def init(self):
x64 = True if sys.maxsize > 2**32 else False
global DEVICE_NAME
global _DEV_FH
_DEV_FH = None
#already initialized?
if (_DEV_FH != None): return
logger().log(
"\n****** Chipsec Linux Kernel module is licensed under GPL 2.0\n")
DEVICE_NAME = "/dev/chipsec"
try:
_DEV_FH = open(DEVICE_NAME, "r+")
except IOError as e:
raise OsHelperError("Unable to open chipsec device. %s" % str(e),
e.errno)
except BaseException as be:
raise OsHelperError("Unable to open chipsec device. %s" % str(be),
errno.ENXIO)
#decode the arg size
global _PACK
_PACK = 'Q' if x64 else 'I'
global _IOCTL_BASE
_IOCTL_BASE = fcntl.ioctl(_DEV_FH, IOCTL_BASE()) << 4
global CPU_MASK_LEN
CPU_MASK_LEN = 8 if x64 else 4
def Load(self):
file_data = chipsec.file.read_file(self.filename)
if file_data == 0:
logger().error("Unable to open JSON file: {}".format(
self.filename))
raise OsHelperError(
"Unable to open JSON file: {}".format(self.filename), 1)
try:
self.data = json.loads(file_data)
except:
logger().error("Unable to load JSON file: {}".format(
self.filename))
raise OsHelperError(
"Unable to open JSON file: {}".format(self.filename), 1)
def init( self ):
x64 = True if sys.maxsize > 2**32 else False
self._pack = 'Q' if x64 else 'I'
logger().log("\n****** Chipsec Linux Kernel module is licensed under GPL 2.0\n")
try:
self.dev_fh = open(self.DEVICE_NAME, "r+")
except IOError as e:
raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n %s"%str(e),e.errno)
except BaseException as be:
raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n %s"%str(be),errno.ENXIO)
self._ioctl_base = fcntl.ioctl(self.dev_fh, IOCTL_BASE) << 4
def init(self, start_driver):
x64 = True if sys.maxsize > 2**32 else False
self._pack = 'Q' if x64 else 'I'
if start_driver:
logger().log("****** Chipsec Linux Kernel module is licensed under GPL 2.0")
try:
self.dev_fh = open(self.DEVICE_NAME, "rb+")
self.driver_loaded = True
except IOError as e:
raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n {}".format(str(e)), e.errno)
except BaseException as be:
raise OsHelperError("Unable to open chipsec device. Did you run as root/sudo and load the driver?\n {}".format(str(be)), errno.ENXIO)
self._ioctl_base = self.compute_ioctlbase()
def native_write_pci_reg(self,
bus,
device,
function,
offset,
value,
size=4,
domain=0):
device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format(
domain=domain, bus=bus, device=device, function=function)
device_path = "/sys/bus/pci/devices/{}/config".format(device_name)
if not os.path.exists(device_path):
if offset < 256:
from chipsec.helper.linux.legacy_pci import LEGACY_PCI
pci = LEGACY_PCI()
value = pci.write_pci_config(bus, device, function, offset,
value)
return False
try:
config = open(device_path, "wb")
except IOError as err:
raise OsHelperError("Unable to open {}".format(device_path),
err.errno)
config.seek(offset)
config.write(defines.pack1(value, size))
config.close()
def create(self, start_driver):
if not start_driver:
return
logger().log("")
logger().warn(
"*******************************************************************"
)
logger().warn("Chipsec should only be used on test systems!")
logger().warn(
"It should not be installed/deployed on production end-user systems."
