* changes:
Protect sessions from concurrent access.
Address concurrency failures between calls to decrypt and periodic timer
Revert of "Prevent race conditions between decrypt and close session"
Merge from Widevine repo of http://go/wvgerrit/50422
This CL adds unit tests to verify that a usage report can have the status
kInactiveUnused.
bug: 79556142
test: unit test code only
Change-Id: I10f71ac2e585ef33727aa8f80d867d80fe156ab8
Locks in earlier releases controlled access to sessions and the list
of sessions for each CdmEngine instance. This guarded against
concurrent access between session management (OpenSession,
CloseSession, etc), periodic timer calls and calls to Decrypt.
The list of sessions and locking was moved to a separate class
CdmSessionMap. This left open the possibility that a session
might be destructed, while being called to decrypt or invoked through the
timer. An attempt was made to add per-session locks in b/73781703
but this was found insufficient.
Per-session locks will be introduced in a future changelist, but for
now the coarser locks will be reintroduced.
Bug: 73781703
Bug: 79158083
Bug: 79262108
Bug: 79436509
Test: WV unit/integration tests, GTS GtsMediaTestCases tests and
24 hours of continuous Netflix playback.
Change-Id: I30a3ede340192370dfe5c92c01b1c76df16b7123
[ http://go/wvgerrit/50341 ]
The shared_ptr implementation was taken from a google3 implementation.
Updates to the reference counter needed to be atomic and were
platform dependent in the original code. These were not carried
over to this codebase. Race conditions between calls to decrypt and
the periodic timer, led to incorrect reference count values.
CdmSession objects were then destructed while references to
them still existed. Segfaults occurred when they were referenced.
Bug: 79431096
Test: WV unit/integration tests, GTS GtsMediaTestCases tests and
24 hours of continuous Netflix playback.
Change-Id: I6008ddba869efcc58972e5ea8644a204f91410ab
[ Original CL http://ag/3890635,
Merge of http://go/wvgerrit/50340 ]
The original fix was not sufficient to address all race conditions.
A subsequent CL will address them.
Bug: 73781703
Bug: 79158083
Bug: 79262108
Test: WV unit/integration tests, GTS GtsMediaTestCases tests and
24 hours of continuous Netflix playback.
Change-Id: I869c22a250e2467b3d49935815e4157dc012fff5
[ Merge of http://go/wvgerrit/49980 ]
This CL
* corrects some of the test expectations
* switches test content used to test streaming with provider session tokens.
The policy of the earlier test content had changed.
* adds some more information to log messages
Bug: 63819720
Test: WV unit, integration tests, WvCdmExtendedDuraionTest,
GtsMediaDrmTest
Change-Id: I8fdbc9c38d6018cc6e884e1b95b2e9d26e7aa536
This fixes Widevine's getMetrics call so that it will return vendor
metrics through the Drm plugin 1.1 interface.
Bug: 73724453
Test: New and existing unit tests. Updated and existing GTS. Google Play manual.
Change-Id: Ie35128dc80bd6eabf9e1f3b9c1800256af77bc51
Merge from Widevine repo of http://go/wvgerrit/49302
This CL adds some unit tests to verify that several OEMCrypto sessions
do not share nonce tables.
bug: 64850992
test: unit tests run on sailfish, taimen, and walleye.
Change-Id: I06cf3fdafb84f8b09cf2f0e58c1866bac511a293
Merge from Widevine repo of http://go/wvgerrit/49805
This aligns the oemcrypto reference code and unit tests to match the
API design doc: http://go/oemcrypto
bug: 79375509
test: unit tests pass
Change-Id: I13761a7384a17e99d88e61aaf80b4a22941fd172
[ Merge of http://go/wvgerrit/49822 ]
This avoids logging an unnecessary error, when the session is not found.
Bug: 79210873
Test: Wv unit/integration test, GtsMediaDrmTest, playback with Play
Movies and Netflix.
Change-Id: Ifef99d1380d763670ad0fa89c885fb5fd41567e2
Merge from Widevine repo of http://go/wvgerrit/47760
This CL adds a pdf of the document Widevine DRM Device Provisioning
Models, which explains the difference between Provisioning 2.0 and
3.0.
bug: http://b/74242000 Update Integration Guide
test: documentation only.
