util/nvmutil: check gbe file size before write

re-check. very unlikely since the program doesn't run for very long, but we have to check if the file has changed. this is a basic check of file size. we could probably check the contents too, but that would be overkill. Signed-off-by: Leah Rowe <leah@libreboot.org>
author: Leah Rowe <leah@libreboot.org> 2026-03-13 16:17:05 +0000
committer: Leah Rowe <leah@libreboot.org> 2026-03-13 16:17:05 +0000
commit: d3a0cce466407e2b03e3066acfdebddc1aa9b465 (patch)
tree: 1a1fadfb7a8616da85b7179b89c43ae07c0859f9 /util
parent: d894240574ce969b58a51e54926a7e62b680bcd2 (diff)
1 files changed, 13 insertions, 0 deletions
diff --git a/util/nvmutil/nvmutil.c b/util/nvmutil/nvmutil.c
index efedb07d..c6e25ce7 100644
--- a/util/nvmutil/nvmutil.c
+++ b/util/nvmutil/nvmutil.c
@@ -135,6 +135,11 @@ CFLAGS += -fstack-protector-strong
 CFLAGS += -fno-common
 CFLAGS += -D_FORTIFY_SOURCE=2
 CFLAGS += -fPIE
+
+also consider:
+-fstack-clash-protection
+-Wl,-z,relro
+-Wl,-z,now
 */
 
 #ifndef _XOPEN_SOURCE
@@ -1353,6 +1358,8 @@ gbe_cat_buf(uint8_t *b)
 static void
 write_gbe_file(void)
 {
+	struct stat gbe_st;
+
 	size_t p;
 	size_t partnum;
 	uint8_t update_checksum;
@@ -1363,6 +1370,12 @@ write_gbe_file(void)
 	update_checksum = command[cmd_index].chksum_write;
 
 	override_part_modified();
+	
+	if (fstat(gbe_fd, &gbe_st) == -1)
+		err(errno, "%s: re-check", fname);
+
+	if (gbe_st.st_size != gbe_file_size)
+		err(errno, "%s: file size changed before write", fname);
 
 	for (p = 0; p < 2; p++) {
 		partnum = p ^ command[cmd_index].invert;
author	Leah Rowe <leah@libreboot.org>	2026-03-13 16:17:05 +0000
committer	Leah Rowe <leah@libreboot.org>	2026-03-13 16:17:05 +0000
commit	d3a0cce466407e2b03e3066acfdebddc1aa9b465 (patch)
tree	1a1fadfb7a8616da85b7179b89c43ae07c0859f9 /util
parent	d894240574ce969b58a51e54926a7e62b680bcd2 (diff)