def init(self): x64 = True if sys.maxsize > 2**32 else False global DEVICE_NAME global _DEV_FH _DEV_FH = None #already initialized? if (_DEV_FH != None): return logger().log( "\n****** Chipsec Linux Kernel module is licensed under GPL 2.0\n") DEVICE_NAME = "/dev/chipsec" try: _DEV_FH = open(DEVICE_NAME, "r+") except IOError as e: raise OsHelperError("Unable to open chipsec device. %s" % str(e), e.errno) except BaseException as be: raise OsHelperError("Unable to open chipsec device. %s" % str(be), errno.ENXIO) #decode the arg size global _PACK _PACK = 'Q' if x64 else 'I' global _IOCTL_BASE _IOCTL_BASE = fcntl.ioctl(_DEV_FH, IOCTL_BASE()) << 4 global CPU_MASK_LEN CPU_MASK_LEN = 8 if x64 else 4
def Load(self): file_data = chipsec.file.read_file(self.filename) if file_data == 0: logger().error("Unable to open JSON file: {}".format( self.filename)) raise OsHelperError( "Unable to open JSON file: {}".format(self.filename), 1) try: self.data = json.loads(file_data) except: logger().error("Unable to load JSON file: {}".format( self.filename)) raise OsHelperError( "Unable to open JSON file: {}".format(self.filename), 1)
def init( self ): x64 = True if sys.maxsize > 2**32 else False self._pack = 'Q' if x64 else 'I' logger().log("\n****** Chipsec Linux Kernel module is licensed under GPL 2.0\n") try: self.dev_fh = open(self.DEVICE_NAME, "r+") except IOError as e: raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n %s"%str(e),e.errno) except BaseException as be: raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n %s"%str(be),errno.ENXIO) self._ioctl_base = fcntl.ioctl(self.dev_fh, IOCTL_BASE) << 4
def init(self, start_driver): x64 = True if sys.maxsize > 2**32 else False self._pack = 'Q' if x64 else 'I' if start_driver: logger().log("****** Chipsec Linux Kernel module is licensed under GPL 2.0") try: self.dev_fh = open(self.DEVICE_NAME, "rb+") self.driver_loaded = True except IOError as e: raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n {}".format(str(e)), e.errno) except BaseException as be: raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n {}".format(str(be)), errno.ENXIO) self._ioctl_base = self.compute_ioctlbase()
def native_write_pci_reg(self, bus, device, function, offset, value, size=4, domain=0): device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format( domain=domain, bus=bus, device=device, function=function) device_path = "/sys/bus/pci/devices/{}/config".format(device_name) if not os.path.exists(device_path): if offset < 256: from chipsec.helper.linux.legacy_pci import LEGACY_PCI pci = LEGACY_PCI() value = pci.write_pci_config(bus, device, function, offset, value) return False try: config = open(device_path, "wb") except IOError as err: raise OsHelperError("Unable to open {}".format(device_path), err.errno) config.seek(offset) config.write(defines.pack1(value, size)) config.close()
def create(self, start_driver): if not start_driver: return logger().log("") logger().warn( "*******************************************************************" ) logger().warn("Chipsec should only be used on test systems!") logger().warn( "It should not be installed/deployed on production end-user systems." ) logger().warn("See WARNING.txt") logger().warn( "*******************************************************************" ) logger().log("") try: hscm = win32service.OpenSCManager( None, None, win32service.SC_MANAGER_ALL_ACCESS ) # SC_MANAGER_CREATE_SERVICE except win32service.error, (hr, fn, msg): string = "OpenSCManager failed: %s (%d)" % (msg, hr) logger().error(string) raise OsHelperError(string, hr)
def start( self ): (type, state, ca, exitcode, svc_exitcode, checkpoint, waithint) = win32service.QueryServiceStatus( self.hs ) if logger().VERBOSE: logger().log( "[helper] starting chipsec service: handle = 0x%x, type = 0x%x, state = 0x%x" % (self.hs, type, state) ) if win32service.SERVICE_RUNNING == state: if logger().VERBOSE: logger().log( "[helper] chipsec service already running" ) else: try: win32service.StartService( self.hs, None ); state = win32service.QueryServiceStatus( self.hs )[1] while win32service.SERVICE_START_PENDING == state: time.sleep( 1 ) state = win32service.QueryServiceStatus( self.hs )[1] if win32service.SERVICE_RUNNING == state: if logger().VERBOSE: logger().log( "[helper] chipsec service started (SERVICE_RUNNING)" ) except win32service.error, (hr, fn, msg): if logger().VERBOSE: logger().log_bad(traceback.format_exc()) if (winerror.ERROR_ALREADY_EXISTS == hr or winerror.ERROR_SERVICE_ALREADY_RUNNING == hr): if logger().VERBOSE: logger().log( "[helper] chipsec service already exists: %s (%d)" % (msg, hr) ) else: win32service.CloseServiceHandle( self.hs ) self.hs = None string = "StartService failed: %s (%d)" % (msg, hr) logger().error( string ) raise OsHelperError(string,hr)
