VBoxTraceLogDecoders.cpp@ 104900

Last change on this file since 104900 was 104900, checked in by vboxsync, 10 months ago
Devices/Trace: Add support for tracing the ITPMCONNECTOR interface and start with a decoder plugin for dissecting TPM command/respons buffers, bugref:10701 [scm fix]
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 14.8 KB

Line
1	/* $Id: VBoxTraceLogDecoders.cpp 104900 2024-06-12 14:47:17Z vboxsync $ */
2	/** @file
3	* RTTraceLogDecoders - Implement decoders for the tracing driver.
4	*/
5
6	/*
7	* Copyright (C) 2024 Oracle and/or its affiliates.
8	*
9	* This file is part of VirtualBox base platform packages, as
10	* available from https://www.virtualbox.org.
11	*
12	* This program is free software; you can redistribute it and/or
13	* modify it under the terms of the GNU General Public License
14	* as published by the Free Software Foundation, in version 3 of the
15	* License.
16	*
17	* This program is distributed in the hope that it will be useful, but
18	* WITHOUT ANY WARRANTY; without even the implied warranty of
19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20	* General Public License for more details.
21	*
22	* You should have received a copy of the GNU General Public License
23	* along with this program; if not, see <https://www.gnu.org/licenses>.
24	*
25	* SPDX-License-Identifier: GPL-3.0-only
26	*/
27
28
29	/*********************************************************************************************************************************
30	* Header Files *
31	*********************************************************************************************************************************/
32	#define LOG_GROUP RTLOGGROUP_DEFAULT
33	#include <iprt/assert.h>
34	#include <iprt/errcore.h>
35	#include <iprt/log.h>
36	#include <iprt/message.h>
37	#include <iprt/tracelog-decoder-plugin.h>
38
39	#include <iprt/formats/tpm.h>
40
41
42	/*********************************************************************************************************************************
43	* Structures and Typedefs *
44	*********************************************************************************************************************************/
45
46
47	/*********************************************************************************************************************************
48	* Static Variables *
49	*********************************************************************************************************************************/
50
51
52	/*********************************************************************************************************************************
53	* Internal Functions *
54	*********************************************************************************************************************************/
55
56	static struct
57	{
58	uint32_t u32CmdCode;
59	const char *pszCmdCode;
60	const char *pszCmdDesc;
61	} s_aTpmCmdCodes[] =
62	{
63	#define TPM_CMD_CODE_INIT(a_CmdCode, a_Desc) { a_CmdCode, #a_CmdCode, a_Desc }
64	TPM_CMD_CODE_INIT(TPM2_CC_NV_UNDEFINE_SPACE_SPECIAL, NULL),
65	TPM_CMD_CODE_INIT(TPM2_CC_EVICT_CONTROL, NULL),
66	TPM_CMD_CODE_INIT(TPM2_CC_HIERARCHY_CONTROL, NULL),
67	TPM_CMD_CODE_INIT(TPM2_CC_NV_UNDEFINE_SPACE, NULL),
68	TPM_CMD_CODE_INIT(TPM2_CC_CHANGE_EPS, NULL),
69	TPM_CMD_CODE_INIT(TPM2_CC_CHANGE_PPS, NULL),
70	TPM_CMD_CODE_INIT(TPM2_CC_CLEAR, NULL),
71	TPM_CMD_CODE_INIT(TPM2_CC_CLEAR_CONTROL, NULL),
