DRM protected videos are playing in non-secure mode in few devices #1603
Comments
|
Thanks for reporting - would you be able to run the following code on the devices that do and don't reproduce the issue, and let us know the results? We have a hypothesis this might be related to the Widevine plug-in implementation underneath |
|
Here are the logs: Devices that reproduce the issue
Devices that do not reproduce the issue
|
|
Thanks for the additional information. I think there are two related, but separate, issues here:
|
|
Thanks for the details @icbaker. We have L1 enforcement through our widevine partners and I feel that is not the issue. My question was When the video plays in non-secure-codec mode, the audio stutters a lot while the same in secure-codec, it is playing fine. I'm aware about the buffer-underflow issue the devices generally faces for stuttering, however this seems to be a peculiar way for a device to stutter. If you have any insights on why devices stutter in 'non-secure-codec but hardwareAccelaration enbled codecs', it will be a great learning. Thanks in advance. |
|
I'm afraid we don't have info on the device-specific behaviours of the different codecs - but I think your issue should be resolved once we stop relying on |
|
@icbaker Thanks for confirmation. After we upgraded to 1.4.0 we are also seeing this issue on certain devices. I ran a debug session today, and got the following output on a Samsung Galaxy Tab A8 (Android 14):
This would confirm your hypothesis that the underlying plug-in implementation could be responsible. |
This method was added in API 31 (S) but it's non-functional (incorrectly, silently, returns `false`) on the Widevine plugin version (`16.0`) from R (API 30), which some devices up to at least API 34 are still using. This results in ExoPlayer incorrectly selecting an insecure decoder for L1 secure content, and subsequently calling `MediaCodec.queueInputBuffer` instead of `queueSecureInputBuffer`, which is not supported and generates the following error: > Operation not supported in this configuration: ERROR_DRM_CANNOT_HANDLE Issue: #1603 #cherrypick PiperOrigin-RevId: 662852176
|
The workaround for this issue is linked above. This should be included in the 1.4.1 release. |
Previous to this change, `FrameworkMediaDrm.requiresSecureDecoder` ignores its `sessionId` parameter on API 31+, and uses only the `mimeType` parameter. This means the result [assumes the session is opened at the 'default security level'](https://developer.android.com/reference/android/media/MediaDrm#requiresSecureDecoder(java.lang.String)): > The default security level is defined as the highest security level > supported on the device. This change is a no-op in all (?) cases, because the `ExoMediaDrm` interface only exposes the zero-arg `openSession()` method, which in the framework case **also** assumes the highest security level is preferred: > By default, sessions are opened at the native security level of the > device. However, it seems more obviously correct to only make this "highest/native security level" assumption in one place (`openSession()`), and check the session's **actual** security level everywhere else. Issue: #1603 PiperOrigin-RevId: 662872860
This method was added in API 31 (S) but it's non-functional (incorrectly, silently, returns `false`) on the Widevine plugin version (`16.0`) from R (API 30), which some devices up to at least API 34 are still using. This results in ExoPlayer incorrectly selecting an insecure decoder for L1 secure content, and subsequently calling `MediaCodec.queueInputBuffer` instead of `queueSecureInputBuffer`, which is not supported and generates the following error: > Operation not supported in this configuration: ERROR_DRM_CANNOT_HANDLE Issue: androidx#1603 #cherrypick PiperOrigin-RevId: 662852176
Previous to this change, `FrameworkMediaDrm.requiresSecureDecoder` ignores its `sessionId` parameter on API 31+, and uses only the `mimeType` parameter. This means the result [assumes the session is opened at the 'default security level'](https://developer.android.com/reference/android/media/MediaDrm#requiresSecureDecoder(java.lang.String)): > The default security level is defined as the highest security level > supported on the device. This change is a no-op in all (?) cases, because the `ExoMediaDrm` interface only exposes the zero-arg `openSession()` method, which in the framework case **also** assumes the highest security level is preferred: > By default, sessions are opened at the native security level of the > device. However, it seems more obviously correct to only make this "highest/native security level" assumption in one place (`openSession()`), and check the session's **actual** security level everywhere else. Issue: androidx#1603 PiperOrigin-RevId: 662872860
This method was added in API 31 (S) but it's non-functional (incorrectly, silently, returns `false`) on the Widevine plugin version (`16.0`) from R (API 30), which some devices up to at least API 34 are still using. This results in ExoPlayer incorrectly selecting an insecure decoder for L1 secure content, and subsequently calling `MediaCodec.queueInputBuffer` instead of `queueSecureInputBuffer`, which is not supported and generates the following error: > Operation not supported in this configuration: ERROR_DRM_CANNOT_HANDLE Issue: #1603 #cherrypick PiperOrigin-RevId: 662852176 (cherry picked from commit ca455ee)
Version
Media3 1.4.0
More version details
Issue
Since
1.4.0-alpha01, the DRM protected videos are playing in non-secure mode in few devices.Why?
On Commit c872af4 -> We removed
mediaCryptoRequiresSecureDecoderon MCR (MediaCodecRenderer) from field variable to local variable.However the problem began on how we initialized the variable. Before this commit, the mediaCryptoRequiresSecureDecoder is initialized by following (Refer: MCR#1047)
But now, the initialization is happening based on codecDrmSession with the following code (Refer MCR#551)
The interesting point to note is the variable name is not changed to
codecDrmSessionRequiresSecureDecoderwith this change in initialisation but retained asmediaCryptoRequiresSecureDecodereven though initialisation is not done through MediaCrypto.Note
The issue is not happening on all the devices but only few devices. The devices I noticed the issue are
Motorola G34 on Android 14
OnePlus Nord CE 3 Lite 5G on Android 13 (CPH2467)
Impact
Questions?
Why does
codecDrmSession.requiresSecureDecoder("video/avc")andmediaCrypto.requiresSecureDecoderComponent("video/avc")are not same on these devices? In fact Motorola G34 is a stock android where the issue happens. Does that mean it is a hardware level issue?Why do we have two function (mediaCrypto.requiresSecureDecoderComponent and codecDrmSession.requiresSecureDecoder) in two different classes if the purpose is same?
How does secureness of the codec impact the audio playback? In both secure and non-secure mode, the codec initialised is the same hardware codec but in secure mode no stuttering is seen, but in non-secure mode stuttering is seen
Devices that reproduce the issue
Motorola G34 on Android 14
OnePlus Nord CE 3 Lite 5G on Android 13 (CPH2467)
Devices that do not reproduce the issue
Pixel 8 Pro on Android 14
OnePlus Pad on Android 14 (OPD2203)
Reproducible in the demo app?
Yes
Reproduction steps
Widevine DASH (MP4, H264)HD (cenc)videoadb shell dumpsys media.resource_managerExpected result
At Step5, The expected codec attached is secure
Output of adb command ( In device CPH2467 on android 13)
At Step6, The screenshot should be blacked-out (showcasing secureness)
Actual result
At Step5, The actual codec attached is non-secure
Output of adb command ( In device CPH2467 on android 13)
At Step6, The screenshot show the playback of video (showcasing insecure)
Media
Widevine DASH(MP4, H264) > HD (cenc)
Bug Report
adb bugreportto android-media-github@google.com after filing this issue.The text was updated successfully, but these errors were encountered: