From patchwork Wed Sep 25 09:58:41 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Milan Zamazal X-Patchwork-Id: 21362 Return-Path: X-Original-To: parsemail@patchwork.libcamera.org Delivered-To: parsemail@patchwork.libcamera.org Received: from lancelot.ideasonboard.com (lancelot.ideasonboard.com [92.243.16.209]) by patchwork.libcamera.org (Postfix) with ESMTPS id 68927C0F1B for ; Wed, 25 Sep 2024 09:59:36 +0000 (UTC) Received: from lancelot.ideasonboard.com (localhost [IPv6:::1]) by lancelot.ideasonboard.com (Postfix) with ESMTP id 0BD8A63521; Wed, 25 Sep 2024 11:59:36 +0200 (CEST) Authentication-Results: lancelot.ideasonboard.com; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.b="IEbgXKEL"; dkim-atps=neutral Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by lancelot.ideasonboard.com (Postfix) with ESMTPS id 5518C63511 for ; Wed, 25 Sep 2024 11:59:27 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1727258366; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=IE5pj4rhqlyzdqhFHOEf0L65KTuS1mmhXcH3WPPTCmo=; b=IEbgXKELjp3pkJPOX3vt9i57KqXIJ5I+gLc5K66jZZRvVHW6qXpcX+6frIl0vJuYAZqtuw 4gTjQ/hK087xuDG7RHFOMjqQl2i3fnSkfTkWUxqykJODqY2P/AFL0lTXKUIDk4LCRYQr81 EBhOdAN25uU9cUhnHS8gxzUzF/jUa48= Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-528-BWROabD6Pd2pmjdMVJYDGw-1; Wed, 25 Sep 2024 05:59:23 -0400 X-MC-Unique: BWROabD6Pd2pmjdMVJYDGw-1 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (unknown [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id E39B21955D58; Wed, 25 Sep 2024 09:59:21 +0000 (UTC) Received: from nuthatch.redhat.com (unknown [10.45.225.29]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTP id 7535019560AA; Wed, 25 Sep 2024 09:59:20 +0000 (UTC) From: Milan Zamazal To: libcamera-devel@lists.libcamera.org Cc: Milan Zamazal , Kieran Bingham , Naushir Patuck Subject: [PATCH v4 09/15] config: Look up IPA configurables in configuration file Date: Wed, 25 Sep 2024 11:58:41 +0200 Message-ID: <20240925095850.348259-10-mzamazal@redhat.com> In-Reply-To: <20240925095850.348259-1-mzamazal@redhat.com> References: <20240925095850.348259-1-mzamazal@redhat.com> MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-BeenThere: libcamera-devel@lists.libcamera.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libcamera-devel-bounces@lists.libcamera.org Sender: "libcamera-devel" The configuration snippet: configuration: ipa: config_paths: CONFIG:PATHS:... module_paths: MODULE:PATHS:... force_isolation: BOOL Signed-off-by: Milan Zamazal --- src/libcamera/ipa_manager.cpp | 11 ++++++++--- src/libcamera/ipa_proxy.cpp | 16 +++++++++++----- 2 files changed, 19 insertions(+), 8 deletions(-) diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp index 28384844a..573e39b82 100644 --- a/src/libcamera/ipa_manager.cpp +++ b/src/libcamera/ipa_manager.cpp @@ -123,8 +123,11 @@ IPAManager::IPAManager() unsigned int ipaCount = 0; /* User-specified paths take precedence. */ - const char *modulePaths = utils::secure_getenv("LIBCAMERA_IPA_MODULE_PATH"); - if (modulePaths) { + const auto confModulePaths = + GlobalConfiguration::envOption( + "LIBCAMERA_IPA_MODULE_PATH", "ipa.module_paths"); + if (confModulePaths.has_value()) { + const char *modulePaths = confModulePaths.value().c_str(); for (const auto &dir : utils::split(modulePaths, ":")) { if (dir.empty()) continue; @@ -298,7 +301,9 @@ bool IPAManager::isSignatureValid([[maybe_unused]] IPAModule *ipa) const { #if HAVE_IPA_PUBKEY char *force = utils::secure_getenv("LIBCAMERA_IPA_FORCE_ISOLATION"); - if (force && force[0] != '\0') { + if ((force && force[0] != '\0') || + (!force && GlobalConfiguration::option("ipa.force_isolation") + .value_or(false))) { LOG(IPAManager, Debug) << "Isolation of IPA module " << ipa->path() << " forced through environment variable"; diff --git a/src/libcamera/ipa_proxy.cpp b/src/libcamera/ipa_proxy.cpp index 85004737c..787d58019 100644 --- a/src/libcamera/ipa_proxy.cpp +++ b/src/libcamera/ipa_proxy.cpp @@ -14,6 +14,7 @@ #include #include +#include "libcamera/internal/global_configuration.h" #include "libcamera/internal/ipa_module.h" /** @@ -108,8 +109,11 @@ std::string IPAProxy::configurationFile(const std::string &name, std::string ipaName = ipam_->info().name; /* Check the environment variable first. */ - const char *confPaths = utils::secure_getenv("LIBCAMERA_IPA_CONFIG_PATH"); - if (confPaths) { + auto confConfPaths = + GlobalConfiguration::envOption( + "LIBCAMERA_IPA_CONFIG_PATH", "ipa.config_paths"); + if (confConfPaths.has_value()) { + const char *confPaths = confConfPaths.value().c_str(); for (const auto &dir : utils::split(confPaths, ":")) { if (dir.empty()) continue; @@ -183,9 +187,11 @@ std::string IPAProxy::resolvePath(const std::string &file) const std::string proxyFile = "/" + file; /* Check env variable first. */ - const char *execPaths = utils::secure_getenv("LIBCAMERA_IPA_PROXY_PATH"); - if (execPaths) { - for (const auto &dir : utils::split(execPaths, ":")) { + const auto execPaths = + GlobalConfiguration::envOption( + "LIBCAMERA_IPA_PROXY_PATH", "ipa.proxy_paths"); + if (execPaths.has_value()) { + for (const auto &dir : utils::split(execPaths.value().c_str(), ":")) { if (dir.empty()) continue;