-
Notifications
You must be signed in to change notification settings - Fork 105
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
5 changed files
with
400 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,37 @@ | ||
|
||
Microsoft Visual Studio Solution File, Format Version 12.00 | ||
# Visual Studio Version 17 | ||
VisualStudioVersion = 17.8.34330.188 | ||
MinimumVisualStudioVersion = 10.0.40219.1 | ||
Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "AdvLoggerDumpWin", "AdvLoggerDumpWin\AdvLoggerDumpWin.vcxproj", "{F983380B-B6C4-44EE-8835-0137E0876321}" | ||
EndProject | ||
Global | ||
GlobalSection(SolutionConfigurationPlatforms) = preSolution | ||
Debug|ARM64 = Debug|ARM64 | ||
Debug|x64 = Debug|x64 | ||
Debug|x86 = Debug|x86 | ||
Release|ARM64 = Release|ARM64 | ||
Release|x64 = Release|x64 | ||
Release|x86 = Release|x86 | ||
EndGlobalSection | ||
GlobalSection(ProjectConfigurationPlatforms) = postSolution | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Debug|ARM64.ActiveCfg = Debug|ARM64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Debug|ARM64.Build.0 = Debug|ARM64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Debug|x64.ActiveCfg = Debug|x64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Debug|x64.Build.0 = Debug|x64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Debug|x86.ActiveCfg = Debug|Win32 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Debug|x86.Build.0 = Debug|Win32 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Release|ARM64.ActiveCfg = Release|ARM64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Release|ARM64.Build.0 = Release|ARM64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Release|x64.ActiveCfg = Release|x64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Release|x64.Build.0 = Release|x64 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Release|x86.ActiveCfg = Release|Win32 | ||
{F983380B-B6C4-44EE-8835-0137E0876321}.Release|x86.Build.0 = Release|Win32 | ||
EndGlobalSection | ||
GlobalSection(SolutionProperties) = preSolution | ||
HideSolutionNode = FALSE | ||
EndGlobalSection | ||
GlobalSection(ExtensibilityGlobals) = postSolution | ||
SolutionGuid = {514003CD-1327-488E-9C4E-8761C728A1E3} | ||
EndGlobalSection | ||
EndGlobal |
160 changes: 160 additions & 0 deletions
160
AdvLoggerPkg/Application/Windows/AdvLoggerDumpWin/AdvLoggerDumpWin.vcxproj
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,160 @@ | ||
<?xml version="1.0" encoding="utf-8"?> | ||
<Project DefaultTargets="Build" ToolsVersion="15.0" xmlns="http://schemas.microsoft.com/developer/msbuild/2003"> | ||
<Import Project="..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.props" Condition="Exists('..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.props')" /> | ||
<PropertyGroup Label="Globals"> | ||
<CppWinRTOptimized>true</CppWinRTOptimized> | ||
<CppWinRTRootNamespaceAutoMerge>true</CppWinRTRootNamespaceAutoMerge> | ||
<CppWinRTGenerateWindowsMetadata>true</CppWinRTGenerateWindowsMetadata> | ||
<MinimalCoreWin>true</MinimalCoreWin> | ||
<VCProjectVersion>15.0</VCProjectVersion> | ||
<ProjectGuid>{f983380b-b6c4-44ee-8835-0137e0876321}</ProjectGuid> | ||
<Keyword>Win32Proj</Keyword> | ||
<RootNamespace>AdvLoggerDumpWin</RootNamespace> | ||
<WindowsTargetPlatformVersion Condition=" '$(WindowsTargetPlatformVersion)' == '' ">10.0</WindowsTargetPlatformVersion> | ||
<WindowsTargetPlatformMinVersion>10.0.17134.0</WindowsTargetPlatformMinVersion> | ||
