ExternalVendorCode/HIRS
1
0
Fork 0
mirror of https://github.com/nsacyber/HIRS.git synced 2024-12-18 20:47:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

get pciids from code if not found on filesystem

Browse Source
This commit is contained in:
iadgovuser58 2024-09-26 15:30:40 -04:00
parent 3017c13413
commit 6d9863f693
9 changed files with 82 additions and 28 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
HIRS_Utils/src/main/java/hirs/utils/PciIds.java
View File

@ -66,7 +66,7 @@ public final class PciIds {
static {
if (!DB.isReady()) {
// if pciids file is found on the system, then process using this
// if pciids file is found on the system, then process using this file
String dbFile = null;
for (final String path : PCI_IDS_PATH) {
if ((new File(path)).exists()) {
@ -79,7 +79,7 @@ public final class PciIds {
if(dbFile != null) {
InputStream is = null;
try {
is = new FileInputStream(new File(dbFile));
is = new FileInputStream(dbFile);
DB.loadStream(is);
pciidsFileStatus = UefiConstants.FILESTATUS_FROM_FILESYSTEM;
} catch (IOException e) {
@ -98,21 +98,23 @@ public final class PciIds {
// if pciids file is not found on the system or not accessible, then attempt to grab it from code
if(pciidsFileStatus == UefiConstants.FILESTATUS_NOT_ACCESSIBLE) {
InputStream istemp = PciIds.class.getResourceAsStream(PCIIDS_FILENAME);
InputStream isFromCode = PciIds.class.getResourceAsStream(PCIIDS_FILENAME);
if(isFromCode != null) {
try {
DB.loadStream(istemp);
DB.loadStream(isFromCode);
pciidsFileStatus = UefiConstants.FILESTATUS_FROM_CODE;
} catch (IOException e) {
// DB will not be ready, hardware IDs will not be translated
} finally {
if (istemp != null) {
if (isFromCode != null) {
try {
istemp.close();
isFromCode.close();
} catch (IOException e) {
}
}
}
}
}
// if pciids file is not accessible on system or from within code, then log error
if(pciidsFileStatus == UefiConstants.FILESTATUS_NOT_ACCESSIBLE) {

9
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TCGEventLog.java
View File

@ -180,13 +180,12 @@ public final class TCGEventLog {
!= UefiConstants.FILESTATUS_FROM_FILESYSTEM)) {
vendorTableFileStatus = eventList.get(eventNumber - 1).getVendorTableFileStatus();
}
if ((vendorTableFileStatus != UefiConstants.FILESTATUS_NOT_ACCESSIBLE)
&& (eventList.get(eventNumber - 1).getVendorTableFileStatus()
//similar to above with vendor-table.json file, but here with pci.ids file
if ((pciidsFileStatus != UefiConstants.FILESTATUS_NOT_ACCESSIBLE)
&& (eventList.get(eventNumber - 1).getPciidsFileStatus()
!= UefiConstants.FILESTATUS_FROM_FILESYSTEM)) {
vendorTableFileStatus = eventList.get(eventNumber - 1).getVendorTableFileStatus();
pciidsFileStatus = eventList.get(eventNumber - 1).getPciidsFileStatus();
}
//add pci here
}
calculatePcrValues();
}

1
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/TpmPcrEvent.java
View File

@ -448,6 +448,7 @@ public class TpmPcrEvent {
specVersion = noAction.getSpecVersion();
specErrataVersion = noAction.getSpecErrataVersion();
}
pciidsFileStatus = noAction.getPciidsFileStatus();
break;
case EvConstants.EV_SEPARATOR:
if (EvPostCode.isAscii(content)) {

10
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/DeviceSecurityEvent.java
View File

@ -62,8 +62,12 @@ public abstract class DeviceSecurityEvent {
private String deviceContextInfo = "";
/**
* Track status of pci.ids file.
* This is only needed if DeviceSecurityEvent includes a DeviceSecurityEventDataPciContext
* Track status of pci.ids
* This is only used for events that access the pci.ids file.
* (In this class, this is only needed if DeviceSecurityEvent includes a DeviceSecurityEventDataPciContext)
* Default is normal status (normal status is from-filesystem).
* Status will only change IF this is an event that uses this file,
* and if that event causes a different status.
*/
@Getter
private String pciidsFileStatus = UefiConstants.FILESTATUS_FROM_FILESYSTEM;
@ -92,6 +96,8 @@ public abstract class DeviceSecurityEvent {
} else if (deviceType == DeviceSecurityEventDataDeviceContext.DEVICE_TYPE_PCI) {
dsedPciContext = new DeviceSecurityEventDataPciContext(dsedDeviceContextBytes);
deviceContextInfo = dsedPciContext.toString();
// getPciidsFileStatus() must be called after DeviceSecurityEventDataPciContext.toString(),
// because the toString function is where the pciids db gets set up and used
pciidsFileStatus = dsedPciContext.getPciidsFileStatus();
} else if (deviceType == DeviceSecurityEventDataDeviceContext.DEVICE_TYPE_USB) {
deviceContextInfo = " Device Type: USB - To be implemented";

4
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvEfiSpdmDeviceSecurityEvent.java
View File

@ -6,8 +6,6 @@ import lombok.Getter;
import java.nio.charset.StandardCharsets;
import static hirs.utils.tpm.eventlog.uefi.UefiConstants.FILESTATUS_FROM_FILESYSTEM;
/**
* Abstract class to process any SPDM event that is solely a DEVICE_SECURITY_EVENT_DATA or
* DEVICE_SECURITY_EVENT_DATA2. The event field MUST be a
@ -56,7 +54,7 @@ public class EvEfiSpdmDeviceSecurityEvent {
* and if that event causes a different status.
*/
@Getter
private String pciidsFileStatus = FILESTATUS_FROM_FILESYSTEM;
private String pciidsFileStatus = UefiConstants.FILESTATUS_FROM_FILESYSTEM;
/**
* EvEfiSpdmFirmwareBlob constructor.

