From c481b5012a5f6cf72e5e93b36f1ed4c9169916f2 Mon Sep 17 00:00:00 2001
From: Jeff Tinker <jtinker@google.com>
Date: Mon, 6 Apr 2015 18:21:05 -0700
Subject: Pass crypto source data using a shared buffer

MediaCodec was using a binder transaction buffer
to pass encryption source data for protected content.
On some 4K content, the max binder transaction buffer
size was being exceeded.  This change uses a shared
buffer for the encryption source data instead of a
binder transaction buffer, which avoids the problem and
may be more efficient.

bug: 20027687
Change-Id: I36a24ebf600d7e1064b78e48b167fdc29b2c65e9
---
 media/libmedia/ICrypto.cpp | 24 +++++++++++++++---------
 1 file changed, 15 insertions(+), 9 deletions(-)

(limited to 'media/libmedia')

diff --git a/media/libmedia/ICrypto.cpp b/media/libmedia/ICrypto.cpp
index c26c5bf..23308c1 100644
--- a/media/libmedia/ICrypto.cpp
+++ b/media/libmedia/ICrypto.cpp
@@ -19,6 +19,7 @@
 #include <utils/Log.h>
 
 #include <binder/Parcel.h>
+#include <binder/IMemory.h>
 #include <media/ICrypto.h>
 #include <media/stagefright/MediaErrors.h>
 #include <media/stagefright/foundation/ADebug.h>
@@ -97,7 +98,7 @@ struct BpCrypto : public BpInterface<ICrypto> {
             const uint8_t key[16],
             const uint8_t iv[16],
             CryptoPlugin::Mode mode,
-            const void *srcPtr,
+            const sp<IMemory> &sharedBuffer, size_t offset,
             const CryptoPlugin::SubSample *subSamples, size_t numSubSamples,
             void *dstPtr,
             AString *errorDetailMsg) {
@@ -126,7 +127,8 @@ struct BpCrypto : public BpInterface<ICrypto> {
         }
 
         data.writeInt32(totalSize);
-        data.write(srcPtr, totalSize);
+        data.writeStrongBinder(IInterface::asBinder(sharedBuffer));
+        data.writeInt32(offset);
 
         data.writeInt32(numSubSamples);
         data.write(subSamples, sizeof(CryptoPlugin::SubSample) * numSubSamples);
@@ -245,8 +247,9 @@ status_t BnCrypto::onTransact(
             data.read(iv, sizeof(iv));
 
             size_t totalSize = data.readInt32();
-            void *srcData = malloc(totalSize);
-            data.read(srcData, totalSize);
+            sp<IMemory> sharedBuffer =
+                interface_cast<IMemory>(data.readStrongBinder());
+            int32_t offset = data.readInt32();
 
             int32_t numSubSamples = data.readInt32();
 
@@ -265,15 +268,21 @@ status_t BnCrypto::onTransact(
             }
 
             AString errorDetailMsg;
-            ssize_t result = decrypt(
+            ssize_t result;
+
+            if (offset + totalSize > sharedBuffer->size()) {
+                result = -EINVAL;
+            } else {
+                result = decrypt(
                     secure,
                     key,
                     iv,
                     mode,
-                    srcData,
+                    sharedBuffer, offset,
                     subSamples, numSubSamples,
                     dstPtr,
                     &errorDetailMsg);
+            }
 
             reply->writeInt32(result);
 
@@ -294,9 +303,6 @@ status_t BnCrypto::onTransact(
             delete[] subSamples;
             subSamples = NULL;
 
-            free(srcData);
-            srcData = NULL;
-
             return OK;
         }
 
-- 
cgit v1.1