)
logger().warn("See WARNING.txt")
logger().warn(
"*******************************************************************"
)
logger().log("")
try:
hscm = win32service.OpenSCManager(
None, None, win32service.SC_MANAGER_ALL_ACCESS
) # SC_MANAGER_CREATE_SERVICE
except win32service.error, (hr, fn, msg):
string = "OpenSCManager failed: %s (%d)" % (msg, hr)
logger().error(string)
raise OsHelperError(string, hr)
def start( self ):
(type, state, ca, exitcode, svc_exitcode, checkpoint, waithint) = win32service.QueryServiceStatus( self.hs )
if logger().VERBOSE: logger().log( "[helper] starting chipsec service: handle = 0x%x, type = 0x%x, state = 0x%x" % (self.hs, type, state) )
if win32service.SERVICE_RUNNING == state:
if logger().VERBOSE: logger().log( "[helper] chipsec service already running" )
else:
try:
win32service.StartService( self.hs, None );
state = win32service.QueryServiceStatus( self.hs )[1]
while win32service.SERVICE_START_PENDING == state:
time.sleep( 1 )
state = win32service.QueryServiceStatus( self.hs )[1]
if win32service.SERVICE_RUNNING == state:
if logger().VERBOSE: logger().log( "[helper] chipsec service started (SERVICE_RUNNING)" )
except win32service.error, (hr, fn, msg):
if logger().VERBOSE: logger().log_bad(traceback.format_exc())
if (winerror.ERROR_ALREADY_EXISTS == hr or winerror.ERROR_SERVICE_ALREADY_RUNNING == hr):
if logger().VERBOSE: logger().log( "[helper] chipsec service already exists: %s (%d)" % (msg, hr) )
else:
win32service.CloseServiceHandle( self.hs )
self.hs = None
string = "StartService failed: %s (%d)" % (msg, hr)
logger().error( string )
raise OsHelperError(string,hr)
def read_pci_reg_from_sys(self,
bus,
device,
function,
offset,
size,
domain=0):
device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format(
domain=domain, bus=bus, device=device, function=function)
device_path = "/sys/bus/pci/devices/{}/config".format(device_name)
try:
config = open(device_path, "rb")
except IOError as err:
raise OsHelperError("Unable to open {}".format(device_path),
err.errno)
config.seek(offset)
reg = config.read(size)
config.close()
if size == 4:
reg = struct.unpack("=I", reg)[0]
elif size == 2:
reg = struct.unpack("=H", reg)[0]
elif size == 1:
reg = struct.unpack("=B", reg)[0]
return reg
def init(self, start_driver):
try:
self.dev_fh = open(self.DEVICE_NAME, "r+")
except IOError as e:
raise OsHelperError(
"Unable to open the Chipsec device.\n"
"%s" % str(e), e.errno)
def devmsr_available(self):
"""Check if /dev/cpu/CPUNUM/msr is usable.
In case the driver is not loaded, we might be able to perform the
requested operation via /dev/cpu/CPUNUM/msr. This requires loading
the (more standard) msr driver. Returns True if /dev/cpu/CPUNUM/msr
is accessible.
"""
if self.dev_msr:
return True
try:
self.dev_msr = dict()
if not os.path.exists("/dev/cpu/0/msr"):
os.system("modprobe msr")
for cpu in os.listdir("/dev/cpu"):
if logger().DEBUG: logger().log("found cpu = {}".format(cpu))
if cpu.isdigit():
cpu = int(cpu)
self.dev_msr[cpu] = os.open("/dev/cpu/" +str(cpu) +"/msr", os.O_RDWR)
if logger().DEBUG: logger().log("Added dev_msr {}".format(str(cpu)))
return True
except IOError as err:
raise OsHelperError("Unable to open /dev/cpu/CPUNUM/msr.\n"
"This command requires access to /dev/cpu/CPUNUM/msr.\n"
"Are you running this command as root?\n"
"Do you have the msr kernel module installed?\n"
"{}".format(str(err)), err.errno)
def native_read_pci_reg(self,
bus,
device,
function,
offset,
size,
domain=0):
device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format(
domain=domain, bus=bus, device=device, function=function)
device_path = "/sys/bus/pci/devices/{}/config".format(device_name)
if not os.path.exists(device_path):
if offset < 256:
from chipsec.helper.linux.legacy_pci import LEGACY_PCI
pci = LEGACY_PCI()
value = pci.read_pci_config(bus, device, function, offset)
return value
else:
byte = b"\xff"
return defines.unpack1(byte * size, size)
try:
config = open(device_path, "rb")
except IOError as err:
raise OsHelperError("Unable to open {}".format(device_path),
err.errno)
config.seek(offset)
reg = config.read(size)
config.close()
reg = defines.unpack1(reg, size)
return reg
def init(self, start_driver):
if start_driver:
try:
self.dev_fh = open(self.DEVICE_NAME, "rb+")
self.driver_loaded = True
except IOError as e:
raise OsHelperError("Unable to open the Chipsec device.\n"
"{}".format(str(e)), e.errno)
def native_write_pci_reg(self, bus, device, function, offset, value, size=4, domain=0):
device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format(
domain=domain, bus=bus, device=device, function=function)
device_path = "/sys/bus/pci/devices/{}/config".format(device_name)
try:
config = open(device_path, "wb")
except IOError as err:
raise OsHelperError("Unable to open {}".format(device_path), err.errno)
config.seek(offset)
config.write(defines.pack1(value, size))
config.close()
