diff options
| author | Rajesh Nyamagoud <nyamagoud@google.com> | 2023-03-02 13:33:29 +0000 |
|---|---|---|
| committer | Rajesh Nyamagoud <nyamagoud@google.com> | 2023-03-02 13:33:29 +0000 |
| commit | 1be9d2754cf955011c0e0cdb32fecde8883bb6e6 (patch) | |
| tree | e9a458cb055a7f5c027e4eb44e2eabb5ed01ea4f | |
| parent | a71c519140e8ca3c0dbfd502947a66eccb410527 (diff) | |
| download | security-android13-qpr3-c-s6-release.tar.gz | |
Backporting of fix for listing key aliases.android-13.0.0_r82android-13.0.0_r81android-13.0.0_r80android-13.0.0_r74android-13.0.0_r73android-13.0.0_r72android-13.0.0_r66android-13.0.0_r65android-13.0.0_r64android-13.0.0_r60android-13.0.0_r59android-13.0.0_r58android13-qpr3-c-s8-releaseandroid13-qpr3-c-s7-releaseandroid13-qpr3-c-s6-releaseandroid13-qpr3-c-s5-releaseandroid13-qpr3-c-s4-releaseandroid13-qpr3-c-s3-releaseandroid13-qpr3-c-s2-releaseandroid13-qpr3-c-s12-releaseandroid13-qpr3-c-s11-releaseandroid13-qpr3-c-s10-releaseandroid13-qpr3-c-s1-release
Limit the number of key descriptors sent back.
Backporting - Ported https://r.android.com/2381494
Merged-In: I5e8543a25dd9f1bb504fbc23f35779da0a0153b0
Bug: 267270741
Test: Manual: Generate 2500 keys with a 200 characters name each.
Change-Id: I6d370651441b4186b28cfed243975e64e3e8c85f
| -rw-r--r-- | keystore2/src/utils.rs | 35 |
1 files changed, 34 insertions, 1 deletions
diff --git a/keystore2/src/utils.rs b/keystore2/src/utils.rs index 9db2eb9d..08d3a8ef 100644 --- a/keystore2/src/utils.rs +++ b/keystore2/src/utils.rs @@ -279,7 +279,40 @@ pub fn list_key_entries( ); result.sort_unstable(); result.dedup(); - Ok(result) + + let mut items_to_return = 0; + let mut returned_bytes: usize = 0; + const RESPONSE_SIZE_LIMIT: usize = 358400; + // Estimate the transaction size to avoid returning more items than what + // could fit in a binder transaction. + for kd in result.iter() { + // 4 bytes for the Domain enum + // 8 bytes for the Namespace long. + returned_bytes += 4 + 8; + // Size of the alias string. Includes 4 bytes for length encoding. + if let Some(alias) = &kd.alias { + returned_bytes += 4 + alias.len(); + } + // Size of the blob. Includes 4 bytes for length encoding. + if let Some(blob) = &kd.blob { + returned_bytes += 4 + blob.len(); + } + // The binder transaction size limit is 1M. Empirical measurements show + // that the binder overhead is 60% (to be confirmed). So break after + // 350KB and return a partial list. + if returned_bytes > RESPONSE_SIZE_LIMIT { + log::warn!( + "Key descriptors list ({} items) may exceed binder \ + size, returning {} items est {} bytes.", + result.len(), + items_to_return, + returned_bytes + ); + break; + } + items_to_return += 1; + } + Ok(result[..items_to_return].to_vec()) } /// This module provides helpers for simplified use of the watchdog module. |