VBoxTraceLogDecoders.cpp@ 104903

Last change on this file since 104903 was 104903, checked in by vboxsync, 10 months ago
Devices/Trace: Some updates to the TPM trace decoding, bugref:10701
Property svn:eol-style set to `native` Property svn:keywords set to `Author Date Id Revision`
File size: 16.6 KB

Line
1	/* $Id: VBoxTraceLogDecoders.cpp 104903 2024-06-12 17:06:07Z vboxsync $ */
2	/** @file
3	* RTTraceLogDecoders - Implement decoders for the tracing driver.
4	*/
5
6	/*
7	* Copyright (C) 2024 Oracle and/or its affiliates.
8	*
9	* This file is part of VirtualBox base platform packages, as
10	* available from https://www.virtualbox.org.
11	*
12	* This program is free software; you can redistribute it and/or
13	* modify it under the terms of the GNU General Public License
14	* as published by the Free Software Foundation, in version 3 of the
15	* License.
16	*
17	* This program is distributed in the hope that it will be useful, but
18	* WITHOUT ANY WARRANTY; without even the implied warranty of
19	* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
20	* General Public License for more details.
21	*
22	* You should have received a copy of the GNU General Public License
23	* along with this program; if not, see <https://www.gnu.org/licenses>.
24	*
25	* SPDX-License-Identifier: GPL-3.0-only
26	*/
27
28
29	/*********************************************************************************************************************************
30	* Header Files *
31	*********************************************************************************************************************************/
32	#define LOG_GROUP RTLOGGROUP_DEFAULT
33	#include <iprt/assert.h>
34	#include <iprt/errcore.h>
35	#include <iprt/log.h>
36	#include <iprt/message.h>
37	#include <iprt/tracelog-decoder-plugin.h>
38
39	#include <iprt/formats/tpm.h>
40
41
42	/*********************************************************************************************************************************
43	* Structures and Typedefs *
44	*********************************************************************************************************************************/
45
46	/**
47	*/
48	typedef DECLCALLBACKTYPE(void, FNDECODETPM2CC, (PCTPMREQHDR pHdr, size_t cb));
49	/** Pointer to an event decode callback. */
50	typedef FNDECODETPM2CC *PFNFNDECODETPM2CC;
51
52
53	/*********************************************************************************************************************************
54	* Static Variables *
55	*********************************************************************************************************************************/
56
57
58	/*********************************************************************************************************************************
59	* Internal Functions *
60	*********************************************************************************************************************************/
61
62	static DECLCALLBACK(void) vboxTraceLogDecodeEvtTpmDecodeStartupShutdown(PCTPMREQHDR pHdr, size_t cb)
