%PDF- %PDF-
Mini Shell

Mini Shell

Direktori : /opt/imunify360/venv/lib/python3.11/site-packages/imav/malwarelib/scan/
Upload File :
Create Path :
Current File : //opt/imunify360/venv/lib/python3.11/site-packages/imav/malwarelib/scan/detached.py

"""
This program is free software: you can redistribute it and/or modify it under
the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License,
or (at your option) any later version.


This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. 
See the GNU General Public License for more details.


You should have received a copy of the GNU General Public License
 along with this program.  If not, see <https://www.gnu.org/licenses/>.

Copyright © 2019 Cloud Linux Software Inc.

This software is also available under ImunifyAV commercial license,
see <https://www.imunify360.com/legal/eula>
"""
import os
import time
from abc import ABC, abstractmethod
from asyncio import gather
from pathlib import Path
from typing import Type

import psutil

from imav.malwarelib.config import MalwareScanResourceType
from defence360agent.contracts.messages import Message, MessageType
from defence360agent.defence360 import logger

PROCESS_START_TIME = 300  # sec


class DetachedState:
    FINISHED = "finished"
    ABORTED = "aborted"
    RUNNING = "running"
    NO_DIR = "no_dir"
    NO_PROCESS = "no_process"


class DetachedDir(ABC):
    DETACHED_DIR: str

    done_file: Path
    err_file: Path
    log_file: Path
    pid_file: Path
    progress_file: Path

    FILES = {
        "done_file": "done",
        "err_file": "err_file",
        "log_file": "log_file",
        "pid_file": "pid",
        "progress_file": "progress_file",
    }

    def __init__(self, detached_id):
        """
        NOTE: Initialization should not create any files
        """
        self.path = Path(self.DETACHED_DIR, detached_id)
        for attr, file_name in self.FILES.items():
            setattr(self, attr, self.path / file_name)

    def __enter__(self):
        self.path.mkdir(parents=True, exist_ok=True)
        self.log_file.touch()
        self.err_file.touch()
        return self

    def __exit__(self, exc_type, exc_val, exc_tb):
        pass

    def __str__(self):
        return str(self.path)

    def __getattr__(self, name):
        # Delegate pathlib methods to the internal directory
        return getattr(self.path, name)


class DetachedOperation(ABC):
    NAME = None

    @property
    @abstractmethod
    def DETACHED_DIR_CLS(self) -> Type[DetachedDir]:
        pass

    @classmethod
    async def check_detached_operation_dir(cls, sink):
        restore_dir = cls.DETACHED_DIR_CLS.DETACHED_DIR
        check_coros = []
        if os.path.exists(restore_dir):
            entry: os.DirEntry
            with os.scandir(restore_dir) as it:
                for entry in it:
                    if entry.is_dir():
                        check_coros.append(
                            cls(entry.name).check_detached_operation(sink)
                        )

        await gather(*check_coros)

    def __init__(self, detached_id):
        self.detached_id = detached_id
        self.detached_dir = self.DETACHED_DIR_CLS(self.detached_id)

    def __eq__(self, other):
        return self.detached_id == other.detached_id

    def __hash__(self):
        # Two different DetachedScan's with the same ids
        # are practically the same
        return hash(self.detached_id)

    @abstractmethod
    async def handle_aborted_process(self, *_, **__) -> None:
        pass

    def get_detached_process_state(self, start_time=PROCESS_START_TIME) -> str:
        if not self.detached_dir.is_dir():
            logger.debug("No such scan directory: %s", self.detached_dir)
            return DetachedState.NO_DIR

        if self.detached_dir.done_file.is_file():
            return DetachedState.FINISHED

        try:
            pid = self.get_pid()
        except (FileNotFoundError, ValueError) as err:
            detached_dir_mtime = self.detached_dir.stat().st_mtime
            if time.time() - detached_dir_mtime > start_time:
                logger.warning(
                    "Pid file wasn't created or pid file is empty: %s,"
                    " error: %s",
                    self.detached_dir.pid_file,
                    err,
                )
                return DetachedState.ABORTED
            return DetachedState.NO_PROCESS

        try:
            proc = psutil.Process(pid)
            if self.process_is_suitable(proc):
                return DetachedState.RUNNING
            else:  # not suitable, some new process with the same pid running
                logger.warning(
                    "The running process (pid=%s) does not match "
                    "the detached operation",
                    pid,
                )
        except (FileNotFoundError, psutil.Error) as err:
            logger.warning(
                "Can't get the process for the detached operation"
                " (pid=%s): %s",
                pid,
                err,
            )

        return DetachedState.ABORTED

    def get_pid(self):
        return int(self.detached_dir.pid_file.read_text())

    @property
    @abstractmethod
    def on_complete_message(self):
        pass

    async def check_detached_operation(self, sink):
        """Updates operation to a consistent state.

        Algorithm:
        1) If scan_dir doesn't exist:
            - scan_dir doesn't already create
            - scan ended and MalwareScanComplete is in process
        2) pid file doesn't exist:
            - since scan_dir mtime has passed more than 5 minutes
                -> something went wrong & handle_aborted_process
            - ... less than 5 minutes -> waiting for ai-bolit
        3) done file exists -> scan completed
        4) done file doesn't exist:
            - process executes -> scan running
            - process dead -> scan aborted
        """
        operation_state = self.get_detached_process_state()
        if operation_state == DetachedState.FINISHED:
            await sink.process_message(self.on_complete_message)
        elif operation_state == DetachedState.ABORTED:
            await self.handle_aborted_process(sink=sink)

    @classmethod
    @abstractmethod
    def process_is_suitable(cls, proc) -> bool:
        pass

    @abstractmethod
    async def complete(self) -> Message:
        pass


class DetachedScan(DetachedOperation):
    NAME = "scan"

    @property
    @abstractmethod
    def RESOURCE_TYPE(self) -> MalwareScanResourceType:
        pass

    @property
    @abstractmethod
    def progress(self) -> int:
        pass

    @property
    @abstractmethod
    def phase(self) -> str:
        pass

    @property
    @abstractmethod
    def total_resources(self) -> int:
        pass

    @property
    def on_complete_message(self) -> Message:
        return MessageType.MalwareScanComplete(
            scan_id=self.detached_id, resource_type=self.RESOURCE_TYPE
        )

Zerion Mini Shell 1.0