Address symlink attack on dev_debug_vboot.
Two things here: Use mktemp to create a unique and new temporary directory
to work in, and copy the published log file to a known path in a way that
can't be redirected with symlinks.
There are also a couple of minor tweaks to cleanup a little bit rot in the
information that the script provides.
BUG=chromium-os:8947
TEST=manual
Boot, wait 60 seconds, look for "/tmp/debug_vboot_noisy.log". It should
exist and contain useful and interesting data.
Change-Id: Iff9c5c86802ab7fcf3342e82ba128a1795dba16d
R=rspangler@chromium.org,wad@chromium.org,gauravsh@chromium.org
Review URL: http://codereview.chromium.org/6824018
diff --git a/utility/dev_debug_vboot b/utility/dev_debug_vboot
index 1656ca0..b86aafb 100755
--- a/utility/dev_debug_vboot
+++ b/utility/dev_debug_vboot
@@ -1,5 +1,5 @@
-#!/bin/sh
-# Copyright (c) 2010 The Chromium OS Authors. All rights reserved.
+#!/bin/sh -u
+# Copyright (c) 2011 The Chromium OS Authors. All rights reserved.
# Use of this source code is governed by a BSD-style license that can be
# found in the LICENSE file.
#
@@ -10,16 +10,27 @@
# left in a log directory.
#
-TMPDIR=/tmp/debug_vboot
+PATH=/bin:/sbin:/usr/bin:/usr/sbin
+
+TMPDIR=$(mktemp -d /tmp/debug_vboot_XXXXXXXXX)
LOGFILE=noisy.log
+# The public file must live directly in /tmp, not in a subdirectory.
+# See http://crosbug.com/8947
+PUBLOGFILE=/tmp/debug_vboot_noisy.log
# TODO(wfrichar): Need to support ARM. The hard disk path is likely different.
+# We can use 'crossystem arch' to distinguish between x86 and ARM.
HD=/dev/sda
-ACPI=/sys/devices/platform/chromeos_acpi
cleanup() {
- if [ -n "${CLEANUP}" ]; then
- find "${TMPDIR}" -type f -not -name "${LOGFILE}" -exec rm {} ";"
+ if [ -z "${USE_EXISTING:-}" ]; then
+ # See http://crosbug.com/8947
+ cp --no-target-directory --remove-destination "${LOGFILE}" "${PUBLOGFILE}"
+ info "exporting log file as ${PUBLOGFILE}"
+ fi
+ if [ -n "${CLEANUP:-}" ]; then
+ cd /
+ rm -rf "${TMPDIR}"
fi
}
@@ -64,15 +75,9 @@
require_chromeos_bios() {
log cgpt show "${HD}"
log rootdev -s
- if [ ! -e "${ACPI}/HWID" ]; then
- info "Not running Chrome OS BIOS, no further information available"
- exit 0
- fi
- # including /dev/null just to get final "\n"
- log head "${ACPI}"/*ID "${ACPI}"/BINF* "${ACPI}"/CHSW /dev/null
- log reboot_mode
- log ls -la /mnt/stateful_partition/.need_firmware_update
- log ls -la /root/.force_update_firmware
+ log crossystem --all
+ log ls -aCF /root
+ log ls -aCF /mnt/stateful_partition
}
# Search for files from the FMAP, in the order listed. Return the first one
@@ -93,7 +98,7 @@
trap cleanup EXIT
# Parse args
-if [ -n "$1" ]; then
+if [ -n "${1:-}" ]; then
if [ "$1" = "--cleanup" ]; then
CLEANUP=1
else
@@ -112,7 +117,7 @@
BIOS=bios.rom
# Find BIOS and kernel images
-if [ -n "$USE_EXISTING" ]; then
+if [ -n "${USE_EXISTING:-}" ]; then
info "Using images in $(pwd)/"
else
require_chromeos_bios
@@ -130,7 +135,7 @@
info "Extracting kernel images from drives..."
log dd if=${HD_KERN_A} of=hd_kern_a.blob
log dd if=${HD_KERN_B} of=hd_kern_b.blob
- if [ -n "$USB_KERN_A" ]; then
+ if [ -n "${USB_KERN_A:-}" ]; then
log dd if=${USB_KERN_A} of=usb_kern_a.blob
fi
fi
