Slashdot Mirror

← Back to Stories (view on slashdot.org)

Lenovo To Make Its BIOS/UEFI Updates Easier For Linux Users Via LVFS (phoronix.com)

Posted by msmash on from the how-about-that dept.

An anonymous reader shares a report: Lenovo is making it easier for their customers running Linux to update their firmware now on ThinkPad, ThinkStation, and ThinkCenter hardware. Lenovo has joined the Linux Vendor Firmware Service (LVFS) and following collaboration with the upstream developers is beginning to roll-out support for offering their device firmware on this platform so it can be easily updated by users with the fwupd stack. Kudos to all involved especially with Lenovo ThinkPads being very popular among Linux users.

62 comments

  1. That's cool. by Anonymous Coward · · Score: 0

    But also shows that UEFI is a bit of a crock.

    1. Re:That's cool. by Anonymous Coward · · Score: 0

      UEFI isn't a crock. Vendors just have their prios wrong IMHO, they should focus on releasing decent fw updaters for UEFI. UEFI has all the potential to make this nearly as user friendly (hint this is what their main focus appears to be) a point and click interface as some OS specific application.

      My only experience with an UEFI updater was horrible, updating ab obsolete LSI/Intel SAS controller was a nightmare. The updater was UEFI 1.3 (or 1.1) and I had to hunt down an UEFI shell application that than could run the updater.

      A bootable image might be an other nice solution (e.g. the debian installer can be written to either a DVD or USB device to boot in either legacy or UEFI mode).

    2. Re:That's cool. by Anonymous Coward · · Score: 0

      "It's a good idea, but nobody can seem to implement it right!!!1!"

      That still means it's a bad idea, dear. And it is. It's too complex, too clever by half, has a bad case of second system effect, and they haven't learned a thing from the intervening years since the last try. But boy have they focused on making it glittery.

  2. Linux on Lenovo was always pretty easy. by brucekeller · · Score: 1

    Lenovos are usually the hardware I have least trouble with when installing Ubuntu at least.

    1. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      Pretty much everything runs over the USB bus these days anyway. Many cheaper laptops run Ethernet and sometimes even the SSD over USB because it's cheaper than PCIe

    2. Re:Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      This is not about installing Linux, it's about trying to keep firmware up-to-date without windows, most hardware vendors only release proprietary tools to update firmware using windows.

    3. Re: Linux on Lenovo was always pretty easy. by jellomizer · · Score: 2

      That is the annoying thing about buying computers. Trying to compare say a Think Pad vs a Cheap Laptop makes it nearly impossible.
      The both show the same Specs. But there are these tiny changes which are not advertised or explained.
      And it makes it harder for you to explain why you want to pay more.
      USB3 can handle 5gbs of data. Which is enough for most devices... However the issue comes in when you start using multiple devices at the same time. So that USB SSD if is doing a lot of reading, will slow down your network speed. Due to USB being Serial.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    4. Re:Linux on Lenovo was always pretty easy. by jellomizer · · Score: 2

      I have ran across some problems with Think Pads in the past. About 10 years ago Work gave me a Think Pad that just wouldn't load the wireless network card. To make it worse, I worked in a Linux shop, I was the only person (with that model of laptop) who was using Windows for development, just because I couldn't move from my desk if I were in Linux.

      That said, I hadn't had much trouble with other models.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    5. Re: Linux on Lenovo was always pretty easy. by damn_registrars · · Score: 3, Informative

      And it makes it harder for you to explain why you want to pay more.

      It's really not that hard with a ThinkPad to explain why I am willing to pay more*. First, it is the only laptop that is standard with a usable pointing device; the trackpoint is orders of magnitude better than any touchpad ever created by anyone, ever. Second, even to this day Lenovo has continued the IBM tradition of always making the field manuals available for every laptop they make, and they continue to be excellent documents. If I need to replace some minor part it will tell me every screw I need to remove to get to it, how long it is, what kind of threads it has, and how much torque to apply to properly tighten it back down. ThinkPads are still made to be serviced by any reasonably competent person, as opposed to most other consumer (or even business) laptops that want customers to send them in instead. And of course, if I really don't want to do it myself, their on-site warranty is great too.

