Chromium Code Reviews Chromium Code Reviews
Issue 985113003:
Block platform verification and file IO in the CDM adapter if the CDM configuration disallows them. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "media/cdm/ppapi/cdm_adapter.h" | 5 #include "media/cdm/ppapi/cdm_adapter.h" |
| 6 | 6 |
| 7 #include "media/base/limits.h" | 7 #include "media/base/limits.h" |
| 8 #include "media/cdm/ppapi/cdm_file_io_impl.h" | 8 #include "media/cdm/ppapi/cdm_file_io_impl.h" |
| 9 #include "media/cdm/ppapi/cdm_helpers.h" | 9 #include "media/cdm/ppapi/cdm_helpers.h" |
| 10 #include "media/cdm/ppapi/cdm_logging.h" | 10 #include "media/cdm/ppapi/cdm_logging.h" |
| (...skipping 284 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 295 output_protection_(this), | 295 output_protection_(this), |
| 296 platform_verification_(this), | 296 platform_verification_(this), |
| 297 output_link_mask_(0), | 297 output_link_mask_(0), |
| 298 output_protection_mask_(0), | 298 output_protection_mask_(0), |
| 299 query_output_protection_in_progress_(false), | 299 query_output_protection_in_progress_(false), |
| 300 uma_for_output_protection_query_reported_(false), | 300 uma_for_output_protection_query_reported_(false), |
| 301 uma_for_output_protection_positive_result_reported_(false), | 301 uma_for_output_protection_positive_result_reported_(false), |
| 302 #endif | 302 #endif |
| 303 allocator_(this), | 303 allocator_(this), |
| 304 cdm_(NULL), | 304 cdm_(NULL), |
| 305 allow_distinctive_identifier_(false), | |
| 306 allow_persistent_state_(false), | |
| 305 deferred_initialize_audio_decoder_(false), | 307 deferred_initialize_audio_decoder_(false), |
| 306 deferred_audio_decoder_config_id_(0), | 308 deferred_audio_decoder_config_id_(0), |
| 307 deferred_initialize_video_decoder_(false), | 309 deferred_initialize_video_decoder_(false), |
| 308 deferred_video_decoder_config_id_(0), | 310 deferred_video_decoder_config_id_(0), |
| 309 last_read_file_size_kb_(0), | 311 last_read_file_size_kb_(0), |
| 310 file_size_uma_reported_(false) { | 312 file_size_uma_reported_(false) { |
| 311 callback_factory_.Initialize(this); | 313 callback_factory_.Initialize(this); |
| 312 } | 314 } |
| 313 | 315 |
| 314 CdmAdapter::~CdmAdapter() {} | 316 CdmAdapter::~CdmAdapter() {} |
| (...skipping 12 matching lines...) Expand all Loading... | |
| 327 return success; | 329 return success; |
| 328 } | 330 } |
| 329 | 331 |
| 330 // No errors should be reported in this function because the spec says: | 332 // No errors should be reported in this function because the spec says: |
| 331 // "Store this new error object internally with the MediaKeys instance being | 333 // "Store this new error object internally with the MediaKeys instance being |
| 332 // created. This will be used to fire an error against any session created for | 334 // created. This will be used to fire an error against any session created for |
| 333 // this instance." These errors will be reported during session creation | 335 // this instance." These errors will be reported during session creation |
| 334 // (CreateSession()) or session loading (LoadSession()). | 336 // (CreateSession()) or session loading (LoadSession()). |
| 335 // TODO(xhwang): If necessary, we need to store the error here if we want to | 337 // TODO(xhwang): If necessary, we need to store the error here if we want to |
