From 24e7d20c2e908eff0562653460952109f9e1de08 Mon Sep 17 00:00:00 2001 From: Kyle Zhang Date: Thu, 9 Mar 2023 19:52:12 +0000 Subject: [PATCH] Add Widevine lazy apex Bug: 244498309 Test: m com.google.android.widevine.lazy Change-Id: I226ae922e9ab7817353d3e94d509b9579c6551e1 --- libwvdrmengine/apex/Android.bp | 18 +++--- libwvdrmengine/apex/device/device-lazy.mk | 10 +++ .../apex/device/device-nonupdatable.mk | 10 +++ .../apex/nonupdatable/lazy/Android.bp | 61 +++++++++++++++++++ .../apex/nonupdatable/lazy/apex_manifest.json | 7 +++ .../lazy/com.google.android.widevine.lazy.rc | 12 ++++ .../apex/nonupdatable/lazy/file_contexts | 9 +++ 7 files changed, 119 insertions(+), 8 deletions(-) create mode 100644 libwvdrmengine/apex/device/device-lazy.mk create mode 100644 libwvdrmengine/apex/device/device-nonupdatable.mk create mode 100644 libwvdrmengine/apex/nonupdatable/lazy/Android.bp create mode 100644 libwvdrmengine/apex/nonupdatable/lazy/apex_manifest.json create mode 100644 libwvdrmengine/apex/nonupdatable/lazy/com.google.android.widevine.lazy.rc create mode 100644 libwvdrmengine/apex/nonupdatable/lazy/file_contexts diff --git a/libwvdrmengine/apex/Android.bp b/libwvdrmengine/apex/Android.bp index 5fc78098..fda4f0c6 100644 --- a/libwvdrmengine/apex/Android.bp +++ b/libwvdrmengine/apex/Android.bp @@ -38,6 +38,16 @@ widevine_apex_defaults { compile_multilib: "first", }, }, + prebuilts: [ + "com.google.android.widevine.xml", // etc/vintf + ], + updatable: false, + // TODO(b/268439003) We need an API to get apex version. Until then + // we'll read apex_manifest.pb to get the version. To label apex_manifest.pb + // as vendor_configs_file (which the apex can access), turn off force-label. + use_file_contexts_as_is: true, + use_vndk_as_stable: true, + vendor: true, } soong_config_module_type { @@ -62,7 +72,6 @@ widevine_key_apex_defaults { apex { name: "com.google.android.widevine", - vendor: true, manifest: "apex_manifest.json", prebuilts: [ "com.google.android.widevine.rc", @@ -74,13 +83,6 @@ apex { ], binaries: ["android.hardware.drm-service.widevine"], file_contexts: "file_contexts", - // TODO(b/268439003) We need an API to get apex version. Until then - // we'll read apex_manifest.pb to get the version. To label apex_manifest.pb - // as vendor_configs_file (which the apex can access), turn off force-label. - use_file_contexts_as_is: true, - - use_vndk_as_stable: true, - updatable: false, // install sysconfig to allow the apex to be updatable required: [ diff --git a/libwvdrmengine/apex/device/device-lazy.mk b/libwvdrmengine/apex/device/device-lazy.mk new file mode 100644 index 00000000..7d90d911 --- /dev/null +++ b/libwvdrmengine/apex/device/device-lazy.mk @@ -0,0 +1,10 @@ +PRODUCT_PACKAGES += \ + com.google.android.widevine.lazy \ + +# Check if we can use dev keys +ifneq ($(wildcard vendor/google/dev-keystore),) +$(call soong_config_set,widevine,use_devkey,true) +endif + +PRODUCT_VENDOR_LINKER_CONFIG_FRAGMENTS += \ + vendor/widevine/libwvdrmengine/apex/device/linker.config.json \ No newline at end of file diff --git a/libwvdrmengine/apex/device/device-nonupdatable.mk b/libwvdrmengine/apex/device/device-nonupdatable.mk new file mode 100644 index 00000000..018fa836 --- /dev/null +++ b/libwvdrmengine/apex/device/device-nonupdatable.mk @@ -0,0 +1,10 @@ +PRODUCT_PACKAGES += \ + com.google.android.widevine.nonupdatable \ + +# Check if we can use dev keys +ifneq ($(wildcard vendor/google/dev-keystore),) +$(call soong_config_set,widevine,use_devkey,true) +endif + +PRODUCT_VENDOR_LINKER_CONFIG_FRAGMENTS += \ + vendor/widevine/libwvdrmengine/apex/device/linker.config.json \ No newline at end of file diff --git a/libwvdrmengine/apex/nonupdatable/lazy/Android.bp b/libwvdrmengine/apex/nonupdatable/lazy/Android.bp new file mode 100644 index 00000000..5e2c27aa --- /dev/null +++ b/libwvdrmengine/apex/nonupdatable/lazy/Android.bp @@ -0,0 +1,61 @@ +// Copyright (C) 2023 The Android Open