def import_cmds(self):
if self.CHIPSEC_LOADED_AS_EXE:
import zipfile
myzip = zipfile.ZipFile(os.path.join(get_main_dir(),
"library.zip"))
cmds = [
i.replace('/', '.').replace('chipsec.utilcmd.', '')[:-4]
for i in myzip.namelist() if 'chipsec/utilcmd/' in i
and i[-4:] == ".pyc" and not os.path.basename(i)[:2] == '__'
]
else:
cmds_dir = os.path.join(get_main_dir(), "chipsec", "utilcmd")
cmds = [
i[:-3] for i in os.listdir(cmds_dir)
if i[-3:] == ".py" and not i[:2] == "__"
]
if logger().DEBUG:
logger().log('[CHIPSEC] Loaded command-line extensions:')
logger().log(' {}'.format(cmds))
module = None
for cmd in cmds:
try:
cmd_path = 'chipsec.utilcmd.' + cmd
module = importlib.import_module(cmd_path)
cu = getattr(module, 'commands')
self.commands.update(cu)
except ImportError as msg:
# Display the import error and continue to import commands
logger().error(
"Exception occurred during import of {}: '{}'".format(
cmd, str(msg)))
continue
self.commands.update({"help": ""})
def run(self, module_argv):
self.logger.start_test(
"Check for black-listed EFI binaries in UEFI firmware")
self.usage()
image_file = DEF_FWIMAGE_FILE
if len(module_argv) == 0:
# Read firmware image directly from SPI flash memory
self.spi = SPI(self.cs)
(base, limit, freg) = self.spi.get_SPI_region(BIOS)
image_size = limit + 1 - base
self.logger.log(
"[*] dumping FW image from ROM to {}: 0x{:08X} bytes at [0x{:08X}:0x{:08X}]"
.format(image_file, base, limit, image_size))
self.logger.log(
"[*] this may take a few minutes (instead, use 'chipsec_util spi dump')..."
)
self.spi.read_spi_to_file(base, image_size, image_file)
elif len(module_argv) > 0:
# Use provided firmware image
image_file = module_argv[0]
self.logger.log(
"[*] reading FW image from file: {}".format(image_file))
self.image = read_file(image_file)
# Load JSON config with black-listed EFI modules
if len(module_argv) > 1: self.cfg_name = module_argv[1]
cfg_pth = os.path.join(get_main_dir(), "chipsec/modules/tools/uefi",
self.cfg_name)
with open(cfg_pth, 'r') as blacklist_json:
self.efi_blacklist = json.load(blacklist_json)
return self.check_blacklist()
def run(self, module_argv):
self.logger.start_test(
"Check for blocked EFI binaries in UEFI firmware")
self.usage()
image_file = DEF_FWIMAGE_FILE
if len(module_argv) == 0:
# Read firmware image directly from SPI flash memory
self.spi = SPI(self.cs)
(base, limit, freg) = self.spi.get_SPI_region(BIOS)
image_size = limit + 1 - base
self.logger.log(
"[*] Dumping FW image from ROM to {}: 0x{:08X} bytes at [0x{:08X}:0x{:08X}]"
.format(image_file, base, limit, image_size))
self.logger.log(
"[*] This may take a few minutes (instead, use 'chipsec_util spi dump')..."
)
self.spi.read_spi_to_file(base, image_size, image_file)
elif len(module_argv) > 0:
# Use provided firmware image
image_file = module_argv[0]
self.logger.log(
"[*] Reading FW image from file: {}".format(image_file))
self.image = read_file(image_file)
if not self.image:
if len(module_argv) == 0:
self.logger.log_important(
'Unable to read SPI and generate FW image. Access may be blocked.'
)
self.logger.error('No FW image file to read. Exiting!')
self.res = ModuleResult.ERROR
return self.res
# Load JSON config with blocked EFI modules
if len(module_argv) > 1: self.cfg_name = module_argv[1]
cfg_pth = os.path.join(get_main_dir(), "chipsec/modules/tools/uefi",
self.cfg_name)
with open(cfg_pth, 'r') as blockedlist_json:
self.efi_blockedlist = json.load(blockedlist_json)
self.res = self.check_blockedlist()
return self.res
def mem_pagedump(self):
end = self.start_address + self.length
self.dump_region_to_path(get_main_dir(), self.start_address, end)
