Driver: Add LOG() macros

src/driver/common/common.h

@@ -44,6 +44,8 @@
 
 #define UNUSED(p) ((void) (p))
 
+#define LOG(...) DbgPrintEx(DPFLTR_SYSTEM_ID, DPFLTR_ERROR_LEVEL, "FORT: " __VA_ARGS__)
+
 #ifndef NT_SUCCESS
 #    define NT_SUCCESS(status) ((LONG) (status) >= 0)
 #endif

src/driver/fortbuf.c

@@ -123,7 +123,7 @@ FORT_API NTSTATUS fort_buffer_prepare(
     } else {
         PFORT_BUFFER_DATA data = fort_buffer_data_alloc(buf, len);
         if (data == NULL) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Buffer OOM: len=%d\n", len);
+            LOG("Buffer OOM: len=%d\n", len);
             return STATUS_INSUFFICIENT_RESOURCES;
         }
 

src/driver/fortcb.c

@@ -14,8 +14,7 @@ FORT_API FortCallbackFunc fort_callback(int id, FortCallbackFunc func)
     ProxyCallbackProc cb = g_callbackInfo.src[id];
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Proxy Callback: i=%d func=%p cb=%p\n", id, func, cb);
-            "FORT: Proxy Callback: i=%d func=%p cb=%p\n", id, func, cb);
 #endif
 
     g_callbackInfo.callbacks[id] = func;

src/driver/fortcout.c

@@ -62,8 +62,7 @@ static BOOL fort_callout_classify_v4_blocked_log_stat(const FWPS_INCOMING_VALUES
             return TRUE; /* block (Reauth) */
         }
 
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Classify v4: Flow assoc. error: %x\n", status);
-                "FORT: Classify v4: Flow assoc. error: %x\n", status);
     } else if (is_new_proc) {
         fort_buffer_proc_new_write(&fort_device()->buffer, process_id, path_len, path, irp, info);
     }
@@ -544,8 +543,7 @@ FORT_API NTSTATUS fort_callout_install(PDEVICE_OBJECT device)
 
     status = FwpsCalloutRegister0(device, &c, &fort_device()->connect4_id);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Register Connect V4: Error: %x\n", status);
-                "FORT: Register Connect V4: Error: %x\n", status);
         return status;
     }
 
@@ -555,8 +553,7 @@ FORT_API NTSTATUS fort_callout_install(PDEVICE_OBJECT device)
 
     status = FwpsCalloutRegister0(device, &c, &fort_device()->accept4_id);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Register Accept V4: Error: %x\n", status);
-                "FORT: Register Accept V4: Error: %x\n", status);
         return status;
     }
 
@@ -569,8 +566,7 @@ FORT_API NTSTATUS fort_callout_install(PDEVICE_OBJECT device)
 
     status = FwpsCalloutRegister0(device, &c, &stat->stream4_id);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Register Stream V4: Error: %x\n", status);
-                "FORT: Register Stream V4: Error: %x\n", status);
         return status;
     }
 
@@ -582,8 +578,7 @@ FORT_API NTSTATUS fort_callout_install(PDEVICE_OBJECT device)
 
     status = FwpsCalloutRegister0(device, &c, &stat->datagram4_id);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Register Datagram V4: Error: %x\n", status);
-                "FORT: Register Datagram V4: Error: %x\n", status);
         return status;
     }
 
@@ -596,8 +591,7 @@ FORT_API NTSTATUS fort_callout_install(PDEVICE_OBJECT device)
 
     status = FwpsCalloutRegister0(device, &c, &stat->in_transport4_id);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Register Inbound Transport V4: Error: %x\n", status);
-                "FORT: Register Inbound Transport V4: Error: %x\n", status);
         return status;
     }
 
@@ -609,8 +603,7 @@ FORT_API NTSTATUS fort_callout_install(PDEVICE_OBJECT device)
 
     status = FwpsCalloutRegister0(device, &c, &stat->out_transport4_id);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Register Outbound Transport V4: Error: %x\n", status);
-                "FORT: Register Outbound Transport V4: Error: %x\n", status);
         return status;
     }
 
@@ -746,8 +739,7 @@ FORT_API NTSTATUS fort_callout_force_reauth(
                 (conf_flags.allow_all_new || conf_flags.log_blocked || conf_flags.log_stat
                         || conf_flags.log_blocked_ip));
     } else {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Callout Reauth: Error: %x\n",
+        LOG("Callout Reauth: Error: %x\n", status);
-                status);
     }
 
     return status;
@@ -798,8 +790,7 @@ FORT_API void NTAPI fort_callout_timer(void)
 
         status = fort_buffer_prepare(buf, len, &out, &irp, &info);
         if (!NT_SUCCESS(status)) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Callout Timer: Error: %x\n",
+            LOG("Callout Timer: Error: %x\n", status);
-                    status);
             break;
         }
 

src/driver/fortdev.c

@@ -30,8 +30,7 @@ static void NTAPI fort_worker_reauth(void)
     status = fort_callout_force_reauth(conf_flags, 0);
 
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Worker Reauth: Error: %x\n",
+        LOG("Worker Reauth: Error: %x\n", status);
-                status);
     }
 }
 
@@ -293,8 +292,7 @@ FORT_API NTSTATUS fort_device_control(PDEVICE_OBJECT device, PIRP irp)
     const NTSTATUS status = fort_device_control_process(irp_stack, irp, &info);
 
     if (!NT_SUCCESS(status) && status != FORT_STATUS_USER_ERROR) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Device Control: Error: %x\n",
+        LOG("Device Control: Error: %x\n", status);
-                status);
     }
 
     if (status != STATUS_PENDING) {

src/driver/fortdrv.c

@@ -74,7 +74,7 @@ NTSTATUS DriverEntry(PDRIVER_OBJECT driver, PUNICODE_STRING reg_path)
     const NTSTATUS status = fort_driver_load(driver, reg_path);
 
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Entry: Error: %x\n", status);
+        LOG("Entry: Error: %x\n", status);
 
         fort_driver_unload(driver);
     }

src/driver/fortpkt.c

@@ -136,8 +136,7 @@ FORT_API void fort_defer_open(PFORT_DEFER defer)
     if (!NT_SUCCESS(status)) {
         defer->transport_injection4_id = INVALID_HANDLE_VALUE;
 
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Defer: Transport injection init error: %x\n", status);
-                "FORT: Defer: Transport injection init error: %x\n", status);
     }
 
     status = FwpsInjectionHandleCreate0(
@@ -146,8 +145,7 @@ FORT_API void fort_defer_open(PFORT_DEFER defer)
     if (!NT_SUCCESS(status)) {
         defer->stream_injection4_id = INVALID_HANDLE_VALUE;
 
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Defer: Stream injection init error: %x\n", status);
-                "FORT: Defer: Stream injection init error: %x\n", status);
     }
 
     tommy_arrayof_init(&defer->packets, sizeof(FORT_PACKET));
@@ -388,8 +386,7 @@ FORT_API void fort_defer_packet_free(
         const NTSTATUS status = clonedNetBufList->Status;
 
         if (!NT_SUCCESS(status)) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Defer: Injection error: %x\n", status);
-                    "FORT: Defer: Injection error: %x\n", status);
         }
 
         FwpsFreeCloneNetBufferList0(clonedNetBufList, 0);
@@ -428,8 +425,7 @@ static void fort_defer_packet_inject(PFORT_DEFER defer, PFORT_PACKET pkt,
         status = inject_func(defer, pkt, &clonedNetBufList, complete_func);
 
         if (!NT_SUCCESS(status)) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Defer: Injection prepare error: %x\n", status);
-                    "FORT: Defer: Injection prepare error: %x\n", status);
 
             if (clonedNetBufList != NULL) {
                 clonedNetBufList->Status = STATUS_SUCCESS;

src/driver/fortps.c

@@ -153,7 +153,7 @@ static void NTAPI fort_pstree_notify(
 
     if (createInfo == NULL) {
 #ifdef FORT_DEBUG
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: PsTree: pid=%d CLOSED\n", pid);
+        LOG("PsTree: pid=%d CLOSED\n", pid);
 #endif
         return;
     }
@@ -162,8 +162,7 @@ static void NTAPI fort_pstree_notify(
         return;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("PsTree: pid=%d ppid=%d IMG=[%wZ] CMD=[%wZ]\n", pid, ppid,
-            "FORT: PsTree: pid=%d ppid=%d IMG=[%wZ] CMD=[%wZ]\n", pid, ppid,
             createInfo->ImageFileName, createInfo->CommandLine);
 #endif
 
@@ -193,15 +192,13 @@ FORT_API void fort_pstree_open(PFORT_PSTREE ps_tree)
                     FORT_PSTREE_NOTIFY, PCREATE_PROCESS_NOTIFY_ROUTINE_EX, fort_pstree_notify),
             FALSE);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("PsTree: PsSetCreateProcessNotifyRoutineEx Error: %x\n", status);
-                "FORT: PsTree: PsSetCreateProcessNotifyRoutineEx Error: %x\n", status);
         return;
     }
 
     status = fort_pstree_enum_processes(ps_tree);
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("PsTree: Enum Processes Error: %x\n", status);
-                "FORT: PsTree: Enum Processes Error: %x\n", status);
         return;
     }
 }

src/driver/loader/fortdl.c

@@ -67,7 +67,7 @@ static NTSTATUS fort_loader_init(PUNICODE_STRING driverPath)
     NTSTATUS status;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Init: [%wZ]\n", driverPath);
+    LOG("Loader Init: [%wZ]\n", driverPath);
 #endif
 