72	TPM_CMD_CODE_INIT(TPM2_CC_CLOCK_SET, NULL),
73	TPM_CMD_CODE_INIT(TPM2_CC_HIERARCHY_CHANGE_AUTH, NULL),
74	TPM_CMD_CODE_INIT(TPM2_CC_NV_DEFINE_SPACE, NULL),
75	TPM_CMD_CODE_INIT(TPM2_CC_PCR_ALLOCATE, NULL),
76	TPM_CMD_CODE_INIT(TPM2_CC_PCR_SET_AUTH_POLICY, NULL),
77	TPM_CMD_CODE_INIT(TPM2_CC_PP_COMMANDS, NULL),
78	TPM_CMD_CODE_INIT(TPM2_CC_SET_PRIMARY_POLICY, NULL),
79	TPM_CMD_CODE_INIT(TPM2_CC_FIELD_UPGRADE_START, NULL),
80	TPM_CMD_CODE_INIT(TPM2_CC_CLOCK_RATE_ADJUST, NULL),
81	TPM_CMD_CODE_INIT(TPM2_CC_CREATE_PRIMARY, NULL),
82	TPM_CMD_CODE_INIT(TPM2_CC_NV_GLOBAL_WRITE_LOCK, NULL),
83	TPM_CMD_CODE_INIT(TPM2_CC_GET_COMMAND_AUDIT_DIGEST, NULL),
84	TPM_CMD_CODE_INIT(TPM2_CC_NV_INCREMENT, NULL),
85	TPM_CMD_CODE_INIT(TPM2_CC_NV_SET_BITS, NULL),
86	TPM_CMD_CODE_INIT(TPM2_CC_NV_EXTEND, NULL),
87	TPM_CMD_CODE_INIT(TPM2_CC_NV_WRITE, NULL),
88	TPM_CMD_CODE_INIT(TPM2_CC_NV_WRITE_LOCK, NULL),
89	TPM_CMD_CODE_INIT(TPM2_CC_DICTIONARY_ATTACK_LOCK_RESET, NULL),
90	TPM_CMD_CODE_INIT(TPM2_CC_DICTIONARY_ATTACK_PARAMETERS, NULL),
91	TPM_CMD_CODE_INIT(TPM2_CC_NV_CHANGE_AUTH, NULL),
92	TPM_CMD_CODE_INIT(TPM2_CC_PCR_EVENT, NULL),
93	TPM_CMD_CODE_INIT(TPM2_CC_PCR_RESET, NULL),
94	TPM_CMD_CODE_INIT(TPM2_CC_SEQUENCE_COMPLETE, NULL),
95	TPM_CMD_CODE_INIT(TPM2_CC_SET_ALGORITHM_SET, NULL),
96	TPM_CMD_CODE_INIT(TPM2_CC_SET_COMMAND_CODE_AUDIT_STATUS, NULL),
97	TPM_CMD_CODE_INIT(TPM2_CC_FIELD_UPGRADE_DATA, NULL),
98	TPM_CMD_CODE_INIT(TPM2_CC_INCREMENTAL_SELF_TEST, NULL),
99	TPM_CMD_CODE_INIT(TPM2_CC_SELF_TEST, NULL),
100	TPM_CMD_CODE_INIT(TPM2_CC_STARTUP, NULL),
101	TPM_CMD_CODE_INIT(TPM2_CC_SHUTDOWN, NULL),
102	TPM_CMD_CODE_INIT(TPM2_CC_STIR_RANDOM, NULL),
103	TPM_CMD_CODE_INIT(TPM2_CC_ACTIVATE_CREDENTIAL, NULL),
104	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY, NULL),
105	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NV, NULL),
106	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY_CREATION, NULL),
107	TPM_CMD_CODE_INIT(TPM2_CC_DUPLICATE, NULL),
108	TPM_CMD_CODE_INIT(TPM2_CC_GET_TIME, NULL),
109	TPM_CMD_CODE_INIT(TPM2_CC_GET_SESSION_AUDIT_DIGEST, NULL),
110	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ, NULL),
111	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_LOCK, NULL),
112	TPM_CMD_CODE_INIT(TPM2_CC_OBJECT_CHANGE_AUTH, NULL),
113	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_SECRET, NULL),
114	TPM_CMD_CODE_INIT(TPM2_CC_REWRAP, NULL),
115	TPM_CMD_CODE_INIT(TPM2_CC_CREATE, NULL),
116	TPM_CMD_CODE_INIT(TPM2_CC_ECDH_ZGEN, NULL),
117	TPM_CMD_CODE_INIT(TPM2_CC_HMAC_MAC, NULL),
118	TPM_CMD_CODE_INIT(TPM2_CC_IMPORT, NULL),
119	TPM_CMD_CODE_INIT(TPM2_CC_LOAD, NULL),
120	TPM_CMD_CODE_INIT(TPM2_CC_QUOTE, NULL),
121	TPM_CMD_CODE_INIT(TPM2_CC_RSA_DECRYPT, NULL),
122	TPM_CMD_CODE_INIT(TPM2_CC_HMAC_MAC_START, NULL),
123	TPM_CMD_CODE_INIT(TPM2_CC_SEQUENCE_UPDATE, NULL),
124	TPM_CMD_CODE_INIT(TPM2_CC_SIGN, NULL),
125	TPM_CMD_CODE_INIT(TPM2_CC_UNSEAL, NULL),
126	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_SIGNED, NULL),
127	TPM_CMD_CODE_INIT(TPM2_CC_CONTEXT_LOAD, NULL),
128	TPM_CMD_CODE_INIT(TPM2_CC_CONTEXT_SAVE, NULL),
129	TPM_CMD_CODE_INIT(TPM2_CC_ECDH_KEY_GEN, NULL),
130	TPM_CMD_CODE_INIT(TPM2_CC_ENCRYPT_DECRYPT, NULL),
131	TPM_CMD_CODE_INIT(TPM2_CC_FLUSH_CONTEXT, NULL),
132	TPM_CMD_CODE_INIT(TPM2_CC_LOAD_EXTERNAL, NULL),
133	TPM_CMD_CODE_INIT(TPM2_CC_MAKE_CREDENTIAL, NULL),
134	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_PUBLIC, NULL),
