From 999fbeb666ab3156251b6e2b996f6f7f0bbc782f Mon Sep 17 00:00:00 2001 From: Rahul Frias Date: Wed, 26 May 2021 01:40:41 -0700 Subject: [PATCH 1/2] Disallow restoring an offline license multiple times [ Merge of http://go/wvgerrit/126063 ] As a side-effect of fixing b/161865160 CDM checks to flag reloading of an offline license were removed. This left it to the OEMCrypto which varied by device implementation. Checks are being reintroduced to the CDM and will help MediaDrm return the expected error ERROR_LICENSE_STATE. In addition restoring an offline liense to a session where a license is already loaded will be rejected. Bug: 184608310 Bug: 182208685 Test: WV unit/integration tests MediaDrmTest.testMultipleLoadKeys Change-Id: Id8ee069d22819f7823aa6af11a41f35f0a04ce0a --- libwvdrmengine/cdm/core/include/cdm_session.h | 3 +++ libwvdrmengine/cdm/core/include/wv_cdm_types.h | 2 +- libwvdrmengine/cdm/core/src/cdm_session.cpp | 8 ++++++++ libwvdrmengine/include/mapErrors-inl.h | 2 ++ libwvdrmengine/include_hidl/mapErrors-inl.h | 2 ++ 5 files changed, 16 insertions(+), 1 deletion(-) diff --git a/libwvdrmengine/cdm/core/include/cdm_session.h b/libwvdrmengine/cdm/core/include/cdm_session.h index 3ed656a7..37a30055 100644 --- a/libwvdrmengine/cdm/core/include/cdm_session.h +++ b/libwvdrmengine/cdm/core/include/cdm_session.h @@ -312,6 +312,9 @@ class CdmSession { // license type release and offline related information CdmKeySetId key_set_id_; + bool has_license_been_loaded_ = false; + bool has_license_been_restored_ = false; + bool mock_license_parser_in_use_; bool mock_policy_engine_in_use_; diff --git a/libwvdrmengine/cdm/core/include/wv_cdm_types.h b/libwvdrmengine/cdm/core/include/wv_cdm_types.h index 3779a087..08b7163c 100644 --- a/libwvdrmengine/cdm/core/include/wv_cdm_types.h +++ b/libwvdrmengine/cdm/core/include/wv_cdm_types.h @@ -414,7 +414,7 @@ enum CdmResponseType : int32_t { SHRINK_USAGE_TABLE_HEADER_ENTRY_IN_USE = 359, LICENSE_USAGE_ENTRY_MISSING = 360, LOAD_USAGE_ENTRY_INVALID_SESSION = 361, - // previously RESTORE_OFFLINE_LICENSE_ERROR_3 = 362, + RESTORE_OFFLINE_LICENSE_ERROR_3 = 362, NO_SRM_VERSION = 363, SESSION_NOT_FOUND_23 = 364, CERT_PROVISIONING_RESPONSE_ERROR_9 = 365, diff --git a/libwvdrmengine/cdm/core/src/cdm_session.cpp b/libwvdrmengine/cdm/core/src/cdm_session.cpp index ae705518..783aa6e3 100644 --- a/libwvdrmengine/cdm/core/src/cdm_session.cpp +++ b/libwvdrmengine/cdm/core/src/cdm_session.cpp @@ -215,6 +215,12 @@ CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id, if (!key_set_id_.empty()) { file_handle_->UnreserveLicenseId(key_set_id_); } + if (has_license_been_loaded_ || has_license_been_restored_) { + LOGE( + "Disallow multiple offline license restores or restoring a license if " + "a license has already been loaded"); + return RESTORE_OFFLINE_LICENSE_ERROR_3; + } key_set_id_ = key_set_id; @@ -338,6 +344,7 @@ CdmResponseType CdmSession::RestoreOfflineSession(const CdmKeySetId& key_set_id, license_received_ = true; is_offline_ = true; is_release_ = license_type == kLicenseTypeRelease; + has_license_been_restored_ = true; return KEY_ADDED; } @@ -582,6 +589,7 @@ CdmResponseType CdmSession::AddKeyInternal(const CdmKeyResponse& key_response) { if (sts != NO_ERROR) return sts; } + has_license_been_loaded_ = true; return KEY_ADDED; } diff --git a/libwvdrmengine/include/mapErrors-inl.h b/libwvdrmengine/include/mapErrors-inl.h index 218bcee1..ab35381c 100644 --- a/libwvdrmengine/include/mapErrors-inl.h +++ b/libwvdrmengine/include/mapErrors-inl.h @@ -477,6 +477,8 @@ static android::status_t mapCdmResponseType(wvcdm::CdmResponseType res) { return kRenewKeyError2; case wvcdm::RESTORE_OFFLINE_LICENSE_ERROR_2: return kRestoreOfflineLicenseError2; + case wvcdm::RESTORE_OFFLINE_LICENSE_ERROR_3: + return kRestoreOfflineLicenseError3; case wvcdm::SAMPLE_AND_SUBSAMPLE_SIZE_MISMATCH: return kSampleAndSubsampleSizeMismatch; case wvcdm::SESSION_FILE_HANDLE_INIT_ERROR: diff --git a/libwvdrmengine/include_hidl/mapErrors-inl.h b/libwvdrmengine/include_hidl/mapErrors-inl.h index 11d91c99..60e83548 100644 --- a/libwvdrmengine/include_hidl/mapErrors-inl.h +++ b/libwvdrmengine/include_hidl/mapErrors-inl.h @@ -167,6 +167,7 @@ static Status mapCdmResponseType_1_0(wvcdm::CdmResponseType res) { case wvcdm::RENEW_KEY_ERROR_1: case wvcdm::RENEW_KEY_ERROR_2: case wvcdm::RESTORE_OFFLINE_LICENSE_ERROR_2: + case wvcdm::RESTORE_OFFLINE_LICENSE_ERROR_3: case wvcdm::NOT_INITIALIZED_ERROR: case wvcdm::REINIT_ERROR: case wvcdm::SESSION_KEYS_NOT_FOUND: @@ -615,6 +616,7 @@ static S mapCdmResponseType(wvcdm::CdmResponseType res) { err = ::drm::V1_4::Status::LICENSE_RESTORE_ERROR; break; case wvcdm::GET_RELEASED_LICENSE_ERROR: + case wvcdm::RESTORE_OFFLINE_LICENSE_ERROR_3: err = ::drm::V1_4::Status::LICENSE_STATE_ERROR; break; case wvcdm::DEVICE_CERTIFICATE_ERROR_2: From a81ace2ea4ded7206ea875eb9ef42a5274e35eff Mon Sep 17 00:00:00 2001 From: Robert Shih Date: Mon, 25 Jan 2021 09:50:57 -0800 Subject: [PATCH 2/2] Use drm@1.4 vintf fragments for drm@1.3 This avoids widevine crashloops in case partners updated vendor/widevine without updating device makefiles. [ Merge of http://go/wvgerrit/126103 ] Bug: 178110290 Bug: 186502089 Test: GtsMediaTestCases Change-Id: Iafd9e62beadf5a099a76ab6a987ffd9598e5ef25 --- libwvdrmengine/Android.bp | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/libwvdrmengine/Android.bp b/libwvdrmengine/Android.bp index 0dde5135..641e5438 100644 --- a/libwvdrmengine/Android.bp +++ b/libwvdrmengine/Android.bp @@ -161,7 +161,7 @@ cc_binary { srcs: ["src_hidl/service.cpp"], init_rc: ["src_hidl/android.hardware.drm@1.3-service.widevine.rc"], - vintf_fragments: ["manifest_android.hardware.drm@1.3-service.widevine.xml"], + vintf_fragments: ["manifest_android.hardware.drm@1.4-service.widevine.xml"], } @@ -178,7 +178,7 @@ cc_binary { srcs: ["src_hidl/serviceLazy.cpp"], overrides: ["android.hardware.drm@1.3-service.widevine"], init_rc: ["src_hidl/android.hardware.drm@1.3-service-lazy.widevine.rc"], - vintf_fragments: ["manifest_android.hardware.drm@1.3-service.widevine.xml"], + vintf_fragments: ["manifest_android.hardware.drm@1.4-service.widevine.xml"], }