Merges to android Pi release (part 9)
These are a set of CLs merged from the wv cdm repo to the android repo. * Make Android NDK Builds Work With Latest BoringSSL Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/37000 ] The latest updates to BoringSSL require C99 or later. Our NDK-based builds (OEMCrypto Variants & Fastball) were not specifying a C standard. This patch adds compiler flags so that C files are compiled as C11 now. Note that this is about the *C* standard in use, not the *C++* standard, which this patch leaves untouched. BUG: 67907873 Test: build_android_mock.sh * Update BoringSSL to f7412cb072cc6b1847140e0c4f8b3ceeccd0e708 Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36761 ] This is the result of running UPDATE_BORINGSSL.sh. Future runs of this script should produce much smaller sets of changed files, but because the BoringSSL revision already in this directory was so old and contained many extraneous files from the Android operating system, the set of changed files is extensive this time. BUG: 67907873 * Refactoring the build files. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/37041 ] Move all common build dependencies to .gypi so that all fuzz test binary targets can be added to .gyp file without repeating code. * Introduce service certificate request property Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36941 ] Platforms differ on whether they allows service certificates to be requested if privacy mode is enabled and a certificate is not present. This property allows behavior to be configurable. Generating the service certificate request will be introduced in a follow on CL. BUG: 68328352 * Deprecate using keyboxes as identification Author: Rahul Frias <rfrias@google.com> [ Merge of http://go/wvgerrit/36740 ] Previously some platforms supported using keyboxes rather than certificates as the identification tokens in the license request message. All platforms that share core CDM code of the master branch now either provision using a keybox and use a DRM certificate or an OEM certificate as identification. No future usage of keyboxes as identifying tokens is planned. Since the platform property use_certificates_as_identification is always set to true, the negative code paths are never taken and can be removed. * OEMCrypto_GenerateSignature API Fuzz Test. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36863 ] - The first automated API fuzz test. - Also sumitting the corpus for the API fuzzed. * Add Script to Update BoringSSL from Source Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36760 ] Adds a script to third_party/boringssl/ that, when run, deletes all the auto-generated files in the generated/ directory and regenerates them from scratch, starting from the latest public HEAD of BoringSSL. Bug: 67907873 * Fix Fastball / OEMCrypto Variant BoringSSL Makefiles Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36926 ] Previously, when moving the BoringSSL source within the tree, I was not able to verify that I had not broken the NDK-compatible makefiles used by Fastball because that build is broken on master. I had to make a best-guess as to how they should be updated and hope. Now, however, I have been informed that the OEMCrypto Variants also use these makefiles, and I have been able to use that build to find where I broke them and get them fully working. Bug: 67386164 Test: build_android_mock.sh * Add kit/ to BoringSSL Include Path for Fastball & OEMCrypto Variants Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36925 ] When I moved the BoringSSL source in the tree, I updated the Android.mk files that pointed to it in order to build it. I did not realize that some makefiles outside that directory also contained hardcoded pointers into that directory. These references broke after the move. This patch fixes those paths to point to the new BoringSSL location. Bug: 67386164 Test: build_android_mock.sh * OEMCrypto Unit Test Refactor. Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36562 ] Refactoring OEMCrypto Tests so the Session Utility test code can be reused in fuzz tests. * Reorder license server config table to match ids Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36743 ] * Separate Hand-Written BoringSSL Files from Downloaded/Generated Ones Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36561 ] I want to make updating BoringSSL as simple as possible for us going forward. A future commit will add a script that automatically downloads and sets up the latest version of BoringSSL. To facilitate this script, a clear distinction needs to be made between the files that can be downloaded with / regenerated from the BoringSSL source and the files that are maintained by us by hand. The version of BoringSSL in this change is exactly the same as the one already in this directory. It has just been moved one folder deeper. Bug: 67907873 * Remove BoringSSL Symlinks, They Are Confusing Gerrit Author: John W. Bruce <juce@google.com> [ Merge of http://go/wvgerrit/36560 ] There are some symlinks in the current copy of BoringSSL that are causing headaches when I try to upload future changes to Gerrit. These were inherited from the Android OS and are not used by our build anywhere. They would be wiped out when I update BoringSSL anyway, but wiping them out in a separate change before I upload any other changes avoids confusing Gerrit. Bug: 67907873 * Add group master key id to support sublicense master key rotation, and content identification. Author: Jeff Fore <jfore@google.com> [ Merge of http://go/wvgerrit/36180 ] * OEMCrypto Fuzzer test framework Author: Vasantha Rao Polipelli <vasanthap@google.com> [ Merge of http://go/wvgerrit/36280 ] - Adding a sample fuzz test. - Adding build scripts for building the new Fuzz Tests to come. Design doc: go/oemcrypt_ref_impl_fuzz * Build Mod Mock with C++ 11 Author: Fred Gylys-Colwell <fredgc@google.com> [ Merge of http://go/wvgerrit/36328 ] This should fix the android oemcrypto mock build: http://go/wvbuild/job/Android_OEMCrypto_Variants BUG: 71650075 Test: Not currently passing. Will be addressed in a subsequent commit in the chain. Change-Id: Ic4d5be3118ef97e3f7d386149a2b5d9be8f0a87e
This commit is contained in:
Rahul Frias
@@ -10,9 +10,11 @@
|
||||
#include <stddef.h>
|
||||
#include <stdint.h>
|
||||
|
||||
#include "counter_metric.h"
|
||||
#include "event_metric.h"
|
||||
#include "metrics.pb.h"
|
||||
#include "OEMCryptoCENC.h"
|
||||
#include "value_metric.h"
|
||||
#include "wv_cdm_types.h"
|
||||
|
||||
// This definition indicates that a given metric does not need timing
|
||||
@@ -86,70 +88,64 @@ class CryptoMetrics {
|
||||
void Serialize(drm_metrics::MetricsGroup* metrics);
|
||||
|
||||
/* CRYPTO SESSION */
|
||||
EventMetric<CdmResponseType> crypto_session_delete_all_usage_reports_;
|
||||
EventMetric<CdmResponseType> crypto_session_delete_multiple_usage_information_;
|
||||
// TODO(blueeyes): Convert this to crypto_session_default_security_level_.
|
||||
ValueMetric<CdmSecurityLevel> crypto_session_security_level_;
|
||||
CounterMetric<CdmResponseType> crypto_session_delete_all_usage_reports_;
|
||||
CounterMetric<CdmResponseType> crypto_session_delete_multiple_usage_information_;
|
||||
EventMetric<CdmResponseType, Pow2Bucket, CdmEncryptionAlgorithm> crypto_session_generic_decrypt_;
|
||||
EventMetric<CdmResponseType, Pow2Bucket, CdmEncryptionAlgorithm> crypto_session_generic_encrypt_;
|
||||
EventMetric<CdmResponseType, Pow2Bucket, CdmSigningAlgorithm> crypto_session_generic_sign_;
|
||||
EventMetric<CdmResponseType, Pow2Bucket, CdmSigningAlgorithm> crypto_session_generic_verify_;
|
||||
EventMetric<bool> crypto_session_get_device_unique_id_;
|
||||
EventMetric<CdmSecurityLevel> crypto_session_get_security_level_;
|
||||
EventMetric<bool, uint32_t> crypto_session_get_system_id_;
|
||||
EventMetric<bool> crypto_session_get_token_;
|
||||
EventMetric<> crypto_session_life_span_;
|
||||
CounterMetric<bool> crypto_session_get_device_unique_id_;
|
||||
CounterMetric<bool> crypto_session_get_token_;
|
||||
ValueMetric<double> crypto_session_life_span_;
|
||||
EventMetric<bool> crypto_session_load_certificate_private_key_;
|
||||
EventMetric<CdmResponseType, SecurityLevel> crypto_session_open_;
|
||||
EventMetric<CdmResponseType, SecurityLevel> crypto_session_open_; // This is the requested security level.
|
||||
ValueMetric<uint32_t> crypto_session_system_id_;
|
||||
EventMetric<CdmResponseType> crypto_session_update_usage_information_;
|
||||
EventMetric<bool> crypto_session_usage_information_support_;
|
||||
ValueMetric<bool> crypto_session_usage_information_support_;
|
||||
/* OEMCRYPTO */
|
||||
EventMetric<uint32_t, SecurityLevel> oemcrypto_api_version_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_close_session_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel, Pow2Bucket> oemcrypto_copy_buffer_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_deactivate_usage_entry_;
|
||||
ValueMetric<uint32_t> oemcrypto_api_version_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_close_session_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_copy_buffer_;
|
||||
ValueMetric<OEMCrypto_HDCP_Capability> oemcrypto_current_hdcp_capability_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_deactivate_usage_entry_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_decrypt_cenc_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_delete_usage_entry_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_delete_usage_table_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_delete_usage_entry_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_delete_usage_table_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_derive_keys_from_session_key_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_force_delete_usage_entry_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_force_delete_usage_entry_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_generate_derived_keys_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_generate_nonce_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_generate_nonce_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_generate_rsa_signature_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_generate_signature_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_generic_decrypt_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_generic_encrypt_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_generic_sign_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_generic_verify_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_get_device_id_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_get_hdcp_capability_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket, SecurityLevel> oemcrypto_get_key_data_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_get_max_number_of_sessions_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_get_number_of_open_sessions_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_get_oem_public_certificate_;