def read_pci_reg_from_sys(self, bus, device, function, offset, size, domain=0): device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format( domain=domain, bus=bus, device=device, function=function) device_path = "/sys/bus/pci/devices/{}/config".format(device_name) try: config = open(device_path, "rb") except IOError as err: raise OsHelperError("Unable to open {}".format(device_path), err.errno) config.seek(offset) reg = config.read(size) config.close() if size == 4: reg = struct.unpack("=I", reg)[0] elif size == 2: reg = struct.unpack("=H", reg)[0] elif size == 1: reg = struct.unpack("=B", reg)[0] return reg
def init(self, start_driver): try: self.dev_fh = open(self.DEVICE_NAME, "r+") except IOError as e: raise OsHelperError( "Unable to open the Chipsec device.\n" "%s" % str(e), e.errno)
def devmsr_available(self): """Check if /dev/cpu/CPUNUM/msr is usable. In case the driver is not loaded, we might be able to perform the requested operation via /dev/cpu/CPUNUM/msr. This requires loading the (more standard) msr driver. Returns True if /dev/cpu/CPUNUM/msr is accessible. """ if self.dev_msr: return True try: self.dev_msr = dict() if not os.path.exists("/dev/cpu/0/msr"): os.system("modprobe msr") for cpu in os.listdir("/dev/cpu"): if logger().DEBUG: logger().log("found cpu = {}".format(cpu)) if cpu.isdigit(): cpu = int(cpu) self.dev_msr[cpu] = os.open("/dev/cpu/" +str(cpu) +"/msr", os.O_RDWR) if logger().DEBUG: logger().log("Added dev_msr {}".format(str(cpu))) return True except IOError as err: raise OsHelperError("Unable to open /dev/cpu/CPUNUM/msr.\n" "This command requires access to /dev/cpu/CPUNUM/msr.\n" "Are you running this command as root?\n" "Do you have the msr kernel module installed?\n" "{}".format(str(err)), err.errno)
def native_read_pci_reg(self, bus, device, function, offset, size, domain=0): device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format( domain=domain, bus=bus, device=device, function=function) device_path = "/sys/bus/pci/devices/{}/config".format(device_name) if not os.path.exists(device_path): if offset < 256: from chipsec.helper.linux.legacy_pci import LEGACY_PCI pci = LEGACY_PCI() value = pci.read_pci_config(bus, device, function, offset) return value else: byte = b"\xff" return defines.unpack1(byte * size, size) try: config = open(device_path, "rb") except IOError as err: raise OsHelperError("Unable to open {}".format(device_path), err.errno) config.seek(offset) reg = config.read(size) config.close() reg = defines.unpack1(reg, size) return reg
def init(self, start_driver): if start_driver: try: self.dev_fh = open(self.DEVICE_NAME, "rb+") self.driver_loaded = True except IOError as e: raise OsHelperError("Unable to open the Chipsec device.\n" "{}".format(str(e)), e.errno)
def native_write_pci_reg(self, bus, device, function, offset, value, size=4, domain=0): device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format( domain=domain, bus=bus, device=device, function=function) device_path = "/sys/bus/pci/devices/{}/config".format(device_name) try: config = open(device_path, "wb") except IOError as err: raise OsHelperError("Unable to open {}".format(device_path), err.errno) config.seek(offset) config.write(defines.pack1(value, size)) config.close()
def native_read_pci_reg(self, bus, device, function, offset, size, domain=0): device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format( domain=domain, bus=bus, device=device, function=function) device_path = "/sys/bus/pci/devices/{}/config".format(device_name) try: config = open(device_path, "rb") except IOError as err: raise OsHelperError("Unable to open {}".format(device_path), err.errno) config.seek(offset) reg = config.read(size) config.close() reg = defines.unpack1(reg, size) return reg