     /* Load the driver file */
@@ -84,9 +84,7 @@ static NTSTATUS fort_loader_init(PUNICODE_STRING driverPath)
         }
 
         if (!NT_SUCCESS(status)) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Loader File Read: Error: %x size=%d [%wZ]\n", status, dataSize, driverPath);
-                    "FORT: Loader File Read: Error: %x size=%d [%wZ]\n", status, dataSize,
-                    driverPath);
             return status;
         }
     }
@@ -105,8 +103,7 @@ static NTSTATUS fort_loader_init(PUNICODE_STRING driverPath)
     fort_mem_free(data, FORT_LOADER_POOL_TAG);
 
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Loader Image Payload: Error: %x\n", status);
-                "FORT: Loader Image Payload: Error: %x\n", status);
     }
 
     return status;
@@ -129,8 +126,7 @@ DriverLoaderEntry
     status = fort_driver_path(driver, regPath, &driverPath);
 
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Entry: Path Error: %x\n",
+        LOG("Loader Entry: Path Error: %x\n", status);
-                status);
         return status;
     }
 
@@ -146,8 +142,7 @@ DriverLoaderEntry
     }
 
     if (!NT_SUCCESS(status)) {
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Entry: Error: %x\n",
+        LOG("Loader Entry: Error: %x\n", status);
-                status);
 
         fort_loader_unload(driver);
     }

src/driver/loader/fortimg.c

@@ -117,9 +117,7 @@ FORT_API NTSTATUS fort_image_payload(
     const int payloadSize = fort_le_u32_read(paylodInfo, 4);
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Image Load: size=%d signatureSize=%d alignedSignatureSize=%d payloadSize=%d\n",
-            "FORT: Loader Image Load: size=%d signatureSize=%d alignedSignatureSize=%d "
-            "payloadSize=%d\n",
             dataSize, signatureSize, alignedSignatureSize, payloadSize);
 #endif
 

src/driver/loader/fortmm.c

@@ -96,9 +96,7 @@ static VOID ZeroDataSectionTable(
     section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Module: Zero Section: offset=%d size=%d\n", section->VirtualAddress, sectionSize);
-            "FORT: Loader Module: Zero Section: offset=%d size=%d\n", section->VirtualAddress,
-            sectionSize);
 #endif
 }
 
@@ -130,8 +128,7 @@ static NTSTATUS CopySectionTable(PUCHAR pImage, PIMAGE_NT_HEADERS pNtHeaders, co
         section->Misc.PhysicalAddress = (DWORD) (uintptr_t) dest;
 
 #ifdef FORT_DEBUG
-        DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+        LOG("Loader Module: Copy Section: src-offset=%x offset=%x size=%x data=%x\n",
-                "FORT: Loader Module: Copy Section: src-offset=%x offset=%x size=%x data=%x\n",
                 section->PointerToRawData, section->VirtualAddress, sectionSize, *(PDWORD) dest);
 #endif
     }
@@ -147,8 +144,7 @@ static void PatchAddressRelocations(
     const DWORD relInfoCount = (relocation->SizeOfBlock - sizeof(IMAGE_BASE_RELOCATION)) / 2;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Module: Relocation: dest=%p count=%d\n", dest, relInfoCount);
-            "FORT: Loader Module: Relocation: dest=%p count=%d\n", dest, relInfoCount);
 #endif
 
     for (DWORD i = 0; i < relInfoCount; ++i, ++relInfo) {
@@ -190,8 +186,7 @@ static NTSTATUS PerformBaseRelocation(
             &(pHeaders->OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_BASERELOC]);
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Module: Relocation: size=%d delta=%d\n", directory->Size, locationDelta);
-            "FORT: Loader Module: Relocation: size=%d delta=%d\n", directory->Size, locationDelta);
 #endif
 
     if (directory->Size == 0) {
@@ -235,13 +230,11 @@ static NTSTATUS BuildImportTableLibrary(PUCHAR codeBase, const PIMAGE_IMPORT_DES
 
