Update of DRM Framework.
-Access permission handling
Introduce an internal function which allows the desired process to
access decryption flow. This new function is just for reference and
each OEM manufacturer should implement/replace with their solutions.
-New API, getMetadata()
This API is for retrieving media metadata from container-based DRM,
such as OMA forward-lock content. This API asks DRM agent to retrieve
media metadata hiddein inside of DRM special container.
-New API, acquireRights()
This API wraps acquireDrmInfo() and processDrmInfo().
If DRM agent has valid implementation of both APIs,
Application can acquire DrmRights only by calling this API.
-Bug fix in event loop of OnInfoListener.
Separate OnInfo event loop from mail thread loop so as to avoid
the issue that message is not dispatched when mail thread is busy.
Changes are made by SEMC and Sony.
Change-Id: I04ee3e0988152a71e221f2256d83253749a29da0
diff --git a/drm/drmserver/DrmManagerService.cpp b/drm/drmserver/DrmManagerService.cpp
index 8cf510d..4dcfa72 100644
--- a/drm/drmserver/DrmManagerService.cpp
+++ b/drm/drmserver/DrmManagerService.cpp
@@ -18,18 +18,50 @@
#define LOG_TAG "DrmManagerService(Native)"
#include <utils/Log.h>
+#include <private/android_filesystem_config.h>
+
#include <errno.h>
#include <utils/threads.h>
#include <binder/IServiceManager.h>
+#include <binder/IPCThreadState.h>
#include <sys/stat.h>
#include "DrmManagerService.h"
#include "DrmManager.h"
using namespace android;
+static Vector<uid_t> trustedUids;
+
+static bool isProtectedCallAllowed() {
+ // TODO
+ // Following implementation is just for reference.
+ // Each OEM manufacturer should implement/replace with their own solutions.
+ bool result = false;
+
+ IPCThreadState* ipcState = IPCThreadState::self();
+ uid_t uid = ipcState->getCallingUid();
+
+ for (unsigned int i = 0; i < trustedUids.size(); ++i) {
+ if (trustedUids[i] == uid) {
+ result = true;
+ break;
+ }
+ }
+ return result;
+}
+
void DrmManagerService::instantiate() {
LOGV("instantiate");
defaultServiceManager()->addService(String16("drm.drmManager"), new DrmManagerService());
+
+ if (0 >= trustedUids.size()) {
+ // TODO
+ // Following implementation is just for reference.
+ // Each OEM manufacturer should implement/replace with their own solutions.
+
+ // Add trusted uids here
+ trustedUids.push(AID_MEDIA);
+ }
}
DrmManagerService::DrmManagerService() :
@@ -79,6 +111,11 @@
return mDrmManager->getConstraints(uniqueId, path, action);
}
+DrmMetadata* DrmManagerService::getMetadata(int uniqueId, const String8* path) {
+ LOGV("Entering getMetadata from content");
+ return mDrmManager->getMetadata(uniqueId, path);
+}
+
bool DrmManagerService::canHandle(int uniqueId, const String8& path, const String8& mimeType) {
LOGV("Entering canHandle");
return mDrmManager->canHandle(uniqueId, path, mimeType);
@@ -172,13 +209,21 @@
DecryptHandle* DrmManagerService::openDecryptSession(
int uniqueId, int fd, int offset, int length) {
LOGV("Entering DrmManagerService::openDecryptSession");
- return mDrmManager->openDecryptSession(uniqueId, fd, offset, length);
+ if (isProtectedCallAllowed()) {
+ return mDrmManager->openDecryptSession(uniqueId, fd, offset, length);
+ }
+
+ return NULL;
}
DecryptHandle* DrmManagerService::openDecryptSession(
int uniqueId, const char* uri) {
LOGV("Entering DrmManagerService::openDecryptSession with uri");
- return mDrmManager->openDecryptSession(uniqueId, uri);
+ if (isProtectedCallAllowed()) {
+ return mDrmManager->openDecryptSession(uniqueId, uri);
+ }
+
+ return NULL;
}
status_t DrmManagerService::closeDecryptSession(int uniqueId, DecryptHandle* decryptHandle) {