| 336 // support more specific error reporting (other than "Unknown"). | 338 // support more specific error reporting (other than "Unknown"). |
| 337 void CdmAdapter::Initialize(const std::string& key_system) { | 339 void CdmAdapter::Initialize(const std::string& key_system, |
| 340 bool allow_distinctive_identifier, | |
| 341 bool allow_persistent_state) { | |
| 338 PP_DCHECK(!key_system.empty()); | 342 PP_DCHECK(!key_system.empty()); |
| 339 PP_DCHECK(key_system_.empty() || (key_system_ == key_system && cdm_)); | 343 PP_DCHECK(key_system_.empty() || (key_system_ == key_system && cdm_)); |
| 340 | 344 |
| 341 #if defined(CHECK_DOCUMENT_URL) | 345 #if defined(CHECK_DOCUMENT_URL) |
| 342 PP_URLComponents_Dev url_components = {}; | 346 PP_URLComponents_Dev url_components = {}; |
| 343 const pp::URLUtil_Dev* url_util = pp::URLUtil_Dev::Get(); | 347 const pp::URLUtil_Dev* url_util = pp::URLUtil_Dev::Get(); |
| 344 if (!url_util) | 348 if (!url_util) |
| 345 return; | 349 return; |
| 346 pp::Var href = url_util->GetDocumentURL(pp::InstanceHandle(pp_instance()), | 350 pp::Var href = url_util->GetDocumentURL(pp::InstanceHandle(pp_instance()), |
| 347 &url_components); | 351 &url_components); |
| 348 PP_DCHECK(href.is_string()); | 352 PP_DCHECK(href.is_string()); |
| 349 std::string url = href.AsString(); | 353 std::string url = href.AsString(); |
| 350 PP_DCHECK(!url.empty()); | 354 PP_DCHECK(!url.empty()); |
| 351 std::string url_scheme = | 355 std::string url_scheme = |
| 352 url.substr(url_components.scheme.begin, url_components.scheme.len); | 356 url.substr(url_components.scheme.begin, url_components.scheme.len); |
| 353 if (url_scheme != "file") { | 357 if (url_scheme != "file") { |
| 354 // Skip this check for file:// URLs as they don't have a host component. | 358 // Skip this check for file:// URLs as they don't have a host component. |
| 355 PP_DCHECK(url_components.host.begin); | 359 PP_DCHECK(url_components.host.begin); |
| 356 PP_DCHECK(0 < url_components.host.len); | 360 PP_DCHECK(0 < url_components.host.len); |
| 357 } | 361 } |
| 358 #endif // defined(CHECK_DOCUMENT_URL) | 362 #endif // defined(CHECK_DOCUMENT_URL) |
| 359 | 363 |
| 360 if (!cdm_ && !CreateCdmInstance(key_system)) | 364 if (!cdm_ && !CreateCdmInstance(key_system)) |
| 361 return; | 365 return; |
| 362 | 366 |
| 363 PP_DCHECK(cdm_); | 367 PP_DCHECK(cdm_); |
| 364 key_system_ = key_system; | 368 key_system_ = key_system; |
| 369 allow_distinctive_identifier_ = allow_distinctive_identifier; | |
| 370 allow_persistent_state_ = allow_persistent_state; | |
| 365 } | 371 } |
| 366 | 372 |
| 367 void CdmAdapter::SetServerCertificate(uint32_t promise_id, | 373 void CdmAdapter::SetServerCertificate(uint32_t promise_id, |
| 368 pp::VarArrayBuffer server_certificate) { | 374 pp::VarArrayBuffer server_certificate) { |
| 369 const uint8_t* server_certificate_ptr = | 375 const uint8_t* server_certificate_ptr = |
| 370 static_cast<const uint8_t*>(server_certificate.Map()); | 376 static_cast<const uint8_t*>(server_certificate.Map()); |
| 371 const uint32_t server_certificate_size = server_certificate.ByteLength(); | 377 const uint32_t server_certificate_size = server_certificate.ByteLength(); |
| 372 | 378 |
| 373 if (!server_certificate_ptr || | 379 if (!server_certificate_ptr || |
