Log keystore key operation events using statsd.
This is the second CL on migrating keystore logging to statsd.
This migrates the logging for key operation events.
Three new ResponseCodes are added for the logging purpose of the
abort operations.
Test: Adding tests for logging is yet to be decided.
Change-Id: Iede72341b0f4c80199c9e16cef96a5d98bca8754
Merged-In: I68c1d89beeb733e4b6ba493b8d95935b7e73df60
diff --git a/keystore/keymaster_worker.cpp b/keystore/keymaster_worker.cpp
index e7fcf96..7481a1e 100644
--- a/keystore/keymaster_worker.cpp
+++ b/keystore/keymaster_worker.cpp
@@ -336,8 +336,10 @@
return {rc, std::move(authToken)};
}
-KeyStoreServiceReturnCode KeymasterWorker::abort(const sp<IBinder>& token) {
- auto op = operationMap_.removeOperation(token, false /* wasOpSuccessful */);
+KeyStoreServiceReturnCode KeymasterWorker::abort(const sp<IBinder>& token,
+ ResponseCode reason_for_abort) {
+ auto op = operationMap_.removeOperation(token, false /* wasOpSuccessful */,
+ static_cast<int32_t>(reason_for_abort));
if (op) {
keyStore_->getAuthTokenTable().MarkCompleted(op->handle);
return KS_HANDLE_HIDL_ERROR(keymasterDevice_, keymasterDevice_->abort(op->handle));
@@ -355,7 +357,7 @@
size_t op_count_before_abort = operationMap_.getOperationCount();
// We mostly ignore errors from abort() because all we care about is whether at least
// one operation has been removed.
- auto rc = abort(oldest);
+ auto rc = abort(oldest, ResponseCode::PRUNED);
keyStore_->removeOperationDevice(oldest);
if (operationMap_.getOperationCount() >= op_count_before_abort) {
ALOGE("Failed to abort pruneable operation %p, error: %d", oldest.get(), rc.getErrorCode());
@@ -598,7 +600,7 @@
}
Finalize abort_operation_in_case_of_error([&] {
- operationMap_.removeOperation(token, false);
+ operationMap_.removeOperation(token, false, rc.getErrorCode());
keyStore_->getAuthTokenTable().MarkCompleted(op->handle);
KS_HANDLE_HIDL_ERROR(keymasterDevice_, keymasterDevice_->abort(op->handle));
});
@@ -677,7 +679,7 @@
bool finished = false;
Finalize abort_operation_in_case_of_error([&] {
- operationMap_.removeOperation(token, finished && rc.isOk());
+ operationMap_.removeOperation(token, finished && rc.isOk(), rc.getErrorCode());
keyStore_->getAuthTokenTable().MarkCompleted(op->handle);
if (!finished)
KS_HANDLE_HIDL_ERROR(keymasterDevice_, keymasterDevice_->abort(op->handle));
@@ -745,8 +747,9 @@
}
void KeymasterWorker::abort(sp<IBinder> token, abort_cb worker_cb) {
- Worker::addRequest(
- [this, CAPTURE_MOVE(token), CAPTURE_MOVE(worker_cb)]() { return worker_cb(abort(token)); });
+ Worker::addRequest([this, CAPTURE_MOVE(token), CAPTURE_MOVE(worker_cb)]() {
+ return worker_cb(abort(token, ResponseCode::ABORT_CALLED));
+ });
}
void KeymasterWorker::verifyAuthorization(uint64_t challenge, hidl_vec<KeyParameter> params,
@@ -1132,7 +1135,7 @@
Worker::addRequest([this, who]() {
auto operations = operationMap_.getOperationsForToken(who.unsafe_get());
for (const auto& token : operations) {
- abort(token);
+ abort(token, ResponseCode::BINDER_DIED);
keyStore_->removeOperationDevice(token);
}
});