63	{
64	if (cb >= sizeof(uint16_t))
65	{
66	uint16_t u16TpmSu = RT_BE2H_U16((const uint16_t )(pHdr + 1));
67	if (u16TpmSu == TPM2_SU_CLEAR)
68	RTMsgInfo(" TPM2_SU_CLEAR\n");
69	else if (u16TpmSu == TPM2_SU_STATE)
70	RTMsgInfo(" TPM2_SU_STATE\n");
71	else
72	RTMsgInfo(" Unknown: %#x\n", u16TpmSu);
73	return;
74	}
75
76	RTMsgError("Malformed TPM2_CC_STARTUP/TPM2_CC_SHUTDOWN command, not enough room for TPM_SU constant\n");
77	}
78
79
80	static DECLCALLBACK(void) vboxTraceLogDecodeEvtTpmDecodeGetCapability(PCTPMREQHDR pHdr, size_t cb)
81	{
82	if (cb >= sizeof(TPM2REQGETCAPABILITY))
83	{
84	PCTPM2REQGETCAPABILITY pReq = (PCTPM2REQGETCAPABILITY)pHdr;
85	RTMsgInfo(" u32Cap: %#x\n"
86	" u32Property: %#x\n"
87	" u32Count: %#x\n",
88	RT_BE2H_U32(pReq->u32Cap),
89	RT_BE2H_U32(pReq->u32Property),
90	RT_BE2H_U32(pReq->u32Count));
91	return;
92	}
93
94	RTMsgError("Malformed TPM2_CC_GET_CAPABILITY command, not enough room for the input\n");
95	}
96
97
98	static struct
99	{
100	uint32_t u32CmdCode;
101	const char *pszCmdCode;
102	PFNFNDECODETPM2CC pfnDecode;
103	} s_aTpmCmdCodes[] =
104	{
105	#define TPM_CMD_CODE_INIT(a_CmdCode, a_Desc) { a_CmdCode, #a_CmdCode, a_Desc }
106	TPM_CMD_CODE_INIT(TPM2_CC_NV_UNDEFINE_SPACE_SPECIAL, NULL),
107	TPM_CMD_CODE_INIT(TPM2_CC_EVICT_CONTROL, NULL),
108	TPM_CMD_CODE_INIT(TPM2_CC_HIERARCHY_CONTROL, NULL),
109	TPM_CMD_CODE_INIT(TPM2_CC_NV_UNDEFINE_SPACE, NULL),
110	TPM_CMD_CODE_INIT(TPM2_CC_CHANGE_EPS, NULL),
111	TPM_CMD_CODE_INIT(TPM2_CC_CHANGE_PPS, NULL),
112	TPM_CMD_CODE_INIT(TPM2_CC_CLEAR, NULL),
113	TPM_CMD_CODE_INIT(TPM2_CC_CLEAR_CONTROL, NULL),
114	TPM_CMD_CODE_INIT(TPM2_CC_CLOCK_SET, NULL),
115	TPM_CMD_CODE_INIT(TPM2_CC_HIERARCHY_CHANGE_AUTH, NULL),
116	TPM_CMD_CODE_INIT(TPM2_CC_NV_DEFINE_SPACE, NULL),
117	TPM_CMD_CODE_INIT(TPM2_CC_PCR_ALLOCATE, NULL),
118	TPM_CMD_CODE_INIT(TPM2_CC_PCR_SET_AUTH_POLICY, NULL),
119	TPM_CMD_CODE_INIT(TPM2_CC_PP_COMMANDS, NULL),
120	TPM_CMD_CODE_INIT(TPM2_CC_SET_PRIMARY_POLICY, NULL),
121	TPM_CMD_CODE_INIT(TPM2_CC_FIELD_UPGRADE_START, NULL),
122	TPM_CMD_CODE_INIT(TPM2_CC_CLOCK_RATE_ADJUST, NULL),
123	TPM_CMD_CODE_INIT(TPM2_CC_CREATE_PRIMARY, NULL),
124	TPM_CMD_CODE_INIT(TPM2_CC_NV_GLOBAL_WRITE_LOCK, NULL),
125	TPM_CMD_CODE_INIT(TPM2_CC_GET_COMMAND_AUDIT_DIGEST, NULL),
126	TPM_CMD_CODE_INIT(TPM2_CC_NV_INCREMENT, NULL),
127	TPM_CMD_CODE_INIT(TPM2_CC_NV_SET_BITS, NULL),
128	TPM_CMD_CODE_INIT(TPM2_CC_NV_EXTEND, NULL),
129	TPM_CMD_CODE_INIT(TPM2_CC_NV_WRITE, NULL),
130	TPM_CMD_CODE_INIT(TPM2_CC_NV_WRITE_LOCK, NULL),
131	TPM_CMD_CODE_INIT(TPM2_CC_DICTIONARY_ATTACK_LOCK_RESET, NULL),
132	TPM_CMD_CODE_INIT(TPM2_CC_DICTIONARY_ATTACK_PARAMETERS, NULL),
133	TPM_CMD_CODE_INIT(TPM2_CC_NV_CHANGE_AUTH, NULL),
134	TPM_CMD_CODE_INIT(TPM2_CC_PCR_EVENT, NULL),
135	TPM_CMD_CODE_INIT(TPM2_CC_PCR_RESET, NULL),
136	TPM_CMD_CODE_INIT(TPM2_CC_SEQUENCE_COMPLETE, NULL),
137	TPM_CMD_CODE_INIT(TPM2_CC_SET_ALGORITHM_SET, NULL),
138	TPM_CMD_CODE_INIT(TPM2_CC_SET_COMMAND_CODE_AUDIT_STATUS, NULL),
