Slashdot Mirror

← Back to Stories (view on slashdot.org)

Linux: Booting Via UEFI Can Brick Samsung Notebooks

Posted by Unknown on from the like-openfirmware-only-it-sucks dept.

wehe writes "Heise News reports today some Samsung notebooks can be turned into a brick if booted just one time via UEFI into Linux. Even the firmware does not boot anymore. Some reports in the Ubuntu bug tracker system report that such notebooks can not be recovered without replacing the main board. Other Linux distributions may be affected as well. Kernel developers are discussing a change in the Samsung-laptop driver." It appears even Samsung is having trouble tracking down the problem (from the article): "According to Canonical's Steve Langasek, Samsung developers have been attempting to develop a firmware update to prevent the problem for several weeks. Langasek is advising users to start Ubuntu installation on Samsung notebooks from an up-to-date daily image, in which the Ubuntu development team has taken precautions to prevent the problem from arising. It is, however, not completely clear that these measures are sufficient."

6 of 232 comments (clear)

  1. Bricked device by P-niiice · · Score: 5, Insightful

    Now THAT ladies and gentlemen, is a true brick. Not these smartphone soft-bricks that can be solved by a quick flash. you don't go home happy after a brick. Do not pass go. Do not collect $200.

    1. Re:Bricked device by Hatta · · Score: 5, Insightful

      A true brick is always the manufacturers fault. Software should never be able to do anything irreversible to hardware. If there's flashable firmware that could be corrupted, keep a ROM copy that can be used by setting a jumper. Anything less is pure negligence.

      --
      Give me Classic Slashdot or give me death!
  2. Ah, brings back memories. by Andy+Dodd · · Score: 5, Informative

    The previous guy commenting about "sabotaging free software" got marked as a troll... But this is pretty similar to a major eMMC firmware bug present in many of Samsung's phones manufactured in 2011.

    The eMMC flash chip is NOT JEDEC compliant, and the wear leveller can go out into la-la-land if you issue a secure erase command to the chip.

    Starting with ICS, Google started performing eMMC erase when wiping data in recovery for privacy reasons. This would kill Samsung flash chips.

    In the Galaxy Nexus, Google forced Samsung to fix the damn chip with an internal firmware update.

    However, in other devices, Samsung worked around it in two ways:
    1) Disabling MMC_CAP_ERASE in I9100 kernels for a while
    2) Replacing secure erase with nonsecure erase and not documenting this anywhere

    Without the assistance of an engineer from Google (whom Samsung later tried to silence as far as I can tell) providing critical information, the opensource community would have been fucked.

    Eventually, Samsung claimed they were "working hard" on the issue in early June 2012 - http://www.xda-developers.com/android/samsung-diligently-working-towards-hardbrick-fix/

    A month later, in early July, they added MMC_CAP_ERASE to I9100 kernels without providing even the slightest warning - Within a day, a pile of bricks showed up:
    http://forum.xda-developers.com/showthread.php?t=1756242

    In late August/early September, they submitted a patch to the Linux kernel to work around the issue at a kernel level - It was merged to mainline on September 4.

    In early October, they released an update for Sprint devices WITHOUT THE FIX. "testing takes time" is an invalid excuse, as the build date for Sprint FI27 was September 27, 2011 - Almost a MONTH after the patch had been mainlined. The patch is very easy to backport to their I9100 kernel source baseline, so there is no excuse for this.

    As a result, I still get PMs on XDA once or twice a week due to people accidentally digging up userspace binaries that perform secure erase. This shouldn't be an issue, as it is the kernel's responsibility to protect hardware from getting damaged by userspace. Samsung's position was that it was an "open source problem" and hence refused to fix it in the end.

    Now that the exynos-abuse vulnerability is known and an exploit has been published, it's not an open source problem any more - Anyone who has not yet received an update to patch the exynos-abuse hole is dependent on this planet, out of 7 billion people, not having a SINGLE asshat who decides they want to permanently destroy a few Samsung devices. Even if exynos-abuse is patched, as long as the kernel still allows secure erase commands through, any other privilege escalation exploits will endanger devices again. Despite this, Samsung released an update for Sprint devices (FL24) at the end of December 2012 that *did not contain any protection against this issue in the kernel*

    So yeah, Samsung wishes free software would go away - they claim otherwise, and make promises that they care and are trying to fix things, but they never deliver on such promises. Actions speak louder than words, and Samsung's actions send a pretty clear message to open source software - "fuck off and die".

    (I won't even go into Samsung's constant and incessant GPL violations here... But it's incredibly rare for any Samsung source drop to correspond to any existing firmware release for a given device. When asked about this inconsistency, Samsung will claim that the firmware that came preinstalled on the device you purchased on launch day at Best Buy is a "leak" and thus they do not need to provide source that matches it.)

    --
    retrorocket.o not found, launch anyway?
  3. Re:"One time"? by Anonymous Coward · · Score: 5, Insightful

    Samsung notebooks can be turned into a brick if booted just one time

    Why do people say "one time" when there's been a shorter word for it for hundreds of years? Damn Fugees...

    Why do people say "hundreds of years" when there's been a shorter word for it for centuries?

  4. Re:Typical Samsung... by Anonymous Coward · · Score: 5, Funny

    Or it could be that the project leader inserted such code because he was told to by his werewolf leaders to block the use of the laptop by occultist vampires, who due to their niche market, have to rely on rebranded Linux distros for their neffarious deeds. At the same time, they would be blocking use of the laptop by robot leagions by preventing them from installing an OS that doesn't give them nightmares. I don't know how the pirates (real pirates) fit into this.

    The idea that Samsung is in control by werewolves, with Linux usability caught up in the perpetual war between werewolves, vampires, and robots, is not a good possibility, but it hasn't been entirely eliminated yet either.

  5. Re:Typical Samsung... by marcello_dl · · Score: 5, Insightful

    Please.
    When I first installed linux it was the powerpc version, that is, a port, on a powerbook, in 2002.
    One kernel recompilation and wireless worked, sound worked, gigabit ethernet worked, radeon 3d worked (lots of frames too). Only thing missing, the faxmodem.

    Logic says the intel version should have been simpler, because of the 10x-100x mindshare it had. When I switched to intel, not exotic models, it wasn't. In the following years, i had INCREASING difficulties with laptops. The broadcom driver, 3d needing proprietary drivers (and proprietary IMHO means more lockups, instead of more quality). Then with desktops (firmware for the network card, a blasphemy because common protocols for any os to speak to a network card are there at any level of hardware abstraction).

    Now, bricking a machine needs something more than a bug, it needs a feature. It makes perfect sense commercially. Hardware makers might bicker about windows to get better deals, but they sure know that if the world switched to linux their sales would go down, for lack of artificial obsolescence represented by the OS/drivers/app upgrade cycle.

    The fight for the desktop has begun. Valve, restricted boot, UEFI, ACPI... Buy wisely.

    --
    ---- MISSING MISCELLANEOUS DATA SEGMENT --- [sigdash] trolololol