PawletOS/external_libcamera
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
ca437b4a0cde5ec72a5eea709eb044264deb4f55
external_libcamera/include/libcamera/internal/ipa_manager.h
Laurent Pinchart 52579639ce apps: Add ipa-verify application 
When packaging libcamera, distributions may break IPA module signatures
if the packaging process strips binaries. This can be fixed by resigning
the modules, but the process is error-prone.

Add a command line ipa-verify utility that tests the signature on an IPA
module to help packagers. The tool takes a single argument, the path to
an IPA module shared object, and expects the signature file (.sign) to
be in the same directory.

In order to access the public key needed for signature verification, add
a static function to the IPAManager class. As the class is internal to
libcamera, this doesn't affect the public API.

Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
Reviewed-by: Umang Jain <umang.jain@ideasonboard.com>
Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
Tested-by: Javier Martinez Canillas <javierm@redhat.com>
2023-07-05 15:38:59 +03:00

78 lines
1.6 KiB
C++
Raw Blame History

/* SPDX-License-Identifier: LGPL-2.1-or-later */
/*
* Copyright (C) 2019, Google Inc.
*
* ipa_manager.h - Image Processing Algorithm module manager
*/
#pragma once
#include <stdint.h>
#include <vector>
#include <libcamera/base/log.h>
#include <libcamera/ipa/ipa_interface.h>
#include <libcamera/ipa/ipa_module_info.h>
#include "libcamera/internal/ipa_module.h"
#include "libcamera/internal/pipeline_handler.h"
#include "libcamera/internal/pub_key.h"
namespace libcamera {
LOG_DECLARE_CATEGORY(IPAManager)
class IPAManager
{
public:
IPAManager();
~IPAManager();
template<typename T>
static std::unique_ptr<T> createIPA(PipelineHandler *pipe,
uint32_t minVersion,
uint32_t maxVersion)
{
IPAModule *m = self_->module(pipe, minVersion, maxVersion);
if (!m)
return nullptr;
std::unique_ptr<T> proxy = std::make_unique<T>(m, !self_->isSignatureValid(m));
if (!proxy->isValid()) {
LOG(IPAManager, Error) << "Failed to load proxy";
return nullptr;
}
return proxy;
}
#if HAVE_IPA_PUBKEY
static const PubKey &pubKey()
{
return pubKey_;
}
#endif
private:
static IPAManager *self_;
void parseDir(const char *libDir, unsigned int maxDepth,
std::vector<std::string> &files);
unsigned int addDir(const char *libDir, unsigned int maxDepth = 0);
IPAModule *module(PipelineHandler *pipe, uint32_t minVersion,
uint32_t maxVersion);
bool isSignatureValid(IPAModule *ipa) const;
std::vector<IPAModule *> modules_;
#if HAVE_IPA_PUBKEY
static const uint8_t publicKeyData_[];
static const PubKey pubKey_;
#endif
};
} /* namespace libcamera */
Reference in New Issue View Git Blame Copy Permalink