VBoxTraceLogDecoders.cpp@ 104896

Last change on this file since 104896 was 104896, checked in by vboxsync, 10 months ago
Devices/Trace: Add support for tracing the ITPMCONNECTOR interface and start with a decoder plugin for dissecting TPM command/respons buffers, bugref:10701 [build fix]
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 15.3 KB

Line
1	/* $Id: VBoxTraceLogDecoders.cpp 104896 2024-06-12 14:15:06Z vboxsync $ */
2	/** @file
3	* RTTraceLogDecoders - Implement decoders for the tracing driver.
4	*/
5
6	/*
7	* Copyright (C) 2024 Oracle and/or its affiliates.
8	*
9	* This file is part of VirtualBox base platform packages, as
10	* available from https://www.virtualbox.org.
11	*
12	* This program is free software; you can redistribute it and/or
13	* modify it under the terms of the GNU General Public License
14	* as published by the Free Software Foundation, in version 3 of the
15	* License.
16	*
17	* This program is distributed in the hope that it will be useful, but
18	* WITHOUT ANY WARRANTY; without even the implied warranty of
19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20	* General Public License for more details.
21	*
22	* You should have received a copy of the GNU General Public License
23	* along with this program; if not, see <https://www.gnu.org/licenses>.
24	*
25	* The contents of this file may alternatively be used under the terms
26	* of the Common Development and Distribution License Version 1.0
27	* (CDDL), a copy of it is provided in the "COPYING.CDDL" file included
28	* in the VirtualBox distribution, in which case the provisions of the
29	* CDDL are applicable instead of those of the GPL.
30	*
31	* You may elect to license modified versions of this file under the
32	* terms and conditions of either the GPL or the CDDL or both.
33	*
34	* SPDX-License-Identifier: GPL-3.0-only OR CDDL-1.0
35	*/
36
37
38	/*********************************************************************************************************************************
39	* Header Files *
40	*********************************************************************************************************************************/
41	#define LOG_GROUP RTLOGGROUP_DEFAULT
42	#include <iprt/assert.h>
43	#include <iprt/errcore.h>
44	#include <iprt/log.h>
45	#include <iprt/message.h>
46	#include <iprt/tracelog-decoder-plugin.h>
47
48	#include <iprt/formats/tpm.h>
49
50	/*********************************************************************************************************************************
51	* Structures and Typedefs *
52	*********************************************************************************************************************************/
53
54
55	/*********************************************************************************************************************************
