cClaude.rocks ☕ Le blog

[Nouvelles technologies, sciences et coups de gueule…]

Menu

Dans l’article 🍇 Le BIOS de Raspberry nous avons vu comment gérer et configurer le BIOS sur Raspberry PI, mais comment faire cela sur une machine plus conventionnelle ?



La solution est proposée par fwupdmgr un utilitaire client du service fwupd, le gestionnaire de mise à jour du micrologiciel.

fwupdmgr est une abréviation pour « firmware update manager client utility ».



Lister les mises à jour possibles

fwupdmgr get-upgrades

Faire la mise à jour

sudo fwupdmgr update

On obtient alors quelques notifications et il faut répondre à quelques questions :

Devices with no available firmware updates:
 • HGST HTS721010A9E630
 • KINGSTON RBUSNS8154P3256GJ
 • System Firmware
╔══════════════════════════════════════════════════════════════════════════════╗
║ Upgrade UEFI dbx from 77 to 217?                                             ║
╠══════════════════════════════════════════════════════════════════════════════╣
║ This updates the dbx to the latest release from Microsoft which adds         ║
║ insecure versions of grub and shim to the list of forbidden signatures due   ║
║ to multiple discovered security updates.                                     ║
║                                                                              ║
║ Before installing the update, fwupd will check for any affected executables  ║
║ in the ESP and will refuse to update if it finds any boot binaries signed    ║
║ with any of the forbidden signatures. If the installation fails, you will    ║
║ need to update shim and grub packages before the update can be deployed.     ║
║                                                                              ║
║ Once you have installed this dbx update, any DVD or USB installer images     ║
║ signed with the old signatures may not work correctly. You may have to       ║
║ temporarily turn off secure boot when using recovery or installation media,  ║
║ if new images have not been made available by your distribution.             ║
║                                                                              ║
║ UEFI dbx and all connected devices may not be usable while updating.         ║
╚══════════════════════════════════════════════════════════════════════════════╝

Perform operation? [Y|n]: y
Downloading…             [***************************************]
Downloading…             [***************************************]
Decompressing…           [***************************************]
Decompressing…           [***************************************]
Authenticating…          [***************************************]
Authenticating…          [***************************************]
Restarting device…       [***************************************]
Writing…                 [***************************************]
Decompressing…           [***************************************]
Writing…                 [***************************************]
Restarting device…       [***************************************]
Waiting…                 [***************************************]
Successfully installed firmware

An update requires a reboot to complete. Restart now? [y|N]:

Après la mise à jour

Après un arrêt puis un redémarrage de la machine, on peut aller plus loin.

fwupdmgr get-upgrades

Dans ce cas de nouvelles mise à jour son proposées :

Devices with no available firmware updates:
 • HGST HTS721010A9E630
 • KINGSTON RBUSNS8154P3256GJ
 • System Firmware
Devices with the latest available firmware version:
 • UEFI dbx
________________________________________________

Devices that were not updated correctly:

 • UEFI dbx (77 → 217)

Uploading firmware reports helps hardware vendors to quickly identify failing and successful updates on real devices.
Upload report now? (Requires internet connection) [Y|n]:

Répondre: y

Target:                  "__SUPPRIMÉ__",
Payload:                 {
                           "ReportVersion" : 2,
                           "MachineId" : "__SUPPRIMÉ__",
                           "Metadata" : {
                             "DistroId" : "linuxmint",
                             "DistroVersion" : "21.1"
                           },
                           "Reports" : [
                             {
                               "Checksum" : "__SUPPRIMÉ__",
                               "ReleaseId" : null,
                               "UpdateState" : 3,
                               "UpdateError" : "failed to run update on reboot",
                               "Guid" : [
                                 "__SUPPRIMÉ__"
                               ],
                               "Plugin" : "uefi_dbx",
                               "VersionOld" : "77",
                               "VersionNew" : "217",
                               "Flags" : 4194595,
                               "Created" : 1675693482,
                               "Modified" : 1675693631,
                               "Metadata" : {
                                 "HostSku" : "17E2.1",
                                 "DistroVersion" : "21.1",
                                 "RuntimeVersion(org.freedesktop.gusb)" : "0.3.10",
                                 "FwupdSupported" : "True",
                                 "CompileVersion(org.freedesktop.fwupd)" : "1.7.9",
                                 "SecureBoot" : "Disabled",
                                 "HostFamily" : "GE",
                                 "UEFIUXCapsule" : "Enabled",
                                 "KernelName" : "Linux",
                                 "RuntimeVersion(org.kernel)" : "5.15.0-58-generic",
                                 "CompileVersion(com.hughsie.libjcat)" : "0.1.9",
                                 "RuntimeVersion(com.dell.libsmbios)" : "2.4",
                                 "CompileVersion(org.freedesktop.gusb)" : "0.3.10",
                                 "DistroId" : "linuxmint",
                                 "CpuArchitecture" : "x86_64",
                                 "BootTime" : "1675669972",
                                 "HostVendor" : "Micro-Star International Co., Ltd.",
                                 "EfivarNvramUsed" : "23186",
                                 "HostProduct" : "GE75 Raider 8SE",
                                 "FwupdTainted" : "False",
                                 "KernelCmdline" : "pcie_aspm=off pci=nomsi",
                                 "RuntimeVersion(org.freedesktop.fwupd)" : "1.7.9",
                                 "KernelVersion" : "5.15.0-58-generic"
                               }
                             }
                           ]
                         }
Proceed with upload? [Y|n]:

Répondre: y

Idle…                    [***************************************]
Update failure is a known issue, visit this URL for more information: https://github.com/fwupd/fwupd/wiki/LVFS-Triaged-Issue:-Failed-to-run-update-on-reboot
Successfully uploaded 1 report

Do you want to upload reports automatically for future updates? [y|N]:

Répondre: y

Authenticating…          [***************************************]
Authenticating…          [***************************************]
Authenticating…          [***************************************]
Authenticating…          [***************************************]
No updates available
fwupdmgr get-upgrades

Cette fois, c’est bon…

Devices with no available firmware updates:
 • HGST HTS721010A9E630
 • KINGSTON RBUSNS8154P3256GJ
 • System Firmware
Devices with the latest available firmware version:
 • UEFI dbx
No updates available


Liens

ᦿ


ℹ 2006 - 2024 | 🏠 Accueil du domaine | 🏡 Accueil du blog