[ Merge of http://go/wvgerrit/171310 ]
Offline license not found errors are identified by CdmResponseEnum
347 (KEYSET_ID_NOT_FOUND_4). No addition file system information
is shared.
Checks for file existance use the stat command. The stat call can
return error codes from errno.h when the command fails.
These are now converted into sub error codes and returned along with
the offline license file not found error.
This also includes a change to log stat errors other than
ENOENT (no such file or directory) as a warning rather than verbose.
Bug: 276225520
Test: file_store_unittest, file_utils_unittest, GtsMediaTestCases
Change-Id: Ic09d036549582cd65783b49fa96ffefc4bf562c7
[ Merge of http://go/wvgerrit/169374 ]
Device renewals used to require that OEMs remove provisioning
certificates as part of the OTA update process. Instead, a change
in system ID is relied upon to indicate a change in root of trust.
If a change in System ID is detected, reprovisioning will be forced.
This is not enabled for ATSC devices or L3 devices. For the latter a
change in system ID may occurs without a change in RoT.
Bug: 258361396
Test: GtsMediaTestCases
Change-Id: I6e8b0b2149fc2ed5362a32bb6e869826f5fa8ef7
[ Merge of http://go/wvgerrit/168397 ]
When CdmResponseType (enum) was transformed to CdmResponseType
(struct), the test printers where not updated to print the result
of failed comparisons. In addition, several logs statements were
updated haphazardly, leaving inconsistencies and potential
compiler-specific behavior.
This CL replaces CdmResponseType std::string operator with a ToString()
method. This is to make it consistent with Google's C++ style guide
on conversion operators vs methods. The string conversion function is
now defined in wv_cdm_types.cpp instead of inline in the header file.
The PrintTo function has been implemented along with the other CDM
test printers in test_printers.cpp.
Bug: 273989359
Test: run_x86_64_tests
Test: MediaDrmParameterizedTests on redfin
Test: Forrest drm_compliance
Change-Id: Ibfaa17029046b75b1c8c278f7bd7e04a24379848
[ Merge of http://go/wvgerrit/165617 ]
Similar to the issue with updating secure stops by PST (see
http://go/wvgerrit/165597), when deleting different secure stops with
the same PST results in unintended behavior. This CL changes how the
CDM identifies which secure stop to delete from storaged based on the
key set ID rather than the PST.
Bug: 263316107
Test: device_files_unittest
Test: GTS MediaDrmParameterizedTests and MediaDrmStressTest
Change-Id: Ic3843a1435f252f052c7189423c211c28ed74eaa
[ Merge of http://go/wvgerrit/165191 ]
Previously, when updating a secure stop / usage info record, the
existing record was identified by PST. It was assumed that apps would
never use the same PST for different licenses; however, this was never
enforced. Certain GTS tests use the same PST across multiple tests to
identify different licenses. Depending on the order of operations,
the periodic updating of the usage entry might overwrite the wrong
entry.
Key set IDs are generated by the CDM, and are guaranteed to be unique
within the scope of the same file system. Given that key set IDs are
not expected to be transfered to different licenses, using the key
set ID to identify secure stop / usage info records eliminates the
possibility of overwriting the wrong entry.
Bug: 263316107
Test: device_files_unittest
Test: GTS MediaDrmParameterizedTests and MediaDrmStressTest
Change-Id: I2e2d50d188e05c8ca6b8095549796b913ea72d7a
[ Merge of http://go/wvgerrit/164077 ]
This CL makes major changes to the names of variables and types that
are related to the usage table, header, entries, entry indexes, and
other related data.
The renaming followed these rules:
1) "Usage table header" will exclusively refer to the header blob
that is OEMCrypto specific. The CDM class "UsageTableHeader"
is the CDM-layer's abstraction around the "usage table" concept.
The name has been updated to reflect that.
2) The "Cdm" prefix is only used for the CDM-specific data types for
the usage table and entry info. It has been removed from
OEMCrypto-specific types.
- UsageTableHeader -> CdmUsageTable
- CdmUsageTableHeader -> UsageTableHeader
- CdmUsageEntry -> UsageEntry
3) The "usage_" prefix has been removed from variables when the usage
table or usage entries are the subject of the function or class.
4) UsageEntryIndex is the type for entry indexes, instead of directly
using uint32_t. This matches how we wrap other types in
"wv_cdm_types.h"
5) Changed entry "number" to entry "index".