      *if you actually price them out, a ThinkPad is usually no more expensive than any other business caliber laptop. Toss out the junk that is sold at retail today as it isn't worth considering anyways.

      --
      Damn_registrars has no butt-hole. Damn_registrars has no use for a butt-hole.
    6. Re:Linux on Lenovo was always pretty easy. by apoc.famine · · Score: 1

      That Superfish program really helps the install. Makes it go super smoothly.

      --
      Velociraptor = Distiraptor / Timeraptor
    7. Re:Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      I had no reason to update any of the firmware on my current but ancient Thinkpad (x201t). The thing worked out of the box (apart from the GSM/GPS module which required to extract some fw from the windows device driver (never tried the analog modem though)).

      I disabled the Intel management stuff asap after unpacking, though I have no guarantee that might be reanabled with some physical access to it. I might have to hunt for the original disk (or the image I made) to look if Lenovo ever made an update available for these type of machines.

    8. Re: Linux on Lenovo was always pretty easy. by jellomizer · · Score: 1

      Argument 1: Trackpoint have been shown to be actually slower and less accurate then track pads. (while I do like Trackpoint myself, because it keeps my hand on the keyboard) but in terms of mouse ability is is worse.
      Argument 2: Telling you boss to pay more for a laptop because you can put it back together easier after you take it apart, will bring up the question on why are you taking it apart in the first place.
      Argument 3: Your job is to use the computer not to fix it. They have global system contracts for repair. Saving tens of thousands of dollars on a new system, is worth it if it costs 5 thousand more over its life span to fix it.

      The issue isn't comparing a ThinkPad with a business caliber laptop. But convincing to get ThinkPads compared to the Cheapo sub $600 laptop with the same specs at best buy.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    9. Re:Linux on Lenovo was always pretty easy. by TeknoHog · · Score: 2

      BIOS updates can be a problem even when the hardware itself works perfectly with Linux. Thinkpads have been great, as Lenovo provides bootable DOS images for the updater. In contrast, my Lenovo Legion only has BIOS updates for Windows. This announcement seems to focus on the Think* market, so no practical change for Linux users.

      This year's rush of BIOS updates seems to be about the Meltdown and Spectre vulnerabilities, more specifically CPU microcode updates. Linux has other ways to update those, so I wouldn't worry too much about BIOS side.

      --
      Escher was the first MC and Giger invented the HR department.
    10. Re:Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      At least for the ThinkPads, Lenovo has often released a bootable iso that allowed you to update.

    11. Re: Linux on Lenovo was always pretty easy. by dissy · · Score: 2

      USB3 can handle 5gbs of data. Which is enough for most devices... However the issue comes in when you start using multiple devices at the same time. So that USB SSD if is doing a lot of reading, will slow down your network speed. Due to USB being Serial.

      It's not so much being serial as the master/slave structure that slows it down with multiple devices.

      The computer host chip is the master, all else are slaves, and slaves can't talk until spoken to.
      So the computer needs to set aside time on the wire for querying each and every USB device it knows of to see if it has anything to send, and if it does have something to send it gets an equal share of time as anything else.

      I heard usb 3, or is that usb c, was supposed to support device-to-device communications without involving the host, but thankfully I haven't been that deep into USB specifics since then.

      This is why firewire at 400mbit felt so much faster than USB2 at 480mbit.
      Firewire being based off SCSI could have any device talk to any other, the host was nothing special just one more ID on the bus. Having one drive send data to another drive without pestering the host and taking time away from other things was just something USB2 and earlier couldn't do.

      Even sata and sas are both serial interfaces for disks, and sas 4 can go up to like 22 gbs. It's really fast not due to being serial (or being not serial as you imply) but because each drive gets its own serial lines to the disk controller and they are not shared with other disks.

    12. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      Yea- but Lenovo also locks down the wifi slot so you CAN'T replace it for another and then the quality has gone down hill majorly since Lenovo bought IBM's PC division. Also you must not have bought a system from anywhere else in years. I've never had a problem disassembling any system I've bought from ThinkPenguin nor any smaller market player. Heck most of the screws are exactly the same size and while you can find manuals online you don't even need them. The designs make it relatively obvious for anyone with basic technical competency to disassemble without a manual. If you are having trouble with a modern system the system is probably over-engineered. Hint: Stop buying shitty computers from Lenovo, Apple, Sony HP, Dell, and Toshiba. All these companies have done things over the years that has undermined running GNU/Linux on systems. These companies all have utilized digital restrictions and/or proprietary components/connectors/etc to make a buck after the sale.

