1 /*
2 * Copyright (C) 2017 The Android Open Source Project
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17 //#define LOG_NDEBUG 0
18 #define LOG_TAG "CryptoHal"
19 #include <utils/Log.h>
20
21 #include <android/hardware/drm/1.0/types.h>
22 #include <android/hidl/manager/1.2/IServiceManager.h>
23 #include <hidl/ServiceManagement.h>
24 #include <hidlmemory/FrameworkUtils.h>
25 #include <media/hardware/CryptoAPI.h>
26 #include <media/stagefright/foundation/ADebug.h>
27 #include <media/stagefright/foundation/AString.h>
28 #include <media/stagefright/foundation/hexdump.h>
29 #include <media/stagefright/MediaErrors.h>
30 #include <mediadrm/CryptoHal.h>
31
32 using drm::V1_0::BufferType;
33 using drm::V1_0::DestinationBuffer;
34 using drm::V1_0::ICryptoFactory;
35 using drm::V1_0::ICryptoPlugin;
36 using drm::V1_0::Mode;
37 using drm::V1_0::Pattern;
38 using drm::V1_0::SharedBuffer;
39 using drm::V1_0::Status;
40 using drm::V1_0::SubSample;
41
42 using ::android::hardware::hidl_array;
43 using ::android::hardware::hidl_handle;
44 using ::android::hardware::hidl_memory;
45 using ::android::hardware::hidl_string;
46 using ::android::hardware::hidl_vec;
47 using ::android::hardware::HidlMemory;
48 using ::android::hardware::Return;
49 using ::android::hardware::Void;
50 using ::android::sp;
51
52 typedef drm::V1_2::Status Status_V1_2;
53
54 namespace android {
55
toStatusT(Status status)56 static status_t toStatusT(Status status) {
57 switch (status) {
58 case Status::OK:
59 return OK;
60 case Status::ERROR_DRM_NO_LICENSE:
61 return ERROR_DRM_NO_LICENSE;
62 case Status::ERROR_DRM_LICENSE_EXPIRED:
63 return ERROR_DRM_LICENSE_EXPIRED;
64 case Status::ERROR_DRM_RESOURCE_BUSY:
65 return ERROR_DRM_RESOURCE_BUSY;
66 case Status::ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION:
67 return ERROR_DRM_INSUFFICIENT_OUTPUT_PROTECTION;
68 case Status::ERROR_DRM_SESSION_NOT_OPENED:
69 return ERROR_DRM_SESSION_NOT_OPENED;
70 case Status::ERROR_DRM_CANNOT_HANDLE:
71 return ERROR_DRM_CANNOT_HANDLE;
72 case Status::ERROR_DRM_DECRYPT:
73 return ERROR_DRM_DECRYPT;
74 default:
75 return UNKNOWN_ERROR;
76 }
77 }
78
toStatusT_1_2(Status_V1_2 status)79 static status_t toStatusT_1_2(Status_V1_2 status) {
80 switch (status) {
81 case Status_V1_2::ERROR_DRM_SESSION_LOST_STATE:
82 return ERROR_DRM_SESSION_LOST_STATE;;
83 case Status_V1_2::ERROR_DRM_FRAME_TOO_LARGE:
84 return ERROR_DRM_FRAME_TOO_LARGE;
85 case Status_V1_2::ERROR_DRM_INSUFFICIENT_SECURITY:
86 return ERROR_DRM_INSUFFICIENT_SECURITY;
87 default:
88 return toStatusT(static_cast<Status>(status));
89 }
90 }
91
toHidlVec(const Vector<uint8_t> & vector)92 static hidl_vec<uint8_t> toHidlVec(const Vector<uint8_t> &vector) {
93 hidl_vec<uint8_t> vec;
94 vec.setToExternal(const_cast<uint8_t *>(vector.array()), vector.size());
95 return vec;
96 }
97
toHidlVec(const void * ptr,size_t size)98 static hidl_vec<uint8_t> toHidlVec(const void *ptr, size_t size) {
99 hidl_vec<uint8_t> vec;
100 vec.resize(size);
101 memcpy(vec.data(), ptr, size);
102 return vec;
103 }
104
toHidlArray16(const uint8_t * ptr)105 static hidl_array<uint8_t, 16> toHidlArray16(const uint8_t *ptr) {
106 if (!ptr) {
107 return hidl_array<uint8_t, 16>();
108 }
109 return hidl_array<uint8_t, 16>(ptr);
110 }
111
112
toString8(hidl_string hString)113 static String8 toString8(hidl_string hString) {
114 return String8(hString.c_str());
115 }
116
117
CryptoHal()118 CryptoHal::CryptoHal()
119 : mFactories(makeCryptoFactories()),
120 mInitCheck((mFactories.size() == 0) ? ERROR_UNSUPPORTED : NO_INIT),
121 mHeapSeqNum(0) {
122 }
123
~CryptoHal()124 CryptoHal::~CryptoHal() {
125 }
126
makeCryptoFactories()127 Vector<sp<ICryptoFactory>> CryptoHal::makeCryptoFactories() {
128 Vector<sp<ICryptoFactory>> factories;
129
130 auto manager = hardware::defaultServiceManager1_2();
