Chromium Code Reviews Chromium Code Reviews
Issue 2582463003:
media: Verify CDM Host files (Closed)
| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright 2016 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "content/common/media/cdm_host_files.h" | |
| 6 | |
| 7 #include <map> | |
| 8 #include <memory> | |
| 9 #include <vector> | |
| 10 | |
| 11 #include "base/command_line.h" | |
| 12 #include "base/files/file.h" | |
| 13 #include "base/files/file_path.h" | |
| 14 #include "base/lazy_instance.h" | |
| 15 #include "base/logging.h" | |
| 16 #include "base/memory/ptr_util.h" | |
| 17 #include "base/native_library.h" | |
| 18 #include "base/path_service.h" | |
| 19 #include "base/scoped_native_library.h" | |
| 20 #include "build/build_config.h" | |
| 21 #include "content/common/media/cdm_host_file.h" | |
| 22 #include "content/public/common/cdm_info.h" | |
| 23 #include "content/public/common/content_client.h" | |
| 24 #include "media/base/media_switches.h" | |
| 25 #include "media/cdm/api/content_decryption_module_ext.h" | |
| 26 #include "media/cdm/cdm_paths.h" | |
| 27 | |
| 28 #if defined(POSIX_WITH_ZYGOTE) | |
| 29 #include "content/common/pepper_plugin_list.h" | |
| 30 #include "content/public/common/pepper_plugin_info.h" | |
| 31 #endif | |
| 32 | |
| 33 #include "widevine_cdm_version.h" // In SHARED_INTERMEDIATE_DIR. | |
| 34 | |
| 35 namespace content { | |
| 36 | |
| 37 namespace { | |
| 38 | |
| 39 bool IgnoreMissingCdmHostFile() { | |
| 40 return base::CommandLine::ForCurrentProcess()->HasSwitch( | |
| 41 switches::kIgnoreMissingCdmHostFileForTesting); | |
| 42 } | |
| 43 | |
| 44 // TODO(xhwang): Move this to a common place if needed. | |
| 45 const base::FilePath::CharType kSignatureFileExtension[] = | |
| 46 FILE_PATH_LITERAL(".sig"); | |
| 47 | |
| 48 // Returns the signature file path given the |file_path|. This function should | |
| 49 // only be used when the signature file and the file are located in the same | |
| 50 // directory, which is the case for the CDM and CDM adapter. | |
| 51 base::FilePath GetSigFilePath(const base::FilePath& file_path) { | |
|
Greg K
2017/01/19 04:13:07
Isn't this already defined elsewhere?
xhwang
2017/01/19 08:30:51
Right, it's also defined in chrome/common/media/cd
| |
| 52 return file_path.AddExtension(kSignatureFileExtension); | |
| 53 } | |
| 54 | |
| 55 // Returns the CDM library file name given the |cdm_adapter_file_name|. Returns | |
| 56 // nullptr if |cdm_adapter_file_name| does not correspond to a known CDM. | |
| 57 const char* GetCdmFileName(const base::FilePath& cdm_adapter_file_name) { | |
| 58 #if defined(WIDEVINE_CDM_AVAILABLE) | |
| 59 if (cdm_adapter_file_name == | |
| 60 base::FilePath::FromUTF8Unsafe(kWidevineCdmAdapterFileName)) | |
| 61 return kWidevineCdmLibraryName; | |
| 62 #endif | |
| 63 | |
| 64 // Clear Key CDM. For test only. | |
| 65 if (cdm_adapter_file_name == | |
| 66 base::FilePath::FromUTF8Unsafe(media::kClearKeyCdmAdapterFileName)) | |
| 67 return media::kClearKeyCdmLibraryName; | |
| 68 | |
| 69 return nullptr; | |
| 70 } | |
| 71 | |
| 72 // Returns the path to the CDM binary given the |cdm_adapter_path|. Returns an | |
| 73 // empty path if |cdm_adapter_path| does not correspond to a known CDM. | |
| 74 base::FilePath GetCdmPath(const base::FilePath& cdm_adapter_path) { | |
| 75 const char* cdm_file_name = GetCdmFileName(cdm_adapter_path.BaseName()); | |
| 76 if (!cdm_file_name) | |
| 77 return base::FilePath(); | |
| 78 | |
| 79 return cdm_adapter_path.DirName().AppendASCII( | |
| 80 base::GetNativeLibraryName(cdm_file_name)); | |
| 81 } | |
| 82 | |
| 83 #if defined(POSIX_WITH_ZYGOTE) | |
| 84 // From the list of registered plugins, finds all registered CDMs and fills | |
| 85 // |cdm_adapter_paths| with found CDM adapters paths. | |
| 86 void GetRegisteredCdms(std::vector<base::FilePath>* cdm_adapter_paths) { | |
