From bdb69f73e8c9dbfba82a68002873e207fa664e9c Mon Sep 17 00:00:00 2001
From: Edwin Wong <edwinwong@google.com>
Date: Tue, 10 Mar 2020 18:01:45 -0700
Subject: [PATCH] openSession_1_1 should return error for wrong security level

Currently, if requestedLevel is not the same as the
current security level, openSession_1_1 still returns
Status::OK, we should return an error status.

Merged from http://go/wvgerrit/95507

Test: unit test
  adb shell LD_LIBRARY_PATH="/vendor/lib64" /data/nativetest/libwvdrmdrmplugin_hidl_test

Bug: 150407669

Change-Id: I5673ac7bbe7a234ddd07bb9c145135486fb9e583
---
 libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp  | 4 +++-
 libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp | 2 +-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
index 143496bc..9da6569e 100644
--- a/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
+++ b/libwvdrmengine/mediadrm/src_hidl/WVDrmPlugin.cpp
@@ -333,13 +333,15 @@ Return<void> WVDrmPlugin::openSession_1_1(
   status = openSessionCommon(sessionId);
   hidl_vec<uint8_t> hSessionId = toHidlVec(sessionId);
   if (Status::OK == status) {
+    SecurityLevel currentSecurityLevel = SecurityLevel::UNKNOWN;
     Return<void> hResult = getSecurityLevel(hSessionId, [&](Status status, SecurityLevel hSecurityLevel) {
+      currentSecurityLevel = hSecurityLevel;
       if (Status::OK != status || requestedLevel != hSecurityLevel) {
         ALOGE("Failed to open session with the requested security level=%d", requestedLevel);
         if (Status::OK != closeSession(hSessionId)) sessionId.clear();
       }
     });
-    if (!hResult.isOk()) {
+    if (!hResult.isOk() || (requestedLevel != currentSecurityLevel)) {
       status = Status::ERROR_DRM_INVALID_STATE;
     }
   }
diff --git a/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp b/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp
index ac858f81..581e1ad9 100644
--- a/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp
+++ b/libwvdrmengine/mediadrm/test/WVDrmPlugin_test.cpp
@@ -402,7 +402,7 @@ TEST_F(WVDrmPluginTest, OpensSessions_1_1) {
 
   plugin.openSession_1_1(android::hardware::drm::V1_1::SecurityLevel::SW_SECURE_CRYPTO,
       [&](Status status, hidl_vec<uint8_t> hSessionId) {
-    ASSERT_EQ(Status::OK, status);
+    ASSERT_EQ(Status::ERROR_DRM_INVALID_STATE, status);
     sessionId.clear();
     sessionId.assign(hSessionId.data(), hSessionId.data() + hSessionId.size());
   });