From eab143ee69064092b6bb47297022efa80f47c120 Mon Sep 17 00:00:00 2001 From: Laurent Pinchart Date: Sun, 29 Mar 2020 07:12:01 +0300 Subject: libcamera: ipa_manager: Verify IPA module signature MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Decide whether to isolate the IPA module using the module signature instead of its license. Signed-off-by: Laurent Pinchart Reviewed-by: Niklas Söderlund --- src/libcamera/include/ipa_manager.h | 2 ++ src/libcamera/include/ipa_module.h | 2 -- src/libcamera/ipa_manager.cpp | 26 +++++++++++++++++++++++--- src/libcamera/ipa_module.cpp | 25 ------------------------- 4 files changed, 25 insertions(+), 30 deletions(-) (limited to 'src') diff --git a/src/libcamera/include/ipa_manager.h b/src/libcamera/include/ipa_manager.h index 26edf087..0b5fd2ac 100644 --- a/src/libcamera/include/ipa_manager.h +++ b/src/libcamera/include/ipa_manager.h @@ -38,6 +38,8 @@ private: std::vector &files); unsigned int addDir(const char *libDir, unsigned int maxDepth = 0); + bool isSignatureValid(IPAModule *ipa) const; + static const uint8_t publicKeyData_[]; static const PubKey pubKey_; }; diff --git a/src/libcamera/include/ipa_module.h b/src/libcamera/include/ipa_module.h index ec367185..a9a35117 100644 --- a/src/libcamera/include/ipa_module.h +++ b/src/libcamera/include/ipa_module.h @@ -37,8 +37,6 @@ public: bool match(PipelineHandler *pipe, uint32_t minVersion, uint32_t maxVersion) const; - bool isOpenSource() const; - private: struct IPAModuleInfo info_; std::vector signature_; diff --git a/src/libcamera/ipa_manager.cpp b/src/libcamera/ipa_manager.cpp index 6d23f470..7de1404e 100644 --- a/src/libcamera/ipa_manager.cpp +++ b/src/libcamera/ipa_manager.cpp @@ -12,6 +12,7 @@ #include #include +#include "file.h" #include "ipa_module.h" #include "ipa_proxy.h" #include "log.h" @@ -271,12 +272,12 @@ std::unique_ptr IPAManager::createIPA(PipelineHandler *pipe, return nullptr; /* - * Load and run the IPA module in a thread if it is open-source, or - * isolate it in a separate process otherwise. + * Load and run the IPA module in a thread if it has a valid signature, + * or isolate it in a separate process otherwise. * * \todo Implement a better proxy selection */ - const char *proxyName = m->isOpenSource() + const char *proxyName = isSignatureValid(m) ? "IPAProxyThread" : "IPAProxyLinux"; IPAProxyFactory *pf = nullptr; @@ -301,4 +302,23 @@ std::unique_ptr IPAManager::createIPA(PipelineHandler *pipe, return proxy; } +bool IPAManager::isSignatureValid(IPAModule *ipa) const +{ + File file{ ipa->path() }; + if (!file.open(File::ReadOnly)) + return false; + + Span data = file.map(); + if (data.empty()) + return false; + + bool valid = pubKey_.verify(data, ipa->signature()); + + LOG(IPAManager, Debug) + << "IPA module " << ipa->path() << " signature is " + << (valid ? "valid" : "not valid"); + + return valid; +} + } /* namespace libcamera */ diff --git a/src/libcamera/ipa_module.cpp b/src/libcamera/ipa_module.cpp index 51b238a6..96b44f13 100644 --- a/src/libcamera/ipa_module.cpp +++ b/src/libcamera/ipa_module.cpp @@ -472,29 +472,4 @@ bool IPAModule::match(PipelineHandler *pipe, !strcmp(info_.pipelineName, pipe->name()); } -/** - * \brief Verify if the IPA module is open source - * - * \sa IPAModuleInfo::license - */ -bool IPAModule::isOpenSource() const -{ - static const char *osLicenses[] = { - "GPL-2.0-only", - "GPL-2.0-or-later", - "GPL-3.0-only", - "GPL-3.0-or-later", - "LGPL-2.1-only", - "LGPL-2.1-or-later", - "LGPL-3.0-only", - "LGPL-3.0-or-later", - }; - - for (unsigned int i = 0; i < ARRAY_SIZE(osLicenses); i++) - if (!strcmp(osLicenses[i], info_.license)) - return true; - - return false; -} - } /* namespace libcamera */ -- cgit v1.2.1