139	TPM_CMD_CODE_INIT(TPM2_CC_FIELD_UPGRADE_DATA, NULL),
140	TPM_CMD_CODE_INIT(TPM2_CC_INCREMENTAL_SELF_TEST, NULL),
141	TPM_CMD_CODE_INIT(TPM2_CC_SELF_TEST, NULL),
142	TPM_CMD_CODE_INIT(TPM2_CC_STARTUP, vboxTraceLogDecodeEvtTpmDecodeStartupShutdown),
143	TPM_CMD_CODE_INIT(TPM2_CC_SHUTDOWN, vboxTraceLogDecodeEvtTpmDecodeStartupShutdown),
144	TPM_CMD_CODE_INIT(TPM2_CC_STIR_RANDOM, NULL),
145	TPM_CMD_CODE_INIT(TPM2_CC_ACTIVATE_CREDENTIAL, NULL),
146	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY, NULL),
147	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NV, NULL),
148	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY_CREATION, NULL),
149	TPM_CMD_CODE_INIT(TPM2_CC_DUPLICATE, NULL),
150	TPM_CMD_CODE_INIT(TPM2_CC_GET_TIME, NULL),
151	TPM_CMD_CODE_INIT(TPM2_CC_GET_SESSION_AUDIT_DIGEST, NULL),
152	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ, NULL),
153	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_LOCK, NULL),
154	TPM_CMD_CODE_INIT(TPM2_CC_OBJECT_CHANGE_AUTH, NULL),
155	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_SECRET, NULL),
156	TPM_CMD_CODE_INIT(TPM2_CC_REWRAP, NULL),
157	TPM_CMD_CODE_INIT(TPM2_CC_CREATE, NULL),
158	TPM_CMD_CODE_INIT(TPM2_CC_ECDH_ZGEN, NULL),
159	TPM_CMD_CODE_INIT(TPM2_CC_HMAC_MAC, NULL),
160	TPM_CMD_CODE_INIT(TPM2_CC_IMPORT, NULL),
161	TPM_CMD_CODE_INIT(TPM2_CC_LOAD, NULL),
162	TPM_CMD_CODE_INIT(TPM2_CC_QUOTE, NULL),
163	TPM_CMD_CODE_INIT(TPM2_CC_RSA_DECRYPT, NULL),
164	TPM_CMD_CODE_INIT(TPM2_CC_HMAC_MAC_START, NULL),
165	TPM_CMD_CODE_INIT(TPM2_CC_SEQUENCE_UPDATE, NULL),
166	TPM_CMD_CODE_INIT(TPM2_CC_SIGN, NULL),
167	TPM_CMD_CODE_INIT(TPM2_CC_UNSEAL, NULL),
168	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_SIGNED, NULL),
169	TPM_CMD_CODE_INIT(TPM2_CC_CONTEXT_LOAD, NULL),
170	TPM_CMD_CODE_INIT(TPM2_CC_CONTEXT_SAVE, NULL),
171	TPM_CMD_CODE_INIT(TPM2_CC_ECDH_KEY_GEN, NULL),
172	TPM_CMD_CODE_INIT(TPM2_CC_ENCRYPT_DECRYPT, NULL),
173	TPM_CMD_CODE_INIT(TPM2_CC_FLUSH_CONTEXT, NULL),
174	TPM_CMD_CODE_INIT(TPM2_CC_LOAD_EXTERNAL, NULL),
175	TPM_CMD_CODE_INIT(TPM2_CC_MAKE_CREDENTIAL, NULL),
176	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_PUBLIC, NULL),
177	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTHORIZE, NULL),
178	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTH_VALUE, NULL),
179	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_COMMAND_CODE, NULL),
180	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_COUNTER_TIMER, NULL),
181	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_CP_HASH, NULL),
182	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_LOCALITY, NULL),
183	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NAME_HASH, NULL),
184	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_OR, NULL),
185	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_TICKET, NULL),
186	TPM_CMD_CODE_INIT(TPM2_CC_READ_PUBLIC, NULL),
187	TPM_CMD_CODE_INIT(TPM2_CC_RSA_ENCRYPT, NULL),
188	TPM_CMD_CODE_INIT(TPM2_CC_START_AUTH_SESSION, NULL),
189	TPM_CMD_CODE_INIT(TPM2_CC_VERIFY_SIGNATURE, NULL),