Change-Id: I64026ab4e93931adaa168d99939ee71d760e5862
[ Merge of http://go/wvgerrit/48640 ]
Usage information is saved periodically, in order to avoid excessive
flash writes. This limits our session usage accuracy to
within a usage save period. Saving usage information when
closing a session is an improvement and addresses some failures
seen with Netflix compliance tests.
Bug: 74015553
Test: WV unit/integration tests
Change-Id: I680aad05922f334df0611ff3933082a512f7c002
[ Merge of http://go/wvgerrit/48720 ]
The device ID does not need to be sent in the client identification
information as it is either present in other fields or ignored
by the license service.
This also allows for build information to be reported during
provisioning for devices with OEM certificates.
Bug: 78578351
Test: WV unit/integration tests. GtsMediaTestCases.
Change-Id: I708c63d34f0e2df7e465154d12096a394a1b23d7
[ Merge of http://go/wvgerrit/48400 ]
Client identification information has recently been enabled in
provisioning messages. For privacy concerns this information
is being encrypted with a default service certificate.
Apps need to be able to override the default one to allow
for provisioning with third party provisioning services.
Bug: 78420508
Test: WV unit, integration tests
New WvCdmRequestLicenseTest.ProvisioningTestWithServiceCertificate test
GTS MediaDrmTestCases
Change-Id: Iee61ad47d33ce011efbea4eb90f7e4b1f032d15f
Merge from http://go/wvgerrit/47640
Test: unit/integration tests
Bug: b/62058202
The usage table keeps track of license duration by using the current
system time. However, if a user were to rollback the time, they can
effectively continue offline playback indefinitely. This changes the way
we compute time by computing offsets by which the user rollbacked the
time and adding it to the current time. This change also includes a test
to verify protection against rollback for usage entries that is only run
when the user is root.
Change-Id: I97c430e1443747b0f9759ae5390b8f5d06bdebf1
[ Merge of http://go/wvgerrit/46760 ]
This enables encryption of client ID for provisioning requests for
devices with keyboxes as root of trust. Client ID will not be
provided for those devices with OEM device certificates as root of
trust. That will be addressed in b/78303730.
Bug: 77607585
Test: WV unit/integration tests. Tests with L3 using OEM certs
Change-Id: Id9bd697aa049bd5659ab80714e141dbc50408f6a
(This is a merge of http://go/wvgerrit/47990)
This is a test-only change.
Bug: 78117686
Test: VersionNumberTest.*
Change-Id: I4f53358fd6eacd498ddd1df7324084d0d4ae67fe
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
This change contains the original change go/ag/3819203 and a fix to the
deadlock that was seen on Marlin and Taimen.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: Ib208204a1b794df9f306fa11d13a8bb6cd6889f7
Merge from Widevine repo of http://go/wvgerrit/47860
This CL updates the copyright notice to indicate that files
shared with partners are shared under the Widevine Master
License Agreement.
bug: 77926774
test: comment change only
Change-Id: I0423668111578b80fb39a932d763df2827e2dfc3
Removes an unneccessary and noisy log message.
Bug: 77975999
Test: Re-ran unit tests. Tested with Google Play.
Change-Id: Ibec69a4e72231a87b2bb3c9c341e5ea0af352715
[ Merge of http://go/wvgerrit/47065 ]
RemoveKeys now resets associated crypto and policy resources,
rather than just closing the crypto session. This results in a
MediaCodec.CryptoException with error code ERROR_NO_KEY
rather than ERROR_SESSION_NOT_OPENED, if decrypt is called
afterwards.
Error SESSION_NOT_FOUND_FOR_DECRYPT is made unique. Error codes
were also synchonized between various branches in the widevine repo.
Bug: 77304819
Test: WV unit/integration tests, VtsHalDrmV1_0Target tests
Change-Id: I6cba2a3e1ce466d58c7727cde2d8f81d9503d655
[ Merge of http://go/wvgerrit/46907 ]
The WV client supports root of trusts as keyboxes or OEM certificates.
Devices with keyboxes use provisioning 2.0 protocol to provision
while those with OEM certificates use 3.0. L3 provisioning failures
occur if the L1 and L3 root of trusts differ.
