[10.15][Mac] Remove com.apple.quarantine xattr from CDM dylib after downloading
Categories
(Core :: Audio/Video: GMP, task, P1)
Tracking
()
People
(Reporter: haik, Assigned: bryce)
References
Details
Attachments
(1 file)
47 bytes,
text/x-phabricator-request
|
RyanVM
:
approval-mozilla-beta+
jcristau
:
approval-mozilla-esr60+
jcristau
:
approval-mozilla-esr68+
|
Details | Review |
On macOS 10.15 Beta, in order for the GMP process to load the new signed Widevine CDM (4.10.1440.19), we must remove the com.apple.quarantine extended attribute from the dylib. With 4.10.1440.19, on macOS 10.15 Beta, we are still seeing the error described on bug 1558924. After clearing the attribute manually from the dylib after it has been downloaded, the CDM loads successfully and playback works. $ xattr -d com.apple.quarantine <file>
.
Firefox is configured (via LSFileQuarantineEnabled
in our Info.plist) to quarantine all files that it writes. As a result, when we download the CDM it will be quarantined. macOS 10.15 is more strict about launching/loading quarantined executables. We addressed a similar problem with the updater for 10.15 on bug 1556733.
The com.apple.quarantine attribute can be removed with the removexattr(2) library call.
Reporter | ||
Comment 1•5 years ago
|
||
It looks like the right place to clear the com.apple.quarantine attribute would be in GMPExtractorWorker.js[1]. I think we would have to expose a method to do this in nsIFile.
Assignee | ||
Updated•5 years ago
|
Comment 2•5 years ago
|
||
Assignee | ||
Comment 3•5 years ago
|
||
[Tracking Requested - why for this release]: Because this results in complete bustage of EME playback on MacOS Catalina I would like to consider this for 69 and our currents ESRs. We're already seeing issues for users of Catalina beta and I'd like for us to have as many releases ready for Catalina as we can. We don't have a concrete data for Catalina release, but based on previous MacOS releases, the end of September seems likely.
Updated•5 years ago
|
Assignee | ||
Comment 4•5 years ago
|
||
On MacOS Firefox will add the com.apple.quarantine attribute to files it
downloads. Firefox does this as a safety measure to indicate to the OS that the
file may be from an untrusted source.
While the attribute can be set prior to MacOS 10.15, the attribute is used to
enforce new features in 10.15. This leads to issues where if we do not clear the
attribute from GMPs we download, we will fail to load dynamic libs.
This patch means we will clear the quarantine from GMP downloads. These GMPs
come from a trusted source and are checksummed via hash.
Note, most of the heavy lifting for this was done in bug 1566700. We just
leverage the new API here.
Pushed by bvandyk@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/17b7695a194e Remove com.apple.quarantine from gmp downloads. r=dminor
Comment 6•5 years ago
|
||
bugherder |
Assignee | ||
Comment 7•5 years ago
|
||
Comment on attachment 9080657 [details]
Bug 1566523 - Remove com.apple.quarantine from gmp downloads. r?dminor,alwu
Beta/Release Uplift Approval Request
- User impact if declined: Playback of premium video will not work under MacOS Catalina due to the CDM being blocked by new security features. These changes are needed to remove quarantine from the Widevine CDM once we extract it. If we do not do this loading of the CDM will be blocked by the OS.
- Is this code covered by automated tests?: No
- Has the fix been verified in Nightly?: Yes
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: Bug 1566523, Bug 1558924, Bug 1566180
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This patch removes an extended attribute from the extracted CDM files on Mac. The code to do this is fairly simple and I would expect the worst outcome to be for it not to work, rather than regressing any existing behaviour.
- String changes made/needed: None
ESR Uplift Approval Request
- If this is not a sec:{high,crit} bug, please state case for ESR consideration: Bustage of premium video playback on MacOS Catalina. We expect Catalina will release near the end of September, thought this date is not confirmed.
- User impact if declined: Playback of premium video will not work under MacOS Catalina due to the CDM being blocked by new security features. These changes are needed to remove quarantine from the Widevine CDM once we extract it. If we do not do this loading of the CDM will be blocked by the OS.
- Fix Landed on Version: 70
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This patch removes an extended attribute from the extracted CDM files on Mac. The code to do this is fairly simple and I would expect the worst outcome to be for it not to work, rather than regressing any existing behaviour.
- String or UUID changes made by this patch: None
Comment 8•5 years ago
|
||
Comment on attachment 9080657 [details]
Bug 1566523 - Remove com.apple.quarantine from gmp downloads. r?dminor,alwu
Needed for encrypted video playback on macOS 10.15. Approved for 69.0b10.
Comment 9•5 years ago
|
||
bugherder uplift |
Updated•5 years ago
|
Updated•5 years ago
|
Comment 10•5 years ago
|
||
Looks like DRM content works now on Netflix and Amazon Prime on macOS 10.15 19A512f using latest Nightly 70.0a1 and Firefox 69.0b10.
Comment 11•5 years ago
|
||
Comment on attachment 9080657 [details]
Bug 1566523 - Remove com.apple.quarantine from gmp downloads. r?dminor,alwu
fix for widevine on macos 10.15, approved for 68.1 and 60.9
Comment 12•5 years ago
|
||
bugherder uplift |
Comment 13•5 years ago
|
||
bugherder uplift |
Comment 14•5 years ago
|
||
Backed out as per Bryce's request.
Backout: https://hg.mozilla.org/releases/mozilla-esr60/rev/43f8874f45ab6de5156b9cf164446c860f58214c
Updated•5 years ago
|
Assignee | ||
Comment 15•5 years ago
|
||
Bug 1566700 didn't cleanly apply on ESR60, and since we depend on that functionality for this change, I'll look at getting that sorted first. Holding NI.
Comment 16•5 years ago
|
||
Did a quick check on the CI build which has the fix for 68.1 esr but both Amazon prime and Netflix are unable to play its content. I do have Widevine 4.10.1440.18 installed from what I can see. Should I recheck once the build is official? 69.0b10 had the same version of widevine and DRM content ran just fine.
Assignee | ||
Comment 17•5 years ago
|
||
(In reply to Bogdan Maris [:bogdan_maris], Release Desktop QA from comment #16)
Did a quick check on the CI build which has the fix for 68.1 esr but both Amazon prime and Netflix are unable to play its content. I do have Widevine 4.10.1440.18 installed from what I can see. Should I recheck once the build is official? 69.0b10 had the same version of widevine and DRM content ran just fine.
Were the builds signed? In general we'd expect those sites to fail if the builds are signed -- but something like Shaka player should still work. A recheck with an official build would be good, largely as those builds ensure signing.
Assignee | ||
Comment 18•5 years ago
|
||
Clearing NI as I believe I've resolved the patch issues in bug 1566700 for ESR60. With that able to land on ESR60 this should be able to follow.
Comment 19•5 years ago
|
||
bugherder uplift |
Comment 20•5 years ago
|
||
I’ve tested this issue on macOS 10.15 Catalina beta 6 (19A536g) with the official 68.1.0esr; Netflix/Amazon Prime are working without any problems. I will not change the esr status to verified or remove the qe+ flag, until Widevine version 4.10.1440.19 will be going live and I recheck this bug.
Comment 21•5 years ago
|
||
I’ve tested this issue on macOS 10.15 Catalina beta 6 (19A536g) with the official 68.1.0esr; Netflix/Amazon Prime are working without any problems. I will not change the esr status to verified or remove the qe+ flag, until Widevine version 4.10.1440.19 will be going live and I recheck this bug.
This issue is verified fixed with Widevine version 4.10.1440.19.
Comment 22•5 years ago
|
||
This issue is verified fixed with 60.9.0esr on macOS 10.15 Catalina beta 6 (19A536g). No issue occurs while playing Netflix/Amazon Prime/Hulu.
Description
•