Merge branch 'dev/10/fp2/security-aosp-qt-release' into int/10/fp2
* dev/10/fp2/security-aosp-qt-release:
RESTRICT AUTOMERGE - [Fix vulnerability] setSecurityLevel in clearkey
Change-Id: Icb359217f0d53e6ccc82f9ff150a860f4f231ba5
diff --git a/drm/mediadrm/plugins/clearkey/hidl/DrmPlugin.cpp b/drm/mediadrm/plugins/clearkey/hidl/DrmPlugin.cpp
index f25f59d..26457be 100644
--- a/drm/mediadrm/plugins/clearkey/hidl/DrmPlugin.cpp
+++ b/drm/mediadrm/plugins/clearkey/hidl/DrmPlugin.cpp
@@ -612,6 +612,7 @@
return Void();
}
+ Mutex::Autolock lock(mSecurityLevelLock);
std::map<std::vector<uint8_t>, SecurityLevel>::iterator itr =
mSecurityLevel.find(sid);
if (itr == mSecurityLevel.end()) {
@@ -642,6 +643,7 @@
return Status::ERROR_DRM_SESSION_NOT_OPENED;
}
+ Mutex::Autolock lock(mSecurityLevelLock);
std::map<std::vector<uint8_t>, SecurityLevel>::iterator itr =
mSecurityLevel.find(sid);
if (itr != mSecurityLevel.end()) {
diff --git a/drm/mediadrm/plugins/clearkey/hidl/include/DrmPlugin.h b/drm/mediadrm/plugins/clearkey/hidl/include/DrmPlugin.h
index 894985b..392f105 100644
--- a/drm/mediadrm/plugins/clearkey/hidl/include/DrmPlugin.h
+++ b/drm/mediadrm/plugins/clearkey/hidl/include/DrmPlugin.h
@@ -398,7 +398,8 @@
std::map<std::string, std::string> mStringProperties;
std::map<std::string, std::vector<uint8_t> > mByteArrayProperties;
std::map<std::string, std::vector<uint8_t> > mReleaseKeysMap;
- std::map<std::vector<uint8_t>, SecurityLevel> mSecurityLevel;
+ std::map<std::vector<uint8_t>, SecurityLevel> mSecurityLevel
+ GUARDED_BY(mSecurityLevelLock);
sp<IDrmPluginListener> mListener;
sp<IDrmPluginListener_V1_2> mListenerV1_2;
SessionLibrary *mSessionLibrary;
@@ -416,9 +417,10 @@
mMockError = Status_V1_2::OK;
}
- DeviceFiles mFileHandle GUARDED_BY(mFileHandleLock);
Mutex mFileHandleLock;
+ DeviceFiles mFileHandle GUARDED_BY(mFileHandleLock);
Mutex mSecureStopLock;
+ Mutex mSecurityLevelLock;
CLEARKEY_DISALLOW_COPY_AND_ASSIGN_AND_NEW(DrmPlugin);
};