Support running different CDM types in different processes |
||
Issue descriptionToday when using pepper CDM, since different CDM types correspond to different pepper plugins, they run in different pepper processes automatically. This also provides security boundary so that one CDM won't interfere with other CDMs. Now we are planning to move from using pepper CDM to mojo CDM, running the CDM in sandboxed utility process using mojo. We should be able to support running different CDM types in different utility process instances as well. Today we only have one CDM service instance/process shared by all render processes. To get a different CDM service instance, one possibility is when connecting to the service, we use a different "instance" in the Identify. This should trigger a new CDM service instance to be created.
,
Oct 2 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c43d9de386b1d45f8927640c05d94948f345dc17 commit c43d9de386b1d45f8927640c05d94948f345dc17 Author: Xiaohan Wang <xhwang@chromium.org> Date: Mon Oct 02 06:08:08 2017 media: Support to run different type of CDMs in different processes When library CDM is enabled, when connecting to the MediaService, use a CDM-type-specific CDM GUID as the service_manager Identity user ID, so that the CDM service of each CDM type will run in its own MediaService instance, in its own process! This helps isolate different CDMs in it's own process for better security and stability. This also makes the implementation simpler by allowing CdmModule to be a per-process singleton that is initialized for only one single CDM type. To test the multiple_cdm_types.html in the browser (instead of in the browser_test itself), you would need to: 1. Disable unique origin check in WebContentDecryptionModuleImpl::Create 2. Run the following command: out/GN/chrome --user-data-dir=/tmp/foo --enable-features=MojoCdm,ExternalClearKeyForTesting,SupportExperimentalCdmInterface --register-pepper-plugins="<path_to_chromium_repo>/src/out/GN/libclearkeycdmadapter.so;application/x-ppapi-clearkey-cdm" --clear-key-cdm-path-for-testing=<path_to_chromium_repo>/src/out/GN/libclearkeycdm.so file:///<path_to_chromium_repo>/src/media/test/data/multiple_cdm_types.html In the future, we should be able drop SupportExperimentalCdmInterface and MojoCdm in --enable-features, as well as --register-pepper-plugins. BUG= 766415 TEST=Add new browser test to cover this. Change-Id: I804225c6588b8d9195b4199aba11ad9277f5fa45 Reviewed-on: https://chromium-review.googlesource.com/688167 Commit-Queue: Xiaohan Wang <xhwang@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Reviewed-by: John Rummell <jrummell@chromium.org> Reviewed-by: Nasko Oskov <nasko@chromium.org> Reviewed-by: Dan Sanders <sandersd@chromium.org> Cr-Commit-Position: refs/heads/master@{#505543} [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/chrome/browser/component_updater/widevine_cdm_component_installer.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/chrome/browser/media/encrypted_media_browsertest.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/chrome/common/chrome_content_client.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/chrome/renderer/media/chrome_key_systems.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/content/browser/media/cdm_registry_impl_unittest.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/content/browser/media/media_interface_proxy.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/content/browser/media/media_interface_proxy.h [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/content/common/media/cdm_info.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/content/public/common/cdm_info.h [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/media/base/media_switches.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/media/cdm/cdm_paths.cc [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/media/cdm/cdm_paths.h [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/media/cdm/ppapi/external_clear_key/clear_key_cdm.cc [add] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/media/test/data/multiple_cdm_types.html [modify] https://crrev.com/c43d9de386b1d45f8927640c05d94948f345dc17/third_party/widevine/cdm/widevine_cdm_common.h
,
Oct 2 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/9d5cafcaf5380fcaec80a4d0105df025b495d06f commit 9d5cafcaf5380fcaec80a4d0105df025b495d06f Author: Mike West <mkwst@chromium.org> Date: Mon Oct 02 14:16:09 2017 Revert "media: Support to run different type of CDMs in different processes" This reverts commit c43d9de386b1d45f8927640c05d94948f345dc17. Reason for revert: Looks like this is timing out on Win7 (dbg): see https://test-results.appspot.com/dashboards/flakiness_dashboard.html#tests=Mojo%2FECKEncryptedMediaTest.MultipleCdmTypes%2F0 and https://bugs.chromium.org/p/chromium/issues/detail?id=770686. Original change's description: > media: Support to run different type of CDMs in different processes > > When library CDM is enabled, when connecting to the MediaService, use a > CDM-type-specific CDM GUID as the service_manager Identity user ID, so > that the CDM service of each CDM type will run in its own MediaService > instance, in its own process! > > This helps isolate different CDMs in it's own process for better > security and stability. This also makes the implementation simpler by > allowing CdmModule to be a per-process singleton that is initialized for > only one single CDM type. > > To test the multiple_cdm_types.html in the browser (instead of in the > browser_test itself), you would need to: > > 1. Disable unique origin check in WebContentDecryptionModuleImpl::Create > > 2. Run the following command: > > out/GN/chrome --user-data-dir=/tmp/foo > --enable-features=MojoCdm,ExternalClearKeyForTesting,SupportExperimentalCdmInterface > --register-pepper-plugins="<path_to_chromium_repo>/src/out/GN/libclearkeycdmadapter.so;application/x-ppapi-clearkey-cdm" > --clear-key-cdm-path-for-testing=<path_to_chromium_repo>/src/out/GN/libclearkeycdm.so > file:///<path_to_chromium_repo>/src/media/test/data/multiple_cdm_types.html > > In