[libcamera-devel] libcamera: ipa_manager: Fix build without openssl
diff mbox series

Message ID 20220914070025.27540-1-matthias.fend@emfend.at
State Accepted
Commit 74ab3f778c848b20cbf8fe299170756ff6ebab1a
Headers show
Series
  • [libcamera-devel] libcamera: ipa_manager: Fix build without openssl
Related show

Commit Message

Matthias Fend Sept. 14, 2022, 7 a.m. UTC
Since commit bedef55d9500 ("libcamera: pub_key: Gracefully handle failures
to load public key'") the build will fail if openssl is not found on the
host system.
Use the existing HAVE_IPA_PUBKEY define to avoid accessing pubKey_ which
does not exist when building without openssl.

Signed-off-by: Matthias Fend <matthias.fend@emfend.at>
---
 src/libcamera/ipa_manager.cpp | 2 ++
 1 file changed, 2 insertions(+)

Comments

Kieran Bingham Sept. 14, 2022, 8:14 a.m. UTC | #1
Quoting Matthias Fend via libcamera-devel (2022-09-14 08:00:25)
> Since commit bedef55d9500 ("libcamera: pub_key: Gracefully handle failures
> to load public key'") the build will fail if openssl is not found on the
> host system.
> Use the existing HAVE_IPA_PUBKEY define to avoid accessing pubKey_ which
> does not exist when building without openssl.
> 
> Signed-off-by: Matthias Fend <matthias.fend@emfend.at>
> ---
>  src/libcamera/ipa_manager.cpp | 2 ++
>  1 file changed, 2 insertions(+)
> 
> diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
> index 2f96a207..030ef43f 100644
> --- a/src/libcamera/ipa_manager.cpp
> +++ b/src/libcamera/ipa_manager.cpp
> @@ -109,8 +109,10 @@ IPAManager::IPAManager()
>                 LOG(IPAManager, Fatal)
>                         << "Multiple IPAManager objects are not allowed";
>  
> +#if HAVE_IPA_PUBKEY

If we have to add a #if here, it feels to me like the implementation
for handling the key itself isn't right.

The alternative is to construct an invalid public key at 
src/libcamera/ipa_pub_key.cpp.in to ensure we always have a key.. but
I'm not sure that sounds a lot better either...

This is limited to the IPA manager which knows about the keys anyway, so
... worst case I could see this as a solution ... but I think I would
always want to push against ifdeffery spreading

Could you check if it's reasonable to instantiate a pubKey_ which isn't
valid please?

But given here in ipa_manager - we already use #if HAVE_IPA_PUBKEY in
IPAManager::isSignatureValid() I think I'd let this through.


Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com>

>         if (!pubKey_.isValid())
>                 LOG(IPAManager, Warning) << "Public key not valid";
> +#endif
>  
>         unsigned int ipaCount = 0;
>  
> -- 
> 2.25.1
>
Umang Jain Sept. 14, 2022, 9:29 a.m. UTC | #2
Hi  Matthias, Kieran

On 9/14/22 1:44 PM, Kieran Bingham via libcamera-devel wrote:
> Quoting Matthias Fend via libcamera-devel (2022-09-14 08:00:25)
>> Since commit bedef55d9500 ("libcamera: pub_key: Gracefully handle failures
>> to load public key'") the build will fail if openssl is not found on the
>> host system.
>> Use the existing HAVE_IPA_PUBKEY define to avoid accessing pubKey_ which
>> does not exist when building without openssl.
>>
>> Signed-off-by: Matthias Fend <matthias.fend@emfend.at>
>> ---
>>   src/libcamera/ipa_manager.cpp | 2 ++
>>   1 file changed, 2 insertions(+)
>>
>> diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
>> index 2f96a207..030ef43f 100644
>> --- a/src/libcamera/ipa_manager.cpp
>> +++ b/src/libcamera/ipa_manager.cpp
>> @@ -109,8 +109,10 @@ IPAManager::IPAManager()
>>                  LOG(IPAManager, Fatal)
>>                          << "Multiple IPAManager objects are not allowed";
>>   
>> +#if HAVE_IPA_PUBKEY
> If we have to add a #if here, it feels to me like the implementation
> for handling the key itself isn't right.
>
> The alternative is to construct an invalid public key at
> src/libcamera/ipa_pub_key.cpp.in to ensure we always have a key.. but
> I'm not sure that sounds a lot better either...
>
> This is limited to the IPA manager which knows about the keys anyway, so
> ... worst case I could see this as a solution ... but I think I would
> always want to push against ifdeffery spreading
>
> Could you check if it's reasonable to instantiate a pubKey_ which isn't
> valid please?
>
> But given here in ipa_manager - we already use #if HAVE_IPA_PUBKEY in
> IPAManager::isSignatureValid() I think I'd let this through.

We also have HAVE_IPA_PUBKEY #ifdeffery in the ipa_manager.h header 
which makes conditional existence for pubKey_ member

class IPAManager
{
...
private:
     #if HAVE_IPA_PUBKEY
             static const uint8_t publicKeyData_[];
             static const PubKey pubKey_;
     #endif
}

>
> Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com>

With the above header hunk in mind, the patch looks fine to me for now,

Reviewed-by: Umang Jain <umang.jain@ideasonboard.com>

>
>>          if (!pubKey_.isValid())
>>                  LOG(IPAManager, Warning) << "Public key not valid";
>> +#endif
>>   
>>          unsigned int ipaCount = 0;
>>   
>> -- 
>> 2.25.1
>>

Patch
diff mbox series

diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
index 2f96a207..030ef43f 100644
--- a/src/libcamera/ipa_manager.cpp
+++ b/src/libcamera/ipa_manager.cpp
@@ -109,8 +109,10 @@  IPAManager::IPAManager()
 		LOG(IPAManager, Fatal)
 			<< "Multiple IPAManager objects are not allowed";
 
+#if HAVE_IPA_PUBKEY
 	if (!pubKey_.isValid())
 		LOG(IPAManager, Warning) << "Public key not valid";
+#endif
 
 	unsigned int ipaCount = 0;