Actionable Item: Integrate fwupd (pulled from repo due to lack of integration points) in various tools and software in Solus. The should likely be:
Description
Details
- Differential Revisions
- D1503: Initial inclusion of fwupd
- Commits
- R4064:77d71f15f613: Initial inclusion of fwupd
Status | Assigned | Task | ||
---|---|---|---|---|
Open | None | T2532 Integrate fwupd | ||
Resolved | • ikey | T2675 Update appstream-glib to 0.6.11 |
Event Timeline
Note: fwupd-1.0.0 released.
https://blogs.gnome.org/hughsie/2017/10/09/fwupd-hits-1-0-0/
Saving ikey some time for when he gets to this, also interested in playing around with supported firmware myself.
I suppose before updating firmware there must be a way to find out what firmware it is that I have on my computer. Is such a probing function integrated with fwupd or would a tool like MEAnalyzer be necessary? See: https://github.com/platomav/MEAnalyzer
Device/hardware detection is part of fwupd.
fwupdmgr get-devices
Displays all devices detected by fwupd.
I would assume that it only detects supported devices.
Hi, I have a Dell XPS 13 and used fwupdmgr in Ubuntu to update my firmware. Now I am using Solus and tried to install fwupd with snap, i.e. as root user (or with sudo):
snap install uefi-fw-tools snap connect uefi-fw-tools:fwupdmgr uefi-fw-tools:fwupd uefi-fw-tools.fwupdmgr refresh uefi-fw-tools.fwupdmgr get-devices
However, the only thing it finds is:
XPS 13 9360 Guid: 5ff.................. DeviceID: UEFI-5ff........ Provider: UEFI Flags: internal|allow-offline|require-ac|supported Version: 0.2.4.2 VersionLowest: 0.2.4.2 Created: 2018-01-23
What am I missing?
I just read that Lenovo has joined the LVFS (https://phoronix.com/scan.php?page=news_item&px=Lenovo-LVFS-Support). Now I can easily update the firmware of my ThinkPad. Will fwupd be available anytime soon?
It's not because a company joins the LVFS that magically you'll be able to update the firmware of your computer... It doesn't mean that all the models of this manufacturer will be supported and this is especially true for older models !!!
This is anyway in the Solus to-do list, probably not a high priority item though and anyway it is pending upstream. If you want to discuss this further, there are the forums and the social medias... this is the bug tracker !
If you want to discuss this further, there are the forums and the social medias... this is the bug tracker !
This is a development tracker and @Vistaus's comment is relevant to the task, since the LVFS support enables them to ship updated firmware via fwupd. You are correct however regarding the fact it may not support their device, but the tone could've been different.
From Hughes' post:
That said, we’ll only be supporting UEFI hardware produced fairly recently, so there’s no point looking for updates on your beloved T61. I also can’t comment on what other Lenovo branded hardware is going to be supported in the future as I myself don’t know.
Thanks @JoshStrobl ! I'm pretty sure that my device will be supported as this ThinkPad model was officially released globally in February 2018 as part of their (new) 2018 line-up (though I bought it last month), so it would be weird if Lenovo wouldn't support their 2018 line-up through this new firmware update method as 2018 is the current year, so the 2018 line-up should be covered by "fairly recently".
I'm going to re-open this task and move it to Software (for "enabling fwupd") since we technically landed it (thus fulfilling the package request + inclusion), however pulled it from the repo when @joebonrichie landed it, since we have no integration points at this moment in time, in addition to pending upstream items.
