Restrict use of hardware-secure codecs based on the RendererPreference.

media/base/key_systems.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "media/base/key_systems.h"
 
 #include <string>
 
 #include "base/containers/hash_tables.h"
 #include "base/lazy_instance.h"
@@ skipping 698 matching lines @@
   if ((key_system_codec_mask & container_codec_mask) == 0)
     return EmeConfigRule::NOT_SUPPORTED;
 
   // Check that the codecs are supported by the key system and container.
   EmeConfigRule support = EmeConfigRule::SUPPORTED;
   for (size_t i = 0; i < codecs.size(); i++) {
     SupportedCodecs codec = GetCodecForString(codecs[i]);
     if ((codec & key_system_codec_mask & container_codec_mask) == 0)
       return EmeConfigRule::NOT_SUPPORTED;
 #if defined(OS_ANDROID)
-    // Check whether the codec supports a hardware-secure mode; if not, indicate
-    // that hardware-secure codecs are not available for all listed codecs.
+    // Check whether the codec supports a hardware-secure mode. The goal is to
+    // prevent mixing of non-hardware-secure codecs with hardware-secure codecs,
+    // since the mode is fixed at CDM creation.
+    //
     // Because the check for regular codec support is early-exit, we don't have
     // to consider codecs that are only supported in hardware-secure mode. We
-    // could do so, and make use of SECURE_CODECS_REQUIRED, if it turns out that
-    // hardware-secure-only codecs actually exist and are useful.
+    // could do so, and make use of SECURE_SURFACES_REQUIRED, if it turns out
+    // that hardware-secure-only codecs actually exist and are useful.
     if ((codec & key_system_secure_codec_mask) == 0)
-      support = EmeConfigRule::SECURE_CODECS_NOT_ALLOWED;
+      support = EmeConfigRule::SECURE_SURFACES_NOT_REQUIRABLE;
 #endif  // defined(OS_ANDROID)
 
   }
 
   return support;
 }
 
 EmeConfigRule KeySystemsImpl::GetRobustnessConfigRule(
     const std::string& key_system,
     EmeMediaType media_type,
@@ skipping 43 matching lines @@
     // For video, recommend remote attestation if HW_SECURE_ALL is available,
     // because it enables hardware accelerated decoding.
     // TODO(sandersd): Only do this when hardware accelerated decoding is
     // available for the requested codecs.
     if (media_type == EmeMediaType::VIDEO &&
         max_robustness == EmeRobustness::HW_SECURE_ALL) {
       return EmeConfigRule::IDENTIFIER_RECOMMENDED;
     }
 #elif defined(OS_ANDROID)
     if (robustness > EmeRobustness::SW_SECURE_CRYPTO)
-      return EmeConfigRule::SECURE_CODECS_REQUIRED;
+      return EmeConfigRule::SECURE_SURFACES_REQUIRED;
 #endif  // defined(OS_CHROMEOS)
   }
 
   return EmeConfigRule::SUPPORTED;
 }
 
 EmeSessionTypeSupport KeySystemsImpl::GetPersistentLicenseSessionSupport(
     const std::string& key_system) const {
   DCHECK(thread_checker_.CalledOnValidThread());
 
@@ skipping 131 matching lines @@
 }
 
 MEDIA_EXPORT void AddCodecMask(
     EmeMediaType media_type,
     const std::string& codec,
     uint32 mask) {
   KeySystemsImpl::GetInstance()->AddCodecMask(media_type, codec, mask);
 }
 
 }  // namespace media