| 374 server_certificate_size < media::limits::kMinCertificateLength || | 380 server_certificate_size < media::limits::kMinCertificateLength || |
| (...skipping 724 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1099 pp::Module::Get()->GetBrowserInterface(PPB_CONSOLE_INTERFACE)); | 1105 pp::Module::Get()->GetBrowserInterface(PPB_CONSOLE_INTERFACE)); |
| 1100 console->Log(pp_instance(), PP_LOGLEVEL_LOG, value.pp_var()); | 1106 console->Log(pp_instance(), PP_LOGLEVEL_LOG, value.pp_var()); |
| 1101 } | 1107 } |
| 1102 #endif // !defined(NDEBUG) | 1108 #endif // !defined(NDEBUG) |
| 1103 | 1109 |
| 1104 void CdmAdapter::SendPlatformChallenge(const char* service_id, | 1110 void CdmAdapter::SendPlatformChallenge(const char* service_id, |
| 1105 uint32_t service_id_size, | 1111 uint32_t service_id_size, |
| 1106 const char* challenge, | 1112 const char* challenge, |
| 1107 uint32_t challenge_size) { | 1113 uint32_t challenge_size) { |
| 1108 #if defined(OS_CHROMEOS) | 1114 #if defined(OS_CHROMEOS) |
| 1109 pp::VarArrayBuffer challenge_var(challenge_size); | 1115 // If access to a distinctive identifier is not allowed, block platform |
| 1110 uint8_t* var_data = static_cast<uint8_t*>(challenge_var.Map()); | 1116 // verification to prevent access to such an identifier. |
| 1111 memcpy(var_data, challenge, challenge_size); | 1117 if (allow_distinctive_identifier_) { |
| 1118 pp::VarArrayBuffer challenge_var(challenge_size); | |
| 1119 uint8_t* var_data = static_cast<uint8_t*>(challenge_var.Map()); | |
| 1120 memcpy(var_data, challenge, challenge_size); | |
| 1112 | 1121 |
| 1113 std::string service_id_str(service_id, service_id_size); | 1122 std::string service_id_str(service_id, service_id_size); |
| 1114 | 1123 |
| 1115 linked_ptr<PepperPlatformChallengeResponse> response( | 1124 linked_ptr<PepperPlatformChallengeResponse> response( |
|
dcheng
2015/03/09 20:57:23
Are there any plans to make PPAPI's callback syste
dmichael (off chromium)
2015/03/09 21:02:07
No... it's not really worth the effort and comple
| |
| 1116 new PepperPlatformChallengeResponse()); | 1125 new PepperPlatformChallengeResponse()); |
| 1117 | 1126 |
| 1118 int32_t result = platform_verification_.ChallengePlatform( | 1127 int32_t result = platform_verification_.ChallengePlatform( |
| 1119 pp::Var(service_id_str), | 1128 pp::Var(service_id_str), |
| 1120 challenge_var, | 1129 challenge_var, |
| 1121 &response->signed_data, | 1130 &response->signed_data, |
| 1122 &response->signed_data_signature, | 1131 &response->signed_data_signature, |
| 1123 &response->platform_key_certificate, | 1132 &response->platform_key_certificate, |
| 1124 callback_factory_.NewCallback(&CdmAdapter::SendPlatformChallengeDone, | 1133 callback_factory_.NewCallback(&CdmAdapter::SendPlatformChallengeDone, |
| 1125 response)); | 1134 response)); |
| 1126 challenge_var.Unmap(); | 1135 challenge_var.Unmap(); |
| 1127 if (result == PP_OK_COMPLETIONPENDING) | 1136 if (result == PP_OK_COMPLETIONPENDING) |
| 1128 return; | 1137 return; |
| 1129 | 1138 |
| 1130 // Fall through on error and issue an empty OnPlatformChallengeResponse(). | 1139 // Fall through on error and issue an empty OnPlatformChallengeResponse(). |
| 1131 PP_DCHECK(result != PP_OK); | 1140 PP_DCHECK(result != PP_OK); |
| 1141 } | |
| 1132 #endif | 1142 #endif |
| 1133 | 1143 |