6) Vectors of elements have been renamed to be either pluralized or
have a suffix "_list".
7) "Usage info" was occasionally being used to refer to the usage
table or entries generally, rather than specifically secure-stop.
- CryptoSession::HasUsageInfoSupport() -> HasUsageTableSupport()
The most major change is that the files "usage_table_header*" have
been renamed to be "cdm_usage_table*".
Bug: 242914226
Test: run_x86_64_tests and request_license_test
Change-Id: Iee98446b71f4f2934d3c9e0fb949eb05b84d1f8c
No-Typo-Check: From a third party header file
Bug: 260918793
Test: unit tests
Test: atp v2/widevine-eng/drm_compliance
Change-Id: I36effd6a10a99bdb2399ab1f4a0fad026d607c70
1. "Change CdmResponseType from enum into a struct"
Merged from http://go/wvgerrit/163199
Bug: 253271674
2. "Log request information when server returns 401"
Bug: 260760387
Bug: 186031735
Merged from http://go/wvgerrit/162798
3. "Specify server version on the command line"
Bug: 251599048
Merged from http://go/wvgerrit/158897
Test: build android.hardware.drm-service.widevine
Test: Netflix and Play Movies & TV
Test: build_and_run_all_unit_tests.sh
Bug: 253271674
Change-Id: I70c950acce070609ee0343920ec68e66b058bc23
[ Merge of http://go/wvgerrit/158721 ]
This CL removes support for secure stop / usage info sessions from the
CDM engine and CDM session. APIs for related to secure stop
operations will return NOT_IMPLEMENTED_ERROR.
New secure stop licenses will be rejected by the CDM when added.
Bug: 242289743
Test: run_x86_64_tests request_license_test
Change-Id: I30cd47e580d63014e001c903382a28238746f6d4
[ Merge of http://go/wvgerrit/149690 ]
This changes extends the CryptoSession logging to include the OEMCrypto
session ID in its decrypt failure logs, and adds a new CdmSession
decrypt failure log which includes the CDM session ID. The CDM session
directly maps to the MediaDRM session ID, making app debugging easier.
The Decrypt() code pathway is one of the most frequently called
portions of the CDM code, and the pathway attempts to make as few
logging calls as possible in order to keep latency low and log
verbosity to a minimum. It is anticiapted that when a call to
Decrypt() fails, there will be a burst of failures as the app may
make several calls to Decrypt() before handling the first decrypt
error.
To keep logging low, the following rules are followed:
- CryptoSession: decrypt errors are only logged when the decrypt error
changes.
- CdmSession: decrypt errors are only logged when the last call to
decrypt had succeeded.
Bug: 183984396
Test: MediaGTS with decrypt failures
Change-Id: Ic6124646d129efbc8a690b5bfd4dc422e04e677b
(This is a merge of http://go/wvgerrit/139632.)
While fixing a compiler error about shadowed variables in CdmSession, I
noticed that this function had two result variables with different names
as well. This patch consolidates down to one result variable.
Bug: 207684988
Test: x86-64
Change-Id: Iaf6d742ef3409d85a1c364b486909d2497093112
[ Cherry pick of http://ag/15836995 ]
[ Merge of http://go/wvgerrit/133744 ]
This changes adds several small classes which contain and manage
system and engine information related to OTA keybox provisioning.
These classes closely map to the OKP device file messages.
Bug: 189232882
Test: Linux unit tests
Change-Id: Ia9334c38f9d7ea89b30d9ad05f0595570bb38658
Storing and loading OKP info.
[ Merge of http://go/wvgerrit/133763 and http://go/ag/15645333 ]
This change extends the DeviceFiles module to be able to store and
load OKP info. Mild data validation is performed when storing and
loading the information.
Bug: 189232882
Test: Android unit tests
Change-Id: I077de3234157252f2255a4389bf82a8d5344a355
System OKP fallback policy.
[ Merge of http://go/wvgerrit/133783 and http://go/ag/15645334 ]
SystemFallbackPolicy provides a thread-safe interface for accessing
and modifying OKP info.
Bug: 189232882
Test: Android unit tests
Change-Id: I4e43e3bc047ed5fb6cb517b53e4094e812b70e1e
Engine OKP provisioner.
