#3589 NORM Trial-3: Verify that firmware update works with secure boot
Zarro Boogs per Child
bugtracker at laptop.org
Wed Sep 19 19:10:36 EDT 2007
#3589: Verify that firmware update works with secure boot
----------------------------------+-----------------------------------------
Reporter: cscott | Owner: wmb at firmworks.com
Type: defect | Status: new
Priority: normal | Milestone: Trial-3
Component: ofw - open firmware | Version:
Resolution: | Keywords:
Verified: 0 |
----------------------------------+-----------------------------------------
Comment(by cscott):
New scheme seems to be to have OFW store a 'checked' bit in the CMOS ram.
If the bit is clear, OFW will load bootfw.zip, parse the version number,
set the bit, and attempt to install if newer than current. It skips this
check if the bit is set. The OS upgrade process will clear the bit when
it installs a new bootfw.zip.
If the "alternate boot image" in boot-alt has a newer firmware, this
doesn't guarantee that the check will be done. We can either not worry
about this case (on the grounds that boot-alt is used for *older* system
images) or else always do the check when booting from boot-alt.
Alternatively, we could always install the firmware in boot-alt on the
grounds that maybe we're reverting to an earlier version because the
firmware or EC was broken in the new one. I don't have a strong feeling
about this; "don't worry" seems the easiest reasonable option.
--
Ticket URL: <https://dev.laptop.org/ticket/3589#comment:1>
One Laptop Per Child <https://dev.laptop.org>
OLPC bug tracking system
More information about the Bugs
mailing list