Source Project +// +// Licensed under the Apache License, Version 2.0 (the "License"); +// you may not use this file except in compliance with the License. +// You may obtain a copy of the License at +// +// http://www.apache.org/licenses/LICENSE-2.0 +// +// Unless required by applicable law or agreed to in writing, software +// distributed under the License is distributed on an "AS IS" BASIS, +// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +// See the License for the specific language governing permissions and +// limitations under the License. + +package { + // See: http://go/android-license-faq + // A large-scale-change added 'default_applicable_licenses' to import + // all of the 'license_kinds' from "vendor_widevine_license" + // to get the below license kinds: + // SPDX-license-identifier-Apache-2.0 + default_applicable_licenses: ["vendor_widevine_license"], +} + +soong_config_module_type { + name: "widevine_lazy_key_apex_defaults", + module_type: "apex_defaults", + config_namespace: "widevine", + bool_variables: ["use_devkey"], + properties: ["key", "certificate"], +} + +widevine_lazy_key_apex_defaults { + name: "com.google.android.widevine.lazy-key-defaults", + key: "com.google.android.widevine.key", + certificate: ":com.google.android.widevine.certificate", + soong_config_variables: { + use_devkey: { + key: "com_google_android_widevine_lazy-image.key", + certificate: ":com_google_android_widevine_lazy-container", + }, + }, +} + +prebuilt_etc { + name: "com.google.android.widevine.lazy.rc", + src: "com.google.android.widevine.lazy.rc", +} + +apex { + name: "com.google.android.widevine.lazy", + binaries: ["android.hardware.drm-service-lazy.widevine"], + defaults: [ + "com.google.android.widevine-defaults", + "com.google.android.widevine.lazy-key-defaults", + ], + manifest: "apex_manifest.json", + prebuilts: [ + "com.google.android.widevine.lazy.rc", + ], + file_contexts: "file_contexts", +} \ No newline at end of file diff --git a/libwvdrmengine/apex/nonupdatable/lazy/apex_manifest.json b/libwvdrmengine/apex/nonupdatable/lazy/apex_manifest.json new file mode 100644 index 00000000..89d9fe75 --- /dev/null +++ b/libwvdrmengine/apex/nonupdatable/lazy/apex_manifest.json @@ -0,0 +1,7 @@ +{ + "name": "com.google.android.widevine.lazy", + "version": 1, + "requireNativeLibs": [ + "liboemcrypto.so" + ] +} \ No newline at end of file diff --git a/libwvdrmengine/apex/nonupdatable/lazy/com.google.android.widevine.lazy.rc b/libwvdrmengine/apex/nonupdatable/lazy/com.google.android.widevine.lazy.rc new file mode 100644 index 00000000..61e7d28f --- /dev/null +++ b/libwvdrmengine/apex/nonupdatable/lazy/com.google.android.widevine.lazy.rc @@ -0,0 +1,12 @@ +on property:apex.all.ready=true + mkdir /data/vendor/mediadrm 0770 media mediadrm + +service vendor.drm-widevine-hal /apex/com.google.android.widevine.lazy/bin/hw/android.hardware.drm-service-lazy.widevine + interface aidl android.hardware.drm.IDrmFactory/widevine + oneshot + disabled + class hal + user media + group media mediadrm drmrpc system + ioprio rt 4 + task_profiles ProcessCapacityHigh \ No newline at end of file diff --git a/libwvdrmengine/apex/nonupdatable/lazy/file_contexts b/libwvdrmengine/apex/nonupdatable/lazy/file_contexts new file mode 100644 index 00000000..4031fae9 --- /dev/null +++ b/libwvdrmengine/apex/nonupdatable/lazy/file_contexts @@ -0,0 +1,9 @@ +(/.*)? u:object_r:vendor_file:s0 +/bin/hw/android\.hardware\.drm-service-lazy\.widevine u:object_r:hal_drm_widevine_exec:s0 +/etc(/.*)? u:object_r:vendor_configs_file:s0 +# TODO(b/268439003) Following two entries are typically handled by the build system. +# We override it so that the Widevine APEX can access it to get the apex version. +# When we have a proper API, we can delete these along with +# use_file_contexts_as_is property in Android.bp +/apex_manifest\.pb u:object_r:vendor_configs_file:s0 +/ u:object_r:system_file:s0 \ No newline at end of file