[ Merge of http://go/wvgerrit/133803 and http://go/ag/15645335 ]
The OtaKeyboxProvisioner provides a CdmEngine-specific context for
performing OTA keybox provisioning. Utilizes the system-wide
SystemFallbackPolicy to relay provisioning status between engines.
The provisioner will handle message wrapping and unwrapping of the
raw OTA keybox request / response into the SignedProvisioningMessage
which is sent to/received from the provisioning server.
[ Partial merge of http://go/wvgerrit/125844 ]
Note: Includes partial CryptoSession changes from various CLs.
CryptoSession functionality has been stripped to reduce impact of
this CL.
Bug: 189232882
Test: Android unit tests
Change-Id: I282bf7d1887daefb2250af1bd595c4dc3dfcfb29
Integrated OKP into CDM Engine
[ Merge of http://go/wvgerrit/133804 and http://go/ag/15646376 ]
Extended the functionality of the CdmEngine to check if the device
requires OKP and to initialize OKP resources if required. The
functionality of OpenSession() and GetProvisioningRequest() have been
the most affected. If OKP is required, these methods will signal to
the app that provisioning is required and will return an OKP request.
Once a device is provisioned, the OKP data is cleared away and the
CdmEngine will resume normal operation. Engines created after a
device is provisioned will immediately enter normal operations.
The exception is for CdmEngines which failed to perform OKP for some
reason and are still running. Those apps will need to restart before
gaining access to L1 operations.
Bug: 187646550
Test: Android integration tests
Change-Id: Ia572a66a7b73479355758aa3d0c682691eaca0fc
[ Merge of http://go/wvgerrit/128683 ]
The CDM session was incorrectly recording the "license SDK version" as
the "license service version" in the session metrics. This
discrepancy reduces the quality of devices' metrics and limits
debugging capabilities for the Widevine metric monitoring services.
Bug: 193177333
Test: Linux unit tests
Change-Id: Ic58cf7bc4fde777bb590c05777b76f5ff5c2f1ea
[ Merge of http://go/wvgerrit/128143 ]
Now reports LICENSE_STATE_ERROR rather than ERROR_DRM_GENERIC_PLUGIN
to make the cause of failure and suggested action more clear for app
developers. Also added an additional error log.
Bug: 190645000
Test: WV unit/integration tests
Change-Id: Ib23ca628c590316f90f497d8fdfbab24fd644d6f
[ Merge of http://go/wvgerrit/126063 ]
As a side-effect of fixing b/161865160 CDM checks to flag reloading
of an offline license were removed. This left it to the OEMCrypto
which varied by device implementation. Checks are being reintroduced
to the CDM and will help MediaDrm return the expected error
ERROR_LICENSE_STATE.
In addition restoring an offline liense to a session where a license
is already loaded will be rejected.
Bug: 184608310
Bug: 182208685
Test: WV unit/integration tests
MediaDrmTest.testMultipleLoadKeys
Change-Id: Id8ee069d22819f7823aa6af11a41f35f0a04ce0a
[ Merge of http://go/wvgerrit/123263 ]
In b/65839890 we discovered that an android app loaded an offline
license more than once in a session. We did not intend to allow
this behavior but did not prohibit it. OEMCrypto v16 disallowed
this behavior at the OEMCrypto level but we worked around it
within the CDM to maintain the bad behavior. Now that we have confirmed
that the app no longer relies on that behavior, we are reverting
the CDM workaround.
Bug: 161865160
Test: WV unit/integration test, GtsMediaTestCases
Amazon, Netflix, Google TV streaming and offline playback.
Change-Id: I31254e4c13b81587f88c6c684d08d5aa5c18e39d
[ Merge of http://go/wvgerrit/122613 ]
Further log clean up in the core CDM code.
- Changed several INFO logs to DEBUG and VERBOSE
- Added more identifiers to the DEBUG logs to help match resource
associations
- Added more enum-to-string functions
- Unknown enum values will be formatted to contain their numeric
value
Key areas improved are the UsageTableHeader and CdmSession.
Bug: 183576879
Test: CE CDM unittests
Change-Id: I2d11e714d419e0736d3e2f7a7668e8d36d7ef449
The android CL ag/13947818 was submitted before some CE CDM test
failures were noticed and code review comments were received.
Bug: 184813991
Test: WV unit/integration test
Change-Id: Ic31ca5bc5e46994e01eca56248e6bdffedd779f3
[ Merge of http://go/wvgerrit/121567 ]
Replaced the two usage support functions GetUsageSupportType() and
UsageInformationSupport() into a single function HasUsageInfoSupport().
