media/mojo/services/cdm_service_broker.cc

   1 // Copyright 2021 The Chromium Authors
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "media/mojo/services/cdm_service_broker.h"
   6
   7 #include <utility>
   8
   9 #include "base/logging.h"
  10 #include "build/build_config.h"
  11 #include "media/cdm/cdm_module.h"
  12 #include "media/media_buildflags.h"
  13
  14 #if BUILDFLAG(IS_MAC)
  15 #include <vector>
  16 #include "sandbox/mac/seatbelt_extension.h"
  17 #endif  // BUILDFLAG(IS_MAC)
  18
  19 #if BUILDFLAG(ENABLE_CDM_HOST_VERIFICATION)
  20 #include "media/cdm/cdm_host_file.h"
  21 #endif
  22
  23 namespace media {
  24
  25 CdmServiceBroker::CdmServiceBroker(
  26     std::unique_ptr<CdmService::Client> client,
  27     mojo::PendingReceiver<mojom::CdmServiceBroker> receiver)
  28     : client_(std::move(client)), receiver_(this, std::move(receiver)) {
  29   DVLOG(1) << __func__;
  30   DCHECK(client_);
  31 }
  32
  33 CdmServiceBroker::~CdmServiceBroker() = default;
  34
  35 void CdmServiceBroker::GetService(
  36     const base::FilePath& cdm_path,
  37 #if BUILDFLAG(IS_MAC)
  38     mojo::PendingRemote<mojom::SeatbeltExtensionTokenProvider> token_provider,
  39 #endif  // BUILDFLAG(IS_MAC)
  40     mojo::PendingReceiver<mojom::CdmService> service_receiver) {
  41   if (!client_) {
  42     DVLOG(1) << __func__ << ": CdmService can only be bound once";
  43     return;
  44   }
  45
  46   bool success = InitializeAndEnsureSandboxed(
  47 #if BUILDFLAG(IS_MAC)
  48       std::move(token_provider),
  49 #endif  // BUILDFLAG(IS_MAC)
  50       cdm_path);
  51
  52   if (!success) {
  53     client_.reset();
  54     return;
  55   }
  56
  57   DCHECK(!cdm_service_);
  58   cdm_service_ = std::make_unique<CdmService>(std::move(client_),
  59                                               std::move(service_receiver));
  60 }
  61
  62 bool CdmServiceBroker::InitializeAndEnsureSandboxed(
  63 #if BUILDFLAG(IS_MAC)
  64     mojo::PendingRemote<mojom::SeatbeltExtensionTokenProvider> token_provider,
  65 #endif  // BUILDFLAG(IS_MAC)
  66     const base::FilePath& cdm_path) {
  67   DVLOG(1) << __func__ << ": cdm_path = " << cdm_path.value();
  68   DCHECK(client_);
  69
  70 #if BUILDFLAG(IS_MAC)
  71   std::vector<std::unique_ptr<sandbox::SeatbeltExtension>> extensions;
  72
  73   if (token_provider) {
  74     std::vector<sandbox::SeatbeltExtensionToken> tokens;
  75     CHECK(mojo::Remote<mojom::SeatbeltExtensionTokenProvider>(
  76               std::move(token_provider))
  77               ->GetTokens(&tokens));
  78
  79     for (auto&& token : tokens) {
  80       DVLOG(3) << "token: " << token.token();
  81       auto extension = sandbox::SeatbeltExtension::FromToken(std::move(token));
  82       if (!extension->Consume()) {
  83         DVLOG(1) << "Failed to consume sandbox seatbelt extension. This could "
  84                     "happen if --no-sandbox is specified.";
  85       }
  86       extensions.push_back(std::move(extension));
  87     }
  88   }
  89 #endif  // BUILDFLAG(IS_MAC)
  90
  91   CdmModule* instance = CdmModule::GetInstance();
  92
  93 #if BUILDFLAG(ENABLE_CDM_HOST_VERIFICATION)
  94   std::vector<CdmHostFilePath> cdm_host_file_paths;
  95   client_->AddCdmHostFilePaths(&cdm_host_file_paths);
  96   bool success = instance->Initialize(cdm_path, cdm_host_file_paths);
  97 #else
  98   bool success = instance->Initialize(cdm_path);
  99 #endif  // BUILDFLAG(ENABLE_CDM_HOST_VERIFICATION)
 100
 101   // This may trigger the sandbox to be sealed. After this call, the process is
 102   // sandboxed.
 103   client_->EnsureSandboxed();
 104
 105 #if BUILDFLAG(IS_MAC)
 106   for (auto&& extension : extensions)
 107     extension->Revoke();
 108 #endif  // BUILDFLAG(IS_MAC)
 109
 110   // Always called within the sandbox.
 111   if (success)
 112     instance->InitializeCdmModule();
 113
 114   return success;
 115 }
 116
 117 }  // namespace media