Yesterday, 20.08.2018 I noticed an interesting info: "The Next Challenge For Fwupd / LVFS Is Supporting NVMe SSD Firmware Updates". Shortly said, Richard Hughes at Red Hat is hoping for Linux users with NVMe drives to send him the id-ctrl identification data on their drives - this data will be useful so he knows what drives/models are most popular but also for how the firmware revision string is advertised across drives and vendors:
https://blogs.gnome.org/hughsie/2018/08/17/nvme-firmware-i-need-your-data/
I followed the instructions. Can you please confirm that all went ok:
solus@user ~ $ sudo nvme id-ctrl --raw-binary /dev/nvme0 > /tmp/id-ctrl
Password:
solus@user ~ $ curl -F type=nvme \-F "machine_id="`cat /etc/machine-id` \ -F file=@/tmp/id-ctrl \ https://staging.fwupd.org/lvfs/upload_hwinfo{
"success": true}solus@user ~ $
FYI the upload is failing
cat /etc/machine-id` \ -F file=@/tmp/id-ctrl \ https://staging.fwupd.org/lvfs/upload_hwinfo <!DOCTYPE html> <!-- Copyright (C) 2018 Richard Hughes <richard@hughsie.com> Licensed under the GNU General Public License Version 2 --> <html lang="en"> <head> <title>LVFS: Temporarily Unavailable</title> <meta http-equiv="Content-Type" content="text/html;charset=utf-8"/> <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/4.0.0-beta.2/css/bootstrap.min.css" integrity="sha384-PsH8R72JQ3SOdhVi3uxftmaW6Vc51MKb0q5P2rRUpPvrszuE4W1povHYgTpBfshb" crossorigin="anonymous"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> </head> <body> <div class="container mt-3"> <div class="container mt-3"> <div class="alert alert-warning" role="alert"> The LVFS is temporarily unavailable and should be back soon. </div> </div> </div> </body> </html>
Any updates on fwupd its badly needed for folks like me who have purchase laptops like X1 Carbon 6th gen and have battery drain issues during sleep
I wanted to give it another try because I also really need this and I noticed that Clear Linux already has a package for it, which means that clr-boot-manager must be compatible.
TL;DR: I just updated the ME firmware of my T480s successfully.
The package still needs some polish (as I have basically no knowledge of DBus, polkit & stuff like that), but it's working fine. The only problem I see is that we don't mount the EFI partition which means the user has to do it himself when he wants to update BIOS/firmware. Any ideas on that? Maybe someone can help me with that, see D5647.
The only problem I see is that we don't mount the EFI partition which means the user has to do it himself when he wants to update BIOS/firmware.
That's what ikey meant by fwupd needs managing by clr-boot-manager.
Ah, you're probably right. However I wouldn't consider this a blocker because there are lots of updates that don't require the EFI partition and it's possible to make it run without clr-boot-manager integration. Also it doesn't seem like there is much development on that front.
It looks like the Clear Linux team is no longer interested in integrating this into clr-boot-manager. If all that needed, is to mount the /boot partition before running fwupd, maybe we could consider integrating this with eopkg for the time being, and then sol later on.
Indeed :(
If all that needed, is to mount the /boot partition before running fwupd, maybe we could consider integrating this with eopkg for the time being, and then sol later on.
Can someone else confirm if that's a viable solution for Solus?
Apparently tss2-esys from tpm2-tss is now required to compile xmlb, one of fwupd's dependencies.
Any updates here? IT would be a great move foreward to more kind of "bare-metal security" in solus.
Need any more reasons? Here => https://www.bleepingcomputer.com/news/security/intel-patched-77-vulnerabilities-in-november-2019-platform-update/
@Solus_BLN Stop spreading FUD. fwupd is not a requirement for updating firmware. You can do this using the manufacturer provided tools for your motherboard. We also provide updated microcode from Intel and other firmware from linux-firmware over at kernel.org. TSX is disabled in the kernel and we don't support BMC as this is a desktop OS.
Sorry about that folks, seems we had a random user being abusive for seemingly no reason.
If all that needed, is to mount the /boot partition before running fwupd, maybe we could consider integrating this with eopkg for the time being, and then sol later on.
Alternative solution: add an executable to the fwupd package that mounts /boot and put in in the ExecPre for the service. This allows fwupd to be a standalone service that can be used on the command line. Integration with the Software Center (which imho should be the only integration point) can then be done at a later time.
The executable, of course, could also be a clr-boot-manager command, which should be easy enough to contribute.
I have a working fwupd integrated with clr-boot-manager based on my previous comment. The changes are fairly minimal:
- A mount-boot command and service for clr-boot-manager (changes). This can probably be contributed upstream.
- A 2-line patch adding a dependency on clr-boot-manager-mount-boot.service for fwupd.service.
@kyrios123, @JoshStrobl: is this sufficient integration to get fwupd back in the repo?
It is going to be very exciting to hopefully see those patches landing @silke. I think I remember seeing a differential revision opened here for integrating it, but I can't seem to find it any more. Am I remembering incorrectly or is it just very hard to find?
@Jacalz I haven't posted a differential, as I'm waiting on a go-ahead from @JoshStrobl. It is on his to-do list afaik, so we'll just have to be patient :)
@silke Thank you. Looks like I am remembering incorrectly then. Looking forward to seeing one posted :)