Revert "Revert "Fix MediaDrm security level APIs""
This reverts commit a824afa9c416fe62d91296aa8fef9f0dfb7f571d.
Change-Id: Ia8f3090454f010a507ac386767b2c2a11dce1ac4
diff --git a/drm/1.1/IDrmPlugin.hal b/drm/1.1/IDrmPlugin.hal
index 7dd397a..2980dc2 100644
--- a/drm/1.1/IDrmPlugin.hal
+++ b/drm/1.1/IDrmPlugin.hal
@@ -26,6 +26,7 @@
import @1.0::SecureStopId;
import @1.1::SecureStopRelease;
import @1.1::SecurityLevel;
+import @1.0::SessionId;
/**
* IDrmPlugin is used to interact with a specific drm plugin that was created by
@@ -34,6 +35,34 @@
*/
interface IDrmPlugin extends @1.0::IDrmPlugin {
/**
+ * Open a new session at a requested security level. The security level
+ * represents the robustness of the device's DRM implementation. By default,
+ * sessions are opened at the native security level of the device which is
+ * the maximum level that can be supported. Overriding the security level is
+ * necessary when the decrypted frames need to be manipulated, such as for
+ * image compositing. The security level parameter must be equal to or lower
+ * than the native level. If the requested level is not supported, the next
+ * lower supported security level must be set. The level can be queried
+ * using {@link #getSecurityLevel}. A session ID is returned. When the
+ * drm@1.0 openSession is called, which has no securityLevel parameter, the
+ * security level is defaulted to the native security level of the device.
+ *
+ * @return status the status of the call. The status must be OK or one of
+ * the following errors: ERROR_DRM_NOT_PROVISIONED if the device
+ * requires provisioning before it can open a session,
+ * ERROR_DRM_RESOURCE_BUSY if there are insufficent resources available
+ * to open a session, ERROR_DRM_CANNOT_HANDLE if the requested security
+ * level is higher than the native level or lower than the lowest
+ * supported level or if openSession is not supported at the time of
+ * the call, or ERROR_DRM_INVALID_STATE if the HAL is in a state where
+ * a session cannot be opened.
+ * @param level the requested security level
+ * @return sessionId the session ID for the newly opened session
+ */
+ openSession_1_1(SecurityLevel securityLevel) generates (Status status,
+ SessionId sessionId);
+
+ /**
* A key request/response exchange occurs between the app and a License
* Server to obtain the keys required to decrypt the content.
* getKeyRequest_1_1() is used to obtain an opaque key request blob that is
@@ -149,24 +178,6 @@
SecurityLevel level);
/**
- * Set the security level of a session. This can be useful if specific
- * attributes of a lower security level are needed by an application, such
- * as image manipulation or compositing which requires non-secure decoded
- * frames. Reducing the security level may limit decryption to lower content
- * resolutions, depending on the license policy.
- *
- * @param sessionId the session id the call applies to
- * @param level the requested security level
- * @return status the status of the call. The status must be OK or one of
- * the following errors: ERROR_DRM_SESSION_NOT_OPENED if the session
- * is not opened, BAD_VALUE if the sessionId or security level is
- * invalid or ERROR_DRM_INVALID_STATE if the HAL is in a state where
- * the security level cannot be set.
- */
- setSecurityLevel(vec<uint8_t> sessionId, SecurityLevel level)
- generates(Status status);
-
- /**
* Returns the plugin-specific metrics. Multiple metric groups may be
* returned in one call to getMetrics(). The scope and definition of the
* metrics is defined by the plugin.