</PropertyGroup> | ||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.Default.props" /> | ||
<ItemGroup Label="ProjectConfigurations"> | ||
<ProjectConfiguration Include="Debug|ARM64"> | ||
<Configuration>Debug</Configuration> | ||
<Platform>ARM64</Platform> | ||
</ProjectConfiguration> | ||
<ProjectConfiguration Include="Debug|Win32"> | ||
<Configuration>Debug</Configuration> | ||
<Platform>Win32</Platform> | ||
</ProjectConfiguration> | ||
<ProjectConfiguration Include="Release|ARM64"> | ||
<Configuration>Release</Configuration> | ||
<Platform>ARM64</Platform> | ||
</ProjectConfiguration> | ||
<ProjectConfiguration Include="Release|Win32"> | ||
<Configuration>Release</Configuration> | ||
<Platform>Win32</Platform> | ||
</ProjectConfiguration> | ||
<ProjectConfiguration Include="Debug|x64"> | ||
<Configuration>Debug</Configuration> | ||
<Platform>x64</Platform> | ||
</ProjectConfiguration> | ||
<ProjectConfiguration Include="Release|x64"> | ||
<Configuration>Release</Configuration> | ||
<Platform>x64</Platform> | ||
</ProjectConfiguration> | ||
</ItemGroup> | ||
<PropertyGroup Label="Configuration"> | ||
<ConfigurationType>Application</ConfigurationType> | ||
<PlatformToolset>v143</PlatformToolset> | ||
<PlatformToolset Condition="'$(VisualStudioVersion)' == '16.0'">v142</PlatformToolset> | ||
<PlatformToolset Condition="'$(VisualStudioVersion)' == '15.0'">v141</PlatformToolset> | ||
<PlatformToolset Condition="'$(VisualStudioVersion)' == '14.0'">v140</PlatformToolset> | ||
<CharacterSet>Unicode</CharacterSet> | ||
</PropertyGroup> | ||
<PropertyGroup Condition="'$(Configuration)'=='Debug'" Label="Configuration"> | ||
<UseDebugLibraries>true</UseDebugLibraries> | ||
<LinkIncremental>true</LinkIncremental> | ||
</PropertyGroup> | ||
<PropertyGroup Condition="'$(Configuration)'=='Release'" Label="Configuration"> | ||
<UseDebugLibraries>false</UseDebugLibraries> | ||
<WholeProgramOptimization>true</WholeProgramOptimization> | ||
<LinkIncremental>true</LinkIncremental> | ||
</PropertyGroup> | ||
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> | ||
<UseOfMfc>Static</UseOfMfc> | ||
</PropertyGroup> | ||
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|x64'"> | ||
<UseOfMfc>Static</UseOfMfc> | ||
</PropertyGroup> | ||
<PropertyGroup Label="Configuration" Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'"> | ||
<UseOfMfc>Static</UseOfMfc> | ||
</PropertyGroup> | ||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.props" /> | ||
<ImportGroup Label="ExtensionSettings"> | ||
</ImportGroup> | ||
<ImportGroup Label="Shared"> | ||
</ImportGroup> | ||
<ImportGroup Label="PropertySheets"> | ||
<Import Project="$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props" Condition="exists('$(UserRootDir)\Microsoft.Cpp.$(Platform).user.props')" Label="LocalAppDataPlatform" /> | ||
</ImportGroup> | ||
<ImportGroup Label="PropertySheets"> | ||
<Import Project="PropertySheet.props" /> | ||
</ImportGroup> | ||
<PropertyGroup Label="UserMacros" /> | ||
<ItemDefinitionGroup> | ||
<ClCompile> | ||
<PrecompiledHeader>NotUsing</PrecompiledHeader> | ||
<PrecompiledHeaderFile> | ||
</PrecompiledHeaderFile> | ||
<PrecompiledHeaderOutputFile> | ||
</PrecompiledHeaderOutputFile> | ||
<PreprocessorDefinitions>_CONSOLE;WIN32_LEAN_AND_MEAN;WINRT_LEAN_AND_MEAN;%(PreprocessorDefinitions)</PreprocessorDefinitions> | ||
<WarningLevel>Level4</WarningLevel> | ||
<AdditionalOptions>%(AdditionalOptions) /permissive- /bigobj</AdditionalOptions> | ||
</ClCompile> | ||