    13. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      Argument 1 rebuttal: Trackpoints are slower than track pads for whom and for which type of input? For a casual laptop user that is untrained at touch typing and uses pointer input for almost everything the track pad may be faster, but for touch typists that leverage keyboard macros and reserves the Trackpoint for certain types of pointer input the broad tests may be meaningless. I've never been able to use a touch pad with my thumbs while my fingers are on the home row - the side of my thumb that can reach the track pad is too broad and confuses the device.

      Argument 2 rebuttal: When you were hired by your boss due to your skills, competency and integrity then the question of why is nothing more than a curiosity. If you're some pedestrian employee that barely pulls off using a touch pad and doesn't even know what a Trackpoint is then opening any kind of hardware will be out-of-the-question.

      Argument 3 rebuttal: There are reasons to open a laptop other than fixing it. Expanding memory, adding optional modules, upgrading storage, etc.. Most of those are quick and trivial and being able to manage it in a few minutes at a convenient time in the office greatly offsets the hassle of scheduling on-site service - let alone overnight or any other service type of "send it in" service. I've had same-day service center service turn into more than a month that I was without a laptop.

    14. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      1. The Clit Mouse is for pansies.
      2. You were hired to clean toilets.
      3. You talk like a fag, and your shit's all retarded.

    15. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      1: The pad is for wussies. Clit mouse is FAR superior.
      2: see 1
      3: see 1 and f off

    16. Re: Linux on Lenovo was always pretty easy. by piojo · · Score: 1

      Argument 1: Trackpoint have been shown to be actually slower and less accurate then track pads. (while I do like Trackpoint myself, because it keeps my hand on the keyboard) but in terms of mouse ability is is worse.

      Analyzing speed without considering ergonomics is the sort of thing a lazy manufacturer would do. It doesn't make sense to analyze it that way.

      As for taking a computer apart, a DIY procedure is much faster than what even the highest tier of support can offer. At a small company, this would be completely appropriate.

      --
      A cat can't teach a dog to bark.
    17. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      Obviously you've never been with a woman before. Anatomically, it's much more a nipple mouse than a clit mouse. For one thing, it doesn't have a "hood" covering it and is far rounder like a nipple than a clit is...

    18. Re:Linux on Lenovo was always pretty easy. by tlhIngan · · Score: 1

      I have ran across some problems with Think Pads in the past. About 10 years ago Work gave me a Think Pad that just wouldn't load the wireless network card. To make it worse, I worked in a Linux shop,

      It's more a testament to how much Linux wirelsss networking has advanced than anything. Because 10 years ago, wireless networking was still in the "iffy" stage. If you had the right chipset, everything is good. If you had the wrong chipset (typically Broadcom) it wouldn't work. Broadcom was typically annoying in general back then - Ethernet could be problematic.

      These days we have drivers for everything - I think Broadcom eventually released a set of open-source drivers not out of the kindness of their hearts, but out of necessity - as we progressed to 802.11n and 802.11ac, routers were migrating from RTOSes to Linux, so even in the end, they'd have Linux drivers.

      Basically one had to have either a Prism chipset, Intel (Centrino), or certain Cisco chipsets and have relative success.

      But these days, ThinkPads are generally more Linux compatible than other brands. About the only other one would be Dell. Other brands we've found to have iffy support for stuff.

    19. Re:Linux on Lenovo was always pretty easy. by rtb61 · · Score: 1

      Who cares. Lenevo can screw itself until it starts selling or more accurately giving away Linux fresh from the box. I am not paying for a fucking piece of shit Windows anal probe 10 licence for fucking nothing, I would rather buy Apple. Lenevo wants to claim Linux support than do it out of the fucking box, otherwise they can fuck off.