190	TPM_CMD_CODE_INIT(TPM2_CC_ECC_PARAMETERS, NULL),
191	TPM_CMD_CODE_INIT(TPM2_CC_FIRMWARE_READ, NULL),
192	TPM_CMD_CODE_INIT(TPM2_CC_GET_CAPABILITY, vboxTraceLogDecodeEvtTpmDecodeGetCapability),
193	TPM_CMD_CODE_INIT(TPM2_CC_GET_RANDOM, NULL),
194	TPM_CMD_CODE_INIT(TPM2_CC_GET_TEST_RESULT, NULL),
195	TPM_CMD_CODE_INIT(TPM2_CC_GET_HASH, NULL),
196	TPM_CMD_CODE_INIT(TPM2_CC_PCR_READ, NULL),
197	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PCR, NULL),
198	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_RESTART, NULL),
199	TPM_CMD_CODE_INIT(TPM2_CC_READ_CLOCK, NULL),
200	TPM_CMD_CODE_INIT(TPM2_CC_PCR_EXTEND, NULL),
201	TPM_CMD_CODE_INIT(TPM2_CC_PCR_SET_AUTH_VALUE, NULL),
202	TPM_CMD_CODE_INIT(TPM2_CC_NV_CERTIFY, NULL),
203	TPM_CMD_CODE_INIT(TPM2_CC_EVENT_SEQUENCE_COMPLETE, NULL),
204	TPM_CMD_CODE_INIT(TPM2_CC_HASH_SEQUENCE_START, NULL),
205	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PHYSICAL_PRESENCE, NULL),
206	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_DUPLICATION_SELECT, NULL),
207	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_GET_DIGEST, NULL),
208	TPM_CMD_CODE_INIT(TPM2_CC_TEST_PARMS, NULL),
209	TPM_CMD_CODE_INIT(TPM2_CC_COMMIT, NULL),
210	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PASSWORD, NULL),
211	TPM_CMD_CODE_INIT(TPM2_CC_ZGEN_2PHASE, NULL),
212	TPM_CMD_CODE_INIT(TPM2_CC_EC_EPHEMERAL, NULL),
213	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_NV_WRITTEN, NULL),
214	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_TEMPLATE, NULL),
215	TPM_CMD_CODE_INIT(TPM2_CC_CREATE_LOADED, NULL),
216	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AUTHORIZE_NV, NULL),
217	TPM_CMD_CODE_INIT(TPM2_CC_ENCRYPT_DECRYPT_2, NULL),
218	TPM_CMD_CODE_INIT(TPM2_CC_AC_GET_CAPABILITY, NULL),
219	TPM_CMD_CODE_INIT(TPM2_CC_AC_SEND, NULL),
220	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_AC_SEND_SELECT, NULL),
221	TPM_CMD_CODE_INIT(TPM2_CC_CERTIFY_X509, NULL),
222	TPM_CMD_CODE_INIT(TPM2_CC_ACT_SET_TIMEOUT, NULL),
223	TPM_CMD_CODE_INIT(TPM2_CC_ECC_ENCRYPT, NULL),
224	TPM_CMD_CODE_INIT(TPM2_CC_ECC_DECRYPT, NULL),
225	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_CAPABILITY, NULL),
226	TPM_CMD_CODE_INIT(TPM2_CC_POLICY_PARAMETERS, NULL),
227	TPM_CMD_CODE_INIT(TPM2_CC_NV_DEFINE_SPACE_2, NULL),
228	TPM_CMD_CODE_INIT(TPM2_CC_NV_READ_PUBLIC_2, NULL),
229	TPM_CMD_CODE_INIT(TPM2_CC_SET_CAPABILITY, NULL)
230	#undef TPM_CMD_CODE_INIT
231	};
232
233	static void vboxTraceLogDecodeEvtTpmDecodeCmdBuffer(const uint8_t *pbCmd, size_t cbCmd)
234	{
235	PCTPMREQHDR pHdr = (PCTPMREQHDR)pbCmd;
236	if (cbCmd >= sizeof(*pHdr))
237	{
238	uint32_t u32CmdCode = RT_BE2H_U32(pHdr->u32Ordinal);
239	for (uint32_t i = 0; i < RT_ELEMENTS(s_aTpmCmdCodes); i++)
240	{
241	if (s_aTpmCmdCodes[i].u32CmdCode == u32CmdCode)
242	{
243	RTMsgInfo(" %s:\n", s_aTpmCmdCodes[i].pszCmdCode);
244	if (s_aTpmCmdCodes[i].pfnDecode)
245	s_aTpmCmdCodes[i].pfnDecode(pHdr, RT_BE2H_U32(pHdr->cbReq));
246	return;
247	}
248	}
249	RTMsgInfo(" <Unknown command code>: %#x\n", u32CmdCode);
