framework_lib: Validate EC firmware is valid before flashing

JohnAZoidberg · JohnAZoidberg · commit fdf982c1d29a · 2024-05-11T23:11:13.000+08:00
Signed-off-by: Daniel Schaefer &lt;dhs@frame.work&gt;
diff --git a/framework_lib/src/chromium_ec/mod.rs b/framework_lib/src/chromium_ec/mod.rs
@@ -8,6 +8,7 @@
 //! - `portio` - It uses raw port I/O. This works on UEFI and on Linux if the system isn't in lockdown mode (SecureBoot disabled).
 //! - `windows` - It uses [DHowett's Windows driver](https://github.com/DHowett/FrameworkWindowsUtils)
 
+use crate::ec_binary;
 use crate::os_specific;
 use crate::smbios;
 #[cfg(feature = "uefi")]
@@ -399,6 +400,25 @@ impl CrosEc {
     /// | 40000 | 3C000 | 39000 | RO Region   |
     /// | 79000 | 79FFF | 01000 | Flash Flags |
     pub fn reflash(&self, data: &[u8], ft: EcFlashType) -> EcResult<()> {
+        if ft == EcFlashType::Full || ft == EcFlashType::Ro {
+            if let Some(version) = ec_binary::read_ec_version(data, true) {
+                println!("EC RO Version in File: {:?}", version.version);
+            } else {
+                return Err(EcError::DeviceError(
+                    "File does not contain valid EC RO firmware".to_string(),
+                ));
+            }
+        }
+        if ft == EcFlashType::Full || ft == EcFlashType::Rw {
+            if let Some(version) = ec_binary::read_ec_version(data, false) {
+                println!("EC RW Version in File: {:?}", version.version);
+            } else {
+                return Err(EcError::DeviceError(
+                    "File does not contain valid EW RO firmware".to_string(),
+                ));
+            }
+        }
+
         if ft == EcFlashType::Full || ft == EcFlashType::Ro {
             println!("For safety reasons flashing RO firmware is disabled.");
             return Ok(());
diff --git a/framework_lib/src/ec_binary.rs b/framework_lib/src/ec_binary.rs
@@ -182,6 +182,9 @@ pub fn read_ec_version(data: &[u8], ro: bool) -> Option<ImageVersionData> {
         EC_RW_VER_OFFSET_ZEPHYR
     };
 
+    if data.len() < offset + core::mem::size_of::<_ImageVersionData>() {
+        return None;
+    }
     let v: _ImageVersionData = unsafe { std::ptr::read(data[offset..].as_ptr() as *const _) };
     if v.cookie1 != CROS_EC_IMAGE_DATA_COOKIE1 {
         debug!("Failed to find Cookie 1. Found: {:X?}", { v.cookie1 });
@@ -191,6 +194,9 @@ pub fn read_ec_version(data: &[u8], ro: bool) -> Option<ImageVersionData> {
         return parse_ec_version(&v);
     }
 
+    if data.len() < offset_zephyr + core::mem::size_of::<_ImageVersionData>() {
+        return None;
+    }
     let v: _ImageVersionData =
         unsafe { std::ptr::read(data[offset_zephyr..].as_ptr() as *const _) };
     if v.cookie1 != CROS_EC_IMAGE_DATA_COOKIE1 {