def get_driver_handle( self ): # This is bad but DeviceIoControl fails ocasionally if new device handle is not opened every time ;( if (self.driver_handle is not None) and (INVALID_HANDLE_VALUE != self.driver_handle): return self.driver_handle #self.driver_handle = win32file.CreateFile( device_file, 0, win32file.FILE_SHARE_READ, None, win32file.OPEN_EXISTING, 0, None) #self.driver_handle = kernel32.CreateFileW( self.device_file, GENERIC_READ | GENERIC_WRITE, 0, None, OPEN_EXISTING, 0, None ) #self.driver_handle = kernel32.CreateFileW( self.device_file, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, None, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, None ) self.driver_handle = win32file.CreateFile( self.device_file, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, None, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL | FILE_FLAG_OVERLAPPED, None ) if (self.driver_handle is None) or (INVALID_HANDLE_VALUE == self.driver_handle): logger().error( drv_hndl_error_msg ) raise OsHelperError(drv_hndl_error_msg,errno.ENXIO) else: if logger().VERBOSE: logger().log( "[helper] opened device '%.64s' (handle: %08x)" % (DEVICE_FILE, self.driver_handle) ) return self.driver_handle
def _ioctl( self, ioctl_code, in_buf, out_length ): out_buf = (c_char * out_length)() self.get_driver_handle() #ret = kernel32.DeviceIoControl( self.driver_handle, ioctl_code, in_buf, len(in_buf), byref(out_buf), out_length, byref(out_size), None ) if logger().VERBOSE: print_buffer( in_buf ) try: out_buf = win32file.DeviceIoControl( self.driver_handle, ioctl_code, in_buf, out_length, None ) except pywintypes.error, _err: err_status = _err[0] + 0x100000000 if STATUS_PRIVILEGED_INSTRUCTION == err_status: err_msg = "HW Access Violation: DeviceIoControl returned STATUS_PRIVILEGED_INSTRUCTION (0x%X)" % err_status logger().error( err_msg ) raise HWAccessViolationError( err_msg, err_status ) else: err_msg = "HW Access Error: DeviceIoControl returned status 0x%X (%s)" % (err_status,_err[2]) logger().error( err_msg ) raise OsHelperError( err_msg, err_status )
def devport_available(self): """Check if /dev/port is usable. In case the driver is not loaded, we might be able to perform the requested operation via /dev/port. Returns True if /dev/port is accessible. """ if self.dev_port: return True try: self.dev_port = os.open(self.DEV_PORT, os.O_RDWR) return True except IOError as err: raise OsHelperError("Unable to open /dev/port.\n" "This command requires access to /dev/port.\n" "Are you running this command as root?\n" "{}".format(str(err)), err.errno)
def devmem_available(self): """Check if /dev/mem is usable. In case the driver is not loaded, we might be able to perform the requested operation via /dev/mem. Returns True if /dev/mem is accessible. """ if self.dev_mem: return True try: self.dev_mem = os.open(self.DEV_MEM, os.O_RDWR) return True except IOError as err: raise OsHelperError("Unable to open /dev/mem.\n" "This command requires access to /dev/mem.\n" "Are you running this command as root?\n" "%s" % str(err), err.errno) return False
if not self.hs: raise win32service.error, (0, None, "hs is None") if logger().VERBOSE: logger().log( "[helper] service created (handle = 0x%08x)" % self.hs ) except win32service.error, (hr, fn, msg): #if (winerror.ERROR_SERVICE_EXISTS == hr) or (winerror.ERROR_DUPLICATE_SERVICE_NAME == hr): if (winerror.ERROR_SERVICE_EXISTS == hr): if logger().VERBOSE: logger().log( "[helper] chipsec service already exists: %s (%d)" % (msg, hr) ) try: self.hs = win32service.OpenService( hscm, SERVICE_NAME, (win32service.SERVICE_QUERY_STATUS|win32service.SERVICE_START|win32service.SERVICE_STOP) ) # SERVICE_ALL_ACCESS except win32service.error, (hr, fn, msg): self.hs = None string = "OpenService failed: %s (%d)" % (msg, hr) logger().error( string ) raise OsHelperError(string,hr) else: self.hs = None string = "CreateService failed: %s (%d)" % (msg, hr) logger().error( string ) raise OsHelperError(string,hr) #(type, state, ca, exitcode, svc_exitcode, checkpoint, waithint) = win32service.QueryServiceStatus( self.hs ) #if logger().VERBOSE: # logger().log( "[helper] chipsec service: handle = 0x%x, type = 0x%x, state = 0x%x (SERVICE_RUNNING is 0x%x)" % (self.hs, type, state, win32service.SERVICE_RUNNING) ) return True finally: win32service.CloseServiceHandle( hscm ) def stop( self ):
def _handle_error(err, hr=0): logger().error(err) raise OsHelperError(err, hr)