Since moving to only supporting a single usage info system (usage table
header + usage entries), the different usage support functions have
lost their purpose.
One version of the method works on an open session and will use a
cached value of the property if previously set. The other can be
called without opening the session (as used for query calls).
This is part of larger fix for the usage table initialization process.
Bug: 169195093
Test: CE CDM unit tests
Change-Id: I637c24dd143e995dbb0f8848850e3c71ff1018eb
[ Merge of http://go/wvgerrit/119805 ]
This change adds 3 new functions for encoding binary data from a C++
string to a base64 encoded ASCII string.
The CDM and protobuf generated code use C++ strings to store binary
data. These binary strings are commonly converted into a base64
encoded ASCII string for logging and for returning to the app.
This change also cleans up some of the internal components of the
string_conversions library to use several standard library C++11
method.
Bug: 181732604
Test: CE CDM unittests
Change-Id: I547568c6402e011344260f2df2a06e972122ab8a
[ Merge of http://go/wvgerrit/120512 ]
Wrapped DRM private keys are loaded when a key request is made or when
offline/usage sessions are restored. They were earlier loaded when a
session was opened.
For streaming sessions, key material will be fetched from the default
or legacy certificates and loaded when a key request is made.
For offline and usage sessions, key material may be retrieved from
license or usage records if available. If not available, information
associated with the legacy certificate will be loaded.
Certificate and wrapped keys are also written out when an offline
license or usage record is saved.
Bug: 169740403
Test: WV unit/integration tests
WvCdmRequestLicenseTest.ProvisioningWithExpiringCertTest
WvCdmRequestLicenseTest.StreamingWithExpiringCertTest
WvCdmRequestLicenseTest.RestoreOfflineKeysWithExpiringCertTest
Change-Id: Ice0154c632170c46da171cbbb23a97380c610a98
[ Merge of http://go/wvgerrit/120509 ]
Certificates and wrapped key material are stored in the usage information
file but apart from usage information records. Usage info records include
an identifier which indicates the associated certificate. Routines to
help with finding, inserting or removal of associated certificates have
been included. After a usage entry is deleted, a garbage collection
routine is run to remove any certificates not used by usage infomation
records.
Bug: 169740403
Test: WV unit/integration tests
Change-Id: I49075a7704a58c2488b73eb7c38b007958af566d
[ Merge of http://go/wvgerrit/120508 ]
Offline licenses will now store the DRM certificate information. This
allows for expired certificates to be deleted and replaced without
losing the ability to use offline licenses.
Bug: 169740403
Test: WV unit/integration tests
DeviceFilesTest.RetrieveLicenses
DeviceFilesTest.StoreLicenses
Change-Id: Ic0de6328d32e0000d1b58c81019e6c2227278cc4
[ Merge of http://go/wvgerrit/120123 ]
DRM certificate creation and expiration times are now validated.
* New DRM (default) certificates will have an expiration time specified
by the provisioning service.
When stored, the client will include the time the certificate was
received. This allows for expiration calculation to occur when client
and provisioning service clocks are out of sync.
When read out, creation, expiration and acquisition times are
validated. The certificate is checked for expiry by making sure
that the time at the client since the license was acquired is not
greater than the expiration period. The time information stored at the
client may be tampered with. The license service will perform an
expiration check and reject the license request if tampered with.
The expiration time may be set to never expires/unlimited. This is not
a valid value for creation or acquisition time.
* Pre-existing (legacy) certificates from upgrading devices will not
have an expiration time set by the provisioning service. Instead
the client will calculate an expiration time 6 months with + or -
a random two month period in the future. This is stored along with the
certificate.
When read out, if no expiration time has been set by the client, one
will be calculated and written out. The certificate will be declared as
valid. If a client calculated expiration time is present, the
certificate will be validated. In case of tampering, the license service
can reject license requests and force reprovisioning when appropriate.
* ATSC certificates will continue to not have an expiration time.
No additional validation is required.
Other changes for non-ATSC licenses involve managing both default and
legacy certificate co-existance. When checking for DRM certificates,
the default certificate is attempted first. This is followed by a check
for the legacy certificate, if the default certificate is not present.
