Skip to content

Commit

Permalink
Added Github Actions (#20)
Browse files Browse the repository at this point in the history 
* Added Github Actions

* Fix: major/minor version

* [minor] Make Clippy happy
  • Loading branch information
@daladim
daladim authored Aug 11, 2022
1 parent 2649306 commit da304e9
Show file tree
Hide file tree
Showing 13 changed files with 108 additions and 63 deletions.
41 changes: 41 additions & 0 deletions .github/workflows/rust.yml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,41 @@
name: Rust

on:
push:
branches: [ "master" ]
pull_request:
branches: [ "master" ]

env:
CARGO_TERM_COLOR: always

jobs:
build-and-test:
runs-on: windows-2022
steps:
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- uses: actions-rs/cargo@v1
with:
command: check
- uses: actions-rs/cargo@v1
with:
command: test

clippy-on-diffs:
runs-on: windows-2022
steps:
- uses: actions/checkout@v3
- uses: actions-rs/toolchain@v1
with:
profile: minimal
toolchain: stable
override: true
- uses: actions-rs/clippy-check@v1
with:
token: ${{ secrets.GITHUB_TOKEN }}

6 changes: 3 additions & 3 deletions src/native/etw_types.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -31,9 +31,9 @@ pub const INVALID_TRACE_HANDLE: TraceHandle = u64::MAX;

#[allow(dead_code)]
pub(crate) enum ControlValues {
ControlQuery = 0,
ControlStop = 1,
ControlUpdate = 2,
Query = 0,
Stop = 1,
Update = 2,
}

#[allow(dead_code)]
Expand Down
18 changes: 9 additions & 9 deletions src/native/evntrace.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -63,7 +63,7 @@ impl NativeEtw {
}

pub(crate) fn session_handle(&self) -> TraceHandle {
self.session_handle.clone()
self.session_handle
}

// Not a big fan of this...
Expand All @@ -82,14 +82,14 @@ impl NativeEtw {
if self.session_handle == INVALID_TRACE_HANDLE {
return Err(EvntraceNativeError::InvalidHandle);
}
Ok(self.process()?)
self.process()
}

pub(crate) fn open(
&mut self,
trace_data: &TraceData,
) -> EvntraceNativeResult<EventTraceLogfile> {
Ok(self.open_trace(trace_data)?)
self.open_trace(trace_data)
}

pub(crate) fn stop(&mut self, trace_data: &TraceData) -> EvntraceNativeResult<()> {
Expand All @@ -103,13 +103,13 @@ impl NativeEtw {
return Err(EvntraceNativeError::InvalidHandle);
}

let clone_handle = self.session_handle.clone();
let clone_handle = self.session_handle;
std::thread::spawn(move || {
let mut now = FILETIME::default();
unsafe {
GetSystemTimeAsFileTime(&mut now);

Etw::ProcessTrace(&[clone_handle], &mut now, std::ptr::null_mut());
Etw::ProcessTrace(&[clone_handle], &now, std::ptr::null_mut());
// if Etw::ProcessTrace(&[clone_handlee], &mut now, std::ptr::null_mut()) != 0 {
// return Err(EvntraceNativeError::IoError(std::io::Error::last_os_error()));
// }
Expand Down Expand Up @@ -213,22 +213,22 @@ impl NativeEtw {

pub(crate) fn enable_trace(
&self,
mut guid: GUID,
guid: GUID,
any: u64,
all: u64,
level: u8,
mut parameters: EnableTraceParameters,
parameters: EnableTraceParameters,
) -> EvntraceNativeResult<()> {
unsafe {
if Etw::EnableTraceEx2(
self.registration_handle,
&mut guid,
&guid,
1, // Fixme: EVENT_CONTROL_CODE_ENABLE_PROVIDER
level,
any,
all,
0,
&mut *parameters,
&*parameters,
) != 0
{
return Err(EvntraceNativeError::IoError(std::io::Error::last_os_error()));
Expand Down
12 changes: 6 additions & 6 deletions src/native/pla.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,15 +75,15 @@ pub struct Variant {

impl Variant {
pub fn new(vt: u16, val: u32) -> Self {
let mut variant = Variant::default();
variant.vt = vt;
variant.val = val;

variant
Variant{
vt,
val,
..Default::default()
}
}

pub fn increment_val(&mut self) {
self.val = self.val + 1;
self.val += 1;
}
pub fn get_val(&self) -> u32 {
self.val
Expand Down
20 changes: 11 additions & 9 deletions src/native/tdh.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,11 +27,11 @@ impl From<std::io::Error> for TdhNativeError {

pub(crate) type TdhNativeResult<T> = Result<T, TdhNativeError>;

pub(crate) fn schema_from_tdh(mut event: EventRecord) -> TdhNativeResult<TraceEventInfoRaw> {
pub(crate) fn schema_from_tdh(event: EventRecord) -> TdhNativeResult<TraceEventInfoRaw> {
let mut buffer_size = 0;
unsafe {
if Etw::TdhGetEventInformation(
&mut event,
&event,
&[],
std::ptr::null_mut(),
&mut buffer_size,
Expand All @@ -42,7 +42,7 @@ pub(crate) fn schema_from_tdh(mut event: EventRecord) -> TdhNativeResult<TraceEv

let mut buffer = TraceEventInfoRaw::alloc(buffer_size);
if Etw::TdhGetEventInformation(
&mut event,
&event,
&[],
buffer.info_as_ptr() as *mut _,
&mut buffer_size,
Expand All @@ -55,17 +55,19 @@ pub(crate) fn schema_from_tdh(mut event: EventRecord) -> TdhNativeResult<TraceEv
}
}

pub(crate) fn property_size(mut event: EventRecord, name: &str) -> TdhNativeResult<u32> {
pub(crate) fn property_size(event: EventRecord, name: &str) -> TdhNativeResult<u32> {
let mut property_size = 0;

let mut desc = Etw::PROPERTY_DATA_DESCRIPTOR::default();
desc.ArrayIndex = u32::MAX;
let name = name.as_utf16();
desc.PropertyName = name.as_ptr() as u64;
let name = name.into_utf16();
let desc = Etw::PROPERTY_DATA_DESCRIPTOR{
ArrayIndex: u32::MAX,
PropertyName: name.as_ptr() as u64,
..Default::default()
};

unsafe {
let status = Etw::TdhGetPropertySize(
&mut event,
&event,
&[],
&[desc],
&mut property_size,
Expand Down
8 changes: 6 additions & 2 deletions src/native/tdh_types.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -58,7 +58,11 @@ impl Property {
}

pub fn len(&self) -> usize {
self.length.clone() as usize
self.length as usize
}

pub fn is_empty(&self) -> bool {
self.length == 0
}
}

Expand Down Expand Up @@ -162,7 +166,7 @@ bitflags! {

impl From<Etw::PROPERTY_FLAGS> for PropertyFlags {
fn from(val: Etw::PROPERTY_FLAGS) -> Self {
let flags: i32 = val.0.into();
let flags: i32 = val.0;
// Should be a safe cast
PropertyFlags::from_bits_truncate(flags as u32)
}
Expand Down
12 changes: 7 additions & 5 deletions src/native/version_helper.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,13 @@ type OsVersionInfo = OSVERSIONINFOEXA;
const VER_GREATER_OR_EQUAL: u8 = windows::Win32::System::SystemServices::VER_GREATER_EQUAL as u8;

fn verify_system_version(major: u8, minor: u8, sp_major: u16) -> VersionHelperResult<bool> {
let mut os_version = OsVersionInfo::default();
os_version.dwOSVersionInfoSize = std::mem::size_of::<OsVersionInfo>() as u32;
os_version.dwMajorVersion = major as u32;
os_version.dwMajorVersion = minor as u32;
os_version.wServicePackMajor = sp_major;
let mut os_version = OsVersionInfo{
dwOSVersionInfoSize: std::mem::size_of::<OsVersionInfo>() as u32,
dwMajorVersion: major as u32,
dwMinorVersion: minor as u32,
wServicePackMajor: sp_major,
..Default::default()
};

let mut condition_mask = 0;
unsafe {
Expand Down
27 changes: 13 additions & 14 deletions src/parser.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,6 +119,7 @@ impl<'a> Parser<'a> {
}

// TODO: Find a cleaner way to do this, not very happy with it rn
#[allow(clippy::len_zero)]
fn find_property_size(&self, property: &Property) -> ParserResult<usize> {
// There are several cases
// * regular case, where property.len() directly makes sense
Expand All @@ -129,20 +130,18 @@ impl<'a> Parser<'a> {
if property
.flags
.intersects(PropertyFlags::PROPERTY_PARAM_LENGTH) == false
&& property.len() > 0
&& (property.len() > 0)
{
let size;
if property.in_type() != TdhInType::InTypePointer {
size = property.len() as usize;
} else {
// There is an exception regarding pointer size though
// When reading captures from another architecture, we should take care of the _source_ pointer size, not the current architecture's pointer size.
size = if (self.schema.event_flags() & EVENT_HEADER_FLAG_32_BIT_HEADER) != 0 {
4
} else {
8
};
}
let size = match property.in_type() {
TdhInType::InTypePointer => property.len() as usize,
_ => {
if (self.schema.event_flags() & EVENT_HEADER_FLAG_32_BIT_HEADER) != 0 {
4
} else {
8
}
}
};
return Ok(size);
}