131 if (manager != NULL) {
132 manager->listManifestByInterface(drm::V1_0::ICryptoFactory::descriptor,
133 [&factories](const hidl_vec<hidl_string> ®istered) {
134 for (const auto &instance : registered) {
135 auto factory = drm::V1_0::ICryptoFactory::getService(instance);
136 if (factory != NULL) {
137 ALOGD("found drm@1.0 ICryptoFactory %s", instance.c_str());
138 factories.push_back(factory);
139 }
140 }
141 }
142 );
143 manager->listManifestByInterface(drm::V1_1::ICryptoFactory::descriptor,
144 [&factories](const hidl_vec<hidl_string> ®istered) {
145 for (const auto &instance : registered) {
146 auto factory = drm::V1_1::ICryptoFactory::getService(instance);
147 if (factory != NULL) {
148 ALOGD("found drm@1.1 ICryptoFactory %s", instance.c_str());
149 factories.push_back(factory);
150 }
151 }
152 }
153 );
154 }
155
156 if (factories.size() == 0) {
157 // must be in passthrough mode, load the default passthrough service
158 auto passthrough = ICryptoFactory::getService();
159 if (passthrough != NULL) {
160 ALOGI("makeCryptoFactories: using default passthrough crypto instance");
161 factories.push_back(passthrough);
162 } else {
163 ALOGE("Failed to find any crypto factories");
164 }
165 }
166 return factories;
167 }
168
makeCryptoPlugin(const sp<ICryptoFactory> & factory,const uint8_t uuid[16],const void * initData,size_t initDataSize)169 sp<ICryptoPlugin> CryptoHal::makeCryptoPlugin(const sp<ICryptoFactory>& factory,
170 const uint8_t uuid[16], const void *initData, size_t initDataSize) {
171
172 sp<ICryptoPlugin> plugin;
173 Return<void> hResult = factory->createPlugin(toHidlArray16(uuid),
174 toHidlVec(initData, initDataSize),
175 [&](Status status, const sp<ICryptoPlugin>& hPlugin) {
176 if (status != Status::OK) {
177 ALOGE("Failed to make crypto plugin");
178 return;
179 }
180 plugin = hPlugin;
181 }
182 );
183 return plugin;
184 }
185
186
initCheck() const187 status_t CryptoHal::initCheck() const {
188 return mInitCheck;
189 }
190
191
isCryptoSchemeSupported(const uint8_t uuid[16])192 bool CryptoHal::isCryptoSchemeSupported(const uint8_t uuid[16]) {
193 Mutex::Autolock autoLock(mLock);
194
195 for (size_t i = 0; i < mFactories.size(); i++) {
196 if (mFactories[i]->isCryptoSchemeSupported(uuid)) {
197 return true;
198 }
199 }
200 return false;
201 }
202
createPlugin(const uint8_t uuid[16],const void * data,size_t size)203 status_t CryptoHal::createPlugin(const uint8_t uuid[16], const void *data,
204 size_t size) {
205 Mutex::Autolock autoLock(mLock);
206
207 for (size_t i = 0; i < mFactories.size(); i++) {
208 if (mFactories[i]->isCryptoSchemeSupported(uuid)) {
209 mPlugin = makeCryptoPlugin(mFactories[i], uuid, data, size);
210 if (mPlugin != NULL) {
211 mPluginV1_2 = drm::V1_2::ICryptoPlugin::castFrom(mPlugin);
212 }
213 }
214 }
215
216 if (mPlugin == NULL) {
217 mInitCheck = ERROR_UNSUPPORTED;
218 } else {
219 mInitCheck = OK;
220 }
221
222 return mInitCheck;
223 }
224
destroyPlugin()225 status_t CryptoHal::destroyPlugin() {
226 Mutex::Autolock autoLock(mLock);
227
228 if (mInitCheck != OK) {
229 return mInitCheck;
230 }
231
232 mPlugin.clear();
233 mPluginV1_2.clear();
234 return OK;
235 }
236
requiresSecureDecoderComponent(const char * mime) const237 bool CryptoHal::requiresSecureDecoderComponent(const char *mime) const {
238 Mutex::Autolock autoLock(mLock);
239
240 if (mInitCheck != OK) {
241 return false;
242 }
243
244 Return<bool> hResult = mPlugin->requiresSecureDecoderComponent(hidl_string(mime));
245 if (!hResult.isOk()) {
246 return false;
247 }
248 return hResult;
249 }
250
251
252 /**
253 * If the heap base isn't set, get the heap base from the HidlMemory
254 * and send it to the HAL so it can map a remote heap of the same
255 * size. Once the heap base is established, shared memory buffers
256 * are sent by providing an offset into the heap and a buffer size.
257 */
setHeapBase(const sp<HidlMemory> & heap)258 int32_t CryptoHal::setHeapBase(const sp<HidlMemory>& heap) {
259 if (heap == NULL || mHeapSeqNum < 0) {
260 ALOGE("setHeapBase(): heap %p mHeapSeqNum %d", heap.get(), mHeapSeqNum);
261 return -1;
262 }
263
264 Mutex::Autolock autoLock(mLock);
265
266 int32_t seqNum = mHeapSeqNum++;
267 uint32_t bufferId = static_cast<uint32_t>(seqNum);
268 mHeapSizes.add(seqNum, heap->size());
269 Return<void> hResult = mPlugin->setSharedBufferBase(*heap, bufferId);
270 ALOGE_IF(!hResult.isOk(), "setSharedBufferBase(): remote call failed");
271 return seqNum;
272 }
273
clearHeapBase(int32_t seqNum)274 void CryptoHal::clearHeapBase(int32_t seqNum) {
275 Mutex::Autolock autoLock(mLock);
276
277 /*
278 * Clear the remote shared memory mapping by setting the shared
279 * buffer base to a null hidl_memory.
280 *
281 * TODO: Add a releaseSharedBuffer method in a future DRM HAL
282 * API version to make this explicit.
283 */
284 ssize_t index = mHeapSizes.indexOfKey(seqNum);
285 if (index >= 0) {
286 if (mPlugin != NULL) {
287 uint32_t bufferId = static_cast<uint32_t>(seqNum);
288 Return<void> hResult = mPlugin->setSharedBufferBase(hidl_memory(), bufferId);
289 ALOGE_IF(!hResult.isOk(), "setSharedBufferBase(): remote call failed");
290 }
291 mHeapSizes.removeItem(seqNum);
292 }
293 }
294
checkSharedBuffer(const::SharedBuffer & buffer)295 status_t CryptoHal::checkSharedBuffer(const ::SharedBuffer &buffer) {
296 int32_t seqNum = static_cast<int32_t>(buffer.bufferId);
297 // memory must be in one of the heaps that have been set
298 if (mHeapSizes.indexOfKey(seqNum) < 0) {
299 return UNKNOWN_ERROR;
300 }
301
302 // memory must be within the address space of the heap
303 size_t heapSize = mHeapSizes.valueFor(seqNum);
304 if (heapSize < buffer.offset + buffer.size ||
305 SIZE_MAX - buffer.offset < buffer.size) {
306 android_errorWriteLog(0x534e4554, "76221123");
307 return UNKNOWN_ERROR;
308 }
309
310 return OK;
311 }
312
decrypt(const uint8_t keyId[16],const uint8_t iv[16],CryptoPlugin::Mode mode,const CryptoPlugin::Pattern & pattern,const::SharedBuffer & hSource,size_t offset,const CryptoPlugin::SubSample * subSamples,size_t numSubSamples,const::DestinationBuffer & hDestination,AString * errorDetailMsg)313 ssize_t CryptoHal::decrypt(const uint8_t keyId[16], const uint8_t iv[16],
314 CryptoPlugin::Mode mode, const CryptoPlugin::Pattern &pattern,
315 const ::SharedBuffer &hSource, size_t offset,
316 const CryptoPlugin::SubSample *subSamples, size_t numSubSamples,
317 const ::DestinationBuffer &hDestination, AString *errorDetailMsg) {
318 Mutex::Autolock autoLock(mLock);
319
320 if (mInitCheck != OK) {
321 return mInitCheck;
322 }
323
324 Mode hMode;
325 switch(mode) {
326 case CryptoPlugin::kMode_Unencrypted:
327 hMode = Mode::UNENCRYPTED ;
328 break;
329 case CryptoPlugin::kMode_AES_CTR:
330 hMode = Mode::AES_CTR;
331 break;