56	* Static Variables *
57	*********************************************************************************************************************************/
58
59
60	/*********************************************************************************************************************************
61	* Internal Functions *
62	*********************************************************************************************************************************/
63
64	static struct
65	{
66	uint32_t u32CmdCode;
67	const char *pszCmdCode;
68	const char *pszCmdDesc;
69	} s_aTpmCmdCodes[] =
70	{
71	#define TPM_CMD_CODE_INIT(a_CmdCode, a_Desc) { a_CmdCode, #a_CmdCode, a_Desc }
72	TPM_CMD_CODE_INIT(TPM2_CC_NV_UNDEFINE_SPACE_SPECIAL, NULL),
73	TPM_CMD_CODE_INIT(TPM2_CC_EVICT_CONTROL, NULL),
74	TPM_CMD_CODE_INIT(TPM2_CC_HIERARCHY_CONTROL, NULL),
75	TPM_CMD_CODE_INIT(TPM2_CC_NV_UNDEFINE_SPACE, NULL),
76	TPM_CMD_CODE_INIT(TPM2_CC_CHANGE_EPS, NULL),
77	TPM_CMD_CODE_INIT(TPM2_CC_CHANGE_PPS, NULL),
78	TPM_CMD_CODE_INIT(TPM2_CC_CLEAR, NULL),
79	TPM_CMD_CODE_INIT(TPM2_CC_CLEAR_CONTROL, NULL),
80	TPM_CMD_CODE_INIT(TPM2_CC_CLOCK_SET, NULL),
81	TPM_CMD_CODE_INIT(TPM2_CC_HIERARCHY_CHANGE_AUTH, NULL),
82	TPM_CMD_CODE_INIT(TPM2_CC_NV_DEFINE_SPACE, NULL),
83	TPM_CMD_CODE_INIT(TPM2_CC_PCR_ALLOCATE, NULL),
84	TPM_CMD_CODE_INIT(TPM2_CC_PCR_SET_AUTH_POLICY, NULL),
85	TPM_CMD_CODE_INIT(TPM2_CC_PP_COMMANDS, NULL),
86	TPM_CMD_CODE_INIT(TPM2_CC_SET_PRIMARY_POLICY, NULL),
87	TPM_CMD_CODE_INIT(TPM2_CC_FIELD_UPGRADE_START, NULL),
88	TPM_CMD_CODE_INIT(TPM2_CC_CLOCK_RATE_ADJUST, NULL),
89	TPM_CMD_CODE_INIT(TPM2_CC_CREATE_PRIMARY, NULL),
90	TPM_CMD_CODE_INIT(TPM2_CC_NV_GLOBAL_WRITE_LOCK, NULL),
91	TPM_CMD_CODE_INIT(TPM2_CC_GET_COMMAND_AUDIT_DIGEST, NULL),
92	TPM_CMD_CODE_INIT(TPM2_CC_NV_INCREMENT, NULL),
93	TPM_CMD_CODE_INIT(TPM2_CC_NV_SET_BITS, NULL),
94	TPM_CMD_CODE_INIT(TPM2_CC_NV_EXTEND, NULL),
95	TPM_CMD_CODE_INIT(TPM2_CC_NV_WRITE, NULL),
96	TPM_CMD_CODE_INIT(TPM2_CC_NV_WRITE_LOCK, NULL),
97	TPM_CMD_CODE_INIT(TPM2_CC_DICTIONARY_ATTACK_LOCK_RESET, NULL),
98	TPM_CMD_CODE_INIT(TPM2_CC_DICTIONARY_ATTACK_PARAMETERS, NULL),
99	TPM_CMD_CODE_INIT(TPM2_CC_NV_CHANGE_AUTH, NULL),
100	TPM_CMD_CODE_INIT(TPM2_CC_PCR_EVENT, NULL),
101	TPM_CMD_CODE_INIT(TPM2_CC_PCR_RESET, NULL),
102	TPM_CMD_CODE_INIT(TPM2_CC_SEQUENCE_COMPLETE, NULL),
103	TPM_CMD_CODE_INIT(TPM2_CC_SET_ALGORITHM_SET, NULL),
104	TPM_CMD_CODE_INIT(TPM2_CC_SET_COMMAND_CODE_AUDIT_STATUS, NULL),
105	TPM_CMD_CODE_INIT(TPM2_CC_FIELD_UPGRADE_DATA, NULL),
106	TPM_CMD_CODE_INIT(TPM2_CC_INCREMENTAL_SELF_TEST, NULL),
107	TPM_CMD_CODE_INIT(TPM2_CC_SELF_TEST, NULL),
108	TPM_CMD_CODE_INIT(TPM2_CC_STARTUP, NULL),
109	TPM_CMD_CODE_INIT(TPM2_CC_SHUTDOWN, NULL),
110	TPM_CMD_CODE_INIT(TPM2_CC_STIR_RANDOM, NULL),
111	TPM_CMD_CODE_INIT(TPM2_CC_ACTIVATE_CREDENTIAL, NULL),