|
||||
EventMetric<OEMCrypto_ProvisioningMethod, SecurityLevel> oemcrypto_get_provisioning_method_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_get_random_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_get_device_id_;
|
||||
EventMetric<OEMCryptoResult, Pow2Bucket> oemcrypto_get_key_data_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_get_oem_public_certificate_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_get_random_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_initialize_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_install_keybox_;
|
||||
EventMetric<bool, SecurityLevel> oemcrypto_is_anti_rollback_hw_present_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_is_keybox_valid_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_install_keybox_;
|
||||
ValueMetric<bool> oemcrypto_is_anti_rollback_hw_present_;
|
||||
ValueMetric<bool> oemcrypto_is_keybox_valid_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_load_device_rsa_key_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_load_keys_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_load_test_keybox_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_load_test_rsa_key_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_open_session_;
|
||||
ValueMetric<OEMCrypto_HDCP_Capability> oemcrypto_max_hdcp_capability_;
|
||||
ValueMetric<size_t> oemcrypto_max_number_of_sessions_;
|
||||
ValueMetric<size_t> oemcrypto_number_of_open_sessions_;
|
||||
ValueMetric<OEMCrypto_ProvisioningMethod> oemcrypto_provisioning_method_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_refresh_keys_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_report_usage_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_report_usage_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_rewrap_device_rsa_key_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_rewrap_device_rsa_key_30_;
|
||||
EventMetric<CdmSecurityLevel, SecurityLevel> oemcrypto_security_level_;
|
||||
EventMetric<uint16_t, SecurityLevel> oemcrypto_security_patch_level_;
|
||||
ValueMetric<uint16_t> oemcrypto_security_patch_level_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_select_key_;
|
||||
EventMetric<OEMCryptoResult, SecurityLevel> oemcrypto_supports_usage_table_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_update_usage_table_;
|
||||
ValueMetric<bool> oemcrypto_supports_usage_table_;
|
||||
CounterMetric<OEMCryptoResult> oemcrypto_update_usage_table_;
|
||||
EventMetric<OEMCryptoResult> oemcrypto_wrap_keybox_;
|
||||
|
||||
/* Internal OEMCrypto Metrics */
|
||||
EventMetric<OEMCryptoInitializationMode> oemcrypto_initialization_mode_;
|
||||
EventMetric<uint32_t, uint32_t> oemcrypto_l1_api_version_;
|
||||
};
|
||||
|
||||
// This class contains session-scoped metrics. All properties and
|
||||
@@ -179,10 +175,10 @@ class SessionMetrics {
|
||||
CryptoMetrics* GetCryptoMetrics() { return &crypto_metrics_; }
|
||||
|
||||
// Metrics collected at the session level.
|
||||
EventMetric<> cdm_session_life_span_;
|
||||
ValueMetric<double> cdm_session_life_span_; // Milliseconds.
|
||||
EventMetric<CdmResponseType> cdm_session_renew_key_;
|
||||
EventMetric<CdmResponseType> cdm_session_restore_offline_session_;
|
||||
EventMetric<CdmResponseType> cdm_session_restore_usage_session_;
|
||||
CounterMetric<CdmResponseType> cdm_session_restore_offline_session_;
|
||||
CounterMetric<CdmResponseType> cdm_session_restore_usage_session_;
|
||||
|
||||
// Serialize the session metrics to the provided |metric_group|.
|
||||
// |metric_group| is owned by the caller and must not be null.
|
||||
@@ -195,6 +191,45 @@ class SessionMetrics {
|
||||
CryptoMetrics crypto_metrics_;
|
||||
};
|
||||
|
||||
// This class contains metrics for the OEMCrypto Dynamic Adapter. They are
|
||||
// separated from other metrics because they need to be encapsulated in a
|
||||
// singleton object. This is because the dynamic adapter uses the OEMCrypto
|
||||
// function signatures and contract and cannot be extended to inject
|
||||
// dependencies.
|
||||
//
|
||||
// Operations for this metrics class are serialized since these particular
|
||||
// metrics may be accessed by a separate thread during intialize even as
|
||||
// the metric may be serialized.
|
||||
class OemCryptoDynamicAdapterMetrics {
|
||||
public:
|
||||
explicit OemCryptoDynamicAdapterMetrics();
|
||||
|
||||
// Set methods for OEMCrypto metrics.
|
||||
void SetInitializationMode(OEMCryptoInitializationMode mode);
|
||||
void SetL1ApiVersion(uint32_t version);
|
||||
void SetL1MinApiVersion(uint32_t version);
|
||||
|
||||
// Serialize the session metrics to the provided |metric_group|.
|
||||
// |metric_group| is owned by the caller and must not be null.
|
||||
void Serialize(drm_metrics::MetricsGroup* metric_group);
|
||||
|
||||
// Clears the existing metric values.
|
||||
void Clear();
|
||||
|
||||
private:
|
||||
Lock adapter_lock_;
|
||||
ValueMetric<OEMCryptoInitializationMode> oemcrypto_initialization_mode_;
|
||||
ValueMetric<uint32_t> oemcrypto_l1_api_version_;
|
||||
ValueMetric<uint32_t> oemcrypto_l1_min_api_version_;
|
||||
};
|
||||
|
||||
// This will fetch the singleton instance for dynamic adapter metrics.
|
||||
// This method is safe only if we use C++ 11. In C++ 11, static function-local
|
||||
// initialization is guaranteed to be threadsafe. We return the reference to
|
||||
// avoid non-guaranteed destructor order problems. Effectively, the destructor
|
||||
// is never run for the created instance.
|
||||
OemCryptoDynamicAdapterMetrics& GetDynamicAdapterMetricsInstance();
|
||||
|
||||
// This class contains engine-scoped metrics. All properties and
|
||||
// statistics related to operations within the engine, but outside
|
||||
// the scope of a session are recorded here.
|
||||
@@ -228,33 +263,39 @@ class EngineMetrics {
|
||||
void Serialize(drm_metrics::MetricsGroup* metric_group, bool completed_only,
|
||||
bool clear_serialized_sessions);
|
||||
|
||||
void SetAppPackageName(const std::string& app_package_name);
|
||||
|
||||
// Metrics recorded at the engine level.
|
||||
EventMetric<CdmResponseType> cdm_engine_add_key_;
|
||||
EventMetric<CdmResponseType> cdm_engine_close_session_;
|
||||
EventMetric<CdmResponseType> cdm_engine_decrypt_;
|
||||
EventMetric<bool> cdm_engine_find_session_for_key_;
|
||||
ValueMetric<std::string> cdm_engine_cdm_version_;
|
||||
CounterMetric<CdmResponseType> cdm_engine_close_session_;
|
||||
ValueMetric<int64_t> cdm_engine_creation_time_millis_;
|
||||
EventMetric<CdmResponseType, Pow2Bucket> cdm_engine_decrypt_;
|
||||
CounterMetric<bool> cdm_engine_find_session_for_key_;
|
||||
EventMetric<CdmResponseType> cdm_engine_generate_key_request_;
|
||||
EventMetric<CdmResponseType> cdm_engine_get_provisioning_request_;
|
||||
EventMetric<CdmResponseType> cdm_engine_get_usage_info_;
|
||||
EventMetric<CdmResponseType> cdm_engine_handle_provisioning_response_;
|
||||
EventMetric<> cdm_engine_life_span_;
|
||||
EventMetric<CdmResponseType> cdm_engine_open_key_set_session_;
|
||||
EventMetric<CdmResponseType> cdm_engine_open_session_;
|
||||
ValueMetric<double> cdm_engine_life_span_; // Milliseconds
|
||||
CounterMetric<CdmResponseType> cdm_engine_open_key_set_session_;
|
||||
CounterMetric<CdmResponseType> cdm_engine_open_session_;
|
||||
EventMetric<CdmResponseType> cdm_engine_query_key_status_;
|
||||
EventMetric<CdmResponseType> cdm_engine_release_all_usage_info_;
|
||||
EventMetric<CdmResponseType> cdm_engine_release_usage_info_;
|
||||
EventMetric<CdmResponseType> cdm_engine_remove_keys_;
|
||||
CounterMetric<CdmResponseType> cdm_engine_release_all_usage_info_;
|
||||
CounterMetric<CdmResponseType> cdm_engine_release_usage_info_;
|
||||
CounterMetric<CdmResponseType> cdm_engine_remove_keys_;
|
||||
EventMetric<CdmResponseType> cdm_engine_restore_key_;
|
||||
EventMetric<CdmResponseType, CdmSecurityLevel> cdm_engine_unprovision_;
|
||||
CounterMetric<CdmResponseType, CdmSecurityLevel> cdm_engine_unprovision_;
|
||||
|
||||
private:
|
||||
Lock session_metrics_lock_;
|
||||
std::vector<metrics::SessionMetrics*> session_metrics_list_;
|
||||
CryptoMetrics crypto_metrics_;
|
||||
std::string app_package_name_;
|
||||
|
||||
void SerializeEngineMetrics(drm_metrics::MetricsGroup* out);
|
||||
};
|
||||
|
||||
} // namespace metrics
|
||||
} // namespace wvcdm
|
||||
#endif
|
||||
|
||||
#endif // WVCDM_METRICS_METRICS_GROUP_H_
|
||||
|
||||
Reference in New Issue
Block a user