From: Laurent Pinchart <laurent.pinchart@ideasonboard.com>
To: Andy Shevchenko <andy@kernel.org>
Cc: Sakari Ailus <sakari.ailus@linux.intel.com>,
Hans de Goede <hdegoede@redhat.com>,
Mark Gross <markgross@kernel.org>,
Daniel Scally <djrscally@gmail.com>,
platform-driver-x86@vger.kernel.org, Kate Hsuan <hpa@redhat.com>,
Mark Pearson <markpearson@lenovo.com>,
linux-media@vger.kernel.org
Subject: Re: [PATCH 1/6] media: ov5693: Add support for a privacy-led GPIO
Date: Wed, 30 Nov 2022 18:23:45 +0200 [thread overview]
Message-ID: <Y4eDkTTBvxBSxkOn@pendragon.ideasonboard.com> (raw)
In-Reply-To: <Y4d/1xhtwrqgQzvi@smile.fi.intel.com>
On Wed, Nov 30, 2022 at 06:07:51PM +0200, Andy Shevchenko wrote:
> On Wed, Nov 30, 2022 at 05:20:11PM +0200, Laurent Pinchart wrote:
> > On Wed, Nov 30, 2022 at 02:52:50PM +0000, Sakari Ailus wrote:
> > > On Wed, Nov 30, 2022 at 02:56:46PM +0100, Hans de Goede wrote:
>
> ...
>
> > > The privacy LED is separate from sensor, including its power on/off
> > > sequences which suggests it could be at least as well be handled
> > > separately.
> >
> > And if the privacy LED is controllable through a GPIO, I think it should
> > be turned on at stream on time, not at power on time. That would allow
> > things like reading the OTP data from the sensor without flashing the
> > privacy LED.
>
> The malicious software may power up camera and drive it via user space /
> separate code flow in the kernel, no?
With correctly written drivers, there should be no way to power up the
camera from userspace through the V4L2 API without starting streaming.
Also, programming the camera sensor won't be enough to capture images,
you need to deal with all the other camera-related IP cores which are
controlled through V4L2, and doing so will start streaming in the camera
sensor driver through the normal API anyway.
> I would stick with power on as it's the most secure side. Even if we 100% know
> we are _not_ streaming this LED should indicate that it may be turned on at any
> time, no?
Ideally, the privacy LED should be controlled automatically by the
hardware without software intervention, and should be wired to a camera
streaming signal. In many cases it's wired to the power rails instead,
which is extremely annoying. I'd rather avoid this annoyance when the
LED is GPIO-controlled.
--
Regards,
Laurent Pinchart
next prev parent reply other threads:[~2022-11-30 16:24 UTC|newest]
Thread overview: 42+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-11-29 23:11 [PATCH 0/6] ov5693/int3472: Privacy LED handling changes + IPU6 compatibility Hans de Goede
2022-11-29 23:11 ` [PATCH 1/6] media: ov5693: Add support for a privacy-led GPIO Hans de Goede
2022-11-30 13:41 ` Sakari Ailus
2022-11-30 13:56 ` Hans de Goede
2022-11-30 14:52 ` Sakari Ailus
2022-11-30 15:20 ` Laurent Pinchart
2022-11-30 16:07 ` Andy Shevchenko
2022-11-30 16:23 ` Laurent Pinchart [this message]
2022-11-30 16:29 ` Hans de Goede
2022-11-30 16:34 ` Hans de Goede
2022-12-02 10:54 ` Laurent Pinchart
2022-12-02 11:21 ` Hans de Goede
2022-12-02 11:49 ` Laurent Pinchart
2022-12-02 11:53 ` Andy Shevchenko
2022-12-02 12:14 ` Laurent Pinchart
2022-12-02 12:23 ` Andy Shevchenko
2022-12-02 13:46 ` Sakari Ailus
2022-12-02 15:55 ` Hans de Goede
2022-12-02 13:49 ` Sakari Ailus
2022-11-29 23:11 ` [PATCH 2/6] platform/x86: int3472/discrete: Refactor GPIO to sensor mapping Hans de Goede
2022-11-30 9:49 ` Andy Shevchenko
2022-11-30 10:37 ` Hans de Goede
2022-11-29 23:11 ` [PATCH 3/6] platform/x86: int3472/discrete: Treat privacy LED as regular GPIO Hans de Goede
2022-11-30 9:54 ` Andy Shevchenko
2022-11-30 10:34 ` Hans de Goede
2022-11-30 11:04 ` Andy Shevchenko
2022-11-29 23:11 ` [PATCH 4/6] platform/x86: int3472/discrete: Move GPIO request to skl_int3472_register_clock() Hans de Goede
2022-11-29 23:11 ` [PATCH 5/6] platform/x86: int3472/discrete: Ensure the clk/power enable pins are in output mode Hans de Goede
2022-11-30 9:59 ` Andy Shevchenko
2022-11-30 10:37 ` Hans de Goede
2022-11-29 23:11 ` [PATCH 6/6] platform/x86: int3472/discrete: Get the polarity from the _DSM entry Hans de Goede
2022-11-30 10:01 ` Andy Shevchenko
2022-11-30 10:39 ` Hans de Goede
2022-11-30 11:06 ` Andy Shevchenko
2022-11-30 11:10 ` Andy Shevchenko
2022-12-02 23:51 ` Hans de Goede
2022-11-30 10:03 ` [PATCH 0/6] ov5693/int3472: Privacy LED handling changes + IPU6 compatibility Andy Shevchenko
2022-11-30 10:40 ` Hans de Goede
2022-11-30 11:07 ` Andy Shevchenko
2022-12-02 13:50 ` Sakari Ailus
2022-12-07 17:34 ` Hans de Goede
2022-12-07 17:36 ` Andy Shevchenko
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=Y4eDkTTBvxBSxkOn@pendragon.ideasonboard.com \
--to=laurent.pinchart@ideasonboard.com \
--cc=andy@kernel.org \
--cc=djrscally@gmail.com \
--cc=hdegoede@redhat.com \
--cc=hpa@redhat.com \
--cc=linux-media@vger.kernel.org \
--cc=markgross@kernel.org \
--cc=markpearson@lenovo.com \
--cc=platform-driver-x86@vger.kernel.org \
--cc=sakari.ailus@linux.intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox