Using SDP with software decoding in Hikey620

sayan · September 10, 2018, 6:24am

Hi,

Following HKG18-119 - Overview of integrating OP-TEE into HiKey620 AOSP - Linaro Connect by @vchong, I am able to set-up Hikey 620 with AOSP + OPTEE. Xtest 1014 for SDP passed.

I am trying to use SDP with Software decoding in Hikey620. How can I achieve this?

Please help. Thanks in advance.

Regards,
Sayan

vchong · September 11, 2018, 8:51am

Try referencing HKG18-203 - Overview of Linaro DRM and https://github.com/linaro-mmwg/optee-clearkey-cdmi.

sayan · September 11, 2018, 12:42pm

Thanks. I will check these.

sayan · September 25, 2018, 7:31am

Hi @vchong,

I have compiled the code after taking the changes from the links shared by you. The code compiles successfully. But in order to use SDP, the codec name must end with .secure.

Thus I added .secure suffix with “OMX.google.h264.decoder” in device/linaro/hikey/etc/media_codecs.xml to get “OMX.google.h264.decoder.secure”

But the chromium browser crashes while I try to stream a content in HIkey 620 with these changes.

The error log is as follows:

01-01 00:00:47.002  1948  1956 I OMXMaster: makeComponentInstance(OMX.google.h264.decoder.secure) in omx@1.0-service process
01-01 00:00:47.002  1948  1956 E /vendor/bin/hw/android.hardware.media.omx@1.0-service: Failed to allocate omx component 'OMX.google.h264.decoder.secure'  err=InvalidComponentName(0x80001002)
01-01 00:00:47.003  1945  1964 W OmxInfoBuilder: Fail to add mime video/avc to codec OMX.google.h264.decoder.secure
01-01 00:00:47.004  1849  1849 W /system/bin/hwservicemanager: getTransport: Cannot find entry android.hardware.media.omx@1.0::IOmx/default in either framework or device manifest.

I must be missing something. Do you have any idea?

peter-griffin · October 1, 2018, 11:04am

Hi Sayan,

Full SDP on HiKey with software decoding can’t really be done as the OMX decoder is running on the host CPU, so it makes little sense to enable the .secure for the OMX codecs (unless you want to put the codec in OP-TEE but that is unadvised).

We did do a SDP_PROTOTYPE feature, which relies on the memory firewall protection in ATF being disabled, and then maps the secure buffer and memcpy() the contents. But that was really just for testing purposes.

In addition for Android you should be using the ClearKey mediadrm [1] plugin. However with regards to Chromium browser some changes are required in Chromium source for an Android build as it has a built-in ClearKey OpenSSL CDM which is uses for ClearKey playback rather than searching for a mediadrm plugin on the target.

With other key systems such as Widevine or Playready, it will use mediadrm plugin on Android straight away, but with ClearKey it we found it uses the built in OpenSSL decryptor rather than searching for the plugin.

If you want to do SDP development you are better off using a platform which actually has secure codec support such as iMX8M-evk board. Here the OMX plugins for the platform have been updated to allocate a secure buffer using ION, and the memory protection firewall is configured so that the only the decoder and display hardware can access the memory.

[1] https://github.com/linaro-mmwg/clearkeydrmplugin

Peter.

sayan · October 1, 2018, 2:41pm

Hi Peter,

Thanks for the explanation. I can understand the problems.
But is it the case that SDP cannot be achieved without Hardware decoding?

While debugging, I somehow managed to use the mediadrm plugin but unfortunately Chromium crashed. I already posted this issue in the link Chromium crash while using SDP with software decoder in Hikey620

Regards,
Sayan

peter-griffin · October 1, 2018, 4:06pm

Hi Sayan,

Yes, SDP can only be achieved when using hardware decoding, (or by putting the software codec into secure world, but that is unadvised).

The crash you posted is crashing in OMX library code, I believe because the default OMX software codecs that google provide don’t support allocating a secure buffer.

Peter

sayan · October 1, 2018, 4:09pm

Hi Peter,

Thank you very much for the information.

Regards,
Sayan

sayan · November 14, 2018, 9:28am

Hi @peter-griffin,

Could you please point me to the code base from where I can use SDP_PROTOTYPE feature. I came across some forked versions but not sure whether those works.

Regards,
Sayan

peter-griffin · November 15, 2018, 10:45am

Hi Sayan,

To get a working Android plus OP-TEE working baseline your best bet is to follow these instructions here https://github.com/linaro-swg/optee_android_manifest

Then to add in ExoPlayer and ClearKey op-tee mediadrm plugin plus the best instructions are https://github.com/linaro-mmwg/clearkeydrmplugin. Although due to a Linaro re-organisation MMWG don’t look after Android activities any longer so this isn’t being actively maintained atm (although patches are welcome ).

The code to disable memory firewall in ATF is here https://github.com/96boards/arm-trusted-firmware/blob/hikey/plat/hikey/plat_security.c

Peter.

sayan · November 16, 2018, 8:46am

Thanks Peter for the information.

Let’s see what can be done

Regards,
Sayan