      --
      Chaos - everything, everywhere, everywhen
    20. Re: Linux on Lenovo was always pretty easy. by thegarbz · · Score: 1

      The issue isn't comparing a ThinkPad with a business caliber laptop. But convincing to get ThinkPads compared to the Cheapo sub $600 laptop with the same specs at best buy.

      I take it you work for a pathetically small business? No company that has a global contract in place for anything would be buying a consumer laptop.

    21. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      Found the iScum

    22. Re: Linux on Lenovo was always pretty easy. by Anonymous Coward · · Score: 0

      I agree absolutely 100%. Usually I'll open the case and disable the touchpad by disconnecting the cable from the motherboard. I would also be willing to pay an extra $50 to $100 to have an option to purchase a thinkpad without the touchpad on the keyboard. The Trackpoint is all you need,

  3. Great name; "LVFS" by ls671 · · Score: 2

    I thought that it was a file system that your BIOS could mount ;-)

    --
    Everything I write is lies, read between the lines.
    1. Re:Great name; "LVFS" by Anonymous Coward · · Score: 0

      or FS for LVM

    2. Re:Great name; "LVFS" by ls671 · · Score: 1

      Ok here are some links:

      A Lightweight Video Storage File System for IP Camera-Based Surveillance Applications:
      https://link.springer.com/chap...

      Liquid Virtual File System:
      https://github.com/LiquidFM/lv...

      LVFS: A scalable big data scientific storage system:
      https://ieeexplore.ieee.org/do...

      etc. etc.

      So I expected LVFS to mean yet another some flavor of an LV file system. I guess what I find confusing is a four letter acronym ending with "FS" but then again, nobody should have exclusivity. I probably would have chosen another acronym although to make that "LVFS" name more specific and meaningful.

      --
      Everything I write is lies, read between the lines.
  4. Userspace Access to Firmware by Anonymous Coward · · Score: 0

    What could possibly go wrong with that?

    1. Re:Userspace Access to Firmware by gweihir · · Score: 2

      Only that it has been available forever. The only problem was that while killing a BIOS from userspace was always easy, updating it successfully was not.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    2. Re:Userspace Access to Firmware by Anonymous Coward · · Score: 1

      Only that it has been available forever. The only problem was that while killing a BIOS from userspace was always easy, updating it successfully was not.

      Have you even looked at Lenovo's support page? BIOS/UEFI updates are pretty much the category where updates are painless for Linux users since those updates are provided optionally as bootable disk images (based on some DOS system I think). In contrast, firmware updates for a lot of things (Wifi cards, network cards, GSM and so on) tend to be available only as Windows programs/drivers.

      But the BIOS pretty much was the thing that was always reasonably easy to keep updated (I do remember that I had to fiddle with some Freedos disk juggling at some point of time when ThinkPads were still IBM, but even that was workable though not supported officially).

    3. Re:Userspace Access to Firmware by jellomizer · · Score: 1

      Being this is a feature common in Windows system... I don't see this a big change. Other then not needing windows to do the upgrade.

      --
      If something is so important that you feel the need to post it on the internet... It probably isn't that important.
    4. Re:Userspace Access to Firmware by tlhIngan · · Score: 1

      (I do remember that I had to fiddle with some Freedos disk juggling at some point of time when ThinkPads were still IBM, but even that was workable though not supported officially).

      About the only thing I remember for those was that IBM supplied a program that wrote the disk out since it came as a disk image. The disk image of course contained PC-DOS (IBM, remember?).

      But the last machine I had with IBM as a true builder was a Windows 95 ThinkPad and thus even the DOS disk image writers still worked on it.

      Although I think IBM was unusual in that every disk they provided in various shrinkwrap packages were also available via the on system "Disk Creator" program. Thought it was neat I could create disks of some stuff, only to find it in the box later when I looked.

  5. Never had a problem with bios updates by Anonymous Coward · · Score: 0

    This is something I have not experienced much? I typically create a DOS boot and boot into that with the bios file EXE included. But its nice I guess for users who are rather skittish about bios updates with the sort of shoehorn means rather then the simple form in Windows. Were only talking about a small percentage of users this applies too anyway. Most I know who run Linux also run Windows in a duel boot function anyway.

    1. Re:Never had a problem with bios updates by Anonymous Coward · · Score: 0

      It's not just skittish users; these updates will show up in the GUI package updaters, so people don't have to think about checking the webpage every so often.

    2. Re:Never had a problem with bios updates by Tough+Love · · Score: 1

      Most I know who run Linux also run Windows in a duel boot function anyway.

      Is that the one where Linux and Windows fight to the death with rapiers?

      --
      When all you have is a hammer, every problem starts to look like a thumb.
    3. Re:Never had a problem with bios updates by xetovss · · Score: 1

      Dell has a solution to this that Lenovo should be able to implement: The ability to install BIOS updates from a flash drive straight from the boot options menu. No hacks or "firmware services" needed. Actually I am surprised that they don't (but I don't have much experience with modern Thinkpads, so they may already have the capability already).

      Simply put the BIOS update file onto a FAT32 formatted flash drive, restart the system and press the key to bring up the boot menu (on Dell's it is F12), select the option for BIOS firmware update, select the BIOS update in the file explorer, and select update. This method takes an operating system out of the equation completely and the only tool you need is a common USB flash drive.

    4. Re:Never had a problem with bios updates by Anne+Thwacks · · Score: 1

      If so, I am seriously worried - Windows IS the Zombie apocalypse your mother warned you about!

      --
      Sent from my ASR33 using ASCII
  6. It works by dremon · · Score: 1

    Updated my ThinkPad T470s using Kubuntu 18.04, just worked out of the box, this is simply amazing.

  7. Your post proves by Anonymous Coward · · Score: 0

    The lack of mental health care in the US. Too many people are allowed to use a computer without medication.

  8. Re: world leaders to settle matters in cage match? by Anonymous Coward · · Score: 0

    C'mon. Who would stand a chance against Putin?

  9. Thinkpad tablet by Anonymous Coward · · Score: 0

    When is Linux going to work properly on X1 Tablet Gen3? launched in Feb, still trackpoint/buttons not working, suspend not working.

    1. Re:Thinkpad tablet by Tough+Love · · Score: 1

      When is Linux going to work properly on X1 Tablet Gen3? launched in Feb, still trackpoint/buttons not working, suspend not working.

      Looks like patches have been available for some time, some discussion here. Maybe just not landed in your distro yet. Make sure your bios is updated to current and check around to see which firmware packages you need. If you still have issues then get on a forum, Slashdot isn't ideal.

      --
      When all you have is a hammer, every problem starts to look like a thumb.
  10. Suh-weet. by Tough+Love · · Score: 3, Informative

    Sweet. I also notice that many or most enthusiast motherboards are shipping with Windows-independent bios updaters now. This suggests the Linux component of the enthusiast segment is signifcant. Another motivation would be, you see no end of forum posts about people bricking their motherboard because of running the bios update with the Windows utility.

    --
    When all you have is a hammer, every problem starts to look like a thumb.
    1. Re:Suh-weet. by thegarbz · · Score: 1

      I also notice that many or most enthusiast motherboards are shipping with Windows-independent bios updaters now.

      They always have. You just slot in your 3.5" floppy and go on your way. :-)

      No seriously... I don't think I've ever seen a BIOS update that depended on Windows. If anything most updates used to depend on either a bootable device, or worked from within the BIOS itself.

  11. Why does this need to be hard? by jonwil · · Score: 4, Informative

    On my Gigabyte motherboard, I download the new BIOS, stick it on a small FAT partition on an external drive I have for various things, boot into the BIOS and pick "upgrade". The BIOS will then read the firmware from the FAT partition in question, verify it then install it before rebooting automatically. I am sure if I stuck the BIOS on a thumb drive it would work as well (except that I would need to find a thumb drive whereas the extra partition on the existing external HDD is easy to work with)

    Why can't everyone make it that easy rather than needing to run a Windows exe or boot from a special DOS boot disk or something (or even this new Linux thing)