Expand Down Expand Up @@ -171,7 +170,7 @@ impl<'a> Parser<'a> {
None => return Err(ParserError::PropertyError("Index out of bounds".to_owned())),
};

let prop_size = self.find_property_size(&curr_prop)?;
let prop_size = self.find_property_size(curr_prop)?;

if self.buffer.len() < prop_size {
return Err(ParserError::PropertyError(
Expand Down
10 changes: 4 additions & 6 deletions src/provider.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -144,7 +144,7 @@ pub mod kernel_providers {
/// Use the `new` function to create a Kernel Provider which can be then tied into a Provider
pub const fn new(guid: GUID, flags: u32) -> KernelProvider {
KernelProvider {
guid: guid,
guid,
flags,
}
}
Expand Down Expand Up @@ -265,6 +265,8 @@ pub mod kernel_providers {
KernelProvider::new(kernel_guids::ALPC_GUID, kernel_flags::EVENT_TRACE_FLAG_ALPC);
}

type EtwCallback = Box<dyn FnMut(EventRecord, &mut schema::SchemaLocator) + Send + Sync + 'static>;

/// Main Provider structure
pub struct Provider {
/// Option that represents a Provider GUID
Expand All @@ -280,11 +282,7 @@ pub struct Provider {
/// Provider kernel flags, only apply to KernelProvider
pub flags: u32, // Only applies to KernelProviders
// perfinfo
callbacks: Arc<
RwLock<
Vec<Box<dyn FnMut(EventRecord, &mut schema::SchemaLocator) + Send + Sync + 'static>>,
>,
>,
callbacks: Arc<RwLock<Vec<EtwCallback>>>,
// filters: RwLock<Vec<F>>,
}

Expand Down
2 changes: 1 addition & 1 deletion src/schema.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -119,7 +119,7 @@ impl SchemaLocator {

if !self.schemas.contains_key(&key) {
// TODO: Cloning for now, should be a reference at some point...
info = Arc::from(tdh::schema_from_tdh(event.clone())?);
info = Arc::from(tdh::schema_from_tdh(event)?);
self.schemas.insert(key, Arc::clone(&info));
} else {
info = Arc::clone(self.schemas.get(&key).unwrap());
Expand Down
6 changes: 3 additions & 3 deletions src/trace.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -101,7 +101,7 @@ impl TraceData {
}

pub(crate) fn on_event(&mut self, record: EventRecord) {
self.events_handled = self.events_handled + 1;
self.events_handled += 1;
let locator = &mut self.schema_locator;
// We need a mutable reference to be able to modify the data it refers, which is actually
// done within the Callback (The schema locator is modified)
Expand Down Expand Up @@ -216,7 +216,7 @@ macro_rules! impl_base_trace {
if let Err(err) = self.etw.start() {
match err {
evntrace::EvntraceNativeError::InvalidHandle => {
return Ok(self.open()?.process()?);
return self.open()?.process();
},
_=> return Err(TraceError::EtwNativeError(err)),
};
Expand Down Expand Up @@ -332,7 +332,7 @@ impl TraceTrait for UserTrace {
EnableTraceParameters::create(prov_guid, prov.trace_flags);
// Fixme: return error if this fails
self.etw.enable_trace(
prov_guid.clone(),
prov_guid,
prov.any,
prov.all,
prov.level,
Expand Down
8 changes: 4 additions & 4 deletions src/traits.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -7,19 +7,19 @@ pub trait LastOsError<T: From<std::io::Error>> {
}

pub trait EncodeUtf16 {
fn as_utf16(self: Self) -> Vec<u16>;
fn into_utf16(self) -> Vec<u16>;
}

impl EncodeUtf16 for &str {
fn as_utf16(self: Self) -> Vec<u16> {
fn into_utf16(self) -> Vec<u16> {
self.encode_utf16() // Make a UTF-16 iterator
.chain(iter::once(0)) // Append a null
.collect() // Collect the iterator into a vector
}
}

impl EncodeUtf16 for String {
fn as_utf16(self: Self) -> Vec<u16> {
self.as_str().as_utf16()
fn into_utf16(self) -> Vec<u16> {
self.as_str().into_utf16()
}
}
1 change: 0 additions & 1 deletion src/utils.rs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,6 @@ pub fn parse_unk_size_null_utf16_string(v: &[u8]) -> String {
.collect::<Vec<u16>>()
.as_slice(),
)
.to_string()
}

pub fn parse_null_utf16_string(v: &[u8]) -> String {
Expand Down

0 comments on commit da304e9

Please sign in to comment.