250	}
251	else
252	RTMsgError("Command buffer is smaller than the request header (required %u, given %zu\n", sizeof(*pHdr), cbCmd);
253	}
254
255
256	static void vboxTraceLogDecodeEvtTpmDecodeRespBuffer(const uint8_t *pbResp, size_t cbResp)
257	{
258	PCTPMRESPHDR pHdr = (PCTPMRESPHDR)pbResp;
259	if (cbResp >= sizeof(*pHdr))
260	{
261	RTMsgInfo(" Status code: %#x\n", RT_BE2H_U32(pHdr->u32ErrCode));
262	}
263	else
264	RTMsgError("Response buffer is smaller than the request header (required %u, given %zu\n", sizeof(*pHdr), cbResp);
265	}
266
267
268	static DECLCALLBACK(int) vboxTraceLogDecodeEvtTpmCmdExecReq(RTTRACELOGRDREVT hTraceLogEvt, PCRTTRACELOGEVTDESC pEvtDesc,
269	PRTTRACELOGEVTVAL paVals, uint32_t cVals)
270	{
271	RT_NOREF(hTraceLogEvt, pEvtDesc);
272	for (uint32_t i = 0; i < cVals; i++)
273	{
274	/* Look for the pvCmd item which stores the command buffer. */
275	if ( !strcmp(paVals[i].pItemDesc->pszName, "pvCmd")
276	&& paVals[i].pItemDesc->enmType == RTTRACELOGTYPE_RAWDATA)
277	{
278	vboxTraceLogDecodeEvtTpmDecodeCmdBuffer(paVals[i].u.RawData.pb, paVals[i].u.RawData.cb);
279	return VINF_SUCCESS;
280	}
281	}
282	RTMsgError("Failed to find the TPM command data buffer for the given event\n");
283	return VERR_NOT_FOUND;
284	}
285
286
287	static DECLCALLBACK(int) vboxTraceLogDecodeEvtTpmCmdExecResp(RTTRACELOGRDREVT hTraceLogEvt, PCRTTRACELOGEVTDESC pEvtDesc,
288	PRTTRACELOGEVTVAL paVals, uint32_t cVals)
289	{
290	RT_NOREF(hTraceLogEvt, pEvtDesc);
291	for (uint32_t i = 0; i < cVals; i++)
292	{
293	/* Look for the pvCmd item which stores the response buffer. */
294	if ( !strcmp(paVals[i].pItemDesc->pszName, "pvResp")
295	&& paVals[i].pItemDesc->enmType == RTTRACELOGTYPE_RAWDATA)
296	{
297	vboxTraceLogDecodeEvtTpmDecodeRespBuffer(paVals[i].u.RawData.pb, paVals[i].u.RawData.cb);
298	return VINF_SUCCESS;
299	}
300	}
301	RTMsgError("Failed to find the TPM command data buffer for the given event\n");
302	return VERR_NOT_FOUND;
303	}
304
305
306	/**
307	* Filter plugin interface.
308	*/
309	const RTTRACELOGDECODERDECODEEVENT g_aTraceLogDecode[] =
310	{
311	{ "ITpmConnector.CmdExecReq", vboxTraceLogDecodeEvtTpmCmdExecReq },
312	{ "ITpmConnector.CmdExecResp", vboxTraceLogDecodeEvtTpmCmdExecResp },
313	};
314
315
316	/**
317	* Shared object initialization callback.
318	*/
319	extern "C" DECLCALLBACK(DECLEXPORT(int)) RTTraceLogDecoderLoad(void *pvUser, PRTTRACELOGDECODERREGISTER pRegisterCallbacks)
320	{
321	AssertLogRelMsgReturn(pRegisterCallbacks->u32Version == RT_TRACELOG_DECODERREG_CB_VERSION,
322	("pRegisterCallbacks->u32Version=%#x RT_TRACELOG_DECODERREG_CB_VERSION=%#x\n",
323	pRegisterCallbacks->u32Version, RT_TRACELOG_DECODERREG_CB_VERSION),
324	VERR_VERSION_MISMATCH);
325
326	return pRegisterCallbacks->pfnRegisterDecoders(pvUser, &g_aTraceLogDecode[0], RT_ELEMENTS(g_aTraceLogDecode));
327	}
328

Note: See TracBrowser for help on using the repository browser.

source: vbox/trunk/src/VBox/Devices/Trace/VBoxTraceLogDecoders.cpp@ 104903

Download in other formats: