If this is your first visit, be sure to
check out the FAQ by clicking the
link above. You may have to register
before you can post: click the register link above to proceed. To start viewing messages,
select the forum that you want to visit from the selection below.
No announcement yet.
Secure Boot Breaks Kexec, Hibernate Support On Linux
Having helped with Flashrom, there's two big issues with flashing modern machines:
2. Intel's Management Engine
The Management Engine is the easier of the two (which is only because there's no generic way to handle the laptop issue). Virtually every manufacturer follows Intel's recommendations on how to lockdown the permissions on the various areas of the flash chip, which involve making the ME (Management engine region) read-only, which is quite a problem because you can't be sure of a successful flash unless you can get the ME to stop itself (and you don't know if there's an ME update inside the update which needs to be applied), and you can't just overwrite the region in software.
Again, with physical access you can bypass all of these issues, but unless you're prepared to break out a soldering iron, programmer, and ready & able to make backups of your chips, you're stuck.
Laptops are hard because the BIOS usually shares space with the EC (embedded controller), which controls lots of important things like your keyboard, lighting, battery, and fans. If that goes, you'll probably have a nice brick. You need to know how to stop the EC, which requires datasheets that usually aren't available, and may be missing important info.
Combine the two, and you've got a nearly impossible situation.