the future, we should be able drop SupportExperimentalCdmInterface > and MojoCdm in --enable-features, as well as --register-pepper-plugins. > > BUG= 766415 > TEST=Add new browser test to cover this. > > Change-Id: I804225c6588b8d9195b4199aba11ad9277f5fa45 > Reviewed-on: https://chromium-review.googlesource.com/688167 > Commit-Queue: Xiaohan Wang <xhwang@chromium.org> > Reviewed-by: Lei Zhang <thestig@chromium.org> > Reviewed-by: John Rummell <jrummell@chromium.org> > Reviewed-by: Nasko Oskov <nasko@chromium.org> > Reviewed-by: Dan Sanders <sandersd@chromium.org> > Cr-Commit-Position: refs/heads/master@{#505543} TBR=nasko@chromium.org,thestig@chromium.org,xhwang@chromium.org,jrummell@chromium.org,sandersd@chromium.org Change-Id: I94ecaf72a5756139706c1c627a97c125165d0822 No-Presubmit: true No-Tree-Checks: true No-Try: true Bug: 766415 , 770686 Reviewed-on: https://chromium-review.googlesource.com/695225 Reviewed-by: Mike West <mkwst@chromium.org> Commit-Queue: Mike West <mkwst@chromium.org> Cr-Commit-Position: refs/heads/master@{#505600} [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/chrome/browser/component_updater/widevine_cdm_component_installer.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/chrome/browser/media/encrypted_media_browsertest.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/chrome/common/chrome_content_client.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/chrome/renderer/media/chrome_key_systems.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/content/browser/media/cdm_registry_impl_unittest.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/content/browser/media/media_interface_proxy.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/content/browser/media/media_interface_proxy.h [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/content/common/media/cdm_info.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/content/public/common/cdm_info.h [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/media/base/media_switches.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/media/cdm/cdm_paths.cc [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/media/cdm/cdm_paths.h [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/media/cdm/ppapi/external_clear_key/clear_key_cdm.cc [delete] https://crrev.com/dfcb14093b8c224f9a3ca70caaf9df57cc49fcd6/media/test/data/multiple_cdm_types.html [modify] https://crrev.com/9d5cafcaf5380fcaec80a4d0105df025b495d06f/third_party/widevine/cdm/widevine_cdm_common.h
,
Oct 2 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559 commit 32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559 Author: Xiaohan Wang <xhwang@chromium.org> Date: Mon Oct 02 19:20:41 2017 (reland) media: Support to run different type of CDMs in different processes This reverts commit 9d5cafcaf5380fcaec80a4d0105df025b495d06f. Original CL description: When library CDM is enabled, when connecting to the MediaService, use a CDM-type-specific CDM GUID as the service_manager Identity user ID, so that the CDM service of each CDM type will run in its own MediaService instance, in its own process! This helps isolate different CDMs in it's own process for better security and stability. This also makes the implementation simpler by allowing CdmModule to be a per-process singleton that is initialized for only one single CDM type. To test the multiple_cdm_types.html in the browser (instead of in the browser_test itself), you would need to: 1. Disable unique origin check in WebContentDecryptionModuleImpl::Create 2. Run the following command: out/GN/chrome --user-data-dir=/tmp/foo --enable-features=MojoCdm,ExternalClearKeyForTesting,SupportExperimentalCdmInterface --register-pepper-plugins="<path_to_chromium_repo>/src/out/GN/libclearkeycdmadapter.so;application/x-ppapi-clearkey-cdm" --clear-key-cdm-path-for-testing=<path_to_chromium_repo>/src/out/GN/libclearkeycdm.so file:///<path_to_chromium_repo>/src/media/test/data/multiple_cdm_types.html In the future, we should be able drop SupportExperimentalCdmInterface and MojoCdm in --enable-features, as well as --register-pepper-plugins. TBR=jrummell@chromium.org,nasko@chromium.org,thestig@chromium.org BUG= 766415 TEST=Add new browser test to cover this. Change-Id: I88cdc8103fd077795239ba8da6586979fb112df3 Reviewed-on: https://chromium-review.googlesource.com/695741 Reviewed-by: Nasko Oskov <nasko@chromium.org> Reviewed-by: John Rummell <jrummell@chromium.org> Reviewed-by: Lei Zhang <thestig@chromium.org> Commit-Queue: Xiaohan Wang <xhwang@chromium.org> Cr-Commit-Position: refs/heads/master@{#505712} [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/chrome/browser/component_updater/widevine_cdm_component_installer.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/chrome/browser/media/encrypted_media_browsertest.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/chrome/common/chrome_content_client.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/chrome/renderer/media/chrome_key_systems.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/content/browser/media/cdm_registry_impl_unittest.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/content/browser/media/media_interface_proxy.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/content/browser/media/media_interface_proxy.h [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/content/common/media/cdm_info.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/content/public/common/cdm_info.h [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/media/base/media_switches.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/media/cdm/cdm_paths.cc [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/media/cdm/cdm_paths.h [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/media/cdm/ppapi/external_clear_key/clear_key_cdm.cc [add] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/media/test/data/multiple_cdm_types.html [modify] https://crrev.com/32821857e5d9e2c1cbbaab6efc7cb95fe4ac4559/third_party/widevine/cdm/widevine_cdm_common.h
,
Oct 2 2017
|
||
►
Sign in to add a comment |
||
Comment 1 by xhw...@chromium.org
, Sep 19 2017