[ Merge of http://go/wvgerrit/158877 ]
The UsageTableHeader's LRU algorithm for determining which entry to
evict when full uses special considerations based on the type of
entry (offline or secure stop).
This CL removes all secure-stop-specific considerations, and instead
treats secure stop's the same as an unused entry. Secure stop entries
will always be selected for removal before offline licenses (expired
or not).
Additionally, LRU table upgrading will ignore secure-stop entries.
This has no effect in practice as DeviceFiles will not load secure
stop usage entries when UsageTableHeader is initialized on a real
file system.
Bug: 242289743
Test: run_x86_64_tests and request_license_test
Change-Id: Ib3f71f191aed94aad62951667426911e4e202068
[ Merge of http://go/wvgerrit/158722 ]
The CDM will delete all usage info / secure stop files on the device
when usage table entries labeled as USAGE_INFO are detected when
restoring the usage table. DeviceFiles no longer transfers the
stored USAGE_INFO entry info into the run-time entry info vector for
the table.
This CL makes only minor changes to test data. Significant updates
to both device file and usage table header unittests are required to
remove usage info / secure stop run-time resources.
Bug: 242289743
Test: run_x86_64_tests
Change-Id: I2d1fc0d6a4c994bc10bfce47818f101f95883979
[ Merge of http://go/wvgerrit/158721 ]
This CL removes support for secure stop / usage info sessions from the
CDM engine and CDM session. APIs for related to secure stop
operations will return NOT_IMPLEMENTED_ERROR.
New secure stop licenses will be rejected by the CDM when added.
Bug: 242289743
Test: run_x86_64_tests request_license_test
Change-Id: I30cd47e580d63014e001c903382a28238746f6d4
[ Merge of http://go/wvgerrit/160277 ]
OEMCrypto v15 did not require core messages during DRM certificate
provisioning. The CDM's certificate provisioning flow was allowing
for either case (with or without core messages) when provisioning.
Now, devices can safely assume that all provsisioning responses will
be v16 or newer; all requests/response must contain a core message.
Bug: 252670759
Test: run_x86_64_tests and request_license_test
Change-Id: I9f51e07caf642eaf646ef40bdd640b3ccfe2533c
[ Merge of http://go/wvgerrit/160000 ]
OEMCrypto v15 licenses made use of several now-obsolete API functions
of OEMCrypto (mainly LoadKeys and RefreshKeys). All license handled
by the CDM must be v16 or newer. The CDM can now rely on all license
requests/responses containing a core message, using v16 policy timers,
and requires loading using LoadLicense() / LoadRenewal().
Bug: 252670759
Test: run_x86_64_tests and policy_engine_unittest
Change-Id: I3f65a6ec0326b4c89d1919b8911e065079cb90d2
Revert "Split rkp from keymint."
Revert "Add dependency on newly-split RKP HAL"
Revert "Add dependencies on newly-split RKP HAL"
Revert "Add dependency on split out RKP HAL"
Revert submission 20364235-split-rkp-aidl
Reason for revert: Build break in android.hardware.identity-api
Reverted Changes:
Ib86454bbb:Update dependencies on HAL types moved from keymin...
I501c967e2:Add dependencies on newly-split RKP HAL
I08560f9af:Add dependency on split out RKP HAL
I87133e385:Add dependency on split out RKP HAL
Ia13374cbc:Add dependency on split out RKP HAL
I72bc1774c:Add dependency on newly-split RKP HAL
I71ac265e3:Add dependency on newly-split RKP HAL
Ie0e17bb2c:Update the RKP aidl dependency
I5d24f47ce:Update README and CHANGELOG for RKP
I4b2498dd1:Split rkp from keymint.
I266009d75:Add dependency on newly-split rkp HAL
Change-Id: I4192940d5013a079f3d15f6ffaf44bc1634d7538
Merge from http://go/wvgerrit/158917
Use go/yamllint as reference and obfuscate portion of output to
run on an online yaml validator.
Sample output: http://go/cl/481370906
Test: Netflix, Play TV and Movies, Youtube
Test: adb shell dumpsys android.hardware.drm.IDrmFactory/widevine
Test: ./build_and_run_all_unit_tests.sh
Bug: 239462891
Change-Id: I1abf1aa50aa25b97b1f6c10995c324d6de04d056
The widevine apex is supposed to be installed in a "staged" way.
- apex_manifest: remove supportsRebootlessUpdate flag
- .rc: remove apex.com.google.android.widevine.ready=true
Bug: 243333942
Test: m
Change-Id: Ibb963937e6d8d889d9281d22972e12a148f59b94
[ Merge of http://go/wvgerrit/158720 ]
Support for secure stop licenses have been dropped. The MediaDRM
APIs have already documented their deprecation. Before support can
be removed from the plugin and CDM core implementation, the tests
associated with them must be removed.
This CL removes secure stop tests from the Android CDM integration
test `request_license_test` and from the MediaDRM plugin test
`libwvdrmdrmplugin_hal_test` and `libwvdrmdrmplugin_hidl_test`.
Bug: 242289743
Test: libwvdrmdrmplugin_hal_test request_license_test
Change-Id: Idb7ee53ab8115ce9b9a173eaf0a00f54325863a2
libwvhidl picked from the following builds
(built from change 20109884):
+--------+--------------+
| arch | build |
+--------+--------------+
| arm | ab/P41744857 |
| arm64 | ab/P41675377 |
| x86 | ab/P41675376 |
| x86_64 | ab/P41675378 |
+--------+--------------+
Ran patchelf to set DT_SONAME to libwvhidl@1.3.so
Bug: 249811494
Change-Id: I1ec8304bab4d81b958b6be056a0b32da386bc997
(cherry picked from commit 6bad0134d3c9ca8d479f121c71d66ac2d3e017b9)
In partner branches devkeys are not available. Use devkeys only when
they are available. Otherwise, use testkeys.
Bug: 249309699
Test: m com.google.android.widevine
Change-Id: I75fd50fe78d0fd2e797275c50ddf00b116700178
As of Android T, these need to start with the ro.vendor prefix. We are
doing it now so we can update ChromeOS to be in sync for either version.
Bug: 237492145, 248584954
Test: No properties errors in logcat during playback
Change-Id: Ic6fac64e621be65385d16808dbef52914a66967a
(cherry picked from commit 28a040d407b28d24dd4d5496dd08cfa2f6579d71)
(cherry picked from commit a932781fcc7d2d89d73c546bf244399daf02f5ac)
- add "supportRebootless" to apex_manifest.json
- add <allowed-vendor-apex> sysconfig
- add "on property:apex.com.google.android.widevine.ready=true" to .rc
Now, we can test `adb install` new version of the APEX and see the
service is restarted from the new version.
Note that this doesn't mean that DRM Framework works fine with the
update.
Bug: 248192031
Test: adb install --force-non-staged \
-i com.android.vending \
$OUT/vendor/com.google.android.widevine.apex
Change-Id: I7c41b224f0bb55742c0023c23196bba4a09e555f
We added custom properties that are only used on ChromeOS and to avoid
having to bloat the sepolicy for all of Android we are adding a check
here so that we only query the properties on ChromeOS based on the
bertha hardware property.
Bug: b:237492145
Test: Access denied message is gone w/ ExoPlayer
Change-Id: I3a5781ad980dfae2e16501b655386287b5e245b7
(cherry picked from commit 890f71ef367aed683a89892000e40d0e0ca6fbdd)
(cherry picked from commit 4379b0545a2ae866ba9fc315551a5534fa163924)
Added SPDX-license-identifier-Apache-2.0 to:
libwvdrmengine/apex/Android.bp
Bug: 68860345
Bug: 151177513
Bug: 151953481
Test: m all
Change-Id: Ibd3b1e73709de25ddfdddbdd2ecc56abe87a4c2f
[ Cherry-pick of http://ag/19893913 ]
[ Merge of http://go/wvgerrit/157098 ]
Several of the Android integration tests perform direct URL comparisons
between fixed URLs and the server URL returned by the CDM. With
provisioning 4.0, the CDM will append additional query parameters to
the server URL. This updated URL still contains all of the original
expected information, but with additional parameters. So long as the
URL contains the required fields, any additional parameter should be
considered valid.
The gtest framework used by the integration tests allow for the
creation of custom "matchers", rules that can be used to validate data
and create informative failure logs. The CL creates a new matcher for
checking that a tested URL is a superset of content of the expected
URL.
Bug: 244319313
Test: request_license_test on prov 4 device
Change-Id: Ie721058fa628b3a4a74dc56f4172a3dfcb1f1ef3
(cherry picked from commit fa8c0a9a62)
This makes it easier to upgrade KM AIDL version.
Test: m android.hardware.security.keymint-service.widevine
Change-Id: I251d7f3222617cbb3ba8b084c146aeb629f8eb6f
[ Merged from http://go/wvgerrit/152549 ]
Test: unit tests
Test: Google TV and Netflix
Test: atest GtsMediaTestCases
Bug: 216527109
Change-Id: Id70e43315550508e6fedacfee4f4ec009a24d0e3
