Fix L3 HLS decryption
A recent change to avoid returning decrypted data
over binder assumed that in-place decryption was
safe. That isn't true for the L3 HLS case. This
change eliminates the assumption that in-place
decryption is safe while still returning the
decrypted data via shared memory, instead of
copying it over binder.
bug: 31657897
Change-Id: I7e480a25d2f9b08e54a4844ecdf19ba3c8af79c2
diff --git a/media/libmedia/ICrypto.cpp b/media/libmedia/ICrypto.cpp
index a750824..495e3f9 100644
--- a/media/libmedia/ICrypto.cpp
+++ b/media/libmedia/ICrypto.cpp
@@ -151,7 +151,7 @@
if (isCryptoError(result)) {
errorDetailMsg->setTo(reply.readCString());
} else if (dstType == kDestinationTypeVmPointer) {
- // For the non-secure case, copy the decrypted-in-place
+ // For the non-secure case, copy the decrypted
// data from shared memory to its final destination
memcpy(dstPtr, sharedBuffer->pointer(), result);
}
@@ -320,10 +320,7 @@
dstPtr = secureBufferId;
} else {
dstType = kDestinationTypeVmPointer;
-
- // For the non-secure case, decrypt in-place back to the
- // shared memory segment.
- dstPtr = sharedBuffer->pointer();
+ dstPtr = malloc(totalSize);
}
AString errorDetailMsg;
@@ -369,7 +366,18 @@
reply->writeCString(errorDetailMsg.c_str());
}
- if (dstType == kDestinationTypeNativeHandle) {
+ if (dstType == kDestinationTypeVmPointer) {
+ if (result >= 0) {
+ CHECK_LE(result, static_cast<ssize_t>(totalSize));
+ // For the non-secure case, pass the decrypted
+ // data back via the shared buffer rather than
+ // copying it separately over binder to avoid
+ // binder's 1MB limit.
+ memcpy(sharedBuffer->pointer(), dstPtr, totalSize);
+ }
+ free(dstPtr);
+ dstPtr = NULL;
+ } else if (dstType == kDestinationTypeNativeHandle) {
int err;
if ((err = native_handle_close(nativeHandle)) < 0) {
ALOGW("secure buffer native_handle_close failed: %d", err);