will do
Issue raised on Protectli github
https://github.com/protectli-root/protectli-firmware-updater/issues/29
--oa
On Sun, Nov 27, 2022 at 6:30 AM Angel Pons th3fanbus@gmail.com wrote:
Hi,
See inline comments for details, conclusion is at the end.
On Sat, Nov 26, 2022 at 9:54 PM Omkhar Arasaratnam omkhar@gmail.com wrote:
git cloned https://github.com/protectli-root/protectli-firmware-updater/tree/070b83f4db...
Attempted to run on my Protectcli vp4650 - it failed
/\ == \ /\ == \ /\ __ \ /__ _\ /\ ___\ /\ ___\ /__ _\ /\ \ /\ \ \ \ _-/ \ \ __< \ \ /\ \ /_/\ / \ \ __\ \ \ ____ /_/\ / \ \ ____ \ \ \ \ _\ \ _\ _\ \ _____\ \ _\ \ _____\ \ _____\ \ _\ \ _____\ \ _\ /_/ /_/ /_/ /_____/ /_/ /_____/ /_____/ /_/ /_____/ /_/ _________________________________________________________________________________________
=========================================FlashLi========================================= --Version 1.1.28--
Device: Protectli vp4650 CPU: Intel(R) Core(TM) i5-10210U CPU @ 1.60GHz BIOS Mode: EFI
Available BIOS:
Enter the [#] of an image file, or [0] to quit. Flashing will not begin yet
1
********************************************!******************************************** Are you sure you would like to flash this device?
Flashing new firmware onto any hardware is potentially dangerous in that if the procedure is interrupted or otherwise not able to complete, your hardware may be rendered useless. Please proceed with caution. If there are any questions, please contact Protectli support BEFORE proceeding.
Unless there is a compelling reason to update the BIOS, we recommend to stay with your current known working BIOS version
********************************************!********************************************
Acknowledgement Yes [Y]: Y
flashrom v1.2-326-gf57486e on Linux 6.0.0-4-amd64 (x86_64) flashrom is free software, get the source code at https://flashrom.org
Using clock_gettime for delay loops (clk_id: 1, resolution: 1ns). Found chipset "Intel Comet Lake U Premium". Enabling flash write... Warning: BIOS region SMM protection is enabled! Warning: Setting BIOS Control at 0xdc from 0xaa to 0x89 failed. New value is 0xaa.
SMM (System Management Mode, a highly-privileged part of x86 boot firmware that remains resident after booting an OS) is preventing writes to the flash chip. flashrom is unable to disable this write protection (when it tries to, the hardware triggers an event that makes SMM immediately re-enable the write protection).
SPI Configuration is locked down. Enabling hardware sequencing because some important opcode is locked. PROBLEMS, continuing anyway
Yes, flashrom should bail out if it detects that write protection could not be disabled and one attempts to write/erase the flash chip... It would avoid many complications.
Found Programmer flash chip "Opaque flash chip" (16384 kB, Programmer-specific) mapped at physical address 0x0000000000000000. Reading old flash chip contents... done. Erasing and writing flash chip... Transaction error between offset 0x00600000 and 0x00600fff (= 0x00600000 + 4095)!
This means that flashrom failed when trying to erase/write the first block. Because SMM BIOS write protection is enabled, it's reasonable to assume (but not a hard guarantee) that flashrom didn't modify anything.
Reading current flash chip contents... done. Looking for another erase function. Looking for another erase function. Looking for another erase function. Looking for another erase function. Looking for another erase function. Looking for another erase function. Looking for another erase function. No usable erase functions left. FAILED! Uh oh. Erase/write failed. Checking if anything has changed. Reading current flash chip contents... done. Apparently at least some data has changed. Your flash chip is in an unknown state. Get help on IRC at chat.freenode.net (channel #flashrom) or mail flashrom@flashrom.org with the subject "FAILED: <your board name>"!
DO NOT REBOOT OR POWEROFF!
It's hard to say what exactly changed in the flash chip, but flashrom can't fix it (SMM prevents the host from performing erase/write operations on the flash chip). It's likely that the change was done by something other than flashrom, e.g. SMM, or maybe ME firmware (if the difference is in the ME region, which is typically not readable by the host but the log doesn't indicate if flashrom attempted to read it for verification purposes).
Your best bet is to reboot and hope it still works, but have a second computer nearby in case it doesn't work anymore. It's not the end of the world, though: it's possible to reflash the firmware externally, but you should contact Protectli for instructions on how to do so (especially as the procedure is risky if not done properly, and it's likely that warranty doesn't cover any hardware damages caused by external reflashing).
BIOS Flash failed, is this script running with root permissions? Please try again, but if problems persist, please contact Protectli. TODO: Collect info and display instructions on how to submit a Github issue.
--oa
Best regards,
Angel