Gitiles
Code Review Sign In
gerrit.omnirom.org / android_system_security / 703bcc185a60ae4084175da41b8be009fbd36160^! / . / keystore2 / src / utils.rs
commit703bcc185a60ae4084175da41b8be009fbd36160[log] [tgz]
authorDavid Drysdale <drysdale@google.com>Tue Nov 26 14:15:03 2024 +0000
committerDavid Drysdale <drysdale@google.com>Wed Nov 27 10:45:33 2024 +0000
tree9a8a12b2fec06a282238fbeb861011f360745ba5
parente15e3cbad50f54d6be4dcbdb04eacf1edc055896 [diff] [blame]
More diagnostics for slow operations

- Add more watchdogs and more context to metrics retrieval.
- Log first alias when too many keys are listed.
- Drop a couple of superfluous comments.

Bug: 319563050
Bug: 380879713
Test: adb logcat on device with large number of keys
Change-Id: I5484b131e45c5fc1d39810f26104db46cb7aae7a

diff --git a/keystore2/src/utils.rs b/keystore2/src/utils.rs
index c6dc11e..35290df 100644
--- a/keystore2/src/utils.rs
+++ b/keystore2/src/utils.rs

@@ -541,39 +541,40 @@
 pub(crate) fn estimate_safe_amount_to_return(
     domain: Domain,
     namespace: i64,
+    start_past_alias: Option<&str>,
     key_descriptors: &[KeyDescriptor],
     response_size_limit: usize,
 ) -> usize {
-    let mut items_to_return = 0;
-    let mut returned_bytes: usize = 0;
+    let mut count = 0;
+    let mut bytes: usize = 0;
     // Estimate the transaction size to avoid returning more items than what
     // could fit in a binder transaction.
     for kd in key_descriptors.iter() {
         // 4 bytes for the Domain enum
         // 8 bytes for the Namespace long.
-        returned_bytes += 4 + 8;
+        bytes += 4 + 8;
         // Size of the alias string. Includes 4 bytes for length encoding.
         if let Some(alias) = &kd.alias {
-            returned_bytes += 4 + alias.len();
+            bytes += 4 + alias.len();
         }
         // Size of the blob. Includes 4 bytes for length encoding.
         if let Some(blob) = &kd.blob {
-            returned_bytes += 4 + blob.len();
+            bytes += 4 + blob.len();
         }
         // The binder transaction size limit is 1M. Empirical measurements show
         // that the binder overhead is 60% (to be confirmed). So break after
         // 350KB and return a partial list.
-        if returned_bytes > response_size_limit {
+        if bytes > response_size_limit {
             log::warn!(
-                "{domain:?}:{namespace}: Key descriptors list ({} items) may exceed binder \
-                       size, returning {items_to_return} items est {returned_bytes} bytes.",
+                "{domain:?}:{namespace}: Key descriptors list ({} items after {start_past_alias:?}) \
+                 may exceed binder size, returning {count} items est. {bytes} bytes",
                 key_descriptors.len(),
             );
             break;
         }
-        items_to_return += 1;
+        count += 1;
     }
-    items_to_return
+    count
 }
 
 /// Estimate for maximum size of a Binder response in bytes.
@@ -602,8 +603,13 @@
         start_past_alias,
     );
 
-    let safe_amount_to_return =
-        estimate_safe_amount_to_return(domain, namespace, &merged_key_entries, RESPONSE_SIZE_LIMIT);
+    let safe_amount_to_return = estimate_safe_amount_to_return(
+        domain,
+        namespace,
+        start_past_alias,
+        &merged_key_entries,
+        RESPONSE_SIZE_LIMIT,
+    );
     Ok(merged_key_entries[..safe_amount_to_return].to_vec())
 }