diff options
Diffstat (limited to 'keystore2/src/metrics_store.rs')
-rw-r--r-- | keystore2/src/metrics_store.rs | 63 |
1 files changed, 9 insertions, 54 deletions
diff --git a/keystore2/src/metrics_store.rs b/keystore2/src/metrics_store.rs index 62a7d135..77cead8b 100644 --- a/keystore2/src/metrics_store.rs +++ b/keystore2/src/metrics_store.rs @@ -17,11 +17,11 @@ //! stores them in an in-memory store. //! 2. Returns the collected metrics when requested by the statsd proxy. -use crate::error::{get_error_code, Error}; +use crate::error::get_error_code; use crate::globals::DB; use crate::key_parameter::KeyParameterValue as KsKeyParamValue; +use crate::ks_err; use crate::operation::Outcome; -use crate::remote_provisioning::get_pool_status; use android_hardware_security_keymint::aidl::android::hardware::security::keymint::{ Algorithm::Algorithm, BlockMode::BlockMode, Digest::Digest, EcCurve::EcCurve, HardwareAuthenticatorType::HardwareAuthenticatorType, KeyOrigin::KeyOrigin, @@ -41,16 +41,13 @@ use android_security_metrics::aidl::android::security::metrics::{ KeystoreAtom::KeystoreAtom, KeystoreAtomPayload::KeystoreAtomPayload, Outcome::Outcome as MetricsOutcome, Purpose::Purpose as MetricsPurpose, RkpError::RkpError as MetricsRkpError, RkpErrorStats::RkpErrorStats, - RkpPoolStats::RkpPoolStats, SecurityLevel::SecurityLevel as MetricsSecurityLevel, - Storage::Storage as MetricsStorage, + SecurityLevel::SecurityLevel as MetricsSecurityLevel, Storage::Storage as MetricsStorage, }; -use android_system_keystore2::aidl::android::system::keystore2::ResponseCode::ResponseCode; use anyhow::{Context, Result}; use lazy_static::lazy_static; use rustutils::system_properties::PropertyWatcherError; use std::collections::HashMap; use std::sync::Mutex; -use std::time::{Duration, SystemTime, UNIX_EPOCH}; // Note: Crash events are recorded at keystore restarts, based on the assumption that keystore only // gets restarted after a crash, during a boot cycle. @@ -94,11 +91,6 @@ impl MetricsStore { return pull_storage_stats(); } - // Process and return RKP pool stats. - if AtomID::RKP_POOL_STATS == atom_id { - return pull_attestation_pool_stats(); - } - // Process keystore crash stats. if AtomID::CRASH_STATS == atom_id { return Ok(vec![KeystoreAtom { @@ -559,49 +551,12 @@ fn pull_storage_stats() -> Result<Vec<KeystoreAtom>> { Ok(atom_vec) } -fn pull_attestation_pool_stats() -> Result<Vec<KeystoreAtom>> { - let mut atoms = Vec::<KeystoreAtom>::new(); - for sec_level in &[SecurityLevel::TRUSTED_ENVIRONMENT, SecurityLevel::STRONGBOX] { - // set the expired_by date to be three days from now - let expired_by = SystemTime::now() - .checked_add(Duration::from_secs(60 * 60 * 24 * 3)) - .ok_or(Error::Rc(ResponseCode::SYSTEM_ERROR)) - .context("In pull_attestation_pool_stats: Failed to compute expired by system time.")? - .duration_since(UNIX_EPOCH) - .context("In pull_attestation_pool_stats: Failed to compute expired by duration.")? - .as_millis() as i64; - - let result = get_pool_status(expired_by, *sec_level); - - if let Ok(pool_status) = result { - let rkp_pool_stats = RkpPoolStats { - security_level: process_security_level(*sec_level), - expiring: pool_status.expiring, - unassigned: pool_status.unassigned, - attested: pool_status.attested, - total: pool_status.total, - }; - atoms.push(KeystoreAtom { - payload: KeystoreAtomPayload::RkpPoolStats(rkp_pool_stats), - ..Default::default() - }); - } else { - log::error!( - concat!( - "In pull_attestation_pool_stats: Failed to retrieve pool status", - " for security level: {:?}" - ), - sec_level - ); - } - } - Ok(atoms) -} - /// Log error events related to Remote Key Provisioning (RKP). pub fn log_rkp_error_stats(rkp_error: MetricsRkpError, sec_level: &SecurityLevel) { - let rkp_error_stats = KeystoreAtomPayload::RkpErrorStats( - RkpErrorStats { rkpError: rkp_error, security_level: process_security_level(*sec_level) }); + let rkp_error_stats = KeystoreAtomPayload::RkpErrorStats(RkpErrorStats { + rkpError: rkp_error, + security_level: process_security_level(*sec_level), + }); METRICS_STORE.insert_atom(AtomID::RKP_ERROR_STATS, rkp_error_stats); } @@ -649,8 +604,8 @@ pub fn update_keystore_crash_sysprop() { /// Read the system property: keystore.crash_count. pub fn read_keystore_crash_count() -> Result<i32> { rustutils::system_properties::read("keystore.crash_count") - .context("In read_keystore_crash_count: Failed read property.")? - .context("In read_keystore_crash_count: Property not set.")? + .context(ks_err!("Failed read property."))? + .context(ks_err!("Property not set."))? .parse::<i32>() .map_err(std::convert::Into::into) } |