| Age | Commit message (Collapse) | Author |
|---|
|
am: b47d5de0da
Original change: https://googleplex-android-review.googlesource.com/c/platform/hardware/interfaces/+/13467452
Change-Id: I5de5d9fd55c518b88c4eb7655bbd24e58c7c2f16
|
|
|
|
The shared memory buffer used by srcPtr can be freed by another
thread because it is not protected by a mutex. Subsequently,
a use after free AIGABRT can occur in a race condition.
SafetyNet logging is not added to avoid log spamming. The
mutex lock is called to setup for decryption, which is
called frequently.
The crash was reproduced on the device before the fix.
Verified the test passes after the fix.
Test: sts
sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Bug_176495665#testPocBug_176495665
Test: push to device with target_hwasan-userdebug build
adb shell /data/local/tmp/Bug-176495665_sts64
Bug: 176495665
Bug: 176444161
Change-Id: I4c83c44873eef960b654f387a3574fcad49c41a9
|
|
There is a potential integer overflow to bypass the
destination base size check in decrypt. The destPtr
can then point to the outside of the destination buffer.
Test: sts-tradefed
sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Bug_176444622#testPocBug_176444622
Test: push to device with target_hwasan-userdebug build
adb shell /data/local/tmp/Bug-17644462264
Bug: 176444622
Bug: 176496353
Change-Id: I63043d10796f82ad805038ba1fad5bd7d5c89961
Merged-In: I63043d10796f82ad805038ba1fad5bd7d5c89961
|
|
There is a potential integer overflow to bypass the
source base size check in decrypt. The source pointer
can then point to the outside of the source buffer,
which could potentially leak arbitrary memory content
to destination pointer.
Test: sts-tradefed
sts-tradefed run sts-engbuild-no-spl-lock -m StsHostTestCases --test android.security.sts.Bug_176496160#testPocBug_176496160
Test: push to device with target_hwasan-userdebug build
adb shell /data/local/tmp/Bug-17649616064
Bug: 176496160
Bug: 176444786
Change-Id: I811a6f60948bde2a72906c2c6172fd7bc5feb6d9
|
|
86828796ac am: 44fa9a5cf0 am: 0e8630788f
Change-Id: I73b41a1aebe7dec987e637ca30c9d65b1aedc41e
|
|
86828796ac am: 44fa9a5cf0
Change-Id: Ie67b811fe2a172d9a33458ed5c23578c71a0a221
|
|
Change-Id: I4fac71fd9946d37a7a3b1d32a611f007de3e5303
|
|
Bug: 144351324
Test: poc_CryptoPlugin_155
Change-Id: Id5d221cd6978d55c46c0368aceb10c1d2f559fd9
|
|
am: 756f134fcc
Change-Id: I4289e38c6eab3e8cac9e489a08f74b3efcf008f9
|
|
am: 1e18883b72
Change-Id: Ifbbc3cf6c827085046259365808d962ad192c55a
|
|
* reject native handle output for clearkey
* validate subsample sizes
Bug: 137370777
Test: cryptopoc
Change-Id: I2a81f2a00ebf7954b16fb10d2af586ce0da801ed
|
|
* reject native handle output for clearkey
* validate subsample sizes
Bug: 137370777
Test: cryptopoc
Change-Id: Idf075e1a297fe1ab3ea3e1621806dd46b4a51e35
|
|
In change id Ie2f306bce6aec697ae584da3f55b3cf72edaa07b, a
shared memory leak was fixed using a workaround that
maintained compatibility with the frozen DRM HAL API
1.1. Unfortunately it triggered an error log message that
was no longer an error condition. This change just removes
the log line to avoid raising undue concerns.
Change-Id: I9abe08ef5ab86b2f8589a5c1e5c5175e19ab09d2
Test: Compiles
Bug:111131173
|
|
bug:70205403
Test: manual play movies test forcing the legacy default
widevine plugin to be used, instead of the widevine hidl
service.
Change-Id: Icb5b234999c5bf49b31d967814e48d42d9dd767f
|
|
mapMemory can return a nullptr, must check for nullptr
IMemory.
Test: Play Movies (stream and pin movies)
Test: VtsHalDrmV1_0TargetTest
bug: 38386082
Change-Id: I0766380a5843415ef0260c26bd21d4b4051b20ea
|
|
|
|
Files relying on transitive include of utils/Log.h (and things that it
includes) from MQDescriptor.h
Test: pass
Merged-In: Iff316b21bef556bb026378b7f89e97ded3febef4
Change-Id: Iff316b21bef556bb026378b7f89e97ded3febef4
|
|
Files relying on transitive include of utils/Log.h (and things that it
includes) from MQDescriptor.h
Test: pass
Change-Id: Iff316b21bef556bb026378b7f89e97ded3febef4
|
|
hidl_string no longer will provide an implicit cast to const char* as it
interfers with other expected behaviors of the class. It now emulated
std::string in requiring a call to .c_str() to get the same behavior.
Bug: 36532780
Test: Build the tree
Change-Id: I265590c7c18f425e44863df062a56b67519a932a
|
|
Legacy error codes need to be converted into new Status values before
being reported. Decryption errors (that were negative) were changed to
absolute values. This caused their translation to new Status values to
fail.
b/35634335
Test: Verified with GtsExoPlayerTestCases. Some failures, but those
are unrelated to this CL and will be addressed separately.
Change-Id: I995cac33cb2725d02b0f1a3922e522ce07a9d1be
|
|
The initial drm hidl hal implementation assumed one
codec per crypto instance, but in fact there can be
multiple codecs per crypto instance. This change
extends the drm hal to allow multiple memory heaps
per crypto plugin. It fixes the issue of mapping
memory frequently during playback.
bug:35275191
Test: manual verification with Play Movies on angler
and in binderized mode on marlin
Change-Id: I0ec36856248623d2ad8acb8ce9873e9274883a40
|
|
bug:34624618
Change-Id: I5caee20a944d0c7b5d30f8abdbd8734507914a3a
|
|
Change-Id: I1267205999b7cc660a6c908f0d183e43277a9c71
|
|
Previously the drm and crypto plugins were separate hals.
This implied a separation of implementation libraries which
causes problems for some drm schemes. The reorganization
combines the hals into a single interface under drm.
Tests: basic gtests passing
Change-Id: I5cde6ff9f60625a0219731c4dbfcaefbd9f27f88
related-to-bug: 32815560
|