| 87 std::vector<PepperPluginInfo> plugins; | |
| 88 ComputePepperPluginList(&plugins); | |
| 89 for (const auto& plugin : plugins) { | |
| 90 // CDM is not an internal plugin. | |
| 91 if (plugin.is_internal) | |
| 92 continue; | |
| 93 | |
| 94 if (IsCdm(plugin.path)) | |
| 95 cdm_adapter_paths->push_back(plugin.path); | |
| 96 } | |
| 97 } | |
| 98 | |
| 99 // A global instance used on platforms where we have to open the files in the | |
| 100 // Zygote process. | |
| 101 base::LazyInstance<std::unique_ptr<CdmHostFiles>> g_cdm_host_files = | |
| 102 LAZY_INSTANCE_INITIALIZER; | |
| 103 #endif | |
| 104 | |
| 105 } // namespace | |
| 106 | |
| 107 CdmHostFiles::CdmHostFiles() { | |
| 108 DVLOG(1) << __func__; | |
| 109 } | |
| 110 | |
| 111 CdmHostFiles::~CdmHostFiles() { | |
| 112 DVLOG(1) << __func__; | |
| 113 } | |
| 114 | |
| 115 #if defined(POSIX_WITH_ZYGOTE) | |
| 116 // static | |
| 117 void CdmHostFiles::CreateGlobalInstance() { | |
| 118 DVLOG(1) << __func__; | |
| 119 DCHECK(!g_cdm_host_files.Get().get()); | |
| 120 | |
| 121 std::unique_ptr<CdmHostFiles> cdm_host_files = | |
| 122 base::MakeUnique<CdmHostFiles>(); | |
| 123 if (!cdm_host_files->OpenFilesForAllRegisteredCdms()) { | |
| 124 DVLOG(1) << __func__ << " failed."; | |
| 125 cdm_host_files.reset(); | |
| 126 return; | |
| 127 } | |
| 128 | |
| 129 g_cdm_host_files.Get().reset(cdm_host_files.release()); | |
| 130 } | |
| 131 | |
| 132 // static | |
| 133 std::unique_ptr<CdmHostFiles> CdmHostFiles::TakeGlobalInstance() { | |
| 134 return std::move(g_cdm_host_files.Get()); | |
| 135 } | |
| 136 #endif | |
| 137 | |
| 138 // static | |
| 139 std::unique_ptr<CdmHostFiles> CdmHostFiles::Create( | |
| 140 const base::FilePath& cdm_adapter_path) { | |
| 141 DVLOG(1) << __func__; | |
| 142 std::unique_ptr<CdmHostFiles> cdm_host_files = | |
| 143 base::MakeUnique<CdmHostFiles>(); | |
| 144 if (!cdm_host_files->OpenFiles(cdm_adapter_path)) { | |
| 145 cdm_host_files.reset(); | |
| 146 return nullptr; | |
| 147 } | |
| 148 | |
| 149 return cdm_host_files; | |
| 150 } | |
| 151 | |
| 152 void CdmHostFiles::VerifyFiles(base::NativeLibrary cdm_adapter_library, | |
| 153 const base::FilePath& cdm_adapter_path) { | |
| 154 DVLOG(1) << __func__; | |
| 155 DCHECK(cdm_adapter_library); | |
| 156 | |
| 157 // Get VerifyHostFiles() function pointer exported by the CDM. | |
| 158 // See media/cdm/api/content_decryption_module_ext.h. | |
| 159 using VerifyHostFilesFunc = | |
| 160 bool (*)(const cdm::HostFile* cdm_host_files, uint32_t num_files); | |
| 161 static const char kVerifyHostFilesFuncName[] = "VerifyHostFiles"; | |
| 162 | |
| 163 base::NativeLibrary cdm_library; | |
| 164 #if defined(OS_LINUX) || defined(OS_MACOSX) | |
| 165 // On POSIX, "the dlsym() function shall search for the named symbol in all | |
| 166 // objects loaded automatically as a result of loading the object referenced | |
| 167 // by handle". Since the CDM is loaded automatically as a result of loading | |
| 168 // the CDM adapter, we can just use the adapter to look for CDM symbols. | |
| 169 cdm_library = cdm_adapter_library; | |
| 170 #elif defined(OS_WIN) | |
| 171 // On Windows, we have manually load the CDM. | |
| 172 base::ScopedNativeLibrary scoped_cdm_library; | |
| 173 base::NativeLibraryLoadError error; | |
| 174 scoped_cdm_library.Reset( | |
| 175 base::LoadNativeLibrary(GetCdmPath(cdm_adapter_path), &error)); | |
| 176 if (!scoped_cdm_library.is_valid()) { | |
| 177 LOG(ERROR) << "Failed to load CDM (error: " << error.ToString() << ")"; | |
| 178 CloseAllFiles(); | |
| 179 return; | |
| 180 } | |
| 181 cdm_library = scoped_cdm_library.get(); | |
| 182 #endif | |
| 183 | |
| 184 // TODO(xhwang): This may not work on Windows. If so, the caller should load | |
| 185 // the CDM explicitly and pass the CDM |library| in this call. | |
|
jrummell
2017/01/18 21:46:45
Does this comment still apply?
xhwang
2017/01/18 22:29:08
Good catch. Removed.
| |
| 186 VerifyHostFilesFunc verify_host_files_func = | |
| 187 reinterpret_cast<VerifyHostFilesFunc>( | |
| 188 base::GetFunctionPointerFromNativeLibrary(cdm_library, | |
| 189 kVerifyHostFilesFuncName)); | |
| 190 if (!verify_host_files_func) { | |
| 191 LOG(ERROR) << "Function " << kVerifyHostFilesFuncName << " not found."; | |
| 192 CloseAllFiles(); | |
| 193 return; | |
| 194 } | |
| 195 | |
| 196 // Fills |cdm_host_files| with common and CDM specific files for | |
| 197 // |cdm_adapter_path|. | |
| 198 std::vector<cdm::HostFile> cdm_host_files; | |
| 199 if (!TakePlatformFiles(cdm_adapter_path, &cdm_host_files)) { | |
| 200 DVLOG(1) << "Failed to take platform files."; | |
| 201 CloseAllFiles(); | |
| 202 return; | |
| 203 } | |
| 204 | |
| 205 // Call VerifyHostFiles() on the CDM with |cdm_host_files|. Note that the | |
| 206 // ownership of these files are transferred to the CDM, which will close the | |
| 207 // files immediately after use. | |
| 208 DVLOG(1) << __func__ << ": Calling " << kVerifyHostFilesFuncName << "()."; | |
| 209 verify_host_files_func(cdm_host_files.data(), cdm_host_files.size()); | |
|
Greg K
2017/01/19 04:13:07
The service is sandboxed when this is called, righ
xhwang
2017/01/19 08:30:51
Yes. See the call site in ppapi_thread.cc.
| |
| 210 | |
| 211 // Close all files not passed to the CDM. | |
| 212 CloseAllFiles(); | |
| 213 } | |
| 214 | |
| 215 #if defined(POSIX_WITH_ZYGOTE) | |
| 216 bool CdmHostFiles::OpenFilesForAllRegisteredCdms() { | |
| 217 std::vector<base::FilePath> cdm_adapter_paths; | |
| 218 GetRegisteredCdms(&cdm_adapter_paths); | |
| 219 if (cdm_adapter_paths.empty()) { | |
| 220 DVLOG(1) << "No CDM registered."; | |
| 221 return false; | |
| 222 } | |
| 223 | |
| 224 // Ignore | |
| 225 for (auto& cdm_adapter_path : cdm_adapter_paths) { | |
| 226 bool result = OpenCdmFiles(cdm_adapter_path); | |
| 227 if (!result) | |
| 228 DVLOG(1) << "CDM files cannot be opened for " << cdm_adapter_path.value(); | |
| 229 // Ignore the failure and try other registered CDM. | |
| 230 } | |
| 231 | |
| 232 if (cdm_specific_files_map_.empty()) { | |
| 233 DVLOG(1) << "CDM specific files cannot be opened for any registered CDM."; | |
| 234 return false; | |
| 235 } | |
| 236 | |
| 237 return OpenCommonFiles(); | |
| 238 } | |
| 239 #endif | |
| 240 | |
| 241 bool CdmHostFiles::OpenFiles(const base::FilePath& cdm_adapter_path) { | |
| 242 if (!OpenCdmFiles(cdm_adapter_path)) | |
| 243 return false; | |
| 244 | |
| 245 return OpenCommonFiles(); | |
| 246 } | |
| 247 | |
| 248 bool CdmHostFiles::OpenCommonFiles() { | |
| 249 DCHECK(common_files_.empty()); | |
| 250 | |
| 251 std::vector<CdmHostFilePath> cdm_host_file_paths; | |
| 252 GetContentClient()->AddContentDecryptionModuleHostFilePaths( | |
| 253 &cdm_host_file_paths); | |
| 254 | |
| 255 for (const CdmHostFilePath& value : cdm_host_file_paths) { | |
| 256 std::unique_ptr<CdmHostFile> cdm_host_file = | |
| 257 CdmHostFile::Create(value.file_path, value.sig_file_path); | |
| 258 if (cdm_host_file) { | |
| 259 common_files_.push_back(std::move(cdm_host_file)); | |
| 260 continue; | |
| 261 } | |
| 262 | |
| 263 if (!IgnoreMissingCdmHostFile()) | |
| 264 return false; | |
| 265 } | |
| 266 | |
| 267 return true; | |
| 268 } | |
| 269 | |
| 270 bool CdmHostFiles::OpenCdmFiles(const base::FilePath& cdm_adapter_path) { | |
| 271 DCHECK(!cdm_adapter_path.empty()); | |
| 272 DCHECK(!cdm_specific_files_map_.count(cdm_adapter_path)); | |
| 273 | |
| 274 std::unique_ptr<CdmHostFile> cdm_adapter_file = | |
| 275 CdmHostFile::Create(cdm_adapter_path, GetSigFilePath(cdm_adapter_path)); | |
| 276 if (!cdm_adapter_file) | |
| 277 return false; | |
| 278 | |
| 279 base::FilePath cdm_path = GetCdmPath(cdm_adapter_path); | |
| 280 std::unique_ptr<CdmHostFile> cdm_file = | |
| 281 CdmHostFile::Create(cdm_path, GetSigFilePath(cdm_path)); | |
| 282 if (!cdm_file) | |
| 283 return false; | |
| 284 | |
| 285 ScopedFileVector cdm_specific_files; | |
| 286 cdm_specific_files.push_back(std::move(cdm_adapter_file)); | |
| 287 cdm_specific_files.push_back(std::move(cdm_file)); | |
| 288 | |
| 289 cdm_specific_files_map_[cdm_adapter_path] = std::move(cdm_specific_files); | |
| 290 return true; | |
| 291 } | |
| 292 | |
| 293 bool CdmHostFiles::TakePlatformFiles( | |
| 294 const base::FilePath& cdm_adapter_path, | |
| 295 std::vector<cdm::HostFile>* cdm_host_files) { | |
| 296 DCHECK(cdm_host_files->empty()); | |
| 297 | |
| 298 if (!IgnoreMissingCdmHostFile()) | |
| 299 DCHECK(!common_files_.empty()); | |
| 300 | |
| 301 // Check whether CDM specific files exist. | |
| 302 const auto& iter = cdm_specific_files_map_.find(cdm_adapter_path); | |
| 303 if (iter == cdm_specific_files_map_.end()) { | |
| 304 // This could happen on Linux where CDM files fail to open for Foo CDM, but | |
| 305 // now we hit Bar CDM. | |
| 306 DVLOG(1) << "No CDM specific files for " << cdm_adapter_path.value(); | |
| 307 return false; | |
| 308 } | |
| 309 | |
| 310 const ScopedFileVector& cdm_specific_files = iter->second; | |
| 311 | |
| 312 // Populate an array of cdm::HostFile. | |
| 313 for (const auto& file : common_files_) | |
| 314 cdm_host_files->push_back(file->TakePlatformFile()); | |
|
jrummell
2017/01/18 21:46:45
Should reserve() be called on |cdm_host_files| fir
xhwang
2017/01/18 22:29:08
Done.
| |
| 315 | |
| 316 for (const auto& file : cdm_specific_files) | |
| 317 cdm_host_files->push_back(file->TakePlatformFile()); | |
| 318 | |
| 319 return true; | |
| 320 } | |
| 321 | |
| 322 void CdmHostFiles::CloseAllFiles() { | |
| 323 common_files_.clear(); | |
| 324 cdm_specific_files_map_.clear(); | |
| 325 } | |
| 326 | |
| 327 // Question(xhwang): Any better way to check whether a plugin is a CDM? Maybe | |
| 328 // when we register the plugin we can set some flag explicitly? | |
| 329 bool IsCdm(const base::FilePath& cdm_adapter_path) { | |
| 330 return !GetCdmPath(cdm_adapter_path).empty(); | |
| 331 } | |
| 332 | |
| 333 } // namespace content | |
| OLD | NEW |