Bug: 169740403
Test: WV unit/integration tests
DeviceFilesTest.StoreCertificateInvalidParams
DeviceFilesTest.RetrieveAtscCertificate
DeviceFilesTest.RetrieveAtscCertificateNotFound
DeviceFilesTest.RetrieveCertificateInvalidParams
DeviceFilesTest.RetrieveLegacyCertificateWithoutExpirationTime
DeviceFilesTest.RetrieveLegacyCertificateWithClientExpirationTime
DeviceFilesTest.RetrieveLegacyExpiredCertificateByClientExpirationTime
DeviceFilesTest.RetrieveLegacyCertificateInvalidClientExpirationTime
DeviceFilesTest.RetrieveCertificateWithoutKeyType
DeviceFilesTest.RetrieveDefaultCertificate
DeviceFilesTest.RetrieveDefaultCertificateNeverExpires
DeviceFilesTest.HasCertificateAtsc
DeviceFilesTest.HasCertificateDefault
DeviceFilesTest.HasCertificateLegacy
DeviceFilesTest.HasCertificateNone
CertificateTest.StoreCertificateTest.DefaultAndLegacy/*
CertificateTest.RetrieveLegacyCertificateTest.ErrorScenarios/*
CertificateTest.RetrieveDefaultCertificateTest.ErrorScenarios/*
Change-Id: I7dbec7555fbd493c1ec61c6bb5d9428a2405b1fd
[ Merge of http://go/wvgerrit/111903 ]
CDM metrics has been updated to include the DRM key type. The CDM
session records the key type when the wrapped DRM key is successfully
loaded into an OEMCrypto session.
Now that the API refers to a general DRM key rather than an RSA key,
the timer metric for loading the DRM key has been renamed on the client
to reflect this.
Test: Metric unit tests
Bug: 140813486
Change-Id: I9069f13ac7c979cc8556e08591e1cf8f623d0a84
(cherry picked from commit 47fc031576)
Merged-In: I9069f13ac7c979cc8556e08591e1cf8f623d0a84
[ Merge of http://go/wvgerrit/110923 ]
The CDM is responsible for telling OEMCrypto the underlying DRM
private key type when loading it into a session. To do this, the
CDM must determine and store the key type of a successfully loaded
provisioning response. The type of key is available from the
DRM certificate proto that is provided in the reponse.
This change introduces a class to contain the wrapped key and
type together. To store the type, the CDM device files have been
updated to include a key type with the DRM certificate and to
store from and load to the new class.
Unittests have been updated for using the new class where the
wrapped key was used before.
Test: Linux unit tests
Bug: 140813486
Change-Id: I09249afe9c291632fb651ecd00eac697d6939ec7
(cherry picked from commit 6c457402e944079271cef488aa4699f986da6a2e)
Merged-In: I09249afe9c291632fb651ecd00eac697d6939ec7
Merge of http://go/wvgerrit/106823
Previously, we worked around a problem by signing a fake license
request when a license did not have a usage entry. However, this was
inside a conditional that the device did support usage tables. This CL
moves that code outside the conditional so that a fake license is
signed whenever the license does not have an entry.
Bug: 169591716
Test: unit and integration tests
Change-Id: Ic4d1a91af63503722b088a136c0a8dca9746a962
[ Merge of http://go/wvgerrit/108064 ]
The Widevine License Agreement has been renamed to use inclusive
language. This covers files in the core directory.
Bug: 168562298
Test: verified compilation (comment only change)
Change-Id: I8ae5a10cbfdf7faae6a2735e57b33729763f10b8
[ Merge of http://go/wvgerrit/106325 and http://go/ag/12644840 ]
When offline licenses are restored, licenses and any renewals are processed.
License state evaluation occurs and notifications are sent to listeners.
If the license is expired, which is likely if a renewal is present,
the license state will transition to expired. Transitions out of
expired state are not allowed and the renewal has no effect.
If we work around this by allowing transitions out of expired state,
listeners will get notifications that keys have expired and then that are
usable soon after. To avoid delivering erroneous notifications we delay
evaluation of license state while the license and renewal are being processed.
Evaluation occurs at the last stage of license restoration when playback
information from the usage table is being restored.
This only need to occur for when licenses are being restored. In other
cases when a license or renewal is received, license state evaluation
and event listener notification needs to occur immediately.