112	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY, NULL),
113	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NV, NULL),
114	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY_CREATION, NULL),
115	TPM_CMD_CODE_INIT(TPM2_CC_DUPLICATE, NULL),
116	TPM_CMD_CODE_INIT(TPM2_CC_GET_TIME, NULL),
117	TPM_CMD_CODE_INIT(TPM2_CC_GET_SESSION_AUDIT_DIGEST, NULL),
118	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ, NULL),
119	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_LOCK, NULL),
120	TPM_CMD_CODE_INIT(TPM2_CC_OBJECT_CHANGE_AUTH, NULL),
121	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_SECRET, NULL),
122	TPM_CMD_CODE_INIT(TPM2_CC_REWRAP, NULL),
123	TPM_CMD_CODE_INIT(TPM2_CC_CREATE, NULL),
124	TPM_CMD_CODE_INIT(TPM2_CC_ECDH_ZGEN, NULL),
125	TPM_CMD_CODE_INIT(TPM2_CC_HMAC_MAC, NULL),
126	TPM_CMD_CODE_INIT(TPM2_CC_IMPORT, NULL),
127	TPM_CMD_CODE_INIT(TPM2_CC_LOAD, NULL),
128	TPM_CMD_CODE_INIT(TPM2_CC_QUOTE, NULL),
129	TPM_CMD_CODE_INIT(TPM2_CC_RSA_DECRYPT, NULL),
130	TPM_CMD_CODE_INIT(TPM2_CC_HMAC_MAC_START, NULL),
131	TPM_CMD_CODE_INIT(TPM2_CC_SEQUENCE_UPDATE, NULL),
132	TPM_CMD_CODE_INIT(TPM2_CC_SIGN, NULL),
133	TPM_CMD_CODE_INIT(TPM2_CC_UNSEAL, NULL),
134	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_SIGNED, NULL),
135	TPM_CMD_CODE_INIT(TPM2_CC_CONTEXT_LOAD, NULL),
136	TPM_CMD_CODE_INIT(TPM2_CC_CONTEXT_SAVE, NULL),
137	TPM_CMD_CODE_INIT(TPM2_CC_ECDH_KEY_GEN, NULL),
138	TPM_CMD_CODE_INIT(TPM2_CC_ENCRYPT_DECRYPT, NULL),
139	TPM_CMD_CODE_INIT(TPM2_CC_FLUSH_CONTEXT, NULL),
140	TPM_CMD_CODE_INIT(TPM2_CC_LOAD_EXTERNAL, NULL),
141	TPM_CMD_CODE_INIT(TPM2_CC_MAKE_CREDENTIAL, NULL),
142	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_PUBLIC, NULL),
143	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTHORIZE, NULL),
144	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTH_VALUE, NULL),
145	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_COMMAND_CODE, NULL),
146	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_COUNTER_TIMER, NULL),
147	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_CP_HASH, NULL),
148	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_LOCALITY, NULL),
149	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NAME_HASH, NULL),
150	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_OR, NULL),
151	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_TICKET, NULL),
152	TPM_CMD_CODE_INIT(TPM2_CC_READ_PUBLIC, NULL),
153	TPM_CMD_CODE_INIT(TPM2_CC_RSA_ENCRYPT, NULL),
154	TPM_CMD_CODE_INIT(TPM2_CC_START_AUTH_SESSION, NULL),
155	TPM_CMD_CODE_INIT(TPM2_CC_VERIFY_SIGNATURE, NULL),
156	TPM_CMD_CODE_INIT(TPM2_CC_ECC_PARAMETERS, NULL),
157	TPM_CMD_CODE_INIT(TPM2_CC_FIRMWARE_READ, NULL),
158	TPM_CMD_CODE_INIT(TPM2_CC_GET_CAPABILITY, NULL),
159	TPM_CMD_CODE_INIT(TPM2_CC_GET_RANDOM, NULL),
160	TPM_CMD_CODE_INIT(TPM2_CC_GET_TEST_RESULT, NULL),
161	TPM_CMD_CODE_INIT(TPM2_CC_GET_HASH, NULL),
162	TPM_CMD_CODE_INIT(TPM2_CC_PCR_READ, NULL),
163	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PCR, NULL),
164	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_RESTART, NULL),
165	TPM_CMD_CODE_INIT(TPM2_CC_READ_CLOCK, NULL),
166	TPM_CMD_CODE_INIT(TPM2_CC_PCR_EXTEND, NULL),
167	TPM_CMD_CODE_INIT(TPM2_CC_PCR_SET_AUTH_VALUE, NULL),
168	TPM_CMD_CODE_INIT(TPM2_CC_NV_CERTIFY, NULL),
169	TPM_CMD_CODE_INIT(TPM2_CC_EVENT_SEQUENCE_COMPLETE, NULL),
170	TPM_CMD_CODE_INIT(TPM2_CC_HASH_SEQUENCE_START, NULL),
171	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PHYSICAL_PRESENCE, NULL),
172	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_DUPLICATION_SELECT, NULL),
173	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_GET_DIGEST, NULL),
174	TPM_CMD_CODE_INIT(TPM2_CC_TEST_PARMS, NULL),
175	TPM_CMD_CODE_INIT(TPM2_CC_COMMIT, NULL),
176	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PASSWORD, NULL),
177	TPM_CMD_CODE_INIT(TPM2_CC_ZGEN_2PHASE, NULL),
178	TPM_CMD_CODE_INIT(TPM2_CC_EC_EPHEMERAL, NULL),
179	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NV_WRITTEN, NULL),
180	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_TEMPLATE, NULL),
181	TPM_CMD_CODE_INIT(TPM2_CC_CREATE_LOADED, NULL),
182	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTHORIZE_NV, NULL),
183	TPM_CMD_CODE_INIT(TPM2_CC_ENCRYPT_DECRYPT_2, NULL),
184	TPM_CMD_CODE_INIT(TPM2_CC_AC_GET_CAPABILITY, NULL),
185	TPM_CMD_CODE_INIT(TPM2_CC_AC_SEND, NULL),
186	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AC_SEND_SELECT, NULL),
187	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY_X509, NULL),
188	TPM_CMD_CODE_INIT(TPM2_CC_ACT_SET_TIMEOUT, NULL),
189	TPM_CMD_CODE_INIT(TPM2_CC_ECC_ENCRYPT, NULL),
190	TPM_CMD_CODE_INIT(TPM2_CC_ECC_DECRYPT, NULL),
191	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_CAPABILITY, NULL),
192	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PARAMETERS, NULL),
193	TPM_CMD_CODE_INIT(TPM2_CC_NV_DEFINE_SPACE_2, NULL),
194	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_PUBLIC_2, NULL),
195	TPM_CMD_CODE_INIT(TPM2_CC_SET_CAPABILITY, NULL)
196	#undef TPM_CMD_CODE_INIT
197	};
198
199	static void vboxTraceLogDecodeEvtTpmDecodeCmdBuffer(const uint8_t *pbCmd, size_t cbCmd)
200	{
201	PCTPMREQHDR pHdr = (PCTPMREQHDR)pbCmd;
202	if (cbCmd >= sizeof(*pHdr))
203	{
204	uint32_t u32CmdCode = RT_BE2H_U32(pHdr->u32Ordinal);
205	for (uint32_t i = 0; i < RT_ELEMENTS(s_aTpmCmdCodes); i++)
206	{
207	if (s_aTpmCmdCodes[i].u32CmdCode == u32CmdCode)
208	{
209	RTMsgInfo(" %s:\n", s_aTpmCmdCodes[i].pszCmdCode);
210	return;
211	}
212	}
213	RTMsgInfo(" <Unknown command code>: %#x\n", u32CmdCode);
214	}
215	else
216	RTMsgError("Command buffer is smaller than the request header (required %u, given %zu\n", sizeof(*pHdr), cbCmd);
217	}
218
