From patchwork Mon Oct 24 05:55:42 2022
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Nicolas Dufresne via libcamera-devel
 <libcamera-devel@lists.libcamera.org>
X-Patchwork-Id: 17685
Return-Path: <libcamera-devel-bounces@lists.libcamera.org>
X-Original-To: parsemail@patchwork.libcamera.org
Delivered-To: parsemail@patchwork.libcamera.org
Received: from lancelot.ideasonboard.com (lancelot.ideasonboard.com
	[92.243.16.209])
	by patchwork.libcamera.org (Postfix) with ESMTPS id 5B9A1C3286
	for <parsemail@patchwork.libcamera.org>;
	Mon, 24 Oct 2022 05:56:08 +0000 (UTC)
Received: from lancelot.ideasonboard.com (localhost [IPv6:::1])
	by lancelot.ideasonboard.com (Postfix) with ESMTP id BE3BA62F18;
	Mon, 24 Oct 2022 07:56:07 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=libcamera.org;
	s=mail; t=1666590967;
	bh=SuhQ6dhEWp88i57VP77y/jAbxTL15UkDhiV9cnvQkik=;
	h=To:Date:In-Reply-To:References:Subject:List-Id:List-Unsubscribe:
	List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To:Cc:
	From;
	b=km0hrn38Ib9hVLkuKSFXmQIPlpbgUmUTw3z5zoLdeyPHmWxy1CaKKwSzuO1FgGdNi
	bIy3dHdlrHlB+/JERkpl6CXAjrUOV9JLjBI9Ua2+SumEsWM/135jUSKS/vOUCz61TF
	G96N32qGLb01NWQGG9Do8osRR12jJxI0hBE+CpfKZruU08uLP0EyPOXHDbN4XDkrtU
	CuRA0CEVNVmTqja6Ir/vheiMbUtyAd8zLwi2iys67MSKo2c+nKAxRbFUd1r+lyotTo
	tVHuugizFjWcnUk8SIPFepO3cZLuuhh1sm2TywWJlBsAinAbV4wDbMUDHhjFXFWjCJ
	jzhaRuGLFZzQQ==
Received: from mail-ot1-x32c.google.com (mail-ot1-x32c.google.com
	[IPv6:2607:f8b0:4864:20::32c])
	by lancelot.ideasonboard.com (Postfix) with ESMTPS id 5646762F0A
	for <libcamera-devel@lists.libcamera.org>;
	Mon, 24 Oct 2022 07:56:02 +0200 (CEST)
Authentication-Results: lancelot.ideasonboard.com; dkim=pass (2048-bit key;
	unprotected)
	header.d=rothemail-net.20210112.gappssmtp.com
	header.i=@rothemail-net.20210112.gappssmtp.com header.b="WAPOILri";
	dkim-atps=neutral
Received: by mail-ot1-x32c.google.com with SMTP id
	z11-20020a05683020cb00b00661a95cf920so5365302otq.5
	for <libcamera-devel@lists.libcamera.org>;
	Sun, 23 Oct 2022 22:56:02 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=rothemail-net.20210112.gappssmtp.com; s=20210112;
	h=content-transfer-encoding:mime-version:reply-to:references
	:in-reply-to:message-id:date:subject:cc:to:from:from:to:cc:subject
	:date:message-id:reply-to;
	bh=huXpY0kdXALbfYSJ3F6nqYO414tLR2zn4iq7mxfc+Zk=;
	b=WAPOILri6uBXcMjQ4qBqAXoTnEl5GwzHyfjtheK5C+met4hKIACwiJFxWFujnyRoaO
	lQZg6oq7KiJiKC9OIGAmyD5BEfOTIpzOIMJ2qaRhN3AThw+A5ani10SsqaPTONBjeqFy
	ygCxeWqRmgL/iiW0dxzOJO6yRH26pLEq7oJ4M/MvmgHPsslDyrxTve4ZstNquqJBFOV3
	kdX5BLQm3z4OiDBtl7+L4k1PDVc779zeagw1DVVWwP87NC5iBupPExAQTA9xKdEjnqxA
	DQr5ujCP4kzkGlTN7ky5dFXpGD7tOWLJ06LHZ6H9Cq5r16A20zMJcSncV1Ubh2d5DNn7
	9lZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20210112;
	h=content-transfer-encoding:mime-version:reply-to:references
	:in-reply-to:message-id:date:subject:cc:to:from:x-gm-message-state
	:from:to:cc:subject:date:message-id:reply-to;
	bh=huXpY0kdXALbfYSJ3F6nqYO414tLR2zn4iq7mxfc+Zk=;
	b=RumoWvdONlK1XqIects/T2fZtcXF59hYH0yDAYxwr/WHIyfGRVXV7YX7VZd5kh2yTh
	8X2YfYG/2W4zfSX1SLKbt32qun038XFPs544Iaui51a+Mr0uTArbJpCyE5gvn+amtOik
	vu8k28TpW0F9YqxTzqQ6HWtRg6WHZYWNqFvI46f081wrgIN/F/IADqxkC2fK2X+YvXKY
	8UqGbuTrZQHwqpueK8DvnYcU1Up2v3M2JAvhic2zmihIQV6lmRD9jWXT7TtNwHRW9Yky
	7hs+uLaosmTh/z5edxyItK90bO4i+sGZTHhTDJJjcS/n2GeQpjDSKGYQgKMBtwqbTDqe
	GFOw==
X-Gm-Message-State: ACrzQf3tAi9kPnDsM4/2dWjMnqozT+ws05ca9F+RyV0h6XEPrTlbWB4Y
	o7whjWnzmnxiA1mEddehwzSJlLl6VbFw2WDL
X-Google-Smtp-Source: 
 AMsMyM4tT8LCjRSBpbBgBB1BcoOHk1blD2NrmLMAKPfWRVqSnesNv6zwjwaVHC/cy6GyTTU/guI2Nw==
X-Received: by 2002:a05:6830:618c:b0:65b:d2db:5f77 with SMTP id
	cb12-20020a056830618c00b0065bd2db5f77mr15423770otb.348.1666590960709;
	Sun, 23 Oct 2022 22:56:00 -0700 (PDT)
Received: from nroth-pc.attlocal.net
	([2600:1700:20:20c0:7bc3:aed3:676f:10a0])
	by smtp.gmail.com with ESMTPSA id
	x15-20020a9d628f000000b0066193df8edasm3980278otk.34.2022.10.23.22.56.00
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Sun, 23 Oct 2022 22:56:00 -0700 (PDT)
To: libcamera-devel@lists.libcamera.org
Date: Mon, 24 Oct 2022 00:55:42 -0500
Message-Id: <20221024055543.116040-11-nicholas@rothemail.net>
X-Mailer: git-send-email 2.34.1
In-Reply-To: <20221024055543.116040-1-nicholas@rothemail.net>
References: <20221024055543.116040-1-nicholas@rothemail.net>
MIME-Version: 1.0
Subject: [libcamera-devel] [PATCH 10/11] Adds a flag to disable IPA
	isolation, necessary for Android.
X-BeenThere: libcamera-devel@lists.libcamera.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <libcamera-devel.lists.libcamera.org>
List-Unsubscribe: <https://lists.libcamera.org/options/libcamera-devel>,
	<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>
List-Archive: <https://lists.libcamera.org/pipermail/libcamera-devel/>
List-Post: <mailto:libcamera-devel@lists.libcamera.org>
List-Help: <mailto:libcamera-devel-request@lists.libcamera.org?subject=help>
List-Subscribe: <https://lists.libcamera.org/listinfo/libcamera-devel>,
	<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>
X-Patchwork-Original-From: Nicholas Roth via libcamera-devel
 <libcamera-devel@lists.libcamera.org>
From: Nicolas Dufresne via libcamera-devel
 <libcamera-devel@lists.libcamera.org>
Reply-To: libcamera-devel@lists.libcamera.org
Cc: nicholas@rothemail.net
Errors-To: libcamera-devel-bounces@lists.libcamera.org
Sender: "libcamera-devel" <libcamera-devel-bounces@lists.libcamera.org>

From: Nicholas Roth <nicholas@rothemail.net>
---
 meson.build                   |  4 ++++
 meson_options.txt             |  5 +++++
 src/libcamera/ipa_manager.cpp | 11 +++++++++++
 3 files changed, 20 insertions(+)

diff --git a/meson.build b/meson.build
index 7d0588d2..2303f752 100644
--- a/meson.build
+++ b/meson.build
@@ -74,6 +74,10 @@ if cc.has_header_symbol('stdlib.h', 'secure_getenv', prefix : '#define _GNU_SOUR
     config_h.set('HAVE_SECURE_GETENV', 1)
 endif
 
+if get_option('allow_unsigned_ipas_in_process')
+    config_h.set('ALLOW_UNSIGNED_IPAS_IN_PROCESS', 1)
+endif
+
 common_arguments = [
     '-Wshadow',
     '-include', meson.current_build_dir() / 'config.h',
diff --git a/meson_options.txt b/meson_options.txt
index f1d67808..77b21b9a 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -64,3 +64,8 @@ option('pycamera',
         type : 'feature',
         value : 'disabled',
         description : 'Enable libcamera Python bindings (experimental)')
+
+option('allow_unsigned_ipas_in_process',
+        type : 'boolean',
+        value : false,
+        description : 'Allow unsigned IPAs to run in libcamera\'s address space')
diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
index 030ef43f..403cc42a 100644
--- a/src/libcamera/ipa_manager.cpp
+++ b/src/libcamera/ipa_manager.cpp
@@ -114,6 +114,14 @@ IPAManager::IPAManager()
 		LOG(IPAManager, Warning) << "Public key not valid";
 #endif
 
+#if ALLOW_UNSIGNED_IPAS_IN_PROCESS
+	LOG(IPAManager, Warning)
+		<< "All IPAs running in-process without signature verification."
+		<< " This is recommended only for tightly-managed installs"
+		<< " in contexts where both signature verification and out-of-process"
+		<< " execution are infeasible, such as Android HALs.";
+#endif
+
 	unsigned int ipaCount = 0;
 
 	/* User-specified paths take precedence. */
@@ -281,6 +289,9 @@ IPAModule *IPAManager::module(PipelineHandler *pipe, uint32_t minVersion,
 
 bool IPAManager::isSignatureValid([[maybe_unused]] IPAModule *ipa) const
 {
+#if ALLOW_UNSIGNED_IPAS_IN_PROCESS
+	return true;
+#endif
 #if HAVE_IPA_PUBKEY
 	char *force = utils::secure_getenv("LIBCAMERA_IPA_FORCE_ISOLATION");
 	if (force && force[0] != '\0') {