From patchwork Tue Oct  1 10:28:01 2024
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Milan Zamazal <mzamazal@redhat.com>
X-Patchwork-Id: 21456
Return-Path: <libcamera-devel-bounces@lists.libcamera.org>
X-Original-To: parsemail@patchwork.libcamera.org
Delivered-To: parsemail@patchwork.libcamera.org
Received: from lancelot.ideasonboard.com (lancelot.ideasonboard.com
	[92.243.16.209])
	by patchwork.libcamera.org (Postfix) with ESMTPS id 1766DC3263
	for <parsemail@patchwork.libcamera.org>;
	Tue,  1 Oct 2024 10:28:50 +0000 (UTC)
Received: from lancelot.ideasonboard.com (localhost [IPv6:::1])
	by lancelot.ideasonboard.com (Postfix) with ESMTP id 8C9D06353B;
	Tue,  1 Oct 2024 12:28:49 +0200 (CEST)
Authentication-Results: lancelot.ideasonboard.com; dkim=pass (1024-bit key;
	unprotected) header.d=redhat.com header.i=@redhat.com
	header.b="Ov4rB8+O"; dkim-atps=neutral
Received: from us-smtp-delivery-124.mimecast.com
	(us-smtp-delivery-124.mimecast.com [170.10.129.124])
	by lancelot.ideasonboard.com (Postfix) with ESMTPS id C5F486352F
	for <libcamera-devel@lists.libcamera.org>;
	Tue,  1 Oct 2024 12:28:38 +0200 (CEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com;
	s=mimecast20190719; t=1727778517;
	h=from:from:reply-to:subject:subject:date:date:message-id:message-id:
	to:to:cc:cc:mime-version:mime-version:content-type:content-type:
	content-transfer-encoding:content-transfer-encoding:
	in-reply-to:in-reply-to:references:references;
	bh=+fe/QlJBTO6v4Su52Wv3stkBmde3H2Wn2FeDTGKcosw=;
	b=Ov4rB8+OwU2CxjZNMJ4ECAwBaQz4/zmPTEmQU3NuqX6Ynubm9pBCoQsuMQTjUQ5KG12P7X
	AhLDNOzR2d1eeiKrI93+DFCnjb6/Y3Nx/A/1HM+ALhwkrab+2dGBESjnJT0cVvtkFqhJs4
	hPesWAhSTGPPR+nDzjoAAuKKPl1mplI=
Received: from mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com
	(ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63])
	by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3,
	cipher=TLS_AES_256_GCM_SHA384) id us-mta-561-gAdycj6oM6yrgJ96fh347w-1;
	Tue, 01 Oct 2024 06:28:34 -0400
X-MC-Unique: gAdycj6oM6yrgJ96fh347w-1
Received: from mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (unknown
	[10.30.177.40])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	key-exchange X25519 server-signature RSA-PSS (2048 bits)
	server-digest SHA256) (No client certificate requested)
	by mx-prod-mc-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix)
	with ESMTPS id E07631919626; Tue,  1 Oct 2024 10:28:33 +0000 (UTC)
Received: from nuthatch.brq.redhat.com (unknown [10.43.17.37])
	by mx-prod-int-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix)
	with ESMTP id 57D9F1956054; Tue,  1 Oct 2024 10:28:32 +0000 (UTC)
From: Milan Zamazal <mzamazal@redhat.com>
To: libcamera-devel@lists.libcamera.org
Cc: Milan Zamazal <mzamazal@redhat.com>,
	Kieran Bingham <kieran.bingham@ideasonboard.com>,
	Naushir Patuck <naush@raspberrypi.com>
Subject: [PATCH v5 09/15] config: Look up IPA configurables in configuration
	file
Date: Tue,  1 Oct 2024 12:28:01 +0200
Message-ID: <20241001102810.479285-10-mzamazal@redhat.com>
In-Reply-To: <20241001102810.479285-1-mzamazal@redhat.com>
References: <20241001102810.479285-1-mzamazal@redhat.com>
MIME-Version: 1.0
X-Scanned-By: MIMEDefang 3.0 on 10.30.177.40
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: redhat.com
X-BeenThere: libcamera-devel@lists.libcamera.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <libcamera-devel.lists.libcamera.org>
List-Unsubscribe: <https://lists.libcamera.org/options/libcamera-devel>,
	<mailto:libcamera-devel-request@lists.libcamera.org?subject=unsubscribe>
List-Archive: <https://lists.libcamera.org/pipermail/libcamera-devel/>
List-Post: <mailto:libcamera-devel@lists.libcamera.org>
List-Help: <mailto:libcamera-devel-request@lists.libcamera.org?subject=help>
List-Subscribe: <https://lists.libcamera.org/listinfo/libcamera-devel>,
	<mailto:libcamera-devel-request@lists.libcamera.org?subject=subscribe>
Errors-To: libcamera-devel-bounces@lists.libcamera.org
Sender: "libcamera-devel" <libcamera-devel-bounces@lists.libcamera.org>

