1*4d7e907cSAndroid Build Coastguard Worker /*
2*4d7e907cSAndroid Build Coastguard Worker * Copyright (C) 2022 The Android Open Source Project
3*4d7e907cSAndroid Build Coastguard Worker *
4*4d7e907cSAndroid Build Coastguard Worker * Licensed under the Apache License, Version 2.0 (the "License");
5*4d7e907cSAndroid Build Coastguard Worker * you may not use this file except in compliance with the License.
6*4d7e907cSAndroid Build Coastguard Worker * You may obtain a copy of the License at
7*4d7e907cSAndroid Build Coastguard Worker *
8*4d7e907cSAndroid Build Coastguard Worker * http://www.apache.org/licenses/LICENSE-2.0
9*4d7e907cSAndroid Build Coastguard Worker *
10*4d7e907cSAndroid Build Coastguard Worker * Unless required by applicable law or agreed to in writing, software
11*4d7e907cSAndroid Build Coastguard Worker * distributed under the License is distributed on an "AS IS" BASIS,
12*4d7e907cSAndroid Build Coastguard Worker * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13*4d7e907cSAndroid Build Coastguard Worker * See the License for the specific language governing permissions and
14*4d7e907cSAndroid Build Coastguard Worker * limitations under the License.
15*4d7e907cSAndroid Build Coastguard Worker */
16*4d7e907cSAndroid Build Coastguard Worker
17*4d7e907cSAndroid Build Coastguard Worker #define LOG_TAG "android.hardware.cas-DescramblerImpl"
18*4d7e907cSAndroid Build Coastguard Worker
19*4d7e907cSAndroid Build Coastguard Worker #include <aidlcommonsupport/NativeHandle.h>
20*4d7e907cSAndroid Build Coastguard Worker #include <inttypes.h>
21*4d7e907cSAndroid Build Coastguard Worker #include <media/cas/DescramblerAPI.h>
22*4d7e907cSAndroid Build Coastguard Worker #include <media/hardware/CryptoAPI.h>
23*4d7e907cSAndroid Build Coastguard Worker #include <media/stagefright/foundation/AUtils.h>
24*4d7e907cSAndroid Build Coastguard Worker #include <sys/mman.h>
25*4d7e907cSAndroid Build Coastguard Worker #include <utils/Log.h>
26*4d7e907cSAndroid Build Coastguard Worker
27*4d7e907cSAndroid Build Coastguard Worker #include "DescramblerImpl.h"
28*4d7e907cSAndroid Build Coastguard Worker #include "TypeConvert.h"
29*4d7e907cSAndroid Build Coastguard Worker
30*4d7e907cSAndroid Build Coastguard Worker namespace aidl {
31*4d7e907cSAndroid Build Coastguard Worker namespace android {
32*4d7e907cSAndroid Build Coastguard Worker namespace hardware {
33*4d7e907cSAndroid Build Coastguard Worker namespace cas {
34*4d7e907cSAndroid Build Coastguard Worker
35*4d7e907cSAndroid Build Coastguard Worker #define CHECK_SUBSAMPLE_DEF(type) \
36*4d7e907cSAndroid Build Coastguard Worker static_assert(sizeof(SubSample) == sizeof(type::SubSample), "SubSample: size doesn't match"); \
37*4d7e907cSAndroid Build Coastguard Worker static_assert(offsetof(SubSample, numBytesOfClearData) == \
38*4d7e907cSAndroid Build Coastguard Worker offsetof(type::SubSample, mNumBytesOfClearData), \
39*4d7e907cSAndroid Build Coastguard Worker "SubSample: numBytesOfClearData offset doesn't match"); \
40*4d7e907cSAndroid Build Coastguard Worker static_assert(offsetof(SubSample, numBytesOfEncryptedData) == \
41*4d7e907cSAndroid Build Coastguard Worker offsetof(type::SubSample, mNumBytesOfEncryptedData), \
42*4d7e907cSAndroid Build Coastguard Worker "SubSample: numBytesOfEncryptedData offset doesn't match")
43*4d7e907cSAndroid Build Coastguard Worker
44*4d7e907cSAndroid Build Coastguard Worker CHECK_SUBSAMPLE_DEF(DescramblerPlugin);
45*4d7e907cSAndroid Build Coastguard Worker CHECK_SUBSAMPLE_DEF(CryptoPlugin);
46*4d7e907cSAndroid Build Coastguard Worker
DescramblerImpl(DescramblerPlugin * plugin)47*4d7e907cSAndroid Build Coastguard Worker DescramblerImpl::DescramblerImpl(DescramblerPlugin* plugin) : mPluginHolder(plugin) {
48*4d7e907cSAndroid Build Coastguard Worker ALOGV("CTOR: plugin=%p", mPluginHolder.get());
49*4d7e907cSAndroid Build Coastguard Worker }
50*4d7e907cSAndroid Build Coastguard Worker
~DescramblerImpl()51*4d7e907cSAndroid Build Coastguard Worker DescramblerImpl::~DescramblerImpl() {
52*4d7e907cSAndroid Build Coastguard Worker ALOGV("DTOR: plugin=%p", mPluginHolder.get());
53*4d7e907cSAndroid Build Coastguard Worker release();
54*4d7e907cSAndroid Build Coastguard Worker }
55*4d7e907cSAndroid Build Coastguard Worker
setMediaCasSession(const vector<uint8_t> & in_sessionId)56*4d7e907cSAndroid Build Coastguard Worker ScopedAStatus DescramblerImpl::setMediaCasSession(const vector<uint8_t>& in_sessionId) {
57*4d7e907cSAndroid Build Coastguard Worker ALOGV("%s: sessionId=%s", __FUNCTION__, sessionIdToString(in_sessionId).c_str());
58*4d7e907cSAndroid Build Coastguard Worker
59*4d7e907cSAndroid Build Coastguard Worker shared_ptr<DescramblerPlugin> holder = atomic_load(&mPluginHolder);
60*4d7e907cSAndroid Build Coastguard Worker if (holder.get() == nullptr) {
61*4d7e907cSAndroid Build Coastguard Worker return toStatus(INVALID_OPERATION);
62*4d7e907cSAndroid Build Coastguard Worker }
63*4d7e907cSAndroid Build Coastguard Worker
64*4d7e907cSAndroid Build Coastguard Worker return toStatus(holder->setMediaCasSession(in_sessionId));
65*4d7e907cSAndroid Build Coastguard Worker }
66*4d7e907cSAndroid Build Coastguard Worker
requiresSecureDecoderComponent(const string & in_mime,bool * _aidl_return)67*4d7e907cSAndroid Build Coastguard Worker ScopedAStatus DescramblerImpl::requiresSecureDecoderComponent(const string& in_mime,
68*4d7e907cSAndroid Build Coastguard Worker bool* _aidl_return) {
69*4d7e907cSAndroid Build Coastguard Worker shared_ptr<DescramblerPlugin> holder = atomic_load(&mPluginHolder);
70*4d7e907cSAndroid Build Coastguard Worker if (holder.get() == nullptr) {
71*4d7e907cSAndroid Build Coastguard Worker *_aidl_return = false;
72*4d7e907cSAndroid Build Coastguard Worker }
73*4d7e907cSAndroid Build Coastguard Worker
74*4d7e907cSAndroid Build Coastguard Worker *_aidl_return = holder->requiresSecureDecoderComponent(in_mime.c_str());
75*4d7e907cSAndroid Build Coastguard Worker return ScopedAStatus::ok();
76*4d7e907cSAndroid Build Coastguard Worker }
77*4d7e907cSAndroid Build Coastguard Worker
validateRangeForSize(int64_t offset,int64_t length,int64_t size)78*4d7e907cSAndroid Build Coastguard Worker static inline bool validateRangeForSize(int64_t offset, int64_t length, int64_t size) {
79*4d7e907cSAndroid Build Coastguard Worker return isInRange<int64_t, uint64_t>(0, (uint64_t)size, offset, (uint64_t)length);
80*4d7e907cSAndroid Build Coastguard Worker }
81*4d7e907cSAndroid Build Coastguard Worker
descramble(ScramblingControl scramblingControl,const vector<SubSample> & subSamples,const SharedBuffer & srcBuffer,int64_t srcOffset,const DestinationBuffer & dstBuffer,int64_t dstOffset,int32_t * _aidl_return)82*4d7e907cSAndroid Build Coastguard Worker ScopedAStatus DescramblerImpl::descramble(ScramblingControl scramblingControl,
83*4d7e907cSAndroid Build Coastguard Worker const vector<SubSample>& subSamples,
84*4d7e907cSAndroid Build Coastguard Worker const SharedBuffer& srcBuffer, int64_t srcOffset,
85*4d7e907cSAndroid Build Coastguard Worker const DestinationBuffer& dstBuffer, int64_t dstOffset,
86*4d7e907cSAndroid Build Coastguard Worker int32_t* _aidl_return) {
87*4d7e907cSAndroid Build Coastguard Worker ALOGV("%s", __FUNCTION__);
88*4d7e907cSAndroid Build Coastguard Worker
89*4d7e907cSAndroid Build Coastguard Worker // heapbase's size is stored in int64_t, but mapMemory's mmap will map size in
90*4d7e907cSAndroid Build Coastguard Worker // size_t. If size is over SIZE_MAX, mapMemory mapMemory could succeed but the
91*4d7e907cSAndroid Build Coastguard Worker // mapped memory's actual size will be smaller than the reported size.
92*4d7e907cSAndroid Build Coastguard Worker if (srcBuffer.heapBase.size > SIZE_MAX) {
93*4d7e907cSAndroid Build Coastguard Worker ALOGE("Invalid memory size: %" PRIu64 "", srcBuffer.heapBase.size);
94*4d7e907cSAndroid Build Coastguard Worker android_errorWriteLog(0x534e4554, "79376389");
95*4d7e907cSAndroid Build Coastguard Worker return toStatus(BAD_VALUE);
96*4d7e907cSAndroid Build Coastguard Worker }
97*4d7e907cSAndroid Build Coastguard Worker
98*4d7e907cSAndroid Build Coastguard Worker void* srcPtr = mmap(NULL, srcBuffer.heapBase.size, PROT_READ | PROT_WRITE, MAP_SHARED,
99*4d7e907cSAndroid Build Coastguard Worker srcBuffer.heapBase.fd.get(), 0);
100*4d7e907cSAndroid Build Coastguard Worker
101*4d7e907cSAndroid Build Coastguard Worker // Validate if the offset and size in the SharedBuffer is consistent with the
102*4d7e907cSAndroid Build Coastguard Worker // mapped heapbase, since the offset and size is controlled by client.
103*4d7e907cSAndroid Build Coastguard Worker if (srcPtr == NULL) {
104*4d7e907cSAndroid Build Coastguard Worker ALOGE("Failed to map src buffer.");
105*4d7e907cSAndroid Build Coastguard Worker return toStatus(BAD_VALUE);
106*4d7e907cSAndroid Build Coastguard Worker }
107*4d7e907cSAndroid Build Coastguard Worker if (!validateRangeForSize(srcBuffer.offset, srcBuffer.size, srcBuffer.heapBase.size)) {
108*4d7e907cSAndroid Build Coastguard Worker ALOGE("Invalid src buffer range: offset %" PRIu64 ", size %" PRIu64
109*4d7e907cSAndroid Build Coastguard Worker ", srcMem"
110*4d7e907cSAndroid Build Coastguard Worker "size %" PRIu64 "",
111*4d7e907cSAndroid Build Coastguard Worker srcBuffer.offset, srcBuffer.size, srcBuffer.heapBase.size);
112*4d7e907cSAndroid Build Coastguard Worker android_errorWriteLog(0x534e4554, "67962232");
113*4d7e907cSAndroid Build Coastguard Worker return toStatus(BAD_VALUE);
114*4d7e907cSAndroid Build Coastguard Worker }
115*4d7e907cSAndroid Build Coastguard Worker
116*4d7e907cSAndroid Build Coastguard Worker // use 64-bit here to catch bad subsample size that might be overflowing.
117*4d7e907cSAndroid Build Coastguard Worker uint64_t totalBytesInSubSamples = 0;
118*4d7e907cSAndroid Build Coastguard Worker for (size_t i = 0; i < subSamples.size(); i++) {
119*4d7e907cSAndroid Build Coastguard Worker uint32_t numBytesOfClearData = subSamples[i].numBytesOfClearData;
120*4d7e907cSAndroid Build Coastguard Worker uint32_t numBytesOfEncryptedData = subSamples[i].numBytesOfEncryptedData;
121*4d7e907cSAndroid Build Coastguard Worker totalBytesInSubSamples += (uint64_t)numBytesOfClearData + numBytesOfEncryptedData;
122*4d7e907cSAndroid Build Coastguard Worker }
123*4d7e907cSAndroid Build Coastguard Worker // Further validate if the specified srcOffset and requested total subsample size
124*4d7e907cSAndroid Build Coastguard Worker // is consistent with the source shared buffer size.
125*4d7e907cSAndroid Build Coastguard Worker if (!validateRangeForSize(srcOffset, totalBytesInSubSamples, srcBuffer.size)) {
126*4d7e907cSAndroid Build Coastguard Worker ALOGE("Invalid srcOffset and subsample size: "
127*4d7e907cSAndroid Build Coastguard Worker "srcOffset %" PRIu64 ", totalBytesInSubSamples %" PRIu64
128*4d7e907cSAndroid Build Coastguard Worker ", srcBuffer"
129*4d7e907cSAndroid Build Coastguard Worker "size %" PRIu64 "",
130*4d7e907cSAndroid Build Coastguard Worker srcOffset, totalBytesInSubSamples, srcBuffer.size);
131*4d7e907cSAndroid Build Coastguard Worker android_errorWriteLog(0x534e4554, "67962232");
132*4d7e907cSAndroid Build Coastguard Worker return toStatus(BAD_VALUE);
133*4d7e907cSAndroid Build Coastguard Worker }
134*4d7e907cSAndroid Build Coastguard Worker srcPtr = (uint8_t*)srcPtr + srcBuffer.offset;
135*4d7e907cSAndroid Build Coastguard Worker
136*4d7e907cSAndroid Build Coastguard Worker void* dstPtr = NULL;
137*4d7e907cSAndroid Build Coastguard Worker if (dstBuffer.getTag() == DestinationBuffer::Tag::nonsecureMemory) {
138*4d7e907cSAndroid Build Coastguard Worker // When using shared memory, src buffer is also used as dst,
139*4d7e907cSAndroid Build Coastguard Worker // we don't map it again here.
140*4d7e907cSAndroid Build Coastguard Worker dstPtr = srcPtr;
141*4d7e907cSAndroid Build Coastguard Worker
142*4d7e907cSAndroid Build Coastguard Worker // In this case the dst and src would be the same buffer, need to validate
143*4d7e907cSAndroid Build Coastguard Worker // dstOffset against the buffer size too.
144*4d7e907cSAndroid Build Coastguard Worker if (!validateRangeForSize(dstOffset, totalBytesInSubSamples, srcBuffer.size)) {
145*4d7e907cSAndroid Build Coastguard Worker ALOGE("Invalid dstOffset and subsample size: "
146*4d7e907cSAndroid Build Coastguard Worker "dstOffset %" PRIu64 ", totalBytesInSubSamples %" PRIu64
147*4d7e907cSAndroid Build Coastguard Worker ", srcBuffer"
148*4d7e907cSAndroid Build Coastguard Worker "size %" PRIu64 "",
149*4d7e907cSAndroid Build Coastguard Worker dstOffset, totalBytesInSubSamples, srcBuffer.size);
150*4d7e907cSAndroid Build Coastguard Worker android_errorWriteLog(0x534e4554, "67962232");
151*4d7e907cSAndroid Build Coastguard Worker return toStatus(BAD_VALUE);
152*4d7e907cSAndroid Build Coastguard Worker }
153*4d7e907cSAndroid Build Coastguard Worker } else {
154*4d7e907cSAndroid Build Coastguard Worker native_handle_t* handle = makeFromAidl(dstBuffer.get<DestinationBuffer::secureMemory>());
155*4d7e907cSAndroid Build Coastguard Worker dstPtr = static_cast<void*>(handle);
156*4d7e907cSAndroid Build Coastguard Worker }
157*4d7e907cSAndroid Build Coastguard Worker
158*4d7e907cSAndroid Build Coastguard Worker // Get a local copy of the shared_ptr for the plugin. Note that before
159*4d7e907cSAndroid Build Coastguard Worker // calling the callback, this shared_ptr must be manually reset, since
160*4d7e907cSAndroid Build Coastguard Worker // the client side could proceed as soon as the callback is called
161*4d7e907cSAndroid Build Coastguard Worker // without waiting for this method to go out of scope.
162*4d7e907cSAndroid Build Coastguard Worker shared_ptr<DescramblerPlugin> holder = atomic_load(&mPluginHolder);
163*4d7e907cSAndroid Build Coastguard Worker if (holder.get() == nullptr) {
164*4d7e907cSAndroid Build Coastguard Worker return toStatus(INVALID_OPERATION);
165*4d7e907cSAndroid Build Coastguard Worker }
166*4d7e907cSAndroid Build Coastguard Worker
167*4d7e907cSAndroid Build Coastguard Worker // Casting SubSample to DescramblerPlugin::SubSample, but need to ensure
168*4d7e907cSAndroid Build Coastguard Worker // structs are actually identical
169*4d7e907cSAndroid Build Coastguard Worker
170*4d7e907cSAndroid Build Coastguard Worker auto returnStatus =
171*4d7e907cSAndroid Build Coastguard Worker holder->descramble(dstBuffer.getTag() != DestinationBuffer::Tag::nonsecureMemory,
172*4d7e907cSAndroid Build Coastguard Worker (DescramblerPlugin::ScramblingControl)scramblingControl,
173*4d7e907cSAndroid Build Coastguard Worker subSamples.size(), (DescramblerPlugin::SubSample*)subSamples.data(),
174*4d7e907cSAndroid Build Coastguard Worker srcPtr, srcOffset, dstPtr, dstOffset, NULL);
175*4d7e907cSAndroid Build Coastguard Worker
176*4d7e907cSAndroid Build Coastguard Worker holder.reset();
177*4d7e907cSAndroid Build Coastguard Worker *_aidl_return = returnStatus;
178*4d7e907cSAndroid Build Coastguard Worker return toStatus(returnStatus >= 0 ? OK : returnStatus);
179*4d7e907cSAndroid Build Coastguard Worker }
180*4d7e907cSAndroid Build Coastguard Worker
release()181*4d7e907cSAndroid Build Coastguard Worker ScopedAStatus DescramblerImpl::release() {
182*4d7e907cSAndroid Build Coastguard Worker ALOGV("%s: plugin=%p", __FUNCTION__, mPluginHolder.get());
183*4d7e907cSAndroid Build Coastguard Worker
184*4d7e907cSAndroid Build Coastguard Worker shared_ptr<DescramblerPlugin> holder(nullptr);
185*4d7e907cSAndroid Build Coastguard Worker atomic_store(&mPluginHolder, holder);
186*4d7e907cSAndroid Build Coastguard Worker
187*4d7e907cSAndroid Build Coastguard Worker return ScopedAStatus::ok();
188*4d7e907cSAndroid Build Coastguard Worker }
189*4d7e907cSAndroid Build Coastguard Worker
190*4d7e907cSAndroid Build Coastguard Worker } // namespace cas
191*4d7e907cSAndroid Build Coastguard Worker } // namespace hardware
192*4d7e907cSAndroid Build Coastguard Worker } // namespace android
193*4d7e907cSAndroid Build Coastguard Worker } // namespace aidl
194