blob: 5d86790f3d583f65fedc65714d73b4f146aa267b [file] [log] [blame]
// Copyright 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include <stddef.h>
#include <stdint.h>
#include <algorithm>
#include <string>
#include <vector>
#include "base/macros.h"
#include "media/cdm/api/content_decryption_module.h"
#include "ppapi/c/ppb_file_io.h"
#include "ppapi/cpp/file_io.h"
#include "ppapi/cpp/file_ref.h"
#include "ppapi/cpp/instance.h"
#include "ppapi/cpp/module.h"
#include "ppapi/cpp/private/isolated_file_system_private.h"
#include "ppapi/utility/completion_callback_factory.h"
namespace media {
// Due to PPAPI limitations, all functions must be called on the main thread.
// Implementation notes about states:
// 1, When a method is called in an invalid state (e.g. Read() before Open() is
// called, Write() before Open() finishes or Open() after Open()), kError
// will be returned. The state of |this| will not change.
// 2, When the file is opened by another CDM instance, or when we call Read()/
// Write() during a pending Read()/Write(), kInUse will be returned. The
// state of |this| will not change.
// 3, When a pepper operation failed (either synchronously or asynchronously),
// kError will be returned. The state of |this| will be set to ERROR.
// 4. Any operation in ERROR state will end up with kError.
class CdmFileIOImpl : public cdm::FileIO {
// A class that helps release |file_lock_map_|.
// There should be only one instance of ResourceTracker in a process. Also,
// ResourceTracker should outlive all CdmFileIOImpl instances.
class ResourceTracker {
// After the first successful file read, call |first_file_read_cb| to report
// the file size. |first_file_read_cb| takes one parameter: the file size in
// bytes.
CdmFileIOImpl(cdm::FileIOClient* client,
PP_Instance pp_instance,
const pp::CompletionCallback& first_file_read_cb);
// cdm::FileIO implementation.
void Open(const char* file_name, uint32_t file_name_size) override;
void Read() override;
void Write(const uint8_t* data, uint32_t data_size) override;
void Close() override;
// TODO(xhwang): Introduce more detailed states for UMA logging if needed.
enum State {
enum ErrorType {
// Always use Close() to release |this| object.
virtual ~CdmFileIOImpl();
// |file_id_| -> |is_file_lock_acquired_| map.
// Design detail:
// - We never erase an entry from this map.
// - Pros: When the same file is read or written repeatedly, we don't need to
// insert/erase the entry repeatedly, which is expensive.
// - Cons: If there are a lot of one-off files used, this map will be
// unnecessarily large. But this should be a rare case.
// - Ideally we could use unordered_map for this. But unordered_set is only
// available in C++11.
typedef std::map<std::string, bool> FileLockMap;
// File lock map shared by all CdmFileIOImpl objects to prevent read/write
// race. A CdmFileIOImpl object tries to acquire a lock before opening a
// file. If the file open failed, the lock is released. Otherwise, the
// CdmFileIOImpl object holds the lock until Close() is called.
// TODO(xhwang): Investigate the following cases and make sure we are good:
// - This assumes all CDM instances run in the same process for a given file
// system.
// - When multiple CDM instances are running in different profiles (e.g.
// normal/incognito window, multiple profiles), we may be overlocking.
static FileLockMap* file_lock_map_;
// Sets |file_id_|. Returns false if |file_id_| cannot be set (e.g. origin URL
// cannot be fetched).
bool SetFileID();
// Acquires the file lock. Returns true if the lock is successfully acquired.
// After the lock is acquired, other cdm::FileIO objects in the same process
// and in the same origin will get kInUse when trying to open the same file.
bool AcquireFileLock();
// Releases the file lock so that the file can be opened by other cdm::FileIO
// objects.
void ReleaseFileLock();
// Helper functions for Open().
void OpenFileSystem();
void OnFileSystemOpened(int32_t result, pp::FileSystem file_system);
// Helper functions for Read().
void OpenFileForRead();
void OnFileOpenedForRead(int32_t result);
void ReadFile();
void OnFileRead(int32_t bytes_read);
// Helper functions for Write(). We always write data to a temporary file,
// then rename the temporary file to the target file. This can prevent data
// corruption if |this| is Close()'ed while waiting for writing to complete.
// However, if Close() is called after OpenTempFileForWrite() but before
// RenameTempFile(), we may still end up with an empty, partially written or
// fully written temporary file in the file system. This temporary file will
// be truncated next time OpenTempFileForWrite() is called.
void OpenTempFileForWrite();
void OnTempFileOpenedForWrite(int32_t result);
void WriteTempFile();
void OnTempFileWritten(int32_t bytes_written);
// Note: pp::FileRef::Rename() actually does a "move": if the target file
// exists, Rename() will succeed and the target file will be overwritten.
// See PepperInternalFileRefBackend::Rename() for implementation detail.
void RenameTempFile();
void OnTempFileRenamed(int32_t result);
// Reset |this| to a clean state.
void Reset();
// For real open/read/write errors, Reset() and set the |state_| to ERROR.
// Calls client_->OnXxxxComplete with kError or kInUse asynchronously. In some
// cases we could actually call them synchronously, but since these errors
// shouldn't happen in normal cases, we are not optimizing such cases.
void OnError(ErrorType error_type);
// Callback to notify client of error asynchronously.
void NotifyClientOfError(int32_t result, ErrorType error_type);
State state_;
// Non-owning pointer.
cdm::FileIOClient* const client_;
const pp::InstanceHandle pp_instance_handle_;
// Format: /<requested_file_name>
std::string file_name_;
// A string ID that uniquely identifies a file in the user's profile.
// It consists of the origin of the document URL (including scheme, host and
// port, delimited by colons) and the |file_name_|.
// For example:
std::string file_id_;
pp::IsolatedFileSystemPrivate isolated_file_system_;
pp::FileSystem file_system_;
// Shared between read and write. During read, |file_ref_| refers to the real
// file to read data from. During write, it refers to the temporary file to
// write data into.
pp::FileIO file_io_;
pp::FileRef file_ref_;
// A temporary buffer to hold (partial) data to write or the data that has
// been read. The size of |io_buffer_| is always "bytes to write" or "bytes to
// read". Use "char" instead of "unit8_t" because PPB_FileIO uses char* for
// binary data read and write.
std::vector<char> io_buffer_;
// Offset into the file for reading/writing data. When writing data to the
// file, this is also the offset to the |io_buffer_|.
size_t io_offset_;
// Buffer to hold all read data requested. This buffer is passed to |client_|
// when read completes.
std::vector<char> cumulative_read_buffer_;
bool first_file_read_reported_;
// Callback to report the file size in bytes after the first successful read.
pp::CompletionCallback first_file_read_cb_;
pp::CompletionCallbackFactory<CdmFileIOImpl> callback_factory_;
} // namespace media