From patchwork Wed Apr 15 19:37:18 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laurent Pinchart X-Patchwork-Id: 3470 Return-Path: Received: from perceval.ideasonboard.com (perceval.ideasonboard.com [213.167.242.64]) by lancelot.ideasonboard.com (Postfix) with ESMTPS id BCF4B60406 for ; Wed, 15 Apr 2020 21:37:35 +0200 (CEST) Authentication-Results: lancelot.ideasonboard.com; dkim=pass (1024-bit key; unprotected) header.d=ideasonboard.com header.i=@ideasonboard.com header.b="HgRwHVxI"; dkim-atps=neutral Received: from pendragon.bb.dnainternet.fi (81-175-216-236.bb.dnainternet.fi [81.175.216.236]) by perceval.ideasonboard.com (Postfix) with ESMTPSA id D457C2D1 for ; Wed, 15 Apr 2020 21:37:34 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com; s=mail; t=1586979455; bh=QK4XVriz6xnGY4c2+G0qQI0L/Xifg+KB2y3dRi9KgKI=; h=From:To:Subject:Date:From; b=HgRwHVxITGXL+qzABOsGVqNeGd/P2ukwoYqeQKqrtp9mPCNqspTXWDwfqytcEUJnB LJ3kPYCqj+pV7WLIvosnIn93QH1CGAjdPRDraBKCObnM6b8TEfkUJmeh013GwxG1EB xowPiuRSaD0IY1ZTnI+YR074Z/jgmLOdOsR05DXA= From: Laurent Pinchart To: libcamera-devel@lists.libcamera.org Date: Wed, 15 Apr 2020 22:37:18 +0300 Message-Id: <20200415193719.783-1-laurent.pinchart@ideasonboard.com> X-Mailer: git-send-email 2.24.1 MIME-Version: 1.0 Subject: [libcamera-devel] [PATCH 1/2] libcamera: Make IPA module signing optional X-BeenThere: libcamera-devel@lists.libcamera.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Apr 2020 19:37:36 -0000 The IPA module signing mechanism relies on openssl to generate keys and sign the module. If openssl is not found on the system, the build will fail. Make the dependency optional by detecting openssl, and skip generation of signatures if openssl isn't found. Signed-off-by: Laurent Pinchart Reviewed-by: Kieran Bingham --- src/ipa/meson.build | 4 +++- src/ipa/rkisp1/meson.build | 14 ++++++++------ src/ipa/vimc/meson.build | 14 ++++++++------ src/libcamera/include/ipa_manager.h | 2 ++ src/libcamera/ipa_manager.cpp | 4 ++++ src/libcamera/ipa_pub_key.cpp.in | 4 +++- src/libcamera/meson.build | 16 +++++++++------- src/meson.build | 15 +++++++++++---- 8 files changed, 48 insertions(+), 25 deletions(-) diff --git a/src/ipa/meson.build b/src/ipa/meson.build index cb4e3ab3388f..96d3ce79ffe9 100644 --- a/src/ipa/meson.build +++ b/src/ipa/meson.build @@ -10,7 +10,9 @@ config_h.set('IPA_MODULE_DIR', subdir('libipa') -ipa_sign = find_program('ipa-sign.sh') +if ipa_sign_module + ipa_sign = find_program('ipa-sign.sh') +endif ipas = ['rkisp1', 'vimc'] diff --git a/src/ipa/rkisp1/meson.build b/src/ipa/rkisp1/meson.build index 6ccadcfbbe64..247d0429b49c 100644 --- a/src/ipa/rkisp1/meson.build +++ b/src/ipa/rkisp1/meson.build @@ -9,9 +9,11 @@ mod = shared_module(ipa_name, install : true, install_dir : ipa_install_dir) -custom_target(ipa_name + '.so.sign', - input : mod, - output : ipa_name + '.so.sign', - command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ], - install : true, - install_dir : ipa_install_dir) +if ipa_sign_module + custom_target(ipa_name + '.so.sign', + input : mod, + output : ipa_name + '.so.sign', + command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ], + install : true, + install_dir : ipa_install_dir) +endif diff --git a/src/ipa/vimc/meson.build b/src/ipa/vimc/meson.build index 3c932aa7aaad..a354096d8496 100644 --- a/src/ipa/vimc/meson.build +++ b/src/ipa/vimc/meson.build @@ -9,9 +9,11 @@ mod = shared_module(ipa_name, install : true, install_dir : ipa_install_dir) -custom_target(ipa_name + '.so.sign', - input : mod, - output : ipa_name + '.so.sign', - command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ], - install : true, - install_dir : ipa_install_dir) +if ipa_sign_module + custom_target(ipa_name + '.so.sign', + input : mod, + output : ipa_name + '.so.sign', + command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ], + install : true, + install_dir : ipa_install_dir) +endif diff --git a/src/libcamera/include/ipa_manager.h b/src/libcamera/include/ipa_manager.h index 0b5fd2ac1f12..6165efb8b145 100644 --- a/src/libcamera/include/ipa_manager.h +++ b/src/libcamera/include/ipa_manager.h @@ -40,8 +40,10 @@ private: bool isSignatureValid(IPAModule *ipa) const; +#if HAVE_IPA_PUBKEY static const uint8_t publicKeyData_[]; static const PubKey pubKey_; +#endif }; } /* namespace libcamera */ diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp index 7de1404eebdd..50b6792d6cce 100644 --- a/src/libcamera/ipa_manager.cpp +++ b/src/libcamera/ipa_manager.cpp @@ -304,6 +304,7 @@ std::unique_ptr IPAManager::createIPA(PipelineHandler *pipe, bool IPAManager::isSignatureValid(IPAModule *ipa) const { +#if HAVE_IPA_PUBKEY File file{ ipa->path() }; if (!file.open(File::ReadOnly)) return false; @@ -319,6 +320,9 @@ bool IPAManager::isSignatureValid(IPAModule *ipa) const << (valid ? "valid" : "not valid"); return valid; +#else + return false; +#endif } } /* namespace libcamera */ diff --git a/src/libcamera/ipa_pub_key.cpp.in b/src/libcamera/ipa_pub_key.cpp.in index e1fe287c160e..7ffc1e24d67b 100644 --- a/src/libcamera/ipa_pub_key.cpp.in +++ b/src/libcamera/ipa_pub_key.cpp.in @@ -2,7 +2,7 @@ /* * Copyright (C) 2020, Laurent Pinchart * - * ipa_key.cpp - IPA module signing public key + * ipa_pub_key.cpp - IPA module signing public key * * This file is auto-generated. Do not edit. */ @@ -11,10 +11,12 @@ namespace libcamera { +#if HAVE_IPA_PUBKEY const uint8_t IPAManager::publicKeyData_[] = { ${ipa_key} }; const PubKey IPAManager::pubKey_{ { IPAManager::publicKeyData_ } }; +#endif } /* namespace libcamera */ diff --git a/src/libcamera/meson.build b/src/libcamera/meson.build index c502450c4b2d..dcd2fb4900e6 100644 --- a/src/libcamera/meson.build +++ b/src/libcamera/meson.build @@ -101,13 +101,15 @@ version_cpp = vcs_tag(command : [gen_version, meson.build_root()], libcamera_sources += version_cpp -gen_ipa_pub_key = files('gen-ipa-pub-key.py') -ipa_pub_key_cpp = custom_target('ipa_pub_key_cpp', - input : [ ipa_priv_key, 'ipa_pub_key.cpp.in' ], - output : 'ipa_pub_key.cpp', - command : [ gen_ipa_pub_key, '@INPUT@', '@OUTPUT@' ]) - -libcamera_sources += ipa_pub_key_cpp +if ipa_sign_module + gen_ipa_pub_key = files('gen-ipa-pub-key.py') + ipa_pub_key_cpp = custom_target('ipa_pub_key_cpp', + input : [ ipa_priv_key, 'ipa_pub_key.cpp.in' ], + output : 'ipa_pub_key.cpp', + command : [ gen_ipa_pub_key, '@INPUT@', '@OUTPUT@' ]) + + libcamera_sources += ipa_pub_key_cpp +endif libcamera_deps = [ libatomic, diff --git a/src/meson.build b/src/meson.build index dc0e0c82b900..296682758613 