pull_url": null, "state": "accepted", "archived": false, "hash": "7603f073e436de383cd46c1514ecb766580f10a9", "submitter": { "id": 2, "url": "https://patchwork.libcamera.org/api/people/2/?format=api", "name": "Laurent Pinchart", "email": "laurent.pinchart@ideasonboard.com" }, "delegate": null, "mbox": "https://patchwork.libcamera.org/patch/3443/mbox/", "series": [ { "id": 804, "url": "https://patchwork.libcamera.org/api/series/804/?format=api", "web_url": "https://patchwork.libcamera.org/project/libcamera/list/?series=804", "date": "2020-04-13T13:30:37", "name": "Sign IPA modules instead of checking their advertised license", "version": 2, "mbox": "https://patchwork.libcamera.org/series/804/mbox/" } ], "comments": "https://patchwork.libcamera.org/api/patches/3443/comments/", "check": "pending", "checks": "https://patchwork.libcamera.org/api/patches/3443/checks/", "tags": {}, "headers": { "Return-Path": "<laurent.pinchart@ideasonboard.com>", "Received": [ "from perceval.ideasonboard.com (perceval.ideasonboard.com\n\t[IPv6:2001:4b98:dc2:55:216:3eff:fef7:d647])\n\tby lancelot.ideasonboard.com (Postfix) with ESMTPS id 2F32762E1E\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tMon, 13 Apr 2020 15:31:08 +0200 (CEST)", "from pendragon.bb.dnainternet.fi (81-175-216-236.bb.dnainternet.fi\n\t[81.175.216.236])\n\tby perceval.ideasonboard.com (Postfix) with ESMTPSA id C26441288\n\tfor <libcamera-devel@lists.libcamera.org>;\n\tMon, 13 Apr 2020 15:31:07 +0200 (CEST)" ], "Authentication-Results": "lancelot.ideasonboard.com; dkim=pass (1024-bit key; \n\tunprotected) header.d=ideasonboard.com\n\theader.i=@ideasonboard.com\n\theader.b=\"OAE1BORj\"; dkim-atps=neutral", "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;\n\ts=mail; t=1586784667;\n\tbh=c31/qGx1F09SD/xDe8w1XQf/8OBZG7pM4ZZeEYPC448=;\n\th=From:To:Subject:Date:In-Reply-To:References:From;\n\tb=OAE1BORjL6wq18D3pdGacRx541YEJvbb+muBGiQLcDi3rPz5B8DtwJ+G3KwjjQF4f\n\tInmF3KjkDa0NQ8cA0DxkSaTDqsoGqr2LGxWNTXUGaEZFgno0iovZW7upREkd3JxQYp\n\tUsCT7QUbAObD9aMfAvJUSw6YFarvoZA75+VwnmpA=", "From": "Laurent Pinchart <laurent.pinchart@ideasonboard.com>", "To": "libcamera-devel@lists.libcamera.org", "Date": "Mon, 13 Apr 2020 16:30:46 +0300", "Message-Id": "<20200413133047.11913-11-laurent.pinchart@ideasonboard.com>", "X-Mailer": "git-send-email 2.24.1", "In-Reply-To": "<20200413133047.11913-1-laurent.pinchart@ideasonboard.com>", "References": "<20200413133047.11913-1-laurent.pinchart@ideasonboard.com>", "MIME-Version": "1.0", "Content-Type": "text/plain; charset=UTF-8", "Content-Transfer-Encoding": "8bit", "Subject": "[libcamera-devel] [PATCH v2 10/11] libcamera: ipa_manager: Verify\n\tIPA module signature", "X-BeenThere": "libcamera-devel@lists.libcamera.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "<libcamera-devel.lists.libcamera.org>", "List-Unsubscribe": "<https://lists.libcamera.org/options/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>", "List-Archive": "<https://lists.libcamera.org/pipermail/libcamera-devel/>", "List-Post": "<mailto:libcamera-devel@lists.libcamera.org>", "List-Help": "<mailto:libcamera-devel-request@lists.libcamera.org?subject=help>", "List-Subscribe": "<https://lists.libcamera.org/listinfo/libcamera-devel>,\n\t<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>", "X-List-Received-Date": "Mon, 13 Apr 2020 13:31:10 -0000" }, "content": "Decide whether to isolate the IPA module using the module signature\ninstead of its license.