</ItemDefinitionGroup> | ||
<ItemDefinitionGroup Condition="'$(Configuration)'=='Debug'"> | ||
<ClCompile> | ||
<Optimization>Disabled</Optimization> | ||
<PreprocessorDefinitions>_DEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions> | ||
<DebugInformationFormat Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">ProgramDatabase</DebugInformationFormat> | ||
<RuntimeLibrary Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">MultiThreadedDebugDLL</RuntimeLibrary> | ||
<FunctionLevelLinking Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">false</FunctionLevelLinking> | ||
<DebugInformationFormat Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">ProgramDatabase</DebugInformationFormat> | ||
<FunctionLevelLinking Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">false</FunctionLevelLinking> | ||
</ClCompile> | ||
<Link> | ||
<SubSystem>Console</SubSystem> | ||
<GenerateWindowsMetadata>false</GenerateWindowsMetadata> | ||
<UACExecutionLevel Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">RequireAdministrator</UACExecutionLevel> | ||
<UACExecutionLevel Condition="'$(Configuration)|$(Platform)'=='Debug|ARM64'">RequireAdministrator</UACExecutionLevel> | ||
<GenerateDebugInformation Condition="'$(Configuration)|$(Platform)'=='Debug|x64'">true</GenerateDebugInformation> | ||
</Link> | ||
</ItemDefinitionGroup> | ||
<ItemDefinitionGroup Condition="'$(Platform)'=='Win32'"> | ||
<ClCompile> | ||
<PreprocessorDefinitions>WIN32;%(PreprocessorDefinitions)</PreprocessorDefinitions> | ||
</ClCompile> | ||
</ItemDefinitionGroup> | ||
<ItemDefinitionGroup Condition="'$(Configuration)'=='Release'"> | ||
<ClCompile> | ||
<Optimization>MaxSpeed</Optimization> | ||
<FunctionLevelLinking>true</FunctionLevelLinking> | ||
<IntrinsicFunctions>true</IntrinsicFunctions> | ||
<PreprocessorDefinitions>NDEBUG;%(PreprocessorDefinitions)</PreprocessorDefinitions> | ||
<RuntimeLibrary Condition="'$(Configuration)|$(Platform)'=='Release|x64'">MultiThreaded</RuntimeLibrary> | ||
<RuntimeLibrary Condition="'$(Configuration)|$(Platform)'=='Release|ARM64'">MultiThreaded</RuntimeLibrary> | ||
<BasicRuntimeChecks Condition="'$(Configuration)|$(Platform)'=='Release|x64'">Default</BasicRuntimeChecks> | ||
<WholeProgramOptimization Condition="'$(Configuration)|$(Platform)'=='Release|x64'">false</WholeProgramOptimization> | ||
</ClCompile> | ||
<Link> | ||
<SubSystem>Console</SubSystem> | ||
<EnableCOMDATFolding>false</EnableCOMDATFolding> | ||
<OptimizeReferences> | ||
</OptimizeReferences> | ||
<GenerateWindowsMetadata>false</GenerateWindowsMetadata> | ||
<LinkTimeCodeGeneration Condition="'$(Configuration)|$(Platform)'=='Release|x64'"> | ||
</LinkTimeCodeGeneration> | ||
<UACExecutionLevel Condition="'$(Configuration)|$(Platform)'=='Release|x64'">RequireAdministrator</UACExecutionLevel> | ||
</Link> | ||
</ItemDefinitionGroup> | ||
<ItemGroup> | ||
<ClInclude Include="main.h" /> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<ClCompile Include="main.cpp" /> | ||
</ItemGroup> | ||
<ItemGroup> | ||
<None Include="packages.config" /> | ||
<None Include="PropertySheet.props" /> | ||
<None Include="ReadMe.md" /> | ||
</ItemGroup> | ||
<Import Project="$(VCTargetsPath)\Microsoft.Cpp.targets" /> | ||
<ImportGroup Label="ExtensionTargets"> | ||
<Import Project="..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.targets" Condition="Exists('..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.targets')" /> | ||
</ImportGroup> | ||