Bug: 166131956
Test: WV unit/integration tests, GtsMediaTestCases tests
Change-Id: Ic8ade25316c5e20cc88de9225c43c24b28f21ac4
[ Merge of http://go/wvgerrit/105743 ]
Device ID is no longer reported directly in provisioning/license
request or used by ClientIdentification. It does not need to be passed
in during initialization.
Bug: 168085721
Test: WV unit/integration tests
Change-Id: I483eac963c3f40784e42e1a2b917fcc96aa76a05
[ Merge of http://go/wvgerrit/105624 ]
Temporary licenses do not allow for license information to be stored
in any form, whether it is usage information or persisting license
information. Information should not be stored even if can_persist is
set to true and a PST is specified as those are suggestions rather than
a requirement.
Bug: 167684104
Test: WV unit/integration tests
Change-Id: I141a2bd5de4d86f0e5f31fc8f0ea9e20710d6469
[ Merge of http://go/wvgerrit/103243 ]
Include review comments from wv gerrit CL.
Bug: 161551490
Test: WV unit integration tests, GtsMediaTestCases and
WidevineConcurrentDrmCertificatesTest#testConcurrentDrmCertificates,
MediaDrmTest#testMultipleLoadKeys on a redfin
Change-Id: Ie9b41a2e68b95692f9353578f6955637411d4dfc
[ Merge of http://go/wvgerrit/103243 ]
In v16, OEMCrypto specifications required that an error be returned if
multiple attempts are made to load an offline license into a session.
This caused the GTS test testConcurrentDrmCertificates to fail. It was
introduced to verify that a license could retrieved and loaded into a
session and then restored. This was based on an app use case.
Ideally we would like to disallow a this behavior but need to make sure
it is not being used by apps.
For now this will be allowed. If detected, the CDM will reintialize the
OEMCrypto session and allow the license to be restored.
Bug: 161551490
Test: WV unit integration tests, GtsMediaTestCases and
WidevineConcurrentDrmCertificatesTest#testConcurrentDrmCertificates,
MediaDrmTest#testMultipleLoadKeys on a redfin
Change-Id: I0834e4419c3a6dccfd77aaea3afa3d65c2c0c742
Merge from Widevine repo of http://go/wvgerrit/103107
When an offline license is reloaded, if it does not have a usage entry
to indicate when the rental clock was started, the start time defaults
to 0 in the ODK library (in OEMCrypto). This CL changes the code to
start the rental clock in this case. It does this by signing a dummy
message, which triggers the ODK library to start the rental clock.
Bug: 161585265
Bug: 161023174
Test: GTS tests. http://go/forrest-run/L55100000642199761
Change-Id: I4cf555b2fb43009ffb62e7b2c1a37265c3f70bfe
[ Merge of http://go/wvgerrit/100905 and http://go/ag/10708438 ]
Add support for ATSC certificate and licenses handling. ATSC
files are distinguished from the apps DRM certificate and licenses
by file naming conventions.
Bug: 139730600
Test: WV unit/integration test, GtsMediaTestCases
Change-Id: I295f66f92fe01d7716978deac9dc360d74addedd
(This is a merge of http://go/wvgerrit/100051. However, only one part of
that change affects the Android code, so I have filtered this
description.)
By default, the CDM builds with Clang on Android and on developers' dev
boxes. The buildbot builds most of the code with an old version of GCC.
However, recent versions of GCC were refusing to build our code for a
variety of reasons. This patch fixes the codebase up so that the
version of GCC 9 included on gLinux workstations can compile the CDM.
The only change that affects Android is that a variable was being set
but never read in one place.
Test: Android Unit Tests
Bug: 145245240
Bug: 152449437
Change-Id: Iaeb0531652bb8e7bd69f850fc6b4bba1efa3271b
[ Merge of http://go/wvgerrit/95406 ]
There was an issue with DeleteEntry() where it would result in an
invalid table state if shrinking the usage table when the number of
sessions is at its max.
This required changing how the usage table invalidates entries. Now,
after invalidating an entry (marking an entry as kStorageTypeUnknown)
the table is defragmented if specified to.
Defragmentation involves:
1) Move valid entries near the end of the table to the position of
invalid entries near the front of the table.
2) Shrinking the table to cut off trailing invalid entries.
This change updates the existing tests to pass, but still needs new
tests for some of the edge cases.
Bug: 150887808
Bug: 149100568
Test: Linux unit tests and Android unit tests
Change-Id: I70c7b296e5e4b367746fcdaabbf0f12dcfb39230