The provisioning method is now retrieved and cached when the
security level is known, when the session is opened.
Earlier it was retrieved and cached at initialization time and
always set to the value of L1 OEMCrypto (if present). This led
to provisioning failures.
A case of acquiring a lock while one was held in GetProvisioningId()
has also fixed.
Bug: 77606913
Test: WV unit/integration tests
Change-Id: I2d66ee2cf64f846cec4a37fbccb554447c8a0e1d
(This is a merge from http://go/wvgerrit/46447)
The Production Provisioning Service is moving to the "widevine.com"
certificate from the "license.widevine.com" certificate it was using.
This replaces the two places this certificate appears in the source
code. This is expected to be the last such update.
Also, the Staging Provisioning Service was already using this
certificate, but our code had it listed as using the old certificate. It
has also been updated.
Bug: 77244492
Test: CE CDM Unit Tests
Test: Android Unit Tests
Change-Id: I2ce14ea8e672c453ce0f74fbd3345f7e40f2f297
This change creates a unique id in the cdm identifier in order to force
a one-to-one mapping between WVDrmPlugin instances and CDM Engines. This
change simplifies some assumptions. This includes ensuring that the
metrics for a given MediaDrm instance map to a given CdmEngine instance.
Bug: 73724453
Test: Updated unit tests. GTS test pass. Shaka Player, Netflix and Google Play test.
Change-Id: I7e041b6cdf3e272d067da49d25a297b4a4663f1f
[ Merge of http://go/wvgerrit/46623 ]
If corruption of the usage information file is detected while saving a
streaming license with a PST, usage information file is deleted, so that
a subsequent load keys may succeed.
Also when calling the MediaDrm API releaseAllSecureStops(), an error would
be returned if usage info file was corrupted. Since this file is
deleted successfully, errors have been replaced with warnings.
Bug: 73447733
Test: wv unit/integration tests
Change-Id: Ie4a63ac202fd6009609105f38ffa8a3b23ed334e
[ Merge of http://go/wvgerrit/46622 ]
Secure stop API related changes introduced in b/69674645 caused
segfaults on taimen/walleye but not other devices due to a difference
in OEMCrypto version.
Bug: 77294890
Test: WV unit/integration tests on sailfish and walleye
Change-Id: I8523ef283334d7d32d180e902072fe1dd6e665c1
Merged from http://go/wvgerrit/44803.
Upgrade HIDL service to v1.1 and implements new 1.1 media API.
Test: Netflix and Play Movies & TV
streaming and offline playback
Test: GTS WidevineH264PlaybackTests test
e.g. ANDROID_BUILD_TOP= ./android-gts/tools/gts-tradefed run gts -m GtsMediaTestCases
--test com.google.android.media.gts.WidevineH264PlaybackTests#testL1With480P30
Test: GTS MediaDrmTest tests
e.g. ANDROID_BUILD_TOP= ./android-gts/tools/gts-tradefed run gts -m GtsMediaTestCases
--test com.google.android.media.gts.MediaDrmTest#testWidevineApi28
Test: unit tests
bug: 69674645
Change-Id: I91e7e43f9178b61a531e846beffb5f5c17050a3c
Previously, we did not have a license request latency metric. This is a
notable limitation in our metrics. This adds a metric that captures the
timing between a GenerateKeyRequest and an AddKey operation.
Bug: 72994956
Test: New unit tests. Google Play
Change-Id: If99c187399c02f9b5d4c355732af7588bbbefb11
A few metrics were missing or not properly collected in the CDM metrics.
This CL addresses them.
Bug: 64570194
Bug: 72866232
Test: Unit tests and Google Play manual test.
Change-Id: I3a3aa4fb3eb8422c9c8c398016f02409307beb33
Merge of http://go/wvgerrit/45521/
Bug: b/73818548
Test: request_license_tests and GTS tests on sailfish and taimen
This change loads the mac keys into the session to be used in
GenerateSignature from the last call to one of: DeriveKeysFromSessionKey,
GenerateDerivedKeys, LoadKeys, and LoadUsageEntry. OEMCrypto tests are
changed to reflect this as well (specifically the order in which we call
the above methods).