The configuration snippet:

  configuration:
    ipa:
      config_paths: CONFIG:PATHS:...
      module_paths: MODULE:PATHS:...
      force_isolation: BOOL

Signed-off-by: Milan Zamazal <mzamazal@redhat.com>
---
 src/libcamera/ipa_manager.cpp | 11 ++++++++---
 src/libcamera/ipa_proxy.cpp   | 16 +++++++++++-----
 2 files changed, 19 insertions(+), 8 deletions(-)

diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp
index 33ae74e8f..566dc1402 100644
--- a/src/libcamera/ipa_manager.cpp
+++ b/src/libcamera/ipa_manager.cpp
@@ -114,8 +114,11 @@ IPAManager::IPAManager()
 	unsigned int ipaCount = 0;
 
 	/* User-specified paths take precedence. */
-	const char *modulePaths = utils::secure_getenv("LIBCAMERA_IPA_MODULE_PATH");
-	if (modulePaths) {
+	const auto confModulePaths =
+		GlobalConfiguration::envOption(
+			"LIBCAMERA_IPA_MODULE_PATH", "ipa.module_paths");
+	if (confModulePaths.has_value()) {
+		const char *modulePaths = confModulePaths.value().c_str();
 		for (const auto &dir : utils::split(modulePaths, ":")) {
 			if (dir.empty())
 				continue;
@@ -289,7 +292,9 @@ bool IPAManager::isSignatureValid([[maybe_unused]] IPAModule *ipa) const
 {
 #if HAVE_IPA_PUBKEY
 	char *force = utils::secure_getenv("LIBCAMERA_IPA_FORCE_ISOLATION");
-	if (force && force[0] != '\0') {
+	if ((force && force[0] != '\0') ||
+	    (!force && GlobalConfiguration::option<bool>("ipa.force_isolation")
+			       .value_or(false))) {
 		LOG(IPAManager, Debug)
 			<< "Isolation of IPA module " << ipa->path()
 			<< " forced through environment variable";
diff --git a/src/libcamera/ipa_proxy.cpp b/src/libcamera/ipa_proxy.cpp
index 85004737c..787d58019 100644
--- a/src/libcamera/ipa_proxy.cpp
+++ b/src/libcamera/ipa_proxy.cpp
@@ -14,6 +14,7 @@
 #include <libcamera/base/log.h>
 #include <libcamera/base/utils.h>
 
+#include "libcamera/internal/global_configuration.h"
 #include "libcamera/internal/ipa_module.h"
 
 /**
@@ -108,8 +109,11 @@ std::string IPAProxy::configurationFile(const std::string &name,
 	std::string ipaName = ipam_->info().name;
 
 	/* Check the environment variable first. */
-	const char *confPaths = utils::secure_getenv("LIBCAMERA_IPA_CONFIG_PATH");
-	if (confPaths) {
+	auto confConfPaths =
+		GlobalConfiguration::envOption(
+			"LIBCAMERA_IPA_CONFIG_PATH", "ipa.config_paths");
+	if (confConfPaths.has_value()) {
+		const char *confPaths = confConfPaths.value().c_str();
 		for (const auto &dir : utils::split(confPaths, ":")) {
 			if (dir.empty())
 				continue;
@@ -183,9 +187,11 @@ std::string IPAProxy::resolvePath(const std::string &file) const
 	std::string proxyFile = "/" + file;
 
 	/* Check env variable first. */
-	const char *execPaths = utils::secure_getenv("LIBCAMERA_IPA_PROXY_PATH");
-	if (execPaths) {
-		for (const auto &dir : utils::split(execPaths, ":")) {
+	const auto execPaths =
+		GlobalConfiguration::envOption(
+			"LIBCAMERA_IPA_PROXY_PATH", "ipa.proxy_paths");
+	if (execPaths.has_value()) {
+		for (const auto &dir : utils::split(execPaths.value().c_str(), ":")) {
 			if (dir.empty())
 				continue;