<Target Name="EnsureNuGetPackageBuildImports" BeforeTargets="PrepareForBuild"> | ||
<PropertyGroup> | ||
<ErrorText>This project references NuGet package(s) that are missing on this computer. Use NuGet Package Restore to download them. For more information, see http://go.microsoft.com/fwlink/?LinkID=322105. The missing file is {0}.</ErrorText> | ||
</PropertyGroup> | ||
<Error Condition="!Exists('..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.props')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.props'))" /> | ||
<Error Condition="!Exists('..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.targets')" Text="$([System.String]::Format('$(ErrorText)', '..\packages\Microsoft.Windows.CppWinRT.2.0.240111.5\build\native\Microsoft.Windows.CppWinRT.targets'))" /> | ||
</Target> | ||
</Project> |
32 changes: 32 additions & 0 deletions
32
AdvLoggerPkg/Application/Windows/AdvLoggerDumpWin/ReadMe.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,32 @@ | ||
# AdvLoggerPkg - AdvLoggerDumpWin | ||
AdvLoggerDumpWin is used to retrieve the advanced UEFI debug log stored in system memory. | ||
|
||
## About | ||
If the Advanced Logger is enabled, the debug log is stored in memory and is available through the UEFI | ||
Variable store. | ||
This tool creates a Windows executable that writes the UEFI variable data to a binary log file. As the | ||
log in memory has additional metadata and alignment structure, DecodeUefiLog.py (in AdvLoggerPkg) | ||
parses the in-memory UefiLog to a text stream and writes the decoded log to a local file. The Python | ||
script can be used to both retrieve the log and decode it. | ||
AdvLoggerDumpWin is able to be used in systems without Python. | ||
|
||
## Usage: | ||
With administrator privileges, run the executable. | ||
In an administrator command prompt: | ||
``` | ||
AdvLoggerDumpWin.exe | ||
``` | ||
The program creates a new log file `new_logfile.bin` in the current directory. | ||
|
||
|
||
## Building | ||
To build the project, open the solution file in Visual Studio. | ||
Ensure you have the necessary dependencies. | ||
* Microsoft.Windows.CppWinRT package | ||
* Windows SDK | ||
* VS build tools | ||
|
||
|
||
## Copyright | ||
Copyright (C) Microsoft Corporation. All rights reserved. | ||
SPDX-License-Identifier: BSD-2-Clause-Patent |
161 changes: 161 additions & 0 deletions
161
AdvLoggerPkg/Application/Windows/AdvLoggerDumpWin/main.cpp
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,161 @@ | ||
#include "main.h" | ||
#include <Windows.h> | ||
#include <shellapi.h> | ||
#include <stdio.h> | ||
#include <sstream> | ||
#include <iostream> | ||
#include <fstream> | ||
|
||
using namespace winrt; | ||
using namespace Windows::Foundation; | ||
using namespace std; | ||
|
||
// | ||
// Elevate current process system environment privileges to access UEFI variables | ||
// | ||
static int ElevateCurrentPrivileges() | ||
{ | ||
HANDLE ProcessHandle = GetCurrentProcess(); | ||
DWORD DesiredAccess = TOKEN_ADJUST_PRIVILEGES | TOKEN_QUERY;; | ||
HANDLE hProcessToken; | ||
TOKEN_PRIVILEGES tp; | ||
LUID luid; | ||
int Status = 0; | ||
|
||
if (!LookupPrivilegeValue(NULL, L"SeSystemEnvironmentPrivilege", &luid)) { | ||
Status = GetLastError(); | ||
cout << "Failed to lookup privilege value. Errno " << Status << endl; | ||
return Status; | ||
} | ||
|
||
if (!OpenProcessToken(ProcessHandle, DesiredAccess, &hProcessToken)) { | ||
Status = GetLastError(); | ||
