Feature/skipldsym#504
Open
balasaraswathy-n wants to merge 7 commits into
Open
Conversation
Reason for change: HCDP reauth retry logic needed Test Procedure: Hot pug hdmi and observe retry log messages Risks: Low Priority: High Signed-off-by: Adler, Douglas <Douglas_Adler2+comcast@comcast.com>
|
Pull request must be merged with a description containing the required fields, Summary: If there is no jira releated to this change, please put 'Jira: NO-JIRA'. Description can be changed by editing the top comment on your pull request and making a new commit. |
Contributor
There was a problem hiding this comment.
Pull request overview
This PR introduces an OUTPUT_RESTRICTED decrypt flow intended to handle HDCP/output-protection reauth scenarios by retrying decrypt operations and (optionally) using a new OpenCDM “decrypt once” API.
Changes:
- Adds
MediaKeyErrorStatus::OUTPUT_RESTRICTEDand threads it through a few stringification helpers. - Adds retry logic in
MediaKeysServerInternal::decrypt()when decrypt returnsOUTPUT_RESTRICTED. - Adds OpenCDM
_decrypt_buffer_oncesymbol handling and key-status pre/post checks inOcdmSession::decryptBuffer()(plus a stub implementation).
Reviewed changes
Copilot reviewed 9 out of 9 changed files in this pull request and generated 9 comments.
Show a summary per file
| File | Description |
|---|---|
| wrappers/source/OcdmSession.cpp | Adds _once decrypt path with key-id extraction and OUTPUT_RESTRICTED checks; adds dlsym lookup and debug logging. |
| wrappers/include/OcdmSession.h | Declares function pointer type/static member for _decrypt_buffer_once. |
| wrappers/CMakeLists.txt | Adds include paths for common/logging headers. |
| stubs/opencdm/open_cdm_adapter.cpp | Adds stub for opencdm_gstreamer_session_decrypt_buffer_once. |
| media/server/main/source/MediaKeysServerInternal.cpp | Adds OUTPUT_RESTRICTED retry loop (with sleep) and debug logging; adds retry constants. |
| media/server/main/source/MediaKeysCapabilities.cpp | Extends status-to-string mapping for OUTPUT_RESTRICTED. |
| media/server/ipc/source/MediaKeysModuleService.cpp | Attempts to map OUTPUT_RESTRICTED to protobuf (currently TODO). |
| media/public/include/MediaCommon.h | Adds MediaKeyErrorStatus::OUTPUT_RESTRICTED. |
| media/client/ipc/source/MediaKeysIpc.cpp | Extends status-to-string mapping for OUTPUT_RESTRICTED. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Comment on lines
+129
to
+131
| if(m_ocdmGstSessionDecryptBufferOnce != NULL){ | ||
| RIALTO_COMMON_LOG_ERROR("DEBUG PURPOSE : m_ocdmGstSessionDecryptBufferOnce exists\n"); | ||
| } |
Comment on lines
199
to
205
| MediaKeyErrorStatus OcdmSession::decryptBuffer(GstBuffer *encrypted, GstCaps *caps) | ||
| { | ||
| RIALTO_COMMON_LOG_ERROR("DEBUG PURPOSE : OcdmSession::decryptBuffer()\n"); | ||
| if (!m_session) | ||
| { | ||
| return MediaKeyErrorStatus::FAIL; | ||
| } |
Comment on lines
+207
to
+213
| if (true) | ||
| { | ||
| // Extract key ID from the buffer's protection metadata | ||
| std::vector<uint8_t> keyId; | ||
| GstProtectionMeta *pm = reinterpret_cast<GstProtectionMeta *>(gst_buffer_get_protection_meta(encrypted)); | ||
| if (pm) | ||
| { |
| } | ||
| } | ||
|
|
||
| OpenCDMError result = opencdm_gstreamer_session_decrypt_buffer_once(m_session, encrypted, caps); |
Comment on lines
+27
to
+54
| /*namespace | ||
| { | ||
| const char *toString(const firebolt::rialto::MediaKeyErrorStatus &status) | ||
| { | ||
| switch (status) | ||
| { | ||
| case firebolt::rialto::MediaKeyErrorStatus::OK: | ||
| return "OK"; | ||
| case firebolt::rialto::MediaKeyErrorStatus::FAIL: | ||
| return "FAIL"; | ||
| case firebolt::rialto::MediaKeyErrorStatus::BAD_SESSION_ID: | ||
| return "BAD_SESSION_ID"; | ||
| case firebolt::rialto::MediaKeyErrorStatus::INTERFACE_NOT_IMPLEMENTED: | ||
| return "INTERFACE_NOT_IMPLEMENTED"; | ||
| case firebolt::rialto::MediaKeyErrorStatus::BUFFER_TOO_SMALL: | ||
| return "BUFFER_TOO_SMALL"; | ||
| case firebolt::rialto::MediaKeyErrorStatus::NOT_SUPPORTED: | ||
| return "NOT_SUPPORTED"; | ||
| case firebolt::rialto::MediaKeyErrorStatus::INVALID_STATE: | ||
| return "INVALID_STATE"; | ||
| case firebolt::rialto::MediaKeyErrorStatus::OUTPUT_RESTRICTED: | ||
| return "OUTPUT_RESTRICTED"; | ||
| } | ||
| return "Unknown"; | ||
| } | ||
| } */// namespace | ||
|
|
||
|
|
Comment on lines
+610
to
651
| const auto deadline = std::chrono::steady_clock::now() + kOutputRestrictedRetryTimeout; | ||
| do | ||
| { | ||
| auto task = [&]() { status = decryptInternal(keySessionId, encrypted, caps); }; | ||
| m_mainThread->enqueueTaskAndWait(m_mainThreadClientId, task); | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session id :%d", keySessionId); | ||
| switch (status) | ||
| { | ||
| case firebolt::rialto::MediaKeyErrorStatus::OK: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : OK"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::FAIL: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : FAIL"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::BAD_SESSION_ID: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : BAD_SESSION_ID"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::INTERFACE_NOT_IMPLEMENTED: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : INTERFACE_NOT_IMPLEMENTED"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::BUFFER_TOO_SMALL: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : BUFFER_TOO_SMALL"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::NOT_SUPPORTED: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : NOT_SUPPORTED"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::INVALID_STATE: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : INVALID_STATE"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::OUTPUT_RESTRICTED: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : OUTPUT_RESTRICTED"); | ||
| break; | ||
| } | ||
|
|
||
| if (status != MediaKeyErrorStatus::OUTPUT_RESTRICTED) | ||
| { | ||
| break; | ||
| } | ||
| RIALTO_SERVER_LOG_WARN("Decrypt returned OUTPUT_RESTRICTED, retrying after delay"); | ||
| std::this_thread::sleep_for(kOutputRestrictedRetryInterval); | ||
| } while (std::chrono::steady_clock::now() < deadline); | ||
|
|
Comment on lines
+607
to
+642
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE: entry:decrypt"); | ||
|
|
||
| MediaKeyErrorStatus status; | ||
| auto task = [&]() { status = decryptInternal(keySessionId, encrypted, caps); }; | ||
| MediaKeyErrorStatus status{MediaKeyErrorStatus::FAIL}; | ||
| const auto deadline = std::chrono::steady_clock::now() + kOutputRestrictedRetryTimeout; | ||
| do | ||
| { | ||
| auto task = [&]() { status = decryptInternal(keySessionId, encrypted, caps); }; | ||
| m_mainThread->enqueueTaskAndWait(m_mainThreadClientId, task); | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session id :%d", keySessionId); | ||
| switch (status) | ||
| { | ||
| case firebolt::rialto::MediaKeyErrorStatus::OK: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : OK"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::FAIL: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : FAIL"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::BAD_SESSION_ID: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : BAD_SESSION_ID"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::INTERFACE_NOT_IMPLEMENTED: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : INTERFACE_NOT_IMPLEMENTED"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::BUFFER_TOO_SMALL: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : BUFFER_TOO_SMALL"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::NOT_SUPPORTED: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : NOT_SUPPORTED"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::INVALID_STATE: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : INVALID_STATE"); | ||
| break; | ||
| case firebolt::rialto::MediaKeyErrorStatus::OUTPUT_RESTRICTED: | ||
| RIALTO_SERVER_LOG_ERROR("DEBUG PURPOSE : Key session status : OUTPUT_RESTRICTED"); | ||
| break; | ||
| } |
| } | ||
| case firebolt::rialto::MediaKeyErrorStatus::OUTPUT_RESTRICTED: | ||
| { | ||
| // TODO |
Comment on lines
+295
to
+296
| BUFFER_TOO_SMALL, /**< The size of the buffer is too small. */ | ||
| OUTPUT_RESTRICTED |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Dynamic symbol loading reverted