    1. Re:Why does this need to be hard? by Anonymous Coward · · Score: 0

      It doesn't. LVFS is a shitty project that isn't needed and no sane person actually wants and has actually introduced new risks particularly with integration in other projects. Until 2009 I never really had any issues with x86-but I've had a friend telling me since 2005 at least what shit it was. Well, he was right, it might be, but wasn't as big of an issue in my mind until 2009. Part of the issue is Intel/AMD and backdoors, but UEFI isn't helping. We need to get back to unix roots. Keep it simple stupid. Rid ourselves of shit that has come out of trying to make Linux like Microsoft Windows. Stop fucking copying Apple and Microsoft Windows. It's not the way forward and undermines the very appeal of Linux. Shit like systemd and Canonical's unity need to die. And all the malware too. From NVIDIA's shitty proprietary drivers to Amazon's spyware. We need more of our own designs. One of the reasons why I like EOMA68. It's not an architecture- it's merely a standard interface for modular computing that cuts design and manufacturing costs of niche computing by spreading the cost out over many devices.

    2. Re:Why does this need to be hard? by Anonymous Coward · · Score: 0

      There's nothing wrong with the firmware update code being a program that runs from a FreeDOS disk rather than built-in to the BIOS. The bad thing is when it's a nonsense Windows program. Now if it came on a Windows Embedded CD it might not be too bad, but nobody does it that way. (Hey if you're going to have that OEM Windows key anyway ...)

    3. Re:Why does this need to be hard? by Antique+Geekmeister · · Score: 1

      There have been some such projects, especially libreboot. The program has produced good quality working BIOS's over the years. Sadly, it's also suffered some unnecessary political turmoil due to its lead developer making some unfounded accusations of transgender discrimination. This was covered here, https://yro.slashdot.org/story...

    4. Re:Why does this need to be hard? by Anonymous Coward · · Score: 0

      Sadly, it's also suffered some unnecessary political turmoil due to its lead developer making some unfounded accusations of transgender discrimination.

      Only those directly involved know if the accusations were unfounded or not.

    5. Re:Why does this need to be hard? by Frederico+Camara · · Score: 1

      ... (or even this new Linux thing)

      It spells GNU/Linux.

  12. FreeDOS and a USB stick by kbahey · · Score: 1

    There are already working solutions for this. For example, having FreeDOS on a USB drive, downloading the BIOS to it, and booting from it is very simple.

    Did it on my Dell Latitude a while back, and got the latest BIOS on it without any issues.

    --
    2bits.com, Inc: Drupal, WordPress, and LAMP performance tuning.
  13. It would be a nice feature, if only it was by Anonymous Coward · · Score: 0

    offered by an American or a European laptop maker instead of an arm of the Chinese communist People's Liberation Army.

    Those Lenovo laptops (generally, not a particular model) used to be made in America by IBM, but that division was sold to the communist Chinese as part of the Wall Street sell-out of the West. Given that China is officially communist, and a one-party-rule nation where everything serves the interests of the ruling party which is also at-one with the police and armed forces and spy agencies, there is simply no trusting those tech products. You cannot trust the software, the firmware and certainly not the semiconductors, all of which can have malware and backdoors built-in in China.

  14. Not interested in the Thinkpad... by Hallux-F-Sinister · · Score: 1

    I'm holding out for the FEELpad. :-D LOL

    --
    Our reign has gone on long enough. Indeed. Summon the meteors.
  15. Apple-style by DrYak · · Score: 1

    There are reasons to open a laptop other than fixing it. Expanding memory, adding optional modules, upgrading storage, etc.. Most of those are quick and trivial

    You know, the exact list of things that Apple was brave and courageous to SOLDER ON their supposedly "pro" range of laptops.

    being able to manage it in a few minutes at a convenient time in the office greatly offsets the hassle of scheduling on-site service - let alone overnight or any other service type of "send it in" service.

    And you can count on Apple's service being not "same-day / over-night", because they don't allow shops to keep local stock of replacement parts for the latest Pro models(need to ship a broken part in, before receiving the replacement part). Apparently to avoid some replacements ending up on ebay black market.

    My current laptop is a Dell Latitude business laptop (there's exactly ONE single screw to open the bottom pannel and get immediate access to nearly everything).
    My next one is going to be a good business laptop too (probably a ThinkPad one if they get a good feature set, including full AMD chipset, like on the A480 / E585)

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  16. Nitpicking : not firmware by DrYak · · Score: 1

    Actually, to nitpick : you do NOT get user space to the Firmware.

