Thursday 26 March 2020

False alarm! grubfm does not corrupt UEFI firmware.

A user reported that after UEFI64-booting grubfm, his UEFI firmware (Lenovo B40 30 laptop) was corrupted  and he could no longer get into the BIOS Setup menu system.

Since he blamed A1ive's grubfm and the UEFI Kaspersky Shim for this, I added a warning to the agFM web page on the E2B site.

However, now he has confirmed that the firmware corruption was due to booting to Ubuntu and was not by agFM itself.

It was an issue with the linux kernel. If you remember during release of Ubuntu 17.10 there was an issue of bios corruption ? it was a similar issue. Though it happened with the latest linux kernel 5.3.0.40


Detailed in a bug report on Canonical's Launchpad platform, the issue is serious: Installing Ubuntu 17.10 on selected Lenovo, Acer, and Toshiba laptops can cause corruption in the UEFI firmware which presents itself as an inability to make any changes post-corruption. In serious news for systems without a built-in optical drive, the corruption also disables the ability to boot from a USB storage device.
Tracked down to the Intel Serial Peripheral Interface (SPI) kernel module, prevention is straightforward: Disabling the intel-spi-* kernel driver family prevents the corruption without any other apparent impact on the system. For those who have already had their UEFI firmwares corrupted, however, there appears to be no easy fix yet available.
So I have now removed the warning but you may need to watch out for this serious Ubuntu bug!

No comments:

Post a Comment