Enable selection between L1 and L3 CDMs

This sets HW secure codecs and and identifier as required if
we are configured for the L1 ChromeOS Factory Daemon CDM. It
then selects that CDM if the configuration specifies HW
secure codecs and allows a distinct identifier.

BUG=b:153111783
TEST=HW_SECURE_* use L1 CDM, otherwise L3

Change-Id: Ia2b4cfeace38755f1b823a8f15ff0cf325fde29b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2625817Reviewed-by: Xiaohan Wang <xhwang@chromium.org>
Commit-Queue: Jeffrey Kardatzke <jkardatzke@google.com>
Cr-Commit-Position: refs/heads/master@{#843234}

components/cdm/renderer/widevine_key_system_properties.cc

@@ -7,6 +7,7 @@
 #include "base/feature_list.h"
 #include "build/chromeos_buildflags.h"
 #include "media/base/media_switches.h"
+#include "media/media_buildflags.h"
 #include "third_party/widevine/cdm/buildflags.h"
 #include "third_party/widevine/cdm/widevine_cdm_common.h"
 
@@ -152,9 +153,14 @@ EmeConfigRule WidevineKeySystemProperties::GetRobustnessConfigRule(
   }
 
 #if BUILDFLAG(IS_CHROMEOS_ASH)
-  // Hardware security requires remote attestation.
+  // Hardware security requires HWDRM or remote attestation, both of these
+  // require an identifier.
   if (robustness >= Robustness::HW_SECURE_CRYPTO)
+#if BUILDFLAG(USE_CHROMEOS_PROTECTED_MEDIA)
+    return EmeConfigRule::IDENTIFIER_AND_HW_SECURE_CODECS_REQUIRED;
+#else
     return EmeConfigRule::IDENTIFIER_REQUIRED;
+#endif
 
   // For video, recommend remote attestation if HW_SECURE_ALL is available,
   // regardless of the value of |robustness|, because it enables hardware

content/browser/media/media_interface_proxy.cc

@@ -24,6 +24,7 @@
 #include "content/public/browser/service_process_host.h"
 #include "content/public/common/content_client.h"
 #include "media/base/cdm_context.h"
+#include "media/media_buildflags.h"
 #include "media/mojo/buildflags.h"
 #include "media/mojo/mojom/frame_interface_factory.mojom.h"
 #include "media/mojo/mojom/media_service.mojom.h"
@@ -51,7 +52,9 @@
 #include "sandbox/mac/seatbelt_extension.h"
 #endif  // defined(OS_MAC)
 #if BUILDFLAG(IS_CHROMEOS_ASH)
+#if BUILDFLAG(USE_CHROMEOS_PROTECTED_MEDIA)
 #include "chromeos/constants/chromeos_features.h"
+#endif  // BUILDFLAG(USE_CHROMEOS_PROTECTED_MEDIA)
 #endif  // BUILDFLAG(IS_CHROMEOS_ASH)
 #endif  // BUILDFLAG(ENABLE_LIBRARY_CDMS)
 
@@ -453,8 +456,10 @@ void MediaInterfaceProxy::CreateCdm(const std::string& key_system,
   DCHECK(thread_checker_.CalledOnValidThread());
 #if BUILDFLAG(ENABLE_LIBRARY_CDMS)
 #if BUILDFLAG(IS_CHROMEOS_ASH)
-  // TODO(jkardatzke): Conditionalize this on |cdm_config.use_hw_secure_codecs|
-  if (base::FeatureList::IsEnabled(chromeos::features::kCdmFactoryDaemon)) {
+#if BUILDFLAG(USE_CHROMEOS_PROTECTED_MEDIA)
+  if (base::FeatureList::IsEnabled(chromeos::features::kCdmFactoryDaemon) &&
+      cdm_config.use_hw_secure_codecs &&
+      cdm_config.allow_distinctive_identifier) {
     auto* factory = media_interface_factory_ptr_->Get();
     if (factory) {
       // We need to intercept the callback in this case so we can fallback to
@@ -468,6 +473,7 @@ void MediaInterfaceProxy::CreateCdm(const std::string& key_system,
     }
   }
   ReportCdmTypeUMA(CrosCdmType::kChromeCdm);
+#endif  // USE_CHROMEOS_PROTECTED_MEDIA
 #endif  // BUILDFLAG(IS_CHROMEOS_ASH)
   auto* factory = GetCdmFactory(key_system);
 #elif BUILDFLAG(ENABLE_CAST_RENDERER)

media/base/eme_constants.h

@@ -188,14 +188,19 @@ enum class EmeConfigRule {
 
   // The configuration option prevents use of hardware-secure codecs.
   // This rule only has meaning on platforms that distinguish hardware-secure
-  // codecs (i.e. Android and Windows).
+  // codecs (i.e. Android, Windows and ChromeOS).
   HW_SECURE_CODECS_NOT_ALLOWED,
 
   // The configuration option is supported if hardware-secure codecs are used.
   // This rule only has meaning on platforms that distinguish hardware-secure
-  // codecs (i.e. Android and Windows).
+  // codecs (i.e. Android, Windows and ChromeOS).
   HW_SECURE_CODECS_REQUIRED,
 
+  // The configuration option is supported on platforms where hardware-secure
+  // codecs are optionally used and an identifier is also required. (i.e.
+  // ChromeOS)
+  IDENTIFIER_AND_HW_SECURE_CODECS_REQUIRED,
+
   // The configuration option is supported without conditions.
   SUPPORTED,
 };

media/blink/key_system_config_selector.cc

@@ -254,6 +254,9 @@ class KeySystemConfigSelector::ConfigState {
         return !are_hw_secure_codecs_required_;
       case EmeConfigRule::HW_SECURE_CODECS_REQUIRED:
         return !are_hw_secure_codecs_not_allowed_;
+      case EmeConfigRule::IDENTIFIER_AND_HW_SECURE_CODECS_REQUIRED:
+        return !is_identifier_not_allowed_ && IsPermissionPossible() &&
+               !are_hw_secure_codecs_not_allowed_;
       case EmeConfigRule::SUPPORTED:
         return true;
     }
@@ -293,6 +296,10 @@ class KeySystemConfigSelector::ConfigState {
       case EmeConfigRule::HW_SECURE_CODECS_REQUIRED:
         are_hw_secure_codecs_required_ = true;
         return;
+      case EmeConfigRule::IDENTIFIER_AND_HW_SECURE_CODECS_REQUIRED:
+        is_identifier_required_ = true;
+        are_hw_secure_codecs_required_ = true;
+        return;
       case EmeConfigRule::SUPPORTED:
         return;
     }