         *funcRef = ModuleGetProcAddress(&libModule, funcName);
         if (*funcRef == 0) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Loader Module: Error: Procedure Not Found: %s: %s\n", libName, funcName);
-                    "FORT: Loader Module: Error: Procedure Not Found: %s: %s\n", libName, funcName);
             status = STATUS_PROCEDURE_NOT_FOUND;
         } else {
 #ifdef FORT_DEBUG
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Loader Module: Import: %s: %s: %p\n", libName, funcName, *funcRef);
-                    "FORT: Loader Module: Import: %s: %s: %p\n", libName, funcName, *funcRef);
 #endif
         }
     }
@@ -275,16 +268,14 @@ static NTSTATUS BuildImportTable(PUCHAR codeBase, PIMAGE_NT_HEADERS pHeaders)
 
         LOADEDMODULE libModule;
         if (!NT_SUCCESS(GetModuleInfo(&libModule, libName, modules, modulesCount))) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Loader Module: Error: Module Not Found: %s\n", libName);
-                    "FORT: Loader Module: Error: Module Not Found: %s\n", libName);
             status = STATUS_PROCEDURE_NOT_FOUND;
             break;
         }
 
         status = BuildImportTableLibrary(codeBase, importDesc, libName, libModule);
         if (!NT_SUCCESS(status)) {
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Loader Module: Library Import Error: %s\n", libName);
-                    "FORT: Loader Module: Library Import Error: %s\n", libName);
             break;
         }
     }
@@ -364,8 +355,7 @@ static NTSTATUS InitializeModuleImage(PUCHAR pImage, const PIMAGE_NT_HEADERS lpN
     NTSTATUS status;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Module: Init Image: SizeOfHeaders=%d EntryPoint=%d ImageBase=%x\n",
-            "FORT: Loader Module: Init Image: SizeOfHeaders=%d EntryPoint=%d ImageBase=%x\n",
             lpNtHeaders->OptionalHeader.SizeOfHeaders,
             lpNtHeaders->OptionalHeader.AddressOfEntryPoint, lpNtHeaders->OptionalHeader.ImageBase);
 #endif
@@ -413,8 +403,7 @@ FORT_API NTSTATUS LoadModuleFromMemory(PLOADEDMODULE pModule, const PUCHAR lpDat
     const DWORD imageSize = MAX_ALIGNED(pNtHeaders->OptionalHeader.SizeOfImage, PAGE_SIZE);
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Module: data=%p size=%d imageSize=%d\n", lpData, dwSize, imageSize);
-            "FORT: Loader Module: data=%p size=%d imageSize=%d\n", lpData, dwSize, imageSize);
 #endif
 
     /* Allocate the region */
@@ -423,7 +412,7 @@ FORT_API NTSTATUS LoadModuleFromMemory(PLOADEDMODULE pModule, const PUCHAR lpDat
         return STATUS_NO_MEMORY;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL, "FORT: Loader Module: image=%p\n", pImage);
+    LOG("Loader Module: image=%p\n", pImage);
 #endif
 
     status = InitializeModuleImage(pImage, pNtHeaders, lpData, dwSize, imageSize);
@@ -456,9 +445,7 @@ NTSTATUS SetupModuleCallbacks(PLOADEDMODULE pModule, PFORT_PROXYCB_INFO cbInfo)
         return STATUS_PROCEDURE_NOT_FOUND;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Module: Setup Callbacks: %p data=%x\n", cbSetup, *(PDWORD) (PVOID) &cbSetup);
-            "FORT: Loader Module: Setup Callbacks: %p data=%x\n", cbSetup,
-            *(PDWORD) (PVOID) &cbSetup);
 #endif
 
     return cbSetup(cbInfo);
@@ -472,9 +459,7 @@ FORT_API NTSTATUS CallModuleEntry(
         return STATUS_PROCEDURE_NOT_FOUND;
 
 #ifdef FORT_DEBUG
-    DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+    LOG("Loader Module: Driver Entry: %p data=%x\n", driverEntry, *(PDWORD) (PVOID) &driverEntry);
-            "FORT: Loader Module: Driver Entry: %p data=%x\n", driverEntry,
-            *(PDWORD) (PVOID) &driverEntry);
 #endif
 
     return driverEntry(driver, regPath);

src/driver/proxycb/fortpcb_drv.c

@@ -86,8 +86,7 @@ FORT_API void fort_proxycb_drv_setup(PDRIVER_DISPATCH *driver_major_funcs)
             driver_major_funcs[i] = cb;
 
 #ifdef FORT_DEBUG
-            DbgPrintEx(DPFLTR_IHVNETWORK_ID, DPFLTR_ERROR_LEVEL,
+            LOG("Proxy Major: i=%d func=%p cb=%p\n", i, major_func, cb);
-                    "FORT: Proxy Major: i=%d func=%p cb=%p\n", i, major_func, cb);
 #endif
         }
     }