def testCreateAndDelete(self): fd = tempfiles.CreateGRRTempFile(filename="process.42.exe", mode="wb") fd.close() self.assertTrue(os.path.exists(fd.name)) self.assertTrue(os.path.basename(fd.name) == "process.42.exe") tempfiles.DeleteGRRTempFile(fd.name) self.assertFalse(os.path.exists(fd.name)) fd = open(os.path.join(self.temp_dir, "notatmpfile"), "w") fd.write("something") fd.close() self.assertTrue(os.path.exists(fd.name)) self.assertRaises(tempfiles.ErrorNotTempFile, tempfiles.DeleteGRRTempFile, fd.name) self.assertTrue(os.path.exists(fd.name))
def testWrongOwnerGetsFixed(self): def mystat(filename): stat_info = os.lstat.old_target(filename) stat_list = list(stat_info) # Adjust the UID. stat_list[4] += 1 return posix.stat_result(stat_list) # Place a malicious file in the temp dir. This needs to be deleted # before we can use the temp dir. fd = tempfiles.CreateGRRTempFile(filename="maliciousfile", mode="wb") fd.close() self.assertTrue(os.path.exists(fd.name)) with utils.Stubber(os, "lstat", mystat): fd2 = tempfiles.CreateGRRTempFile(filename="temptemp", mode="wb") fd2.close() # Old file is gone. self.assertFalse(os.path.exists(fd.name)) # Cleanup. tempfiles.DeleteGRRTempFile(fd2.name)
def testDeleteGRRTempFile(self): grr_tempfile = os.path.join(self.existsdir, self.prefix) open(grr_tempfile, "w").write("something") tempfiles.DeleteGRRTempFile(grr_tempfile) self.assertFalse(os.path.exists(grr_tempfile))
def Run(self, args): # Due to talking raw to hardware, this action has some inevitable risk of # crashing the machine, so we need to flush the transaction log to ensure # we know when this happens. self.SyncTransactionLog() # Temporary extra logging for Ubuntu # TODO(user): Add generic hunt flag to notify syslog before running each # client action. if args.notify_syslog: syslog = logging.getLogger("chipsec_grr") syslog.setLevel(logging.INFO) syslog.addHandler(handlers.SysLogHandler(address="/dev/log")) syslog.info("%s: Runnning DumpFlashImage", config.CONFIG["Client.name"]) self.logs = [] self.chipsec_log = StringIO.StringIO() if args.log_level: logger.logger().UTIL_TRACE = True if args.log_level == 2: logger.logger().VERBOSE = True logger.logger().logfile = self.chipsec_log logger.logger().LOG_TO_FILE = True # Create a temporary file to store the flash image. dest_fd, dest_pathspec = tempfiles.CreateGRRTempFileVFS( suffix=".flash") # Wrap most of Chipsec code to gather its logs in case of failure. try: # Initialise Chipsec (die early if unknown chipset) c = chipset.cs() # Platform = None, Start Driver = False c.init(None, False) s = spi.SPI(c) # Use hal.spi from chipsec to write BIOS to that file. with dest_fd: # Based on Chipsec code, rely on the address of BIOS(=1) region to # determine the size of the flash. _, limit, _ = s.get_SPI_region(1) spi_size = limit + 1 # Read args.chunk_size bytes at a time and heartbeat. bios = [] for i in range(0, spi_size, args.chunk_size): bios.extend(s.read_spi(i, args.chunk_size)) self.Progress() dest_fd.write("".join(bios)) except (chipset.UnknownChipsetError, oshelper.OsHelperError) as err: # If the chipset is not recognised or if the helper threw an error, # report gracefully the error to the flow. if args.log_level: self.LogError(err) tempfiles.DeleteGRRTempFile(dest_pathspec.path) self.SendReply( chipsec_types.DumpFlashImageResponse(logs=["%s" % err], )) return except Exception as err: # pylint: disable=broad-except # In case an exception is raised, if the verbose mode # is enabled, return the raw logs from Chipsec. if args.log_level: self.LogError(err) tempfiles.DeleteGRRTempFile(dest_pathspec.path) raise if args.log_level: self.logs.extend(self.chipsec_log.getvalue().splitlines()) if args.notify_syslog: syslog.info("%s: DumpFlashImage has completed successfully", config.CONFIG["Client.name"]) self.SendReply( chipsec_types.DumpFlashImageResponse(path=dest_pathspec, logs=self.logs))
def ReadAndDeleteChipsecLogs(self): logger().close() with open(self.log_pathspec.path) as log_f: logs = log_f.read().splitlines() tempfiles.DeleteGRRTempFile(self.log_pathspec.path) return logs
def Run(self, args): # Due to talking raw to hardware, this action has some inevitable risk of # crashing the machine, so we need to flush the transaction log to ensure # we know when this happens. self.SyncTransactionLog() logs = [] if args.log_level: # Create a temporary file to store the log output as # Chipsec does not support in-memory logging. _, self.log_pathspec = tempfiles.CreateGRRTempFileVFS() logger().UTIL_TRACE = True if args.log_level == 2: logger().VERBOSE = True logger().set_log_file(self.log_pathspec.path) # Create a temporary file to store the flash image. dest_fd, dest_pathspec = tempfiles.CreateGRRTempFileVFS() # Wrap most of Chipsec code to gather its logs in case of failure. try: # Initialise Chipsec (die early if unknown chipset) c = chipset.cs() # Platform = None, Start Driver = False c.init(None, False) s = spi.SPI(c) # Use hal.spi from chipsec to write BIOS to that file. with dest_fd: # Based on Chipsec code, rely on the address of BIOS(=1) region to # determine the size of the flash. _, limit, _ = s.get_SPI_region(1) spi_size = limit + 1 # Read args.chunk_size bytes at a time and heartbeat. bios = [] for i in range(0, spi_size, args.chunk_size): bios.extend(s.read_spi(i, args.chunk_size)) self.Progress() dest_fd.write("".join(bios)) except Exception as err: # pylint: disable=broad-except # In case an exception is raised, if the verbose mode # is enabled, return the raw logs from Chipsec. if args.log_level: logs = self.ReadAndDeleteChipsecLogs() logs.append("%r: %s" % (err, err)) self.SendReply(chipsec_types.DumpFlashImageResponse(logs=logs)) tempfiles.DeleteGRRTempFile(dest_pathspec.path) if isinstance(err, chipset.UnknownChipsetError): # If the chipset is unknown, simply returns an error message self.SendReply( chipsec_types.DumpFlashImageResponse(logs=["%s" % err], )) return raise if args.log_level: logs = self.ReadAndDeleteChipsecLogs() self.SendReply( chipsec_types.DumpFlashImageResponse(path=dest_pathspec, logs=logs))