RSSfévr.
09
2023
Dans l’article 🍇 Le BIOS de Raspberry nous avons vu comment gérer et configurer le BIOS sur Raspberry PI, mais comment faire cela sur une machine plus conventionnelle ?
ඏ
La solution est proposée par fwupdmgr un utilitaire client du service fwupd, le gestionnaire de mise à jour du micrologiciel.
fwupdmgr est une abréviation pour « firmware update manager client utility ».
ඏ
Lister les mises à jour possibles
fwupdmgr get-upgrades
Faire la mise à jour
sudo fwupdmgr update
On obtient alors quelques notifications et il faut répondre à quelques questions :
Devices with no available firmware updates:
• HGST HTS721010A9E630
• KINGSTON RBUSNS8154P3256GJ
• System Firmware
╔══════════════════════════════════════════════════════════════════════════════╗
║ Upgrade UEFI dbx from 77 to 217? ║
╠══════════════════════════════════════════════════════════════════════════════╣
║ This updates the dbx to the latest release from Microsoft which adds ║
║ insecure versions of grub and shim to the list of forbidden signatures due ║
║ to multiple discovered security updates. ║
║ ║
║ Before installing the update, fwupd will check for any affected executables ║
║ in the ESP and will refuse to update if it finds any boot binaries signed ║
║ with any of the forbidden signatures. If the installation fails, you will ║
║ need to update shim and grub packages before the update can be deployed. ║
║ ║
║ Once you have installed this dbx update, any DVD or USB installer images ║
║ signed with the old signatures may not work correctly. You may have to ║
║ temporarily turn off secure boot when using recovery or installation media, ║
║ if new images have not been made available by your distribution. ║
║ ║
║ UEFI dbx and all connected devices may not be usable while updating. ║
╚══════════════════════════════════════════════════════════════════════════════╝
Perform operation? [Y|n]: y
Downloading… [***************************************]
Downloading… [***************************************]
Decompressing… [***************************************]
Decompressing… [***************************************]
Authenticating… [***************************************]
Authenticating… [***************************************]
Restarting device… [***************************************]
Writing… [***************************************]
Decompressing… [***************************************]
Writing… [***************************************]
Restarting device… [***************************************]
Waiting… [***************************************]
Successfully installed firmware
An update requires a reboot to complete. Restart now? [y|N]:
Après la mise à jour
Après un arrêt puis un redémarrage de la machine, on peut aller plus loin.
fwupdmgr get-upgrades
Dans ce cas de nouvelles mise à jour son proposées :
Devices with no available firmware updates:
• HGST HTS721010A9E630
• KINGSTON RBUSNS8154P3256GJ
• System Firmware
Devices with the latest available firmware version:
• UEFI dbx
________________________________________________
Devices that were not updated correctly:
• UEFI dbx (77 → 217)
Uploading firmware reports helps hardware vendors to quickly identify failing and successful updates on real devices.
Upload report now? (Requires internet connection) [Y|n]:
Répondre: y
Target: "__SUPPRIMÉ__",
Payload: {
"ReportVersion" : 2,
"MachineId" : "__SUPPRIMÉ__",
"Metadata" : {
"DistroId" : "linuxmint",
"DistroVersion" : "21.1"
},
"Reports" : [
{
"Checksum" : "__SUPPRIMÉ__",
"ReleaseId" : null,
"UpdateState" : 3,
"UpdateError" : "failed to run update on reboot",
"Guid" : [
"__SUPPRIMÉ__"
],
"Plugin" : "uefi_dbx",
"VersionOld" : "77",
"VersionNew" : "217",
"Flags" : 4194595,
"Created" : 1675693482,
"Modified" : 1675693631,
"Metadata" : {
"HostSku" : "17E2.1",
"DistroVersion" : "21.1",
"RuntimeVersion(org.freedesktop.gusb)" : "0.3.10",
"FwupdSupported" : "True",
"CompileVersion(org.freedesktop.fwupd)" : "1.7.9",
"SecureBoot" : "Disabled",
"HostFamily" : "GE",
"UEFIUXCapsule" : "Enabled",
"KernelName" : "Linux",
"RuntimeVersion(org.kernel)" : "5.15.0-58-generic",
"CompileVersion(com.hughsie.libjcat)" : "0.1.9",
"RuntimeVersion(com.dell.libsmbios)" : "2.4",
"CompileVersion(org.freedesktop.gusb)" : "0.3.10",
"DistroId" : "linuxmint",
"CpuArchitecture" : "x86_64",
"BootTime" : "1675669972",
"HostVendor" : "Micro-Star International Co., Ltd.",
"EfivarNvramUsed" : "23186",
"HostProduct" : "GE75 Raider 8SE",
"FwupdTainted" : "False",
"KernelCmdline" : "pcie_aspm=off pci=nomsi",
"RuntimeVersion(org.freedesktop.fwupd)" : "1.7.9",
"KernelVersion" : "5.15.0-58-generic"
}
}
]
}
Proceed with upload? [Y|n]:
Répondre: y
Idle… [***************************************]
Update failure is a known issue, visit this URL for more information: https://github.com/fwupd/fwupd/wiki/LVFS-Triaged-Issue:-Failed-to-run-update-on-reboot
Successfully uploaded 1 report
Do you want to upload reports automatically for future updates? [y|N]:
Répondre: y
Authenticating… [***************************************]
Authenticating… [***************************************]
Authenticating… [***************************************]
Authenticating… [***************************************]
No updates available
fwupdmgr get-upgrades
Cette fois, c’est bon…
Devices with no available firmware updates:
• HGST HTS721010A9E630
• KINGSTON RBUSNS8154P3256GJ
• System Firmware
Devices with the latest available firmware version:
• UEFI dbx
No updates available
ඏ
Liens
- fwupd : Mettre à jour les firmware et BIOS depuis Linux
- Service de micrologiciels Linux : https://fwupd.org/ – Site destiné à centraliser les « firwares » des constructeurs
- Linux Vendor Firmware Service (LVFS) dans la documentation Ubuntu en français.
- Description de l’erreur PluginFlag:capsules unsupported
- Description de l’erreur Failed to run update on reboot
ᦿ
-
Vos commentaires
Pas encore de commentaire - ajouter le votre.
-
Ajouter votre commentaire