Merge "wvcdm: filter logs by app uid" into sc-dev am: 1f796bc4e3
Original change: https://googleplex-android-review.googlesource.com/c/platform/vendor/widevine/+/13577645 MUST ONLY BE SUBMITTED BY AUTOMERGER Change-Id: Ie9084b3e16655257555a3fbdd6b2cf1644f8d834
This commit is contained in:
Robert Shih
@@ -241,6 +241,7 @@ cc_library_static {
|
||||
shared_libs: [
|
||||
"liblog",
|
||||
"libcrypto",
|
||||
"libhidlbase",
|
||||
],
|
||||
|
||||
cflags: ["-DCORE_UTIL_IMPLEMENTATION"],
|
||||
@@ -291,6 +292,7 @@ cc_library_shared {
|
||||
"libbase",
|
||||
"libcrypto",
|
||||
"libdl",
|
||||
"libhidlbase",
|
||||
"liblog",
|
||||
"libprotobuf-cpp-lite",
|
||||
"libstagefright_foundation",
|
||||
|
||||
@@ -351,6 +351,9 @@ class CdmEngine {
|
||||
virtual CdmResponseType SetPlaybackId(const CdmSessionId& session_id,
|
||||
const std::string& playback_id);
|
||||
|
||||
virtual void SetUserId(uint32_t user_id) { user_id_ = user_id; }
|
||||
virtual uint32_t GetUserId() const { return user_id_; }
|
||||
|
||||
protected:
|
||||
friend class CdmEngineFactory;
|
||||
|
||||
@@ -394,6 +397,7 @@ class CdmEngine {
|
||||
FileSystem* file_system_;
|
||||
Clock clock_;
|
||||
std::string spoid_;
|
||||
uint32_t user_id_;
|
||||
|
||||
// Usage related variables
|
||||
// Used to isolate a single active usage information license. Loading,
|
||||
|
||||
@@ -435,6 +435,7 @@ class WatchDog {
|
||||
status_ = OEMCrypto_SUCCESS;
|
||||
gave_up_ = false;
|
||||
sandbox_id_ = sandbox_id;
|
||||
uid_ = wvcdm::GetIpcCallingUid();
|
||||
}
|
||||
|
||||
// Deleted by either thread.
|
||||
@@ -449,6 +450,7 @@ class WatchDog {
|
||||
// Function called by new worker thread.
|
||||
static void RunWatchDog(void* watcher) {
|
||||
WatchDog* dog = reinterpret_cast<WatchDog*>(watcher);
|
||||
wvcdm::SetLoggingUid(dog->uid_);
|
||||
dog->DoInit();
|
||||
dog->SignalDoneAndCleanUp();
|
||||
}
|
||||
@@ -610,6 +612,7 @@ class WatchDog {
|
||||
bool running_;
|
||||
bool gave_up_;
|
||||
std::vector<uint8_t> sandbox_id_;
|
||||
uint32_t uid_;
|
||||
};
|
||||
|
||||
struct LevelSession {
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
|
||||
#include <string>
|
||||
|
||||
#include "log.h"
|
||||
#include "wv_cdm_constants.h"
|
||||
|
||||
namespace wvcdm {
|
||||
@@ -38,6 +39,10 @@ struct CdmIdentifier {
|
||||
// with a CdmEngine instance. This is a simple way to implement that.
|
||||
uint32_t unique_id;
|
||||
|
||||
// Operating system user id of the application. Used to filter log messages.
|
||||
// Defaults to UNKNOWN_UID.
|
||||
uint32_t user_id;
|
||||
|
||||
// This method is needed to check to see if the identifier is equivalent
|
||||
// to the default cdm. E.g. no spoid, origin or app package name. Use this
|
||||
// comparison in lieu of the == operator when checking to see if the
|
||||
@@ -52,7 +57,7 @@ struct CdmIdentifier {
|
||||
inline bool operator==(const CdmIdentifier& lhs, const CdmIdentifier& rhs) {
|
||||
return lhs.spoid == rhs.spoid && lhs.origin == rhs.origin &&
|
||||
lhs.app_package_name == rhs.app_package_name &&
|
||||
lhs.unique_id == rhs.unique_id;
|
||||
lhs.unique_id == rhs.unique_id && lhs.user_id == rhs.user_id;
|
||||
}
|
||||
|
||||
inline bool operator!=(const CdmIdentifier& lhs, const CdmIdentifier& rhs) {
|
||||
@@ -66,7 +71,9 @@ inline bool operator<(const CdmIdentifier& lhs, const CdmIdentifier& rhs) {
|
||||
(lhs.origin == rhs.origin &&
|
||||
(lhs.app_package_name < rhs.app_package_name ||
|
||||
(lhs.app_package_name == rhs.app_package_name &&
|
||||
lhs.unique_id < rhs.unique_id)))));
|
||||
(lhs.unique_id < rhs.unique_id ||
|
||||
(lhs.unique_id == rhs.unique_id &&
|
||||
lhs.user_id < rhs.user_id)))))));
|
||||
}
|
||||
|
||||
inline bool operator>(const CdmIdentifier& lhs, const CdmIdentifier& rhs) {
|
||||
@@ -82,8 +89,8 @@ inline bool operator>=(const CdmIdentifier& lhs, const CdmIdentifier& rhs) {
|
||||
}
|
||||
|
||||
// Provide default
|
||||
static const CdmIdentifier kDefaultCdmIdentifier = {EMPTY_SPOID, EMPTY_ORIGIN,
|
||||
EMPTY_APP_PACKAGE_NAME, 0};
|
||||
static const CdmIdentifier kDefaultCdmIdentifier = {
|
||||
EMPTY_SPOID, EMPTY_ORIGIN, EMPTY_APP_PACKAGE_NAME, 0, UNKNOWN_UID};
|
||||
|
||||
} // namespace wvcdm
|
||||
|
||||
|
||||
@@ -183,6 +183,9 @@ class WvContentDecryptionModule : public android::RefBase, public TimerHandler {
|
||||
virtual CdmResponseType SetPlaybackId(const CdmSessionId& session_id,
|
||||
const std::string& playback_id);
|
||||
|
||||
virtual CdmResponseType GetSessionUserId(const CdmSessionId& session_id,
|
||||
uint32_t* user_id);
|
||||
|
||||
private:
|
||||
struct CdmInfo {
|
||||
CdmInfo();
|
||||
|
||||
@@ -442,6 +442,7 @@ CdmEngine* WvContentDecryptionModule::EnsureCdmForIdentifier(
|
||||
cdms_[identifier].cdm_engine->SetAppPackageName(
|
||||
identifier.app_package_name);
|
||||
cdms_[identifier].cdm_engine->SetSpoid(identifier.spoid);
|
||||
cdms_[identifier].cdm_engine->SetUserId(identifier.user_id);
|
||||
}
|
||||
cdm_engine = cdms_[identifier].cdm_engine.get();
|
||||
}
|
||||
@@ -549,9 +550,12 @@ void WvContentDecryptionModule::OnTimerEvent() {
|
||||
{
|
||||
std::unique_lock<std::mutex> auto_lock(cdms_lock_);
|
||||
for (auto it = cdms_.begin(); it != cdms_.end(); ++it) {
|
||||
LoggingUidSetter set_uid(it->first.user_id);
|
||||
it->second.cdm_engine->OnTimerEvent();
|
||||
}
|
||||
if (cdms_.empty()) {
|
||||
// The following code cannot be attributed to any app uid.
|
||||
LoggingUidSetter set_uid(UNKNOWN_UID);
|
||||
if (CryptoSession::TryTerminate()) {
|
||||
// If CryptoSession is in a state to be terminated, try acquiring the
|
||||
// |timer_lock_| before deciding whether to disable the timer. If the
|
||||
@@ -617,4 +621,13 @@ CdmResponseType WvContentDecryptionModule::SetPlaybackId(
|
||||
if (!cdm_engine) return SESSION_NOT_FOUND_23;
|
||||
return cdm_engine->SetPlaybackId(session_id, playback_id);
|
||||
}
|
||||
|
||||
CdmResponseType WvContentDecryptionModule::GetSessionUserId(
|
||||
const CdmSessionId& session_id, uint32_t* user_id) {
|
||||
if (!user_id) return PARAMETER_NULL;
|
||||
CdmEngine* cdm_engine = GetCdmForSessionId(session_id);
|
||||
if (!cdm_engine) return SESSION_NOT_FOUND_23;
|
||||
*user_id = cdm_engine->GetUserId();
|
||||
return NO_ERROR;
|
||||
}
|
||||
} // namespace wvcdm
|
||||
|
||||
@@ -55,6 +55,7 @@ LOCAL_SHARED_LIBRARIES := \
|
||||
libbase \
|
||||
libcrypto \
|
||||
libdl \
|
||||
libhidlbase \
|
||||
liblog \
|
||||
libmedia_omx \
|
||||
libprotobuf-cpp-lite \
|
||||
|
||||
@@ -51,6 +51,7 @@ LOCAL_SHARED_LIBRARIES := \
|
||||
libbase \
|
||||
libcrypto \
|
||||
libdl \
|
||||
libhidlbase \
|
||||
liblog \
|
||||
libmedia_omx \
|
||||
libprotobuf-cpp-lite \
|
||||
|
||||
@@ -33,6 +33,7 @@ typedef enum {
|
||||
extern LogPriority g_cutoff;
|
||||
|
||||
struct LogMessage {
|
||||
uint32_t uid_;
|
||||
int64_t time_ms_;
|
||||
LogPriority priority_;
|
||||
std::string message_;
|
||||
@@ -51,6 +52,26 @@ class LogBuffer {
|
||||
|
||||
extern LogBuffer g_logbuf;
|
||||
|
||||
static const uint32_t UNKNOWN_UID = ~0;
|
||||
|
||||
#ifdef __ANDROID__
|
||||
void SetLoggingUid(const uint32_t);
|
||||
void ClearLoggingUid();
|
||||
uint32_t GetLoggingUid();
|
||||
uint32_t GetIpcCallingUid();
|
||||
#else
|
||||
static inline void SetLoggingUid(const uint32_t) {}
|
||||
static inline void ClearLoggingUid() {}
|
||||
static inline uint32_t GetLoggingUid() { return UNKNOWN_UID; }
|
||||
static inline uint32_t GetIpcCallingUid() { return UNKNOWN_UID; }
|
||||
#endif
|
||||
|
||||
struct LoggingUidSetter {
|
||||
LoggingUidSetter() {}
|
||||
LoggingUidSetter(uint32_t uid) { SetLoggingUid(uid); }
|
||||
virtual ~LoggingUidSetter() { ClearLoggingUid(); }
|
||||
};
|
||||
|
||||
// Enable/disable verbose logging (LOGV).
|
||||
// This function is supplied for cases where the system layer does not
|
||||
// initialize logging. This is also needed to initialize logging in
|
||||
|
||||
@@ -22,6 +22,7 @@
|
||||
#define LOG_BUF_SIZE 1024
|
||||
|
||||
#include "log.h"
|
||||
#include <hwbinder/IPCThreadState.h>
|
||||
#include <utils/Log.h>
|
||||
|
||||
#include <stdarg.h>
|
||||
@@ -54,6 +55,27 @@ LogPriority g_cutoff = LOG_VERBOSE;
|
||||
|
||||
LogBuffer g_logbuf;
|
||||
|
||||
thread_local bool tl_logging_uid_set_ = false;
|
||||
|
||||
thread_local uint32_t tl_logging_uid_ = UNKNOWN_UID;
|
||||
|
||||
void SetLoggingUid(const uint32_t uid) {
|
||||
tl_logging_uid_set_ = true;
|
||||
tl_logging_uid_ = uid;
|
||||
}
|
||||
|
||||
void ClearLoggingUid() {
|
||||
tl_logging_uid_set_ = false;
|
||||
tl_logging_uid_ = UNKNOWN_UID;
|
||||
}
|
||||
|
||||
uint32_t GetLoggingUid() { return tl_logging_uid_; }
|
||||
|
||||
uint32_t GetIpcCallingUid() {
|
||||
const auto self = android::hardware::IPCThreadState::selfOrNull();
|
||||
return self ? self->getCallingUid() : UNKNOWN_UID;
|
||||
}
|
||||
|
||||
void InitLogging() {}
|
||||
|
||||
void Log(const char* file, const char* function, int line, LogPriority level,
|
||||
@@ -101,7 +123,8 @@ void Log(const char* file, const char* function, int line, LogPriority level,
|
||||
|
||||
__android_log_write(prio, LOG_TAG, buf);
|
||||
if (level <= LOG_INFO) {
|
||||
g_logbuf.addLog({GetCurrentTimeMs(), level, buf});
|
||||
uint32_t uid = tl_logging_uid_set_ ? tl_logging_uid_ : GetIpcCallingUid();
|
||||
g_logbuf.addLog({uid, GetCurrentTimeMs(), level, buf});
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -53,16 +53,19 @@ hidl_vec<T> toHidlVec(const std::vector<U> &vec);
|
||||
|
||||
template<>
|
||||
inline hidl_vec<::drm::V1_4::LogMessage> toHidlVec(const std::vector<wvcdm::LogMessage> &vec) {
|
||||
hidl_vec<::drm::V1_4::LogMessage> hLogs(vec.size());
|
||||
for (size_t i = 0; i < vec.size(); i++) {
|
||||
const auto& msg = vec[i];
|
||||
hLogs[i] = {
|
||||
msg.time_ms_,
|
||||
toHidlPriority(msg.priority_),
|
||||
msg.message_,
|
||||
};
|
||||
uint32_t uid = wvcdm::GetIpcCallingUid();
|
||||
std::vector<::drm::V1_4::LogMessage> vec2;
|
||||
for (auto msg : vec) {
|
||||
if (uid == msg.uid_) {
|
||||
vec2.push_back({
|
||||
msg.time_ms_,
|
||||
toHidlPriority(msg.priority_),
|
||||
msg.message_,
|
||||
});
|
||||
}
|
||||
}
|
||||
return hLogs;
|
||||
|
||||
return hidl_vec<::drm::V1_4::LogMessage>(vec2);
|
||||
}
|
||||
|
||||
template<typename T> const hidl_vec<T> toHidlVec(const std::vector<T> &vec) {
|
||||
|
||||
@@ -10,6 +10,7 @@
|
||||
#include <android/hidl/memory/1.0/IMemory.h>
|
||||
|
||||
#include "HidlTypes.h"
|
||||
#include "log.h"
|
||||
#include "wv_content_decryption_module.h"
|
||||
#include "WVTypes.h"
|
||||
|
||||
@@ -24,7 +25,7 @@ using ::android::hidl::memory::V1_0::IMemory;
|
||||
struct WVCryptoPlugin : public ::drm::V1_4::ICryptoPlugin {
|
||||
WVCryptoPlugin(const void* data, size_t size,
|
||||
const sp<wvcdm::WvContentDecryptionModule>& cdm);
|
||||
virtual ~WVCryptoPlugin() {}
|
||||
virtual ~WVCryptoPlugin();
|
||||
|
||||
Return<bool> requiresSecureDecoderComponent(const hidl_string& mime)
|
||||
override;
|
||||
@@ -67,10 +68,15 @@ struct WVCryptoPlugin : public ::drm::V1_4::ICryptoPlugin {
|
||||
private:
|
||||
WVDRM_DISALLOW_COPY_AND_ASSIGN_AND_NEW(WVCryptoPlugin);
|
||||
|
||||
// List this field first so it is destructed last; ensure logging uid
|
||||
// is cleared right before plugin is destructed.
|
||||
wvcdm::LoggingUidSetter mLoggingUidSetter;
|
||||
|
||||
wvcdm::CdmSessionId mSessionId;
|
||||
std::map<uint32_t, sp<IMemory> > mSharedBufferMap;
|
||||
|
||||
sp<wvcdm::WvContentDecryptionModule> const mCDM;
|
||||
uint32_t mUserId;
|
||||
|
||||
Status_V1_2 attemptDecrypt(
|
||||
const wvcdm::CdmDecryptionParametersV16& params,
|
||||
|
||||
@@ -15,6 +15,7 @@
|
||||
#include <iterator>
|
||||
|
||||
#include "HidlTypes.h"
|
||||
#include "log.h"
|
||||
#include "mapErrors-inl.h"
|
||||
#include "OEMCryptoCENC.h"
|
||||
#include "openssl/sha.h"
|
||||
@@ -56,12 +57,21 @@ using wvcdm::WvContentDecryptionModule;
|
||||
|
||||
WVCryptoPlugin::WVCryptoPlugin(const void* data, size_t size,
|
||||
const sp<WvContentDecryptionModule>& cdm)
|
||||
: mCDM(cdm){
|
||||
: mCDM(cdm),
|
||||
mUserId(wvcdm::UNKNOWN_UID) {
|
||||
if (data != NULL) {
|
||||
mSessionId.assign(static_cast<const char *>(data), size);
|
||||
}
|
||||
if (!mCDM->IsOpenSession(mSessionId)) {
|
||||
mSessionId.clear();
|
||||
} else {
|
||||
mCDM->GetSessionUserId(mSessionId, &mUserId);
|
||||
}
|
||||
}
|
||||
|
||||
WVCryptoPlugin::~WVCryptoPlugin() {
|
||||
if (wvcdm::UNKNOWN_UID != mUserId) {
|
||||
wvcdm::SetLoggingUid(mUserId);
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -35,6 +35,7 @@ LOCAL_SHARED_LIBRARIES := \
|
||||
libcrypto \
|
||||
libcutils \
|
||||
libdl \
|
||||
libhidlbase \
|
||||
liblog \
|
||||
libprotobuf-cpp-lite \
|
||||
libstagefright_foundation \
|
||||
|
||||
@@ -11,6 +11,7 @@
|
||||
|
||||
#include "cdm_client_property_set.h"
|
||||
#include "cdm_identifier.h"
|
||||
#include "log.h"
|
||||
#include "wv_cdm_event_listener.h"
|
||||
#include "wv_content_decryption_module.h"
|
||||
#include "OEMCryptoCENC.h"
|
||||
@@ -264,6 +265,10 @@ struct WVDrmPlugin : public ::drm::V1_4::IDrmPlugin, IDrmPluginListener,
|
||||
private:
|
||||
WVDRM_DISALLOW_COPY_AND_ASSIGN_AND_NEW(WVDrmPlugin);
|
||||
|
||||
// List this field first so it is destructed last; ensure logging uid
|
||||
// is cleared right before plugin is destructed.
|
||||
wvcdm::LoggingUidSetter mLoggingUidSetter;
|
||||
|
||||
struct CryptoSession {
|
||||
public:
|
||||
CryptoSession()
|
||||
@@ -414,6 +419,8 @@ struct WVDrmPlugin : public ::drm::V1_4::IDrmPlugin, IDrmPluginListener,
|
||||
// until a call to getCdmIdentifier.
|
||||
bool is_sealed() { return mIsIdentifierSealed; }
|
||||
|
||||
uint32_t user_id() const { return mCdmIdentifier.user_id; }
|
||||
|
||||
private:
|
||||
WVDRM_DISALLOW_COPY_AND_ASSIGN(CdmIdentifierBuilder);
|
||||
|
||||
|
||||
@@ -20,6 +20,7 @@
|
||||
#include "TypeConvert.h"
|
||||
#include "android-base/macros.h"
|
||||
#include "hidl_metrics_adapter.h"
|
||||
#include "log.h"
|
||||
#include "mapErrors-inl.h"
|
||||
#include "media/stagefright/MediaErrors.h"
|
||||
#include "openssl/sha.h"
|
||||
@@ -198,6 +199,7 @@ WVDrmPlugin::WVDrmPlugin(const sp<WvContentDecryptionModule>& cdm,
|
||||
mAppPackageName(appPackageName) {}
|
||||
|
||||
WVDrmPlugin::~WVDrmPlugin() {
|
||||
wvcdm::SetLoggingUid(mCdmIdentifierBuilder.user_id());
|
||||
typedef map<CdmSessionId, CryptoSession>::iterator mapIterator;
|
||||
for (mapIterator iter = mCryptoSessions.begin();
|
||||
iter != mCryptoSessions.end();
|
||||
@@ -2188,6 +2190,7 @@ WVDrmPlugin::CdmIdentifierBuilder::CdmIdentifierBuilder(
|
||||
mParent(parent) {
|
||||
mCdmIdentifier.app_package_name = mAppPackageName;
|
||||
mCdmIdentifier.unique_id = getNextUniqueId();
|
||||
mCdmIdentifier.user_id = wvcdm::GetIpcCallingUid();
|
||||
}
|
||||
|
||||
Status WVDrmPlugin::CdmIdentifierBuilder::getCdmIdentifier(
|
||||
|
||||
@@ -35,6 +35,7 @@ LOCAL_SHARED_LIBRARIES := \
|
||||
libbase \
|
||||
libcrypto \
|
||||
libdl \
|
||||
libhidlbase \
|
||||
liblog \
|
||||
libprotobuf-cpp-lite \
|
||||
libutils \
|
||||
|
||||
@@ -46,6 +46,7 @@ LOCAL_SHARED_LIBRARIES := \
|
||||
libbase \
|
||||
libcrypto \
|
||||
libdl \
|
||||
libhidlbase \
|
||||
liblog \
|
||||
libmedia_omx \
|
||||
libprotobuf-cpp-lite \
|
||||
|
||||
@@ -45,6 +45,7 @@ cc_library_shared {
|
||||
shared_libs: [
|
||||
"libbase",
|
||||
"libcrypto",
|
||||
"libhidlbase",
|
||||
"liblog",
|
||||
"libssl",
|
||||
"libutils",
|
||||
|
||||
Reference in New Issue
Block a user