AdminDesk

Appearance

GssmPlugin.dll

What this program actually does

GssmPlugin.dll is the GameSeat Security Metrics (GSSM) plugin. It collects GPU metrics, downloads ML/manifest artifacts from AWS S3, subscribes to SSLM (seat lifecycle manager) session events, and publishes GssmServiceAPI process/GPU telemetry consumed by UadPlugin and cloud analytics.

It detects session integrity violations (mandatory plugins leaving/joining bus after session activation) and coordinates with GSConfigurator for seat config. MB endpoint: GssmPlugin. Build: version 1.0 2026-04-07-b253f97.

Architecture / control flow 

NvContainerGcis.exe
  └─ GssmPlugin.dll
        ├─ GcisPluginTaskQueue / GSConfigClient
        ├─ GssmServiceAPI handler (protobuf)
        │     └─ Event.ProcessEvent — outbound to UadPlugin
        ├─ AWS integration
        │     ├─ S3 — manifest/model download
        │     └─ Credential chain (GSEC_GSSM_Error_AwsCredentialsNotDefined)
        ├─ GpuMetricsLogger / collector initialization
        ├─ SSLM subscription tracker (shared gsprerequisites)
        └─ GsecTasTelemetry

Key RTTI: GssmServiceAPI, AWSClient, S3ClientConfiguration, Connector@tas@gs@gfn@nv.

External interfaces

GssmServiceAPI (protobuf)

MessagePurpose
GssmServiceAPI.Event.ProcessEventProcess path, parent, user, digital signature → UadPlugin
GssmServiceAPI.Event (domain messages)GPU/session anomaly events
Feature control via GCISServiceAPI_GCISRequest_GssmFeatureControlProxied through GciPlugin

AWS S3

  • Manifest URL from config (GSEC_GSSM_Error_ManifestUrlNotDefined)
  • Model download (GSEC_GSSM_Error_ModelDownloadError, GSEC_GSSM_Error_ManifestError)
  • Shared UnableToDownloadS3File common error path

Message Bus / SSLM

  • Endpoint: GssmPlugin
  • SslmSubscriptionTracker — tracks SSLM peer on bus (logged by all GCIS plugins)
  • Integrity checks: MandatoryPluginsJoinedMessageBusAfterSessionActivation, MandatoryPluginsLeftMessageBusAfterSessionActivation

Seat config

Requires GcisConfigData blob with GSSM-specific thresholds, S3 URLs, GPU collector settings.

Runtime timeline

Time (UTC)EventSource
19:04:52.072Secure-load GssmPlugin 1.0.0.0NvContainerGcis.log
19:04:52.624Init OK, seat info loggedGssmPluginCurrent.log
19:04:52.883PluginStart: telemetry + TAS sessionGssmPluginCurrent.log
19:04:53.025GcisConfigData not found → start failureGssmPluginCurrent.log
19:04:53.031Mandatory plugin Starting failureNvContainerGcis.log

GssmPluginData.log present for metric dumps when plugin runs successfully (empty/minimal in failed snapshot).

First GCIS run (18:43): GssmPlugin would have received GcisConfigData alongside siblings.

Failure modes

Error stringMeaning
GSEC_GSSM_Error_AwsCredentialsNotDefinedNo IAM/credential config on seat
GSEC_GSSM_Error_ManifestUrlNotDefinedS3 manifest URL missing
GSEC_GSSM_Error_ConfigError / NoConfigReceivedErrorGSSM config section invalid
GSEC_GSSM_Error_GetGpuMetricsFailedGPU telemetry query failed
GSEC_GSSM_Error_UnableToInitializeGpuMetricsLoggerCollector init failed
GSEC_GSSM_Error_SessionAnomalyDetectedUnexpected session state
GSEC_GSSM_Error_IntegrityViolationDetectedPost-activation bus membership change
GSEC_GSSM_Error_FailedToParseGssmServiceApiDomainMessageMalformed inbound API message
GSEC_GSSM_Warning_ModuleDisabled / ServiceDisarmedFeature toggled off
Missing GcisConfigDataPluginStart abort (observed)

Not verified

  • Exact S3 bucket/prefix for [REDACTED_BASE_ENV] [REDACTED_ZONE] seats.
  • GPU metric sampling interval and NVAPI/PDH backend choice.
  • Full GssmServiceAPI event catalog beyond ProcessEvent.
  • SSLM subscription payload semantics.

Evidence

  • strings / RTTI on services/GCIS/plugins/GssmPlugin.dll
  • logs/GCIS/GssmPluginCurrent.log, GssmPluginOld.log, GssmPluginData.log
  • logs/GCIS/NvContainerGcis.log
  • logs/GSP/GSConfiguratorPluginCurrent.log

admindesk.top — Reversed & documented from Asgard rig backups and GCIS plugin binaries.