\n\nSigned-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>\nReviewed-by: Niklas Söderlund <niklas.soderlund@ragnatech.se>\n---\n src/libcamera/include/ipa_manager.h | 2 ++\n src/libcamera/include/ipa_module.h | 2 --\n src/libcamera/ipa_manager.cpp | 22 +++++++++++++++++++++-\n src/libcamera/ipa_module.cpp | 25 -------------------------\n 4 files changed, 23 insertions(+), 28 deletions(-)", "diff": "diff --git a/src/libcamera/include/ipa_manager.h b/src/libcamera/include/ipa_manager.h\nindex 26edf087461e..0b5fd2ac1f12 100644\n--- a/src/libcamera/include/ipa_manager.h\n+++ b/src/libcamera/include/ipa_manager.h\n@@ -38,6 +38,8 @@ private:\n \t\t std::vector<std::string> &files);\n \tunsigned int addDir(const char *libDir, unsigned int maxDepth = 0);\n \n+\tbool isSignatureValid(IPAModule *ipa) const;\n+\n \tstatic const uint8_t publicKeyData_[];\n \tstatic const PubKey pubKey_;\n };\ndiff --git a/src/libcamera/include/ipa_module.h b/src/libcamera/include/ipa_module.h\nindex ec3671857a61..a9a3511701d4 100644\n--- a/src/libcamera/include/ipa_module.h\n+++ b/src/libcamera/include/ipa_module.h\n@@ -37,8 +37,6 @@ public:\n \tbool match(PipelineHandler *pipe,\n \t\t uint32_t minVersion, uint32_t maxVersion) const;\n \n-\tbool isOpenSource() const;\n-\n private:\n \tstruct IPAModuleInfo info_;\n \tstd::vector<uint8_t> signature_;\ndiff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp\nindex bcaae3564ea1..2b0112885274 100644\n--- a/src/libcamera/ipa_manager.cpp\n+++ b/src/libcamera/ipa_manager.cpp\n@@ -12,6 +12,7 @@\n #include <string.h>\n #include <sys/types.h>\n \n+#include \"file.h\"\n #include \"ipa_context_wrapper.h\"\n #include \"ipa_module.h\"\n #include \"ipa_proxy.h\"\n@@ -271,7 +272,7 @@ std::unique_ptr<IPAInterface> IPAManager::createIPA(PipelineHandler *pipe,\n \tif (!m)\n \t\treturn nullptr;\n \n-\tif (!m->isOpenSource()) {\n+\tif (!isSignatureValid(m)) {\n \t\tIPAProxyFactory *pf = nullptr;\n \t\tstd::vector<IPAProxyFactory *> &factories = IPAProxyFactory::factories();\n \n@@ -307,4 +308,23 @@ std::unique_ptr<IPAInterface> IPAManager::createIPA(PipelineHandler *pipe,\n \treturn std::make_unique<IPAContextWrapper>(ctx);\n }\n \n+bool IPAManager::isSignatureValid(IPAModule *ipa) const\n+{\n+\tFile file{ ipa->path() };\n+\tif (!file.open(File::ReadOnly))\n+\t\treturn false;\n+\n+\tSpan<uint8_t> data = file.map();\n+\tif (data.empty())\n+\t\treturn false;\n+\n+\tbool valid = pubKey_.verify(data, ipa->signature());\n+\n+\tLOG(IPAManager, Debug)\n+\t\t<< \"IPA module \" << ipa->path() << \" signature is \"\n+\t\t<< (valid ? \"valid\" : \"not valid\");\n+\n+\treturn valid;\n+}\n+\n } /* namespace libcamera */\ndiff --git a/src/libcamera/ipa_module.cpp b/src/libcamera/ipa_module.cpp\nindex 51b238a698f2..96b44f13192c 100644\n--- a/src/libcamera/ipa_module.cpp\n+++ b/src/libcamera/ipa_module.cpp\n@@ -472,29 +472,4 @@ bool IPAModule::match(PipelineHandler *pipe,\n \t !strcmp(info_.pipelineName, pipe->name());\n }\n \n-/**\n- * \\brief Verify if the IPA module is open source\n- *\n- * \\sa IPAModuleInfo::license\n- */\n-bool IPAModule::isOpenSource() const\n-{\n-\tstatic const char *osLicenses[] = {\n-\t\t\"GPL-2.0-only\",\n-\t\t\"GPL-2.0-or-later\",\n-\t\t\"GPL-3.0-only\",\n-\t\t\"GPL-3.0-or-later\",\n-\t\t\"LGPL-2.1-only\",\n-\t\t\"LGPL-2.1-or-later\",\n-\t\t\"LGPL-3.0-only\",\n-\t\t\"LGPL-3.0-or-later\",\n-\t};\n-\n-\tfor (unsigned int i = 0; i < ARRAY_SIZE(osLicenses); i++)\n-\t\tif (!strcmp(osLicenses[i], info_.license))\n-\t\t\treturn true;\n-\n-\treturn false;\n-}\n-\n } /* namespace libcamera */\n", "prefixes": [ "libcamera-devel", "v2", "10/11" ] }