[libcamera-devel,10/11] Adds a flag to disable IPA isolation, necessary for Android.
diff mbox series

Message ID 20221024055543.116040-11-nicholas@rothemail.net
State Superseded
Headers show
Series
  • [libcamera-devel,01/11] Fixes Bug 156, which breaks libcamera on Android < 12.
Related show

Commit Message

Nicolas Dufresne via libcamera-devel Oct. 24, 2022, 5:55 a.m. UTC
From: Nicholas Roth <nicholas@rothemail.net>

---
 meson.build                   |  4 ++++
 meson_options.txt             |  5 +++++
 src/libcamera/ipa_manager.cpp | 11 +++++++++++
 3 files changed, 20 insertions(+)

Patch
diff mbox series

diff --git a/meson.build b/meson.build
index 7d0588d2..2303f752 100644
--- a/meson.build
+++ b/meson.build
@@ -74,6 +74,10 @@  if cc.has_header_symbol('stdlib.h', 'secure_getenv', prefix : '#define _GNU_SOUR
     config_h.set('HAVE_SECURE_GETENV', 1)
 endif
 
+if get_option('allow_unsigned_ipas_in_process')
+    config_h.set('ALLOW_UNSIGNED_IPAS_IN_PROCESS', 1)
+endif
+
 common_arguments = [
     '-Wshadow',
     '-include', meson.current_build_dir() / 'config.h',
diff --git a/meson_options.txt b/meson_options.txt
index f1d67808..77b21b9a 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -64,3 +64,8 @@  option('pycamera',
         type : 'feature',
         value : 'disabled',
         description : 'Enable libcamera Python bindings (experimental)')
+
+option('allow_unsigned_ipas_in_process',
+        type : 'boolean',
+        value : false,
+        description : 'Allow unsigned IPAs to run in libcamera\'s address space')
diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
index 030ef43f..403cc42a 100644
--- a/src/libcamera/ipa_manager.cpp
+++ b/src/libcamera/ipa_manager.cpp
@@ -114,6 +114,14 @@  IPAManager::IPAManager()
 		LOG(IPAManager, Warning) << "Public key not valid";
 #endif
 
+#if ALLOW_UNSIGNED_IPAS_IN_PROCESS
+	LOG(IPAManager, Warning)
+		<< "All IPAs running in-process without signature verification."
+		<< " This is recommended only for tightly-managed installs"
+		<< " in contexts where both signature verification and out-of-process"
+		<< " execution are infeasible, such as Android HALs.";
+#endif
+
 	unsigned int ipaCount = 0;
 
 	/* User-specified paths take precedence. */
@@ -281,6 +289,9 @@  IPAModule *IPAManager::module(PipelineHandler *pipe, uint32_t minVersion,
 
 bool IPAManager::isSignatureValid([[maybe_unused]] IPAModule *ipa) const
 {
+#if ALLOW_UNSIGNED_IPAS_IN_PROCESS
+	return true;
+#endif
 #if HAVE_IPA_PUBKEY
 	char *force = utils::secure_getenv("LIBCAMERA_IPA_FORCE_ISOLATION");
 	if (force && force[0] != '\0') {