219
220	static void vboxTraceLogDecodeEvtTpmDecodeRespBuffer(const uint8_t *pbResp, size_t cbResp)
221	{
222	PCTPMRESPHDR pHdr = (PCTPMRESPHDR)pbResp;
223	if (cbResp >= sizeof(*pHdr))
224	{
225	RTMsgInfo(" Status code: %#x\n", RT_BE2H_U32(pHdr->u32ErrCode));
226	}
227	else
228	RTMsgError("Response buffer is smaller than the request header (required %u, given %zu\n", sizeof(*pHdr), cbResp);
229	}
230
231
232	static DECLCALLBACK(int) vboxTraceLogDecodeEvtTpmCmdExecReq(RTTRACELOGRDREVT hTraceLogEvt, PCRTTRACELOGEVTDESC pEvtDesc,
233	PRTTRACELOGEVTVAL paVals, uint32_t cVals)
234	{
235	RT_NOREF(hTraceLogEvt, pEvtDesc);
236	for (uint32_t i = 0; i < cVals; i++)
237	{
238	/* Look for the pvCmd item which stores the command buffer. */
239	if ( !strcmp(paVals[i].pItemDesc->pszName, "pvCmd")
240	&& paVals[i].pItemDesc->enmType == RTTRACELOGTYPE_RAWDATA)
241	{
242	vboxTraceLogDecodeEvtTpmDecodeCmdBuffer(paVals[i].u.RawData.pb, paVals[i].u.RawData.cb);
243	return VINF_SUCCESS;
244	}
245	}
246	RTMsgError("Failed to find the TPM command data buffer for the given event\n");
247	return VERR_NOT_FOUND;
248	}
249
250
251	static DECLCALLBACK(int) vboxTraceLogDecodeEvtTpmCmdExecResp(RTTRACELOGRDREVT hTraceLogEvt, PCRTTRACELOGEVTDESC pEvtDesc,
252	PRTTRACELOGEVTVAL paVals, uint32_t cVals)
253	{
254	RT_NOREF(hTraceLogEvt, pEvtDesc);
255	for (uint32_t i = 0; i < cVals; i++)
256	{
257	/* Look for the pvCmd item which stores the response buffer. */
258	if ( !strcmp(paVals[i].pItemDesc->pszName, "pvResp")
259	&& paVals[i].pItemDesc->enmType == RTTRACELOGTYPE_RAWDATA)
260	{
261	vboxTraceLogDecodeEvtTpmDecodeRespBuffer(paVals[i].u.RawData.pb, paVals[i].u.RawData.cb);
262	return VINF_SUCCESS;
263	}
264	}
265	RTMsgError("Failed to find the TPM command data buffer for the given event\n");
266	return VERR_NOT_FOUND;
267	}
268
269
270	/**
271	* Filter plugin interface.
272	*/
273	const RTTRACELOGDECODERDECODEEVENT g_aTraceLogDecode[] =
274	{
275	{ "ITpmConnector.CmdExecReq", vboxTraceLogDecodeEvtTpmCmdExecReq },
276	{ "ITpmConnector.CmdExecResp", vboxTraceLogDecodeEvtTpmCmdExecResp },
277	};
278
279
280	/**
281	* Shared object initialization callback.
282	*/
283	extern "C" DECLCALLBACK(DECLEXPORT(int)) RTTraceLogDecoderLoad(void *pvUser, PRTTRACELOGDECODERREGISTER pRegisterCallbacks)
284	{
285	AssertLogRelMsgReturn(pRegisterCallbacks->u32Version == RT_TRACELOG_DECODERREG_CB_VERSION,
286	("pRegisterCallbacks->u32Version=%#x RT_TRACELOG_DECODERREG_CB_VERSION=%#x\n",
287	pRegisterCallbacks->u32Version, RT_TRACELOG_DECODERREG_CB_VERSION),
288	VERR_VERSION_MISMATCH);
289
290	return pRegisterCallbacks->pfnRegisterDecoders(pvUser, &g_aTraceLogDecode[0], RT_ELEMENTS(g_aTraceLogDecode));
291	}
292

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Devices/Trace/VBoxTraceLogDecoders.cpp@ 104896

Download in other formats: