On Fri, 21 Sep 2012 06:34:28 +0200 roxfan roxfan@skynet.be wrote:
Thursday, September 20, 2012, 10:50:39 PM, you wrote:
That is a pure guess based on no evidence, AFAICT. It is quite easy to find the UEFI variables in the flash image, once it has been read out, as the variable names are there in ASCII for those variables that have been set to non-default values.
ST> Right. And the Q45M seems to use UEFI. ST> In that case the locked ME firmware remains the major obstacle, because ST> we still don't know if the ME requires to be updated together with the ST> BIOS region *in general*.
No, ME is very rarely (never?) updated together with the BIOS; usually it's either a separate update (using Intel's FWUpdLcl.exe and a specially-packaged ME image) or another elaborate step (e.g. MSI P67A-G43 ME7 to ME8 update involves an EFI module inside the BIOS).
ST> In the case of the Q45M, the latest firmware update archive contains ST> different binaries: (presumably) image of the whole flash space, images ST> for each flash chip, and one image for the BIOS region only. ST> The interesting bit is that the batch file included uses only the latter ST> to write to the BIOS region. So i think it is safe to assume, that ST> updating that region only is ok, which makes flashrom (including my ST> layout patches) suitable for the job of reading the (updated, and ST> configured) region out and deploying it on the other machines.
I think it makes sense to just update the BIOS region for the descriptor-based flashes; AFAIK that's what all other tools do.
those elaborate schemes mentioned above are what worries me. flashrom is a very generic tool, that does not look at the image contents as much as possible. users have broken hardware in much less obscure situations (and in most of those they were to blame themselves). just ignoring the ME region completely without any safeguard is not an option. David proposed this before (and chromium uses it), but i don't deem this to be safe enough for upstream. we can not expect users to foresee the occasions where ignoring the ME would brick the hardware.
you were talking about other tools, which? don't they care for the image contents at all (like flashrom) either and work on so many different machines? ;)
Another good feature would be to detect the NVAR partition and skip it when flashing.
not automatically, but in the long term we will need some elaborate mechanism to create layout information from a) images (and flash contents) b) programmers c) chips
since there is so little work done ATM, i don't see a way to make substantial progress in the near future.
one thing where you (roxfan) could play a major role is in developing bios_extract further into something that a flashing application can use together with libflashrom. the general workflow of that application would be something like: - get existing content with libflashrom - retrieve layout and other information from the hardware and the read content - take the new image and extract, check, modify it together with the information above to create the image and layout information we really want to flash - write and verify with libflashrom
the 3. step is what i want to keep out of (lib)flashrom as much as possible. providing necessary information via an API is of course ok.