summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--domx/omx_core/Android.mk2
-rwxr-xr-xdomx/omx_core/src/OMX_Core.c53
-rw-r--r--domx/omx_proxy_component/omx_video_dec/src/omx_proxy_videodec_secure.c81
3 files changed, 86 insertions, 50 deletions
diff --git a/domx/omx_core/Android.mk b/domx/omx_core/Android.mk
index 072b81b..1c217b3 100644
--- a/domx/omx_core/Android.mk
+++ b/domx/omx_core/Android.mk
@@ -15,7 +15,7 @@ LOCAL_SHARED_LIBRARIES := \
liblog \
libmm_osal
-LOCAL_CFLAGS += -DSTATIC_TABLE -D_Android
+LOCAL_CFLAGS += -DSTATIC_TABLE -D_Android -DCHECK_SECURE_STATE
LOCAL_MODULE:= libOMX_Core
LOCAL_MODULE_TAGS:= optional
include $(BUILD_HEAPTRACKED_SHARED_LIBRARY)
diff --git a/domx/omx_core/src/OMX_Core.c b/domx/omx_core/src/OMX_Core.c
index 8c2fb15..d585ac5 100755
--- a/domx/omx_core/src/OMX_Core.c
+++ b/domx/omx_core/src/OMX_Core.c
@@ -47,6 +47,12 @@
#include "timm_osal_trace.h"
#include "timm_osal_mutex.h"
+#ifdef CHECK_SECURE_STATE
+#include <sys/ioctl.h>
+#include <errno.h>
+#include <fcntl.h>
+#endif
+
/** size for the array of allocated components. Sets the maximum
* number of components that can be allocated at once */
#define MAXCOMP (50)
@@ -100,7 +106,6 @@ char *tComponentName[MAXCOMP][MAX_ROLES] = {
//AD
extern OMX_ERRORTYPE OMX_ComponentInit(OMX_HANDLETYPE hComponent);
-
#define CORE_assert CORE_paramCheck
#define CORE_require CORE_paramCheck
#define CORE_ensure CORE_paramCheck
@@ -113,9 +118,6 @@ extern OMX_ERRORTYPE OMX_ComponentInit(OMX_HANDLETYPE hComponent);
goto EXIT; }\
} while(0)
-OMX_U32 DUCATI_IN_SECURE_MODE = 0;
-OMX_U32 SECURE_COMPONENTS_RUNNING = 0;
-
/******************************Public*Routine******************************\
* OMX_Init()
*
@@ -189,6 +191,10 @@ OMX_ERRORTYPE OMX_GetHandle(OMX_HANDLETYPE * pHandle,
char buf[sizeof(prefix) + MAXNAMESIZE + sizeof(postfix)];
const char *pErr = dlerror();
char *dlError = NULL;
+#ifdef CHECK_SECURE_STATE
+ int secure_misc_drv_fd,ret;
+ OMX_U8 mode, enable=1;
+#endif
if (pthread_mutex_lock(&mutex) != 0)
{
TIMM_OSAL_Error("Core: Error in Mutex lock");
@@ -231,15 +237,40 @@ OMX_ERRORTYPE OMX_GetHandle(OMX_HANDLETYPE * pHandle,
strcat(buf, cComponentName); /* checked already, so strcpy and strcat are */
strcat(buf, postfix); /* are safe to use in this context. */
- if(DUCATI_IN_SECURE_MODE == 1)
+#ifdef CHECK_SECURE_STATE
+ //Dont return errors from misc driver to the user if any.
+ //Since this affects all usecases, secure and non-secure.
+ //Do log the errors though.
+ secure_misc_drv_fd = open("/dev/rproc_user", O_SYNC | O_RDONLY);
+ if (secure_misc_drv_fd < 0)
{
- if(strstr(cComponentName,"secure") == NULL)
- {
- TIMM_OSAL_Error("non-secure component not supported in secure mode");
- eError = OMX_ErrorComponentNotFound;
- goto EXIT;
- }
+ TIMM_OSAL_Error("Can't open misc driver device 0x%x\n", errno);
}
+
+ ret = read(secure_misc_drv_fd, &mode, sizeof(mode));
+ if (ret < 0)
+ {
+ TIMM_OSAL_Error("Can't read from the misc driver");
+ }
+ if(mode == enable && strstr(cComponentName,"secure") == NULL)
+ {
+ TIMM_OSAL_Error("non-secure component not supported in secure mode");
+ eError = OMX_ErrorComponentNotFound;
+ }
+ ret = close(secure_misc_drv_fd);
+ if (ret < 0)
+ {
+ TIMM_OSAL_Error("Can't close the misc driver");
+ }
+ //Dont allow non-secure usecases if we are in secure state.
+ //Else some of the memory regions will be unexpected firewalled.
+ //This provides a clean exit in case we are in secure mode.
+ if(eError == OMX_ErrorComponentNotFound)
+ {
+ goto EXIT;
+ }
+#endif
+
//#if 0
pModules[i] = dlopen(buf, RTLD_LAZY | RTLD_GLOBAL);
if (pModules[i] == NULL)
diff --git a/domx/omx_proxy_component/omx_video_dec/src/omx_proxy_videodec_secure.c b/domx/omx_proxy_component/omx_video_dec/src/omx_proxy_videodec_secure.c
index f0db1f5..667a8d8 100644
--- a/domx/omx_proxy_component/omx_video_dec/src/omx_proxy_videodec_secure.c
+++ b/domx/omx_proxy_component/omx_video_dec/src/omx_proxy_videodec_secure.c
@@ -21,7 +21,8 @@ OMX_ERRORTYPE OMX_ComponentInit(OMX_HANDLETYPE hComponent)
OMX_ERRORTYPE eError = OMX_ErrorNone;
OMX_COMPONENTTYPE *pHandle = NULL;
PROXY_COMPONENT_PRIVATE *pComponentPrivate = NULL;
- OMX_U8 enable = 1, mode;
+ const OMX_U8 enable = 1, disable = 0;
+ OMX_U8 mode;
int ret;
pHandle = (OMX_COMPONENTTYPE *) hComponent;
@@ -60,30 +61,35 @@ OMX_ERRORTYPE OMX_ComponentInit(OMX_HANDLETYPE hComponent)
TIMM_OSAL_Memcpy(pComponentPrivate->cCompName, COMPONENT_NAME,
strlen(COMPONENT_NAME) + 1);
- if(DUCATI_IN_SECURE_MODE == 0)
+ pComponentPrivate->secure_misc_drv_fd = open("/dev/rproc_user", O_SYNC | O_RDWR);
+ if (pComponentPrivate->secure_misc_drv_fd < 0)
{
- DUCATI_IN_SECURE_MODE = 1;
- pComponentPrivate->secure_misc_drv_fd = open("/dev/rproc_user", O_SYNC | O_RDWR);
- if (pComponentPrivate->secure_misc_drv_fd < 0)
- {
- DOMX_ERROR("Can't open rproc_user device 0x%x\n", errno);
- return OMX_ErrorInsufficientResources;
- }
-
- ret = write(pComponentPrivate->secure_misc_drv_fd, &enable, sizeof(enable));
- if(ret != 1)
- {
- DOMX_ERROR("errno from setting secure mode = %x",errno);
- }
- PROXY_assert(ret == 1, OMX_ErrorUndefined,"ERROR: Unable to set secure mode");
- DOMX_DEBUG("ret value from Misc driver for secure playback = 0x%x\n", ret);
-
- ret = read(pComponentPrivate->secure_misc_drv_fd, &mode, sizeof(mode));
- PROXY_assert(mode == enable, OMX_ErrorUndefined,"ERROR: We are not in secure mode");
- DOMX_DEBUG("secure mode recieved from Misc driver for secure playback = 0x%x\n", mode);
+ DOMX_ERROR("Can't open rproc_user device 0x%x\n", errno);
+ return OMX_ErrorInsufficientResources;
}
- SECURE_COMPONENTS_RUNNING++;
+ ret = write(pComponentPrivate->secure_misc_drv_fd, &enable, sizeof(enable));
+ if(ret != 1)
+ {
+ DOMX_ERROR("errno from setting secure mode = %x",errno);
+ ret = write(pComponentPrivate->secure_misc_drv_fd, &disable, sizeof(disable));
+ if (ret < 0)
+ {
+ DOMX_ERROR("Setting unsecure mode failed");
+ }
+
+ ret = close(pComponentPrivate->secure_misc_drv_fd);
+ if (ret < 0)
+ {
+ DOMX_ERROR("Can't close the driver");
+ }
+ eError = OMX_ErrorInsufficientResources;
+ goto EXIT;
+ }
+
+ ret = read(pComponentPrivate->secure_misc_drv_fd, &mode, sizeof(mode));
+ PROXY_assert(mode == enable, OMX_ErrorUndefined,"ERROR: We are not in secure mode");
+ DOMX_DEBUG("secure mode recieved from Misc driver for secure playback = 0x%x\n", mode);
eError = OMX_ProxyViddecInit(hComponent);
pHandle->ComponentDeInit = PROXY_VIDDEC_Secure_ComponentDeInit;
@@ -93,6 +99,11 @@ OMX_ERRORTYPE OMX_ComponentInit(OMX_HANDLETYPE hComponent)
pComponentPrivate->bMapIonBuffers = OMX_FALSE;
#endif
EXIT:
+ if(eError != OMX_ErrorNone)
+ {
+ TIMM_OSAL_Free(pHandle->pComponentPrivate);
+ pHandle->pComponentPrivate = NULL;
+ }
return eError;
}
@@ -102,7 +113,7 @@ OMX_ERRORTYPE PROXY_VIDDEC_Secure_ComponentDeInit(OMX_HANDLETYPE hComponent)
OMX_COMPONENTTYPE *pHandle = NULL;
PROXY_COMPONENT_PRIVATE *pComponentPrivate = NULL;
int ret;
- OMX_U8 disable = 0;
+ const OMX_U8 disable = 0;
int secure_misc_drv_fd;
pHandle = (OMX_COMPONENTTYPE *) hComponent;
@@ -119,23 +130,17 @@ OMX_ERRORTYPE PROXY_VIDDEC_Secure_ComponentDeInit(OMX_HANDLETYPE hComponent)
}
pComponentPrivate = NULL;
- if(DUCATI_IN_SECURE_MODE == 1 && SECURE_COMPONENTS_RUNNING == 1)
+ ret = write(secure_misc_drv_fd, &disable, sizeof(disable));
+ if (ret < 0)
{
- ret = write(secure_misc_drv_fd, &disable, sizeof(disable));
- if (ret < 0)
- {
- DOMX_ERROR("Setting unsecure mode failed");
- }
-
- ret = close(secure_misc_drv_fd);
- if (ret < 0)
- {
- DOMX_ERROR("Can't close the driver");
- }
- DUCATI_IN_SECURE_MODE = 0;
- }
+ DOMX_ERROR("Setting unsecure mode failed");
+ }
- SECURE_COMPONENTS_RUNNING--;
+ ret = close(secure_misc_drv_fd);
+ if (ret < 0)
+ {
+ DOMX_ERROR("Can't close the driver");
+ }
return eError;
}