135	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTHORIZE, NULL),
136	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTH_VALUE, NULL),
137	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_COMMAND_CODE, NULL),
138	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_COUNTER_TIMER, NULL),
139	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_CP_HASH, NULL),
140	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_LOCALITY, NULL),
141	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NAME_HASH, NULL),
142	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_OR, NULL),
143	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_TICKET, NULL),
144	TPM_CMD_CODE_INIT(TPM2_CC_READ_PUBLIC, NULL),
145	TPM_CMD_CODE_INIT(TPM2_CC_RSA_ENCRYPT, NULL),
146	TPM_CMD_CODE_INIT(TPM2_CC_START_AUTH_SESSION, NULL),
147	TPM_CMD_CODE_INIT(TPM2_CC_VERIFY_SIGNATURE, NULL),
148	TPM_CMD_CODE_INIT(TPM2_CC_ECC_PARAMETERS, NULL),
149	TPM_CMD_CODE_INIT(TPM2_CC_FIRMWARE_READ, NULL),
150	TPM_CMD_CODE_INIT(TPM2_CC_GET_CAPABILITY, NULL),
151	TPM_CMD_CODE_INIT(TPM2_CC_GET_RANDOM, NULL),
152	TPM_CMD_CODE_INIT(TPM2_CC_GET_TEST_RESULT, NULL),
153	TPM_CMD_CODE_INIT(TPM2_CC_GET_HASH, NULL),
154	TPM_CMD_CODE_INIT(TPM2_CC_PCR_READ, NULL),
155	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PCR, NULL),
156	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_RESTART, NULL),
157	TPM_CMD_CODE_INIT(TPM2_CC_READ_CLOCK, NULL),
158	TPM_CMD_CODE_INIT(TPM2_CC_PCR_EXTEND, NULL),
159	TPM_CMD_CODE_INIT(TPM2_CC_PCR_SET_AUTH_VALUE, NULL),
160	TPM_CMD_CODE_INIT(TPM2_CC_NV_CERTIFY, NULL),
161	TPM_CMD_CODE_INIT(TPM2_CC_EVENT_SEQUENCE_COMPLETE, NULL),
162	TPM_CMD_CODE_INIT(TPM2_CC_HASH_SEQUENCE_START, NULL),
163	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PHYSICAL_PRESENCE, NULL),
164	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_DUPLICATION_SELECT, NULL),
165	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_GET_DIGEST, NULL),
166	TPM_CMD_CODE_INIT(TPM2_CC_TEST_PARMS, NULL),
167	TPM_CMD_CODE_INIT(TPM2_CC_COMMIT, NULL),
168	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PASSWORD, NULL),
169	TPM_CMD_CODE_INIT(TPM2_CC_ZGEN_2PHASE, NULL),
170	TPM_CMD_CODE_INIT(TPM2_CC_EC_EPHEMERAL, NULL),
171	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NV_WRITTEN, NULL),
172	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_TEMPLATE, NULL),
173	TPM_CMD_CODE_INIT(TPM2_CC_CREATE_LOADED, NULL),
174	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTHORIZE_NV, NULL),
175	TPM_CMD_CODE_INIT(TPM2_CC_ENCRYPT_DECRYPT_2, NULL),
176	TPM_CMD_CODE_INIT(TPM2_CC_AC_GET_CAPABILITY, NULL),
177	TPM_CMD_CODE_INIT(TPM2_CC_AC_SEND, NULL),
178	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AC_SEND_SELECT, NULL),
179	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY_X509, NULL),
180	TPM_CMD_CODE_INIT(TPM2_CC_ACT_SET_TIMEOUT, NULL),
181	TPM_CMD_CODE_INIT(TPM2_CC_ECC_ENCRYPT, NULL),
182	TPM_CMD_CODE_INIT(TPM2_CC_ECC_DECRYPT, NULL),
183	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_CAPABILITY, NULL),
184	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PARAMETERS, NULL),
185	TPM_CMD_CODE_INIT(TPM2_CC_NV_DEFINE_SPACE_2, NULL),
186	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_PUBLIC_2, NULL),
187	TPM_CMD_CODE_INIT(TPM2_CC_SET_CAPABILITY, NULL)
188	#undef TPM_CMD_CODE_INIT
189	};
190
191	static void vboxTraceLogDecodeEvtTpmDecodeCmdBuffer(const uint8_t *pbCmd, size_t cbCmd)