332 case CryptoPlugin::kMode_AES_WV:
333 hMode = Mode::AES_CBC_CTS;
334 break;
335 case CryptoPlugin::kMode_AES_CBC:
336 hMode = Mode::AES_CBC;
337 break;
338 default:
339 return UNKNOWN_ERROR;
340 }
341
342 Pattern hPattern;
343 hPattern.encryptBlocks = pattern.mEncryptBlocks;
344 hPattern.skipBlocks = pattern.mSkipBlocks;
345
346 std::vector<SubSample> stdSubSamples;
347 for (size_t i = 0; i < numSubSamples; i++) {
348 SubSample subSample;
349 subSample.numBytesOfClearData = subSamples[i].mNumBytesOfClearData;
350 subSample.numBytesOfEncryptedData = subSamples[i].mNumBytesOfEncryptedData;
351 stdSubSamples.push_back(subSample);
352 }
353 auto hSubSamples = hidl_vec<SubSample>(stdSubSamples);
354
355 bool secure;
356 if (hDestination.type == BufferType::SHARED_MEMORY) {
357 status_t status = checkSharedBuffer(hDestination.nonsecureMemory);
358 if (status != OK) {
359 return status;
360 }
361 secure = false;
362 } else if (hDestination.type == BufferType::NATIVE_HANDLE) {
363 secure = true;
364 } else {
365 android_errorWriteLog(0x534e4554, "70526702");
366 return UNKNOWN_ERROR;
367 }
368
369 status_t status = checkSharedBuffer(hSource);
370 if (status != OK) {
371 return status;
372 }
373
374 status_t err = UNKNOWN_ERROR;
375 uint32_t bytesWritten = 0;
376
377 Return<void> hResult;
378
379 if (mPluginV1_2 != NULL) {
380 hResult = mPluginV1_2->decrypt_1_2(secure, toHidlArray16(keyId), toHidlArray16(iv),
381 hMode, hPattern, hSubSamples, hSource, offset, hDestination,
382 [&](Status_V1_2 status, uint32_t hBytesWritten, hidl_string hDetailedError) {
383 if (status == Status_V1_2::OK) {
384 bytesWritten = hBytesWritten;
385 *errorDetailMsg = toString8(hDetailedError);
386 }
387 err = toStatusT_1_2(status);
388 }
389 );
390 } else {
391 hResult = mPlugin->decrypt(secure, toHidlArray16(keyId), toHidlArray16(iv),
392 hMode, hPattern, hSubSamples, hSource, offset, hDestination,
393 [&](Status status, uint32_t hBytesWritten, hidl_string hDetailedError) {
394 if (status == Status::OK) {
395 bytesWritten = hBytesWritten;
396 *errorDetailMsg = toString8(hDetailedError);
397 }
398 err = toStatusT(status);
399 }
400 );
401 }
402
403 err = hResult.isOk() ? err : DEAD_OBJECT;
404 if (err == OK) {
405 return bytesWritten;
406 }
407 return err;
408 }
409
notifyResolution(uint32_t width,uint32_t height)410 void CryptoHal::notifyResolution(uint32_t width, uint32_t height) {
411 Mutex::Autolock autoLock(mLock);
412
413 if (mInitCheck != OK) {
414 return;
415 }
416
417 mPlugin->notifyResolution(width, height);
418 }
419
setMediaDrmSession(const Vector<uint8_t> & sessionId)420 status_t CryptoHal::setMediaDrmSession(const Vector<uint8_t> &sessionId) {
421 Mutex::Autolock autoLock(mLock);
422
423 if (mInitCheck != OK) {
424 return mInitCheck;
425 }
426
427 return toStatusT(mPlugin->setMediaDrmSession(toHidlVec(sessionId)));
428 }
429
430 } // namespace android
431