100644 --- a/src/meson.build +++ b/src/meson.build @@ -2,10 +2,17 @@ if get_option('android') subdir('android') endif -ipa_gen_priv_key = find_program('ipa/gen-ipa-priv-key.sh') -ipa_priv_key = custom_target('ipa-priv-key', - output : [ 'ipa-priv-key.pem' ], - command : [ ipa_gen_priv_key, '@OUTPUT@' ]) +openssl = find_program('openssl', required : false) +if openssl.found() + ipa_gen_priv_key = find_program('ipa/gen-ipa-priv-key.sh') + ipa_priv_key = custom_target('ipa-priv-key', + output : [ 'ipa-priv-key.pem' ], + command : [ ipa_gen_priv_key, '@OUTPUT@' ]) + config_h.set('HAVE_IPA_PUBKEY', 1) + ipa_sign_module = true +else + ipa_sign_module = false +endif subdir('libcamera') subdir('ipa') From patchwork Wed Apr 15 19:37:19 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Laurent Pinchart X-Patchwork-Id: 3471 Return-Path: Received: from perceval.ideasonboard.com (perceval.ideasonboard.com [213.167.242.64]) by lancelot.ideasonboard.com (Postfix) with ESMTPS id A25D160406 for ; Wed, 15 Apr 2020 21:37:36 +0200 (CEST) Authentication-Results: lancelot.ideasonboard.com; dkim=pass (1024-bit key; unprotected) header.d=ideasonboard.com header.i=@ideasonboard.com header.b="TxojVZMC"; dkim-atps=neutral Received: from pendragon.bb.dnainternet.fi (81-175-216-236.bb.dnainternet.fi [81.175.216.236]) by perceval.ideasonboard.com (Postfix) with ESMTPSA id D3519B23 for ; Wed, 15 Apr 2020 21:37:35 +0200 (CEST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ideasonboard.com; s=mail; t=1586979456; bh=a5kqDOcWbpc2HrjoG/zu26ZQRyT4Vf9sUVQ2GfcaO6k=; h=From:To:Subject:Date:In-Reply-To:References:From; b=TxojVZMC9Gl5Lm5Fx2OfOmdQb6T4+4a4G8l5ovNvEyPtqqr6Wea1YZJb9CISsi8/7 mKB+BEYhgxBRKruqGu/m1qmBUYtR7k0wWajE9/Fg+IUYULS0bWZWoihppmNN/xodur HRXO12HX1OzxgT54p1jQ2h5v9CnJ38Hvawlke+ww= From: Laurent Pinchart To: libcamera-devel@lists.libcamera.org Date: Wed, 15 Apr 2020 22:37:19 +0300 Message-Id: <20200415193719.783-2-laurent.pinchart@ideasonboard.com> X-Mailer: git-send-email 2.24.1 In-Reply-To: <20200415193719.783-1-laurent.pinchart@ideasonboard.com> References: <20200415193719.783-1-laurent.pinchart@ideasonboard.com> MIME-Version: 1.0 Subject: [libcamera-devel] [PATCH 2/2] libcamera: Document dependencies for IPA module signing X-BeenThere: libcamera-devel@lists.libcamera.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 15 Apr 2020 19:37:36 -0000 Document the dependency on libgnutls28-dev and openssl for IPA module signing int he README.rst file. While at it, sort the entries alphabetically. Signed-off-by: Laurent Pinchart Reviewed-by: Kieran Bingham --- README.rst | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/README.rst b/README.rst index 656fdbfdc94c..da3cc64966b0 100644 --- a/README.rst +++ b/README.rst @@ -60,15 +60,18 @@ for libcamera: [required] for device hotplug enumeration: [optional] pkg-config libudev-dev -for qcam: [optional] - qtbase5-dev libqt5core5a libqt5gui5 libqt5widgets5 - for documentation: [optional] python3-sphinx doxygen for gstreamer: [optional] libgstreamer1.0-dev libgstreamer-plugins-base1.0-dev +for IPA module signing: [optional] + libgnutls28-dev openssl + +for qcam: [optional] + qtbase5-dev libqt5core5a libqt5gui5 libqt5widgets5 + Using GStreamer plugin ~~~~~~~~~~~~~~~~~~~~~~