Report if video capturing meets output protection requirement.

chrome/browser/media/capture_access_handler_base.cc

Index: chrome/browser/media/capture_access_handler_base.cc
diff --git a/chrome/browser/media/capture_access_handler_base.cc b/chrome/browser/media/capture_access_handler_base.cc
new file mode 100644
index 0000000000000000000000000000000000000000..4af6386ec44fe25467b43a523d155151ee7cc817
--- /dev/null
+++ b/chrome/browser/media/capture_access_handler_base.cc
@@ -0,0 +1,143 @@
+// Copyright 2016 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include "chrome/browser/media/capture_access_handler_base.h"
+
+#include <utility>
+
+#include "content/public/browser/browser_thread.h"
+
+using content::BrowserThread;
+
+CaptureAccessHandlerBase::CaptureAccessHandlerBase() {}
+
+CaptureAccessHandlerBase::~CaptureAccessHandlerBase() {}
+
+void CaptureAccessHandlerBase::AddCaptureSession(int render_process_id,
+                                                 int render_frame_id,
+                                                 int page_request_id,
+                                                 bool is_extension_trusted,
+                                                 bool is_link_secure) {

[miu, 2016/04/26 01:25:13]

I'm thinking, when a capture session is first started, there are no sinks yet. 
So, to avoid problems, perhaps you don't want to have the |is_link_secure|
argument here (just always default it to true)?

[xjz, 2016/04/29 00:11:42]

Yes, you are correct. Actually I did always set it to false. Now removed this
input argument.

+  Session session = {render_process_id, render_frame_id, page_request_id,
+                     is_extension_trusted, is_link_secure};
+  sessions_.push_back(session);
+}
+
+void CaptureAccessHandlerBase::RemoveCaptureSession(int render_process_id,
+                                                    int render_frame_id,
+                                                    int page_request_id) {
+  std::list<CaptureAccessHandlerBase::Session>::iterator it =
+      FindSession(render_process_id, render_frame_id, page_request_id);
+  if (it != sessions_.end())
+    sessions_.erase(it);
+}
+
+std::list<CaptureAccessHandlerBase::Session>::iterator
+CaptureAccessHandlerBase::FindSession(int render_process_id,
+                                      int render_frame_id,
+                                      int page_request_id) {
+  for (auto it = sessions_.begin(); it != sessions_.end(); ++it) {
+    if (it->render_process_id == render_process_id &&
+        it->render_frame_id == render_frame_id &&
+        it->page_request_id == page_request_id) {
+      return it;
+    }
+  }
+  return sessions_.end();
+}
+
+void CaptureAccessHandlerBase::UpdateMediaRequestState(
+    int render_process_id,
+    int render_frame_id,
+    int page_request_id,
+    content::MediaStreamType stream_type,
+    content::MediaRequestState state) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  if ((stream_type != content::MEDIA_DESKTOP_VIDEO_CAPTURE) &&
+      (stream_type != content::MEDIA_TAB_VIDEO_CAPTURE))
+    return;
+
+  if (state == content::MEDIA_REQUEST_STATE_DONE) {
+    if (FindSession(render_process_id, render_frame_id, page_request_id) ==
+        sessions_.end()) {
+      AddCaptureSession(render_process_id, render_frame_id, page_request_id,
+                        false, false);
+      VLOG(1) << "Add new session while UpdateMediaRequestState"
+              << " render_process_id: " << render_process_id
+              << " render_frame_id: " << render_frame_id
+              << " page_request_id: " << page_request_id;
+    }
+  } else if (state == content::MEDIA_REQUEST_STATE_CLOSING) {
+    RemoveCaptureSession(render_process_id, render_frame_id, page_request_id);
+    VLOG(1) << "Remove session: "
+            << " render_process_id: " << render_process_id
+            << " render_frame_id: " << render_frame_id
+            << " page_request_id: " << page_request_id;
+  }
+}
+
+void CaptureAccessHandlerBase::UpdateExtensionTrusted(
+    int render_process_id,
+    int render_frame_id,
+    int page_request_id,
+    bool is_extension_trusted) {
+  std::list<CaptureAccessHandlerBase::Session>::iterator it =
+      FindSession(render_process_id, render_frame_id, page_request_id);
+  if (it != sessions_.end()) {
+    it->is_extension_trusted = is_extension_trusted;
+    VLOG(1) << "CaptureAccessHandlerBase::UpdateExtensionTrusted"
+            << " render_process_id: " << render_process_id
+            << " render_frame_id: " << render_frame_id
+            << "page_request_id: " << page_request_id
+            << " is_extension_trusted: " << is_extension_trusted;
+    return;
+  }
+
+  AddCaptureSession(render_process_id, render_frame_id, page_request_id,
+                    is_extension_trusted, false);
+  VLOG(1) << "Add new session while UpdateExtensionTrusted"
+          << " render_process_id: " << render_process_id
+          << " render_frame_id: " << render_frame_id
+          << " page_request_id: " << page_request_id
+          << " is_extension_trusted: " << is_extension_trusted;
+}
+
+bool CaptureAccessHandlerBase::IsCaptureInProgress() {
+  return sessions_.size() > 0;
+}
+
+bool CaptureAccessHandlerBase::IsInsecureCapturingInProgress(
+    int render_process_id,
+    int render_frame_id) {
+  if (sessions_.size() <= 0)

[miu, 2016/04/26 01:25:13]

nit: size_t can never be less than zero.  How about just:

  if (sessions_.empty())

[xjz, 2016/04/29 00:11:42]

Done.

+    return false;
+  bool capturing_in_process = false;
+  bool is_link_secure = false;
+  for (auto it = sessions_.begin(); it != sessions_.end(); ++it) {

[miu, 2016/04/26 01:25:13]

This seems a bit more complex than it needs to be.  Suggestion:

  for (const Session& session : sessions) {
    if (session.rp_id != rp_id || session.rf_id != rf_id)
      continue;
    if (!session.is_extension_trusted || !session.is_capturing_link_secure)
      return true;
  }
  return false;

[xjz, 2016/04/29 00:11:42]

Done. This is much simpler and more readable. Thanks!

+    if (it->render_process_id == render_process_id &&
+        it->render_frame_id == render_frame_id) {
+      bool is_secure = it->is_capturing_link_secure && it->is_extension_trusted;
+      is_link_secure =
+          capturing_in_process ? is_link_secure && is_secure : is_secure;
+      capturing_in_process = true;
+    }
+  }
+  return capturing_in_process && !is_link_secure;
+}
+
+void CaptureAccessHandlerBase::UpdateCapturingLinkSecured(int render_process_id,
+                                                          int render_frame_id,
+                                                          int page_request_id,
+                                                          bool is_secure) {
+  std::list<CaptureAccessHandlerBase::Session>::iterator it =
+      FindSession(render_process_id, render_frame_id, page_request_id);
+  if (it != sessions_.end()) {

[miu, 2016/04/26 01:25:13]

Will/should this ever be false?  I suppose we don't care about updates after a
session has ended (this would indicate stray IPCs, IIUC).  Could it possibly
ever happen before AddCaptureSession gets called?

[xjz, 2016/04/29 00:11:41]

I think this will be false only when a session has ended. I don't think it will
happen before AddCaptureSession gets called, as  HandelRequest() will be called
first, which will call AddCaptureSession.

+    it->is_capturing_link_secure = is_secure;
+    VLOG(1) << "UpdateCapturingLinkSecured:"
+            << " render_process_id: " << render_process_id
+            << " render_frame_id: " << render_frame_id
+            << " page_request_id: " << page_request_id
+            << " is_capturing_link_secure: " << is_secure;
+  }
+}