libcamera: Make IPA module signing optional

The IPA module signing mechanism relies on openssl to generate keys and sign the module. If openssl is not found on the system, the build will fail. Make the dependency optional by detecting openssl, and skip generation of signatures if openssl isn't found. Signed-off-by: Laurent Pinchart <laurent.pinchart@ideasonboard.com> Reviewed-by: Kieran Bingham <kieran.bingham@ideasonboard.com>
2020-04-15 22:27:33 +03:00 · 2020-04-15 22:27:33 +03:00 · b7c5e0e4f0
commit b7c5e0e4f0
parent 2155a9b74e
7 changed files with 44 additions and 23 deletions
--- a/src/ipa/rkisp1/meson.build
+++ b/src/ipa/rkisp1/meson.build
@ -9,9 +9,11 @@ mod = shared_module(ipa_name,
                    install : true,
                    install_dir : ipa_install_dir)
-custom_target(ipa_name + '.so.sign',
+if ipa_sign_module
-              input : mod,
+    custom_target(ipa_name + '.so.sign',
-              output : ipa_name + '.so.sign',
+                  input : mod,
-              command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ],
+                  output : ipa_name + '.so.sign',
-              install : true,
+                  command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ],
-              install_dir : ipa_install_dir)
+                  install : true,
                  install_dir : ipa_install_dir)
 endif
--- a/src/ipa/vimc/meson.build
+++ b/src/ipa/vimc/meson.build
@ -9,9 +9,11 @@ mod = shared_module(ipa_name,
                    install : true,
                    install_dir : ipa_install_dir)
-custom_target(ipa_name + '.so.sign',
+if ipa_sign_module
-              input : mod,
+    custom_target(ipa_name + '.so.sign',
-              output : ipa_name + '.so.sign',
+                  input : mod,
-              command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ],
+                  output : ipa_name + '.so.sign',
-              install : true,
+                  command : [ ipa_sign, ipa_priv_key, '@INPUT@', '@OUTPUT@' ],
-              install_dir : ipa_install_dir)
+                  install : true,
                  install_dir : ipa_install_dir)
 endif
--- a/src/libcamera/include/ipa_manager.h
+++ b/src/libcamera/include/ipa_manager.h
@ -40,8 +40,10 @@ private:
 	bool isSignatureValid(IPAModule *ipa) const;
 #if HAVE_IPA_PUBKEY
 	static const uint8_t publicKeyData_[];
 	static const PubKey pubKey_;
 #endif
 };
 } /* namespace libcamera */
--- a/src/libcamera/ipa_manager.cpp
+++ b/src/libcamera/ipa_manager.cpp
@ -304,6 +304,7 @@ std::unique_ptr<IPAInterface> IPAManager::createIPA(PipelineHandler *pipe,
 bool IPAManager::isSignatureValid(IPAModule *ipa) const
 {
 #if HAVE_IPA_PUBKEY
 	File file{ ipa->path() };
 	if (!file.open(File::ReadOnly))
 		return false;
@ -319,6 +320,9 @@ bool IPAManager::isSignatureValid(IPAModule *ipa) const
 		<< (valid ? "valid" : "not valid");
 	return valid;
 #else
 	return false;
 #endif
 }
 } /* namespace libcamera */
--- a/src/libcamera/ipa_pub_key.cpp.in
+++ b/src/libcamera/ipa_pub_key.cpp.in
@ -2,7 +2,7 @@
 /*
 * Copyright (C) 2020, Laurent Pinchart <laurent.pinchart@ideasonboard.com>
 *
- * ipa_key.cpp - IPA module signing public key
+ * ipa_pub_key.cpp - IPA module signing public key
 *
 * This file is auto-generated. Do not edit.
 */
@ -11,10 +11,12 @@
 namespace libcamera {
 #if HAVE_IPA_PUBKEY
 const uint8_t IPAManager::publicKeyData_[] = {
 	${ipa_key}
 };
 const PubKey IPAManager::pubKey_{ { IPAManager::publicKeyData_ } };
 #endif
 } /* namespace libcamera */
--- a/src/libcamera/meson.build
+++ b/src/libcamera/meson.build
@ -101,13 +101,15 @@ version_cpp = vcs_tag(command : [gen_version, meson.build_root()],
 libcamera_sources += version_cpp
-gen_ipa_pub_key = files('gen-ipa-pub-key.py')
+if ipa_sign_module
-ipa_pub_key_cpp = custom_target('ipa_pub_key_cpp',
+    gen_ipa_pub_key = files('gen-ipa-pub-key.py')
-                                input : [ ipa_priv_key, 'ipa_pub_key.cpp.in' ],
+    ipa_pub_key_cpp = custom_target('ipa_pub_key_cpp',
-                                output : 'ipa_pub_key.cpp',
+                                    input : [ ipa_priv_key, 'ipa_pub_key.cpp.in' ],
-                                command : [ gen_ipa_pub_key, '@INPUT@', '@OUTPUT@' ])
+                                    output : 'ipa_pub_key.cpp',
                                    command : [ gen_ipa_pub_key, '@INPUT@', '@OUTPUT@' ])
-libcamera_sources += ipa_pub_key_cpp
+    libcamera_sources += ipa_pub_key_cpp
 endif
 libcamera_deps = [
    libatomic,
--- a/src/meson.build
+++ b/src/meson.build
@ -2,10 +2,17 @@ if get_option('android')
    subdir('android')
 endif
-ipa_gen_priv_key = find_program('ipa/gen-ipa-priv-key.sh')
+openssl = find_program('openssl', required : false)
-ipa_priv_key = custom_target('ipa-priv-key',
+if openssl.found()
-                             output : [ 'ipa-priv-key.pem' ],
+    ipa_gen_priv_key = find_program('ipa/gen-ipa-priv-key.sh')
-                             command : [ ipa_gen_priv_key, '@OUTPUT@' ])
+    ipa_priv_key = custom_target('ipa-priv-key',
                                 output : [ 'ipa-priv-key.pem' ],
                                 command : [ ipa_gen_priv_key, '@OUTPUT@' ])
    config_h.set('HAVE_IPA_PUBKEY', 1)
    ipa_sign_module = true
 else
    ipa_sign_module = false
 endif
 subdir('libcamera')
 subdir('ipa')