def native_read_pci_reg(self, bus, device, function, offset, size, domain=0):
device_name = "{domain:04x}:{bus:02x}:{device:02x}.{function}".format(
domain=domain, bus=bus, device=device, function=function)
device_path = "/sys/bus/pci/devices/{}/config".format(device_name)
try:
config = open(device_path, "rb")
except IOError as err:
raise OsHelperError("Unable to open {}".format(device_path), err.errno)
config.seek(offset)
reg = config.read(size)
config.close()
reg = defines.unpack1(reg, size)
return reg
def get_driver_handle( self ):
# This is bad but DeviceIoControl fails ocasionally if new device handle is not opened every time ;(
if (self.driver_handle is not None) and (INVALID_HANDLE_VALUE != self.driver_handle):
return self.driver_handle
#self.driver_handle = win32file.CreateFile( device_file, 0, win32file.FILE_SHARE_READ, None, win32file.OPEN_EXISTING, 0, None)
#self.driver_handle = kernel32.CreateFileW( self.device_file, GENERIC_READ | GENERIC_WRITE, 0, None, OPEN_EXISTING, 0, None )
#self.driver_handle = kernel32.CreateFileW( self.device_file, GENERIC_READ | GENERIC_WRITE, FILE_SHARE_READ | FILE_SHARE_WRITE, None, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, None )
self.driver_handle = win32file.CreateFile( self.device_file, FILE_SHARE_READ | FILE_SHARE_WRITE, 0, None, OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL | FILE_FLAG_OVERLAPPED, None )
if (self.driver_handle is None) or (INVALID_HANDLE_VALUE == self.driver_handle):
logger().error( drv_hndl_error_msg )
raise OsHelperError(drv_hndl_error_msg,errno.ENXIO)
else:
if logger().VERBOSE: logger().log( "[helper] opened device '%.64s' (handle: %08x)" % (DEVICE_FILE, self.driver_handle) )
return self.driver_handle
def _ioctl( self, ioctl_code, in_buf, out_length ):
out_buf = (c_char * out_length)()
self.get_driver_handle()
#ret = kernel32.DeviceIoControl( self.driver_handle, ioctl_code, in_buf, len(in_buf), byref(out_buf), out_length, byref(out_size), None )
if logger().VERBOSE: print_buffer( in_buf )
try:
out_buf = win32file.DeviceIoControl( self.driver_handle, ioctl_code, in_buf, out_length, None )
except pywintypes.error, _err:
err_status = _err[0] + 0x100000000
if STATUS_PRIVILEGED_INSTRUCTION == err_status:
err_msg = "HW Access Violation: DeviceIoControl returned STATUS_PRIVILEGED_INSTRUCTION (0x%X)" % err_status
logger().error( err_msg )
raise HWAccessViolationError( err_msg, err_status )
else:
err_msg = "HW Access Error: DeviceIoControl returned status 0x%X (%s)" % (err_status,_err[2])
logger().error( err_msg )
raise OsHelperError( err_msg, err_status )
def devport_available(self):
"""Check if /dev/port is usable.
In case the driver is not loaded, we might be able to perform the
requested operation via /dev/port. Returns True if /dev/port is
accessible.
"""
if self.dev_port:
return True
try:
self.dev_port = os.open(self.DEV_PORT, os.O_RDWR)
return True
except IOError as err:
raise OsHelperError("Unable to open /dev/port.\n"
"This command requires access to /dev/port.\n"
"Are you running this command as root?\n"
"{}".format(str(err)), err.errno)
def devmem_available(self):
"""Check if /dev/mem is usable.
In case the driver is not loaded, we might be able to perform the
requested operation via /dev/mem. Returns True if /dev/mem is
accessible.
"""
if self.dev_mem:
return True
try:
self.dev_mem = os.open(self.DEV_MEM, os.O_RDWR)
return True
except IOError as err:
raise OsHelperError("Unable to open /dev/mem.\n"
"This command requires access to /dev/mem.\n"
"Are you running this command as root?\n"
"%s" % str(err), err.errno)
return False
if not self.hs:
raise win32service.error, (0, None, "hs is None")
if logger().VERBOSE: logger().log( "[helper] service created (handle = 0x%08x)" % self.hs )
except win32service.error, (hr, fn, msg):
#if (winerror.ERROR_SERVICE_EXISTS == hr) or (winerror.ERROR_DUPLICATE_SERVICE_NAME == hr):
if (winerror.ERROR_SERVICE_EXISTS == hr):
if logger().VERBOSE: logger().log( "[helper] chipsec service already exists: %s (%d)" % (msg, hr) )
try:
self.hs = win32service.OpenService( hscm, SERVICE_NAME, (win32service.SERVICE_QUERY_STATUS|win32service.SERVICE_START|win32service.SERVICE_STOP) ) # SERVICE_ALL_ACCESS
except win32service.error, (hr, fn, msg):
self.hs = None
string = "OpenService failed: %s (%d)" % (msg, hr)
logger().error( string )
raise OsHelperError(string,hr)
else:
self.hs = None
string = "CreateService failed: %s (%d)" % (msg, hr)
logger().error( string )
raise OsHelperError(string,hr)
#(type, state, ca, exitcode, svc_exitcode, checkpoint, waithint) = win32service.QueryServiceStatus( self.hs )
#if logger().VERBOSE:
# logger().log( "[helper] chipsec service: handle = 0x%x, type = 0x%x, state = 0x%x (SERVICE_RUNNING is 0x%x)" % (self.hs, type, state, win32service.SERVICE_RUNNING) )
return True
finally:
win32service.CloseServiceHandle( hscm )
def stop( self ):
def _handle_error(err, hr=0):
logger().error(err)
raise OsHelperError(err, hr)