    Since UEFI, the firmware locks-down irreversibly lots of low-level access once its start to boot the OS.
    It's impossible to recover these low-level access unless you reboot completely.
    Thus these low-level access are only up and available while the UEFI firmware is active, they cannot be available while the OS is running.

    Instead, it uses an approach called capsule :
    - the userspace part just gives a plain file to the UEFI. And that's it. It does nothing on it's own. Usually after finishing that, the userspace program encourages you to reboot.
    - on the following reboot, while the UEFI firmware is running, it can detect that a new payload is available, check its signature, check it is targetting the correct hardware, and eventually jumps into it *before* the usually boot-time hand-over lock-down of low-level function.
    - the updater can itself perform futher checks and performs the flashing.

    As it's a plain file, it's usually also possible to completely ignore the OS : just save it on a USB stick, and most UEFI menu have a special entry that starts a file browser and give you the possibilty to point to the file on the stick your self, instead of relying on the OS. It will then again run the check and jump into the updater as above.

    Bottom line : it's not the user-space, it's the UEFI. And the UEFI has been able to update the UEFI since ages.

    You can't write a virus that will write arbitrary bullshit on the UEFI firmware.
    BUT if you have a valid signing key, you can write a valid upgrade that will pass all checks and will get the UEFI to self-overwrite with arbitrary bullshit.

    The end result is the same (getting arbitrary bullshit), but mean is different (the user space has no access, its merely a short cut to avoid needing to manually point the update file with the UEFI menu file browser).

    Given how simple the update is from the point of view of the OS, there's no technical reason why it should not be enabled on Linux.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  17. BIOS yes, UEFI not anymore by DrYak · · Score: 1

    With a BIOS based machine, it works this way indeed, with a DOS boot (an OS that has no protection whatsover and could directly talk to the flasher to flash a new bios).

    With UEFI that not the case anymore. Lots of low-level functionality (including flashing) is locked-down once the OS is booted. This is irreversible, a OS cannot reclaim the flashing capability, you need to reboot the machine back into UEFI.

    In that case, the upgrade is simply a file.
    This file can be either directly selected from a built-in file browser in the UEFI menu (another poster mentions this on Dell).
    Or this file can be pushed by an executable. That's what the Windows or DOS upgrade executable do on modern UEFI machine. They don't actually flash the update, they give the file to the UEFI to use for flashing on the next reboot.

    Given that its simply uploading a file, no low-level flashing, there's no reason why it couldn't be added to Linux too.

    (Bonus point: the UEFI will check signatures and compatibility of such update capsules before starting them).

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  18. It's not hard by DrYak · · Score: 1

    boot into the BIOS and pick "upgrade". The BIOS will then read the firmware from the FAT partition in question, verify it then install it before rebooting automatically. I am sure if I stuck the BIOS on a thumb drive it would work as well (except that I would need to find a thumb drive whereas the extra partition on the existing external HDD is easy to work with)

    And that's what the various user-space "updater" (Windows, or TFA's Linux, or even a few older DOS for those who use that) actually do :
    they simply provide the file to the UEFI firmware and tell "please on the next reboot, use this file".
    Since UEFI, user-space program cannot have the necessary access to perform the flashing themselves any more, it's locked-up when handing control from UEFI to OS.

    Why can't everyone make it that easy rather than needing to run a Windows exe or boot from a special DOS boot disk or something (or even this new Linux thing)

    The point here is *unattended upgrade*. A windows .EXE upgrade means that it can be part of some "update" software that runs periodically.
    Being accessible to "fwupd" means that on Ubuntu and Fedora, it could be part of the regular update GUI (synaptic and I forgot what respectively).
    Critical firmware bug could be fixed even for non-power user that would forget or even not be comfortable enough to boot into the UEFI menu to manually pick up the upgrade themselves.

    --
    "Sufficiently advanced satire is indistinguishable from reality." - [Tips: 1DrYakQDKCQ6y52z6QbnkxHXAocMZJE61o ]
  19. The Chinese... by Anonymous Coward · · Score: 0

    This Chinese Ministry of State Security must love this! It is REALLY open source?