def is_supported(self):
try:
acpi = ACPI(self.cs)
self.table_data = acpi.get_ACPI_table("WSMT")[0][1]
except IndexError:
# No WSMT table
self.logger.warn("""WSMT table was not found.
Manual analysis of SMI handlers is required to determine if they can be abused by attackers to circumvent VBS
*** Analysis is only necessary if Windows is the primary OS ***""")
self.res = ModuleResult.WARNING
return False
return True
def run(self):
t = time()
try:
self._acpi = ACPI(self.cs)
except AcpiRuntimeError, msg:
print msg
return
def run(self):
t = time()
try:
self._acpi = ACPI(self.cs)
except AcpiRuntimeError as msg:
print(msg)
return
self.func()
self.logger.log( "[CHIPSEC] (acpi) time elapsed {:.3f}".format(time() -t) )
def find_ACPI_SMI_Buffer(self):
if logger().HAL: logger().log("Parsing ACPI tables to identify Communication Buffer")
_acpi = ACPI(self.cs).get_ACPI_table("UEFI")
if len(_acpi):
_uefi = UEFI_TABLE()
_uefi.parse(_acpi[0][1])
if logger().HAL: logger().log(str(_uefi))
return _uefi.get_commbuf_info()
if logger().HAL: logger().log("Unable to find Communication Buffer")
return None
def check_wsmt(self):
self.logger.start_test( "WSMT Configuration" )
try:
acpi = ACPI(self.cs)
table_data = acpi.get_ACPI_table("WSMT")[0][1]
except IndexError:
# No WSMT table
self.logger.warn( """WSMT table was not found.
Manual analysis of SMI handlers is required to determine if they can be abused by attackers to circumvent VBS""" )
return ModuleResult.WARNING
wsmt_table = WSMT()
wsmt_table.parse(table_data)
self.logger.log(wsmt_table)
if (not wsmt_table.fixed_comm_buffers) or (not wsmt_table.comm_buffer_nested_ptr_protection) or (not wsmt_table.system_resource_protection):
self.logger.warn( """WSMT table is present but certain mitigations are missing.
Manual analysis of SMI handlers is required to determine if they can be abused by attackers to circumvent VBS""" )
return ModuleResult.WARNING
self.logger.log_passed( "WSMT table is present and reports all supported mitigations" )
return ModuleResult.PASSED
class wsmt(BaseModule):
def __init__(self):
BaseModule.__init__(self)
self._acpi = ACPI(self.cs)
def is_supported(self):
return True
def check_wsmt(self):
res = ModuleResult.PASSED
table_data = self._acpi.get_ACPI_table("WSMT")
if not table_data:
self.logger.log_warning('WSMT table was not found.')
return ModuleResult.WARNING
wsmt_table = WSMT()
try:
wsmt_table.parse(table_data[0][1])
except TypeError:
self.logger.log_error('Issue parsing the WSMT table data.')
return ModuleResult.ERROR
self.logger.log(wsmt_table)
if (not wsmt_table.fixed_comm_buffers) or (not wsmt_table.comm_buffer_nested_ptr_protection) or (not wsmt_table.system_resource_protection):
self.logger.log_warning('WSMT table is present but certain mitigations are missing.')
res = ModuleResult.WARNING
else:
self.logger.log_passed("WSMT table is present and reports all supported mitigations.")
return res
# --------------------------------------------------------------------------
# run( module_argv )
# Required function: run here all tests from this module
# --------------------------------------------------------------------------
def run(self, module_argv):
self.logger.start_test("WSMT Configuration")
self.res = self.check_wsmt()
if self.res == ModuleResult.WARNING:
self.logger.log_important('Manual analysis of SMI handlers is required to determine if they can be abused by attackers to circumvent VBS.')
return self.res
def __init__(self):
BaseModule.__init__(self)
self._acpi = ACPI(self.cs)
