[libcamera-devel] [PATCH v2 4/4] libcamera: utils: Use internal secure_getenv() implementation

Mon Apr 1 22:41:42 CEST 2019

Hi Kieran,

Thank you for the patch.

On Mon, Apr 01, 2019 at 06:03:15PM +0700, Kieran Bingham wrote:
> The secure_getenv() call is not provided by all toolchains. Support

s/toolchains/C libraries/ ?

> this feature by implementing our own version.
> 
> Signed-off-by: Kieran Bingham <kieran.bingham at ideasonboard.com>
> ---
>  src/libcamera/include/utils.h |  2 ++
>  src/libcamera/log.cpp         |  4 ++--
>  src/libcamera/utils.cpp       | 20 ++++++++++++++++++++
>  3 files changed, 24 insertions(+), 2 deletions(-)
> 
> diff --git a/src/libcamera/include/utils.h b/src/libcamera/include/utils.h
> index 1b2a62c0fda7..79038a96feab 100644
> --- a/src/libcamera/include/utils.h
> +++ b/src/libcamera/include/utils.h
> @@ -24,6 +24,8 @@ std::unique_ptr<T> make_unique(Args&&... args)
>  	return std::unique_ptr<T>(new T(std::forward<Args>(args)...));
>  }
>  
> +char *secure_getenv(const char *name);
> +
>  } /* namespace utils */
>  
>  } /* namespace libcamera */
> diff --git a/src/libcamera/log.cpp b/src/libcamera/log.cpp
> index eb444c31857d..71cfbc422ba0 100644
> --- a/src/libcamera/log.cpp
> +++ b/src/libcamera/log.cpp
> @@ -122,7 +122,7 @@ Logger::Logger()
>   */
>  void Logger::parseLogFile()
>  {
> -	const char *file = secure_getenv("LIBCAMERA_LOG_FILE");
> +	const char *file = utils::secure_getenv("LIBCAMERA_LOG_FILE");
>  	if (!file)
>  		return;
>  
> @@ -140,7 +140,7 @@ void Logger::parseLogFile()
>   */
>  void Logger::parseLogLevels()
>  {
> -	const char *debug = secure_getenv("LIBCAMERA_LOG_LEVELS");
> +	const char *debug = utils::secure_getenv("LIBCAMERA_LOG_LEVELS");
>  	if (!debug)
>  		return;
>  
> diff --git a/src/libcamera/utils.cpp b/src/libcamera/utils.cpp
> index 70936e36c5d5..c49e65136514 100644
> --- a/src/libcamera/utils.cpp
> +++ b/src/libcamera/utils.cpp
> @@ -6,6 +6,7 @@
>   */
>  
>  #include <string.h>
> +#include <sys/auxv.h>
>  
>  #include "utils.h"
>  
> @@ -35,6 +36,25 @@ const char *basename(const char *path)
>         return base ? base + 1 : path;
>  }
>  
> +/**
> + * \brief Get an environment variable
> + *
> + * The environment list is searched to find the variable 'name', and returns a
> + * pointer to the corresponding string.

The first half of the sentence doesn't seem to provide a subject for
"returns" in the second half.

> + * If 'secure execution' is required then this function always returns NULL to
> + * avoid vulnerabilities that could occur if the set-user-ID or set-group-ID

s/if the/if/

> + * programs accidentally trusted the environment.
> + *
> + * \returns A pointer to the value in the environment or NULL if the match fails
> + * or a secure environment is required.

"..., or NULL if the requested environment variable doesn't exist or if
secure execution is required." ?

> + */
> +char *secure_getenv(const char *name)
> +{
> +       if (getauxval(AT_SECURE))
> +               return NULL;
> +       else

You can drop the else.

With these small issues fixed,

Reviewed-by: Laurent Pinchart <laurent.pinchart at ideasonboard.com>

> +               return getenv(name);
> +}
>  
>  /**
>   * \fn libcamera::utils::make_unique(Args &&... args)

-- 
Regards,

Laurent Pinchart