cout << "Failed to open process token. Errno " << Status << endl; | ||
return Status; | ||
} | ||
|
||
tp.PrivilegeCount = 1; | ||
tp.Privileges[0].Luid = luid; | ||
tp.Privileges[0].Attributes = SE_PRIVILEGE_ENABLED; | ||
|
||
if (!AdjustTokenPrivileges(hProcessToken, FALSE, &tp, sizeof(TOKEN_PRIVILEGES), (PTOKEN_PRIVILEGES)NULL, (PDWORD)NULL)) { | ||
Status = GetLastError(); | ||
cout << "Failed to adjust token privileges. Errno " << Status << endl; | ||
return Status; | ||
} | ||
|
||
if (GetLastError() == ERROR_NOT_ALL_ASSIGNED) { | ||
Status = (int)ERROR_NOT_ALL_ASSIGNED; | ||
cout << "The token does not have the specified privilege. Errno " << Status << endl; | ||
return Status; | ||
} | ||
|
||
CloseHandle(ProcessHandle); | ||
return SUCCESS; | ||
} | ||
|
||
// | ||
// Create log file by retrieving AdvancedLogger variables from UEFI interface | ||
// | ||
int ReadLogFromUefiInterface(fstream& lfile) | ||
{ | ||
int Status = 0; | ||
int i = 0; | ||
DWORD length = 0; | ||
DWORD err = 0; | ||
|
||
stringstream varName; | ||
char* varBuffer = (char *) malloc(MAX_VAR_LENGTH + 1); | ||
|
||
// string to LPCWSTR conversion | ||
string tmpGuid = "{a021bf2b-34ed-4a98-859c-420ef94f3e94}"; | ||
wstring tmpGuidW = wstring(tmpGuid.begin(), tmpGuid.end()); | ||
LPCWSTR guid = tmpGuidW.c_str(); | ||
|
||
// | ||
// Parse variables by index until reached end of log | ||
// | ||
while (Status == 0) { | ||
string tmpVarName = "V" + to_string(i); | ||
wstring tmpVarNameW = wstring(tmpVarName.begin(), tmpVarName.end()); | ||
LPCWSTR varNameConst = tmpVarNameW.c_str(); | ||
|
||
// Retrieve one advanced logger indexed variable via kernel32 API | ||
length = GetFirmwareEnvironmentVariableW(varNameConst, guid, varBuffer, MAX_VAR_LENGTH); | ||
|
||
if (length == 0) { | ||
err = GetLastError(); | ||
|
||
// If error is ERROR_NOT_FOUND (203), reached end of variables | ||
if (err != 203) { | ||
Status = EFI_ERROR; | ||
cout << "Error reading variable " << tmpVarName << " errno: " << err << endl; | ||
return Status; | ||
} | ||
else { | ||
Status = (int)err; | ||
} | ||
} | ||
|
||
if (Status == 0) { | ||
i += 1; | ||
streamsize varSize = (streamsize)length; | ||
lfile.write(varBuffer, varSize); | ||
if (lfile.fail()) { | ||
cout << "Failed to write to file\n"; | ||
Status = CONS_ERROR; | ||
return Status; | ||
} | ||
} | ||
else if (i == 0) { | ||
cout << "No variables found.\n"; | ||
return Status; | ||
} | ||
else { | ||
cout << i << " variables read. " << lfile.tellg() << " chars written.\n"; | ||
} | ||
|
||
if (varBuffer) { | ||
ZeroMemory(varBuffer, MAX_VAR_LENGTH); | ||
} | ||
} | ||
|
||
free(varBuffer); | ||
return SUCCESS; | ||
} | ||
|
||
int main() | ||
{ | ||
fstream logfile; | ||
const char* newRawFilename = ".\\new_logfile.bin"; | ||
int Status = 0; | ||
|
||
Status = ElevateCurrentPrivileges(); | ||
if (Status !=0) { | ||
cout << "Failed to elevate privileges, errno:" << Status << endl; | ||
return Status; | ||
} | ||
|
||
// Create new binary logfile | ||
logfile.open(newRawFilename, ios::out | ios::binary); | ||
if (!logfile) { | ||
cout << "Error opening file.\n"; | ||
Status = FILE_ERROR; | ||
return Status; | ||
} | ||
|
||
Status = ReadLogFromUefiInterface(logfile); | ||
if (Status != SUCCESS) { | ||
cerr << "Error reading log, exiting.\n"; | ||
return LOG_ERROR; | ||
} | ||
|
||
logfile.close(); | ||
if (logfile.fail()) { | ||
cout << "Error closing file.\n"; | ||
return FILE_ERROR; | ||
} | ||
|
||
return SUCCESS; | ||
} | ||
|
Oops, something went wrong.