| 1134 cdm::PlatformChallengeResponse platform_challenge_response = {}; | 1144 cdm::PlatformChallengeResponse platform_challenge_response = {}; |
| 1135 cdm_->OnPlatformChallengeResponse(platform_challenge_response); | 1145 cdm_->OnPlatformChallengeResponse(platform_challenge_response); |
| 1136 } | 1146 } |
| 1137 | 1147 |
| 1138 void CdmAdapter::EnableOutputProtection(uint32_t desired_protection_mask) { | 1148 void CdmAdapter::EnableOutputProtection(uint32_t desired_protection_mask) { |
| 1139 #if defined(OS_CHROMEOS) | 1149 #if defined(OS_CHROMEOS) |
| 1140 int32_t result = output_protection_.EnableProtection( | 1150 int32_t result = output_protection_.EnableProtection( |
| 1141 desired_protection_mask, callback_factory_.NewCallback( | 1151 desired_protection_mask, callback_factory_.NewCallback( |
| (...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1193 deferred_video_decoder_config_id_, | 1203 deferred_video_decoder_config_id_, |
| 1194 decoder_status == cdm::kSuccess)); | 1204 decoder_status == cdm::kSuccess)); |
| 1195 deferred_initialize_video_decoder_ = false; | 1205 deferred_initialize_video_decoder_ = false; |
| 1196 deferred_video_decoder_config_id_ = 0; | 1206 deferred_video_decoder_config_id_ = 0; |
| 1197 break; | 1207 break; |
| 1198 } | 1208 } |
| 1199 } | 1209 } |
| 1200 | 1210 |
| 1201 // The CDM owns the returned object and must call FileIO::Close() to release it. | 1211 // The CDM owns the returned object and must call FileIO::Close() to release it. |
| 1202 cdm::FileIO* CdmAdapter::CreateFileIO(cdm::FileIOClient* client) { | 1212 cdm::FileIO* CdmAdapter::CreateFileIO(cdm::FileIOClient* client) { |
| 1203 return new CdmFileIOImpl( | 1213 if (allow_persistent_state_) { |
| 1204 client, | 1214 return new CdmFileIOImpl( |
| 1205 pp_instance(), | 1215 client, |
| 1206 callback_factory_.NewCallback(&CdmAdapter::OnFirstFileRead)); | 1216 pp_instance(), |
| 1217 callback_factory_.NewCallback(&CdmAdapter::OnFirstFileRead)); | |
| 1218 } | |
| 1219 | |
| 1220 return nullptr; | |
| 1207 } | 1221 } |
| 1208 | 1222 |
| 1209 #if defined(OS_CHROMEOS) | 1223 #if defined(OS_CHROMEOS) |
| 1210 void CdmAdapter::ReportOutputProtectionUMA(OutputProtectionStatus status) { | 1224 void CdmAdapter::ReportOutputProtectionUMA(OutputProtectionStatus status) { |
| 1211 pp::UMAPrivate uma_interface(this); | 1225 pp::UMAPrivate uma_interface(this); |
| 1212 uma_interface.HistogramEnumeration( | 1226 uma_interface.HistogramEnumeration( |
| 1213 "Media.EME.OutputProtection", status, OUTPUT_PROTECTION_MAX); | 1227 "Media.EME.OutputProtection", status, OUTPUT_PROTECTION_MAX); |
| 1214 } | 1228 } |
| 1215 | 1229 |
| 1216 void CdmAdapter::ReportOutputProtectionQuery() { | 1230 void CdmAdapter::ReportOutputProtectionQuery() { |
| (...skipping 171 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 1388 } // namespace media | 1402 } // namespace media |
| 1389 | 1403 |
| 1390 namespace pp { | 1404 namespace pp { |
| 1391 | 1405 |
| 1392 // Factory function for your specialization of the Module object. | 1406 // Factory function for your specialization of the Module object. |
| 1393 Module* CreateModule() { | 1407 Module* CreateModule() { |
| 1394 return new media::CdmAdapterModule(); | 1408 return new media::CdmAdapterModule(); |
| 1395 } | 1409 } |
| 1396 | 1410 |
| 1397 } // namespace pp | 1411 } // namespace pp |
| OLD | NEW |