192	{
193	PCTPMREQHDR pHdr = (PCTPMREQHDR)pbCmd;
194	if (cbCmd >= sizeof(*pHdr))
195	{
196	uint32_t u32CmdCode = RT_BE2H_U32(pHdr->u32Ordinal);
197	for (uint32_t i = 0; i < RT_ELEMENTS(s_aTpmCmdCodes); i++)
198	{
199	if (s_aTpmCmdCodes[i].u32CmdCode == u32CmdCode)
200	{
201	RTMsgInfo(" %s:\n", s_aTpmCmdCodes[i].pszCmdCode);
202	return;
203	}
204	}
205	RTMsgInfo(" <Unknown command code>: %#x\n", u32CmdCode);
206	}
207	else
208	RTMsgError("Command buffer is smaller than the request header (required %u, given %zu\n", sizeof(*pHdr), cbCmd);
209	}
210
211
212	static void vboxTraceLogDecodeEvtTpmDecodeRespBuffer(const uint8_t *pbResp, size_t cbResp)
213	{
214	PCTPMRESPHDR pHdr = (PCTPMRESPHDR)pbResp;
215	if (cbResp >= sizeof(*pHdr))
216	{
217	RTMsgInfo(" Status code: %#x\n", RT_BE2H_U32(pHdr->u32ErrCode));
218	}
219	else
220	RTMsgError("Response buffer is smaller than the request header (required %u, given %zu\n", sizeof(*pHdr), cbResp);
221	}
222
223
224	static DECLCALLBACK(int) vboxTraceLogDecodeEvtTpmCmdExecReq(RTTRACELOGRDREVT hTraceLogEvt, PCRTTRACELOGEVTDESC pEvtDesc,
225	PRTTRACELOGEVTVAL paVals, uint32_t cVals)
226	{
227	RT_NOREF(hTraceLogEvt, pEvtDesc);
228	for (uint32_t i = 0; i < cVals; i++)
229	{
230	/* Look for the pvCmd item which stores the command buffer. */
231	if ( !strcmp(paVals[i].pItemDesc->pszName, "pvCmd")
232	&& paVals[i].pItemDesc->enmType == RTTRACELOGTYPE_RAWDATA)
233	{
234	vboxTraceLogDecodeEvtTpmDecodeCmdBuffer(paVals[i].u.RawData.pb, paVals[i].u.RawData.cb);
235	return VINF_SUCCESS;
236	}
237	}
238	RTMsgError("Failed to find the TPM command data buffer for the given event\n");
239	return VERR_NOT_FOUND;
240	}
241
242
243	static DECLCALLBACK(int) vboxTraceLogDecodeEvtTpmCmdExecResp(RTTRACELOGRDREVT hTraceLogEvt, PCRTTRACELOGEVTDESC pEvtDesc,
244	PRTTRACELOGEVTVAL paVals, uint32_t cVals)
245	{
246	RT_NOREF(hTraceLogEvt, pEvtDesc);
247	for (uint32_t i = 0; i < cVals; i++)
248	{
249	/* Look for the pvCmd item which stores the response buffer. */
250	if ( !strcmp(paVals[i].pItemDesc->pszName, "pvResp")
251	&& paVals[i].pItemDesc->enmType == RTTRACELOGTYPE_RAWDATA)
252	{
253	vboxTraceLogDecodeEvtTpmDecodeRespBuffer(paVals[i].u.RawData.pb, paVals[i].u.RawData.cb);
254	return VINF_SUCCESS;
255	}
256	}
257	RTMsgError("Failed to find the TPM command data buffer for the given event\n");
258	return VERR_NOT_FOUND;
259	}
260
261
262	/**
263	* Filter plugin interface.
264	*/
265	const RTTRACELOGDECODERDECODEEVENT g_aTraceLogDecode[] =
266	{
267	{ "ITpmConnector.CmdExecReq", vboxTraceLogDecodeEvtTpmCmdExecReq },
268	{ "ITpmConnector.CmdExecResp", vboxTraceLogDecodeEvtTpmCmdExecResp },
269	};
270
271
272	/**
273	* Shared object initialization callback.
274	*/
275	extern "C" DECLCALLBACK(DECLEXPORT(int)) RTTraceLogDecoderLoad(void *pvUser, PRTTRACELOGDECODERREGISTER pRegisterCallbacks)
276	{
277	AssertLogRelMsgReturn(pRegisterCallbacks->u32Version == RT_TRACELOG_DECODERREG_CB_VERSION,
278	("pRegisterCallbacks->u32Version=%#x RT_TRACELOG_DECODERREG_CB_VERSION=%#x\n",
279	pRegisterCallbacks->u32Version, RT_TRACELOG_DECODERREG_CB_VERSION),
280	VERR_VERSION_MISMATCH);
281
282	return pRegisterCallbacks->pfnRegisterDecoders(pvUser, &g_aTraceLogDecode[0], RT_ELEMENTS(g_aTraceLogDecode));
283	}
284

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Devices/Trace/VBoxTraceLogDecoders.cpp@ 104900

Download in other formats: