From patchwork Wed Jun  5 22:18:07 2019
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Paul Elder <paul.elder@ideasonboard.com>
X-Patchwork-Id: 1361
Return-Path: <paul.elder@ideasonboard.com>
Received: from perceval.ideasonboard.com (perceval.ideasonboard.com
	[IPv6:2001:4b98:dc2:55:216:3eff:fef7:d647])
	by lancelot.ideasonboard.com (Postfix) with ESMTPS id 164556301C
	for <libcamera-devel@lists.libcamera.org>;
	Thu,  6 Jun 2019 00:18:28 +0200 (CEST)
Received: from localhost.localdomain (unknown [96.44.9.117])
	by perceval.ideasonboard.com (Postfix) with ESMTPSA id 5086A84;
	Thu,  6 Jun 2019 00:18:27 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com;
	s=mail; t=1559773107;
	bh=exjmy7PFsUmA5iyjO8sQJJf6nATW4CPCqpkH8dP6X4U=;
	h=From:To:Cc:Subject:Date:From;
	b=pEby9JLx7edqT0/ssYlY6Z53ebabN95E2iNdSHZ1a/bI5p8dw/NXIp+D5dpewwIcm
	97r8TAAOcG6yj9WyhvYIcYjPfsTY2xT5bIhL0EbKnp2MLbalYVdRzC/CoB2VPSczP8
	eKVxflvzMEtAkgr9CEsecAFSatwDp6jnQ7owJBMM=
From: Paul Elder <paul.elder@ideasonboard.com>
To: libcamera-devel@lists.libcamera.org
Date: Wed,  5 Jun 2019 18:18:07 -0400
Message-Id: <20190605221817.966-1-paul.elder@ideasonboard.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Subject: [libcamera-devel] [RFC PATCH 00/10] Add IPA process isolation
X-BeenThere: libcamera-devel@lists.libcamera.org
X-Mailman-Version: 2.1.23
Precedence: list
List-Id: <libcamera-devel.lists.libcamera.org>
List-Unsubscribe: <https://lists.libcamera.org/options/libcamera-devel>,
	<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>
List-Archive: <https://lists.libcamera.org/pipermail/libcamera-devel/>
List-Post: <mailto:libcamera-devel@lists.libcamera.org>
List-Help: <mailto:libcamera-devel-request@lists.libcamera.org?subject=help>
List-Subscribe: <https://lists.libcamera.org/listinfo/libcamera-devel>,
	<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>
X-List-Received-Date: Wed, 05 Jun 2019 22:18:28 -0000

We need to be able to isolate untrusted IPA implementations into a
separate process. To achieve this, we use an IPA shim, that acts like a
regular IPAInterface to the pipeline handler, but will initialize and
communicate with the real IPA module in a separate, isolated process.

Paul Elder (10):
  libcamera: ipa_module_info: remove cplusplus guards
  libcamera: ipa_module: add path getter
  libcamera: ipa_module: add loading error messages
  libcamera: ipa_interface: add init for shims
  libcamera: ipa_module_info: add field for isolation
  libcamera: ipa_manager: add shims
  libcamera: ipa: shim: add dummy shim
  libcamera: ipa: add dummy IPA that needs to be isolated
  libcamera: ipa: meson: build dummy IPA and shim
  libcamera: ipa: shim: load IPA module into an IPAInterface

 include/libcamera/ipa/ipa_interface.h   |   1 +
 include/libcamera/ipa/ipa_module_info.h |  11 +-
 src/ipa/ipa_dummy.cpp                   |   1 +
 src/ipa/ipa_dummy_isolate.cpp           |  46 +++++++++
 src/ipa/meson.build                     |  22 ++--
 src/ipa/shim_dummy.cpp                  | 128 ++++++++++++++++++++++++
 src/libcamera/include/ipa_manager.h     |   1 +
 src/libcamera/include/ipa_module.h      |   1 +
 src/libcamera/ipa_manager.cpp           |  34 ++++++-
 src/libcamera/ipa_module.cpp            |  25 +++++
 test/ipa/ipa_test.cpp                   |   1 +
 11 files changed, 251 insertions(+), 20 deletions(-)
 create mode 100644 src/ipa/ipa_dummy_isolate.cpp
 create mode 100644 src/ipa/shim_dummy.cpp