12
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/EvNoAction.java
View File

@ -53,6 +53,16 @@ public class EvNoAction {
@Getter
private String noActionInfo = "";
/**
* Track status of pci.ids
* This is only used for events that access the pci.ids file.
* Default is normal status (normal status is from-filesystem).
* Status will only change IF this is an event that uses this file,
* and if that event causes a different status.
*/
@Getter
private String pciidsFileStatus = UefiConstants.FILESTATUS_FROM_FILESYSTEM;
/**
* EvNoAction constructor.
*
@ -78,9 +88,11 @@ public class EvNoAction {
} else if (signature.contains("NvIndexInstance")) {
NvIndexInstanceEventLogData nvIndexInstanceEvent = new NvIndexInstanceEventLogData(eventData);
noActionInfo += nvIndexInstanceEvent.toString();
pciidsFileStatus = nvIndexInstanceEvent.getPciidsFileStatus();
} else if (signature.contains("NvIndexDynamic")) {
NvIndexDynamicEventLogData nvIndexDynamicEvent = new NvIndexDynamicEventLogData(eventData);
noActionInfo += nvIndexDynamicEvent.toString();
pciidsFileStatus = nvIndexDynamicEvent.getPciidsFileStatus();
} else {
noActionInfo = " EV_NO_ACTION event named \"" + signature
+ "\" encountered but support for processing it has not been"

12
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/NvIndexDynamicEventLogData.java
View File

@ -1,6 +1,8 @@
package hirs.utils.tpm.eventlog.events;
import hirs.utils.HexUtils;
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
import lombok.Getter;
import java.nio.charset.StandardCharsets;
@ -36,6 +38,16 @@ public class NvIndexDynamicEventLogData {
*/
private String nvIndexDynamicInfo = "";
/**
* Track status of pci.ids
* This is only used for events that access the pci.ids file.
* Default is normal status (normal status is from-filesystem).
* Status will only change IF this is an event that uses this file,
* and if that event causes a different status.
*/
@Getter
private String pciidsFileStatus = UefiConstants.FILESTATUS_FROM_FILESYSTEM;
/**
* NvIndexInstanceEventLogData constructor.
*

13
HIRS_Utils/src/main/java/hirs/utils/tpm/eventlog/events/NvIndexInstanceEventLogData.java
View File

@ -1,6 +1,8 @@
package hirs.utils.tpm.eventlog.events;
import hirs.utils.HexUtils;
import hirs.utils.tpm.eventlog.uefi.UefiConstants;
import lombok.Getter;
import java.nio.charset.StandardCharsets;
@ -38,6 +40,16 @@ public class NvIndexInstanceEventLogData {
*/
private String nvIndexInstanceInfo = "";
/**
* Track status of pci.ids
* This is only used for events that access the pci.ids file.
* Default is normal status (normal status is from-filesystem).
* Status will only change IF this is an event that uses this file,
* and if that event causes a different status.
*/
@Getter
private String pciidsFileStatus = UefiConstants.FILESTATUS_FROM_FILESYSTEM;
/**
* NvIndexInstanceEventLogData constructor.
*
@ -84,6 +96,7 @@ public class NvIndexInstanceEventLogData {
if (dsedVersion.equals("0200")) {
dsed = new DeviceSecurityEventData2(dsedEventData);
nvIndexInstanceInfo += dsed.toString();
pciidsFileStatus = dsed.getPciidsFileStatus();
} else {
nvIndexInstanceInfo += " Incompatible version for DeviceSecurityEventData2: "
+ dsedVersion + "\n";

17
tools/tcg_eventlog_tool/src/main/java/hirs/tcg_eventlog/Main.java
View File

@ -136,14 +136,25 @@ final class Main {
+ evLog.getEventList().size() + " events:\n\n");
}
if (evLog.getVendorTableFileStatus() == FILESTATUS_NOT_ACCESSIBLE) {
writeOut("*** WARNING: The file vendor-table.json was not accessible from the "
+ "filesystem or the code, so some event data shown in the output of this "
+ "tool may be outdated or omitted.\n\n");
writeOut("*** WARNING: "
+ "The file vendor-table.json was not accessible from the filesystem or the code,\n"
+ " so some event data shown in the output of this tool may be outdated\n"
+ " or omitted.\n\n");
} else if (evLog.getVendorTableFileStatus() == FILESTATUS_FROM_CODE) {
writeOut("*** NOTE: "
+ "The file vendor-table.json file was not accessible from the filesystem,\n"
+ " so the vendor-table.json from code was used.\n\n");
}
if (evLog.getPciidsFileStatus() == FILESTATUS_NOT_ACCESSIBLE) {
writeOut("*** WARNING: "
+ "The file pci.ids was not accessible from the filesystem or the code,\n"
+ " so some pci device info lookups in the output of this tool\n"
+ " may be omitted or the hex code may be used instead.\n\n");
} else if (evLog.getPciidsFileStatus() == FILESTATUS_FROM_CODE) {
writeOut("*** NOTE: "
+ "The file pci.ids file was not accessible from the filesystem,\n"
+ " so the pci.ids from code was used.\n\n");
}
}
int eventCount = 0;
for (TpmPcrEvent event : evLog.getEventList()) {