Closed Bug 1737662 Opened 3 years ago Closed 3 years ago

Update rules to serve Widevine 4.10.2391.0

Categories

(Release Engineering :: General, task)

Product:
Release Engineering
Component:
General
Type:
task

Tracking

(Not tracked)

Status:
RESOLVED FIXED

People

(Reporter: bryce, Assigned: mozilla)

References

Details

We're anticipating a new Widevine release being made available for Firefox on November 2nd. We'll want to do our normal update dance: nightly test + bryce tests -> nightly -> beta -> release + esr.

If all goes well in testing, we want to replace all instances of the 4.10.2209.1 CDM with the new 4.10.2391.0 CDM. I.e. all current rules for 4.10.2209.1 can be updated to instead point to the new CDM.

I'll update this bug with further info once the new CDM is available to us.

New CDMs look live. Following is the output from a script I use to grab and hash CDMs:

Got https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2391.0-linux-x64.zip
SHA256: ee01fcd3c0baee6fecd3d7b8ad05101dbfedfa21957735be633ac1d59c4621da
SHA512: 8ce16faae96274e1f5ec63f6f543fa33ab3b7d469e59fac2d8b45cb27d3c95820cf80cd362d6e972a1c3c27e5c1b28c018fbdc2bb7df50f095391a646e277a99
file size: 6328796 bytes

Got https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2391.0-mac-x64.zip
SHA256: 98fab6947213bf7b08096a52a4a99b7772169cd94536fd59af7e1d54001d7cb7
SHA512: 2cf195a99dd13019c2f29e036f98e10905d1472f013970bd8b2f0ff65fe2b20a9058570c57b3595c1b9824326ac11a185a80008d618c673736323355345d69fe
file size: 6942023 bytes

Got https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2391.0-mac-arm64.zip
SHA256: b078a4798e687da25997ecbec5302f208e7a1816a862578184a9ff96db9ba7f7
SHA512: 041a9bbe89160f604d72db92fc9c1fdce75d528706245c837d4d0ea71e96c1b5106e512ca37e075373ceaeda64e6dd42e02889edaee8dc3077718620a16b4f2e
file size: 6511203 bytes

Got https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2391.0-win-ia32.zip
SHA256: e2cbb5d960fe732c475b7d7bdc67004302b6fd5f0949a2530b6e0471feb18a07
SHA512: 24569de210f6a6d47daf0e64441f0c575dcbb23e5ff2fcb705edcd6e0fce9378caafd84e81a1c0efd25056a686ab8cb47855f43230ee37ddabc97453b72024ff
file size: 6331242 bytes

Got https://redirector.gvt1.com/edgedl/widevine-cdm/4.10.2391.0-win-x64.zip
SHA256: 67d7905b61da4a400cd93f3be4bcbf717849090dfbf25c312f2a71f04bb7890c
SHA512: 81b2329d38a9370afc490db805a05c4b506b113ebd00f4e488bca97fd96267d92cb477e3a635880464ca66ed32f448e46ad3645f6af072547b5f09100db2bf74
file size: 6537814 bytes

IIRC, the URLs, SHA512 hashes, and file sizes are what we need to get new Balrog rules in place? Could we set up a rule to test this on a nightly test channel? I'll run through testing there and assuming it goes well, we can look at rolling out to nightly (ideally early next week).

Please let me know if there's anything else I can do to help get the ball rolling.

Flags: needinfo?(mtabara)
Flags: needinfo?(jcristau)

Widevine-4.10.2391.0 is now up on the nightlytest channel.

BTW I notice Widevine-4.10.2209.1 is missing the WINNT_x86_64-msvc-x64-asan platform alias that earlier releases had, should we add that back?

Flags: needinfo?(mtabara)
Flags: needinfo?(jcristau)
Flags: needinfo?(bvandyk)

(In reply to Julien Cristau [:jcristau] from comment #2)

Widevine-4.10.2391.0 is now up on the nightlytest channel.

Thank you!

BTW I notice Widevine-4.10.2209.1 is missing the WINNT_x86_64-msvc-x64-asan platform alias that earlier releases had, should we add that back?

I'm happy with it being added back. I can't recall if it was removed for a reason -- did a quick check of previous bugs and didn't find anything.

Flags: needinfo?(bvandyk)

nightlytest testing is going well. I've done testing against release and some even older versions of Fx to make sure we'll be good to push this back as far as planned. I think we should be good to roll out to nightly come the start of next week.

I've added the windows asan platform alias to the Widevine-4.10.2391.0 release so that'll show up for nightly users when we roll this out.

(In reply to Julien Cristau [:jcristau] from comment #5)

I've added the windows asan platform alias to the Widevine-4.10.2391.0 release so that'll show up for nightly users when we roll this out.

Great, thanks!

I've smoke tested nightlytest across the desktop platforms without issue. Could we roll this out to nightly?

(In reply to Bryce Seager van Dyk (:bryce) from comment #6)

I've smoke tested nightlytest across the desktop platforms without issue. Could we roll this out to nightly?

https://aus-api.mozilla.org/api/v1/rules/17678 updated to channel nightly*

Nightly bake is going well. Could we roll this out to Beta 95 also? I appreciate that's a fast turn around, but given the time frame to release, I'd rather compress the time between nightly -> beta than beta -> release (and ESR, and older versions).

Flags: needinfo?(jcristau)

https://balrog.services.mozilla.com/rules?product=Widevine#scId=3820 ; does that look good Ryan? (Duplicated nightly* rule 17628, set the new rule's channel to beta*)

Flags: needinfo?(jcristau) → needinfo?(ryanvm)

I'm a little surprised we're not restricting the version to only 95. Is that intentional? Also, we probably want a matching rule for Aurora for DevEdition users.

Flags: needinfo?(ryanvm) → needinfo?(aki)

Added a rule for <95 pinning to the old version, which we can keep or reduce to <94 if we decide to roll out to m-r.
Also added an aurora rule, which appears to be live without signoffs.

Flags: needinfo?(aki) → needinfo?(ryanvm)

Looks good, thanks. Signed off.

Flags: needinfo?(ryanvm)

Thanks for the continuing help rolling this out!

Could we roll this out to everywhere that is currently using 4.10.2209.1? I believe that will take us back to 88 and ESR 78.10. If preferred, I'm also fine with going to release then pushing to other versions later, but I figure one fell swoop may be easier from an updating the rules perspective.

Submitted.

We probably want to sign off on the catchall rule first, the nuke the watershed and the beta rule for cleanliness. I can nuke the aurora and nightly rules once those are done.

Flags: needinfo?(ryanvm)

Signed off after confirming with QA their intent to test this on Release and ESR once it's live. I've given them a heads-up that it's ready as well.

Flags: needinfo?(ryanvm)

Aurora and nightly rules are deleted. I think we're done here. Thanks all!

Status: NEW → RESOLVED
Closed: 3 years ago
Resolution: --- → FIXED

Thanks all!

I think we may still have an ESR rule serving the old CDM. Specifically the Bug 1677793 - Widevine 4.10.2209.1 for esr78.10.0+ rule. Would it be possible to update that one too to point to the new CDM?

In case it's helpful, here are a couple of the URLs I'm prodding to see the CDM version (use view-source to see the XML served if it doesn't show)

  • ESR 91.3.0
  • ESR 78.10.0 (the build date is a bit hacky on this one and isn't strictly correct, but I don't think it should factor into rule resolution)

Ah, yes. https://balrog.services.mozilla.com/rules?product=Widevine#scId=3846 is ready for signoff for esr.

Flags: needinfo?(ryanvm)

Signed off and confirmed that my local copy of 91.3esr is getting the update now.

Flags: needinfo?(ryanvm)

Rad, testing looks good on my end too. Really appreciate the help with this!

Hi,

Widevine Team plan to revoke & deactivate all prior CDMs older than 4.10.2391.0 after November 30, 2021.
Firefox 95 will be released on December 7.
So I think this patch should be released as minor update for Firefox 94 until November 30.

(In reply to otoguro from comment #21)

Hi,

Widevine Team plan to revoke & deactivate all prior CDMs older than 4.10.2391.0 after November 30, 2021.
Firefox 95 will be released on December 7.
So I think this patch should be released as minor update for Firefox 94 until November 30.

Thanks for the heads up. There's a few different mechanisms Firefox uses to ensure Widevine is up to date, and the one used here doesn't require patching clients. So we should have our bases covered for all supported Firefox versions prior to the deactivation.

So we should have our bases covered for all supported Firefox versions prior to the deactivation.

Thank you.

By the way, we passed tests for this version with HDCP_v1 restricted licenses. (Previous CDM update caused HDCP issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1705138 )

(In reply to otoguro from comment #23)

So we should have our bases covered for all supported Firefox versions prior to the deactivation.

Thank you.

By the way, we passed tests for this version with HDCP_v1 restricted licenses. (Previous CDM update caused HDCP issue: https://bugzilla.mozilla.org/show_bug.cgi?id=1705138 )

Great! Thanks for checking that and letting us know.

Assignee: nobody → aki
You need to log in before you can comment on or make changes to this bug.