Bundling of firmware in ReactOS update.

Here you can discuss ReactOS related topics.

Moderator: Moderator Team

Post Reply
User avatar
dizt3mp3r
Posts: 1874
Joined: Mon Jun 14, 2010 5:54 pm

Bundling of firmware in ReactOS update.

Post by dizt3mp3r »

As far as I understand it, Windows is bundling microcode updates to patch BIOS and other hardware microcode at boot time. It is doing this as a method of distributing firmware updates to overcome the recent spate of exploits created to attack weaknesses found in the CPU/motherboard hardware that can only be prevented by microcode changes. Intel and the other CPU/hardware manufacturers seem to be extremely slow in delivering microcode updates and the process for installing these appear to beyond the knowledge or capability of the majority of non-technical computer users. There is no reliable automated method of downloading/validating and installing these various microcode updates onto users computers. As a result the patches are forced onto users via Microsoft update.

I have seen on the web (and personally encountered) many hardware issues resulting from Windows updates. Motherboards and CPUs have been disabled, many, many SSDs have been bricked into panic mode and lots of hardware has been reduced to crawl speed or uselessness by these embedded updates.

Is it likely that ReactOS will ever deliver microcode patches during its own update process or is this just a complete NO from the outset? I realise that it will mean that ReactOS users will have to be technically savvy in order to maintain their systems but I feel this is a better solution than ReactOS being blamed for bricking a user's hardware.

-oOo-

Background information:

FYI, my recent experience of a Windows update making hardware unusable (either through a firmware update or botched driver support) are: The integrated Intel HD 2000 GPU on a Dell Optiplex 390 i5 was reduced to a crawl subsequent to a Windows update that saw its previously usable driver from Intel now only being recognised as corrupt or incompatible regardless of multiple attempts at upgrade/reinstallation. The default Windows driver being useless, the GPU is now basically made redundant where as before it was very capable and really quite fast for 3D operation. This working piece of hardware is now made non-functional by windows update.

A one-year old Sandisk 256gb SSD went into panic mode after a botched Windows update. The install went smoothly but after the upgrade one SATA hard drive and an SSD were invisible to the o/s. The hard drive was resurrected after rebuilding the partitions but the SSD has died completely. All hardware has been performing flawlessly, no SMART errors. The only change was the Windows update.

I am NOT looking for help on the above few hardware issues, the SSD is being RMA'd, the Intel HD GPU is being upgraded with a discrete card, the drive has been restored. All this a complete waste of our time and it has taken days to get to this point, the same waste of valuable, money, time and resources the world across.
Skillset: VMS,DOS,Windows Sysadmin from 1985, fault-tolerance, VaxCluster, Alpha,Sparc. DCL,QB,VBDOS- VB6,.NET, PHP,NODE.JS, Graphic Design, Project Manager, CMS, Quad Electronics. classic cars & m'bikes. Artist in water & oils. Historian.
Zombiedeth
Posts: 119
Joined: Fri Jun 27, 2014 9:01 am

Re: Bundling of firmware in ReactOS update.

Post by Zombiedeth »

This is the first time that i'm aware of microcode causing problems to this extent. Drivers however have always been a problem mostly because hardware manufacturers do not validate new drivers on older hardware. Given the nature of open source operating systems some sort of community driven driver validation should be considered if ReactOS ever reaches a point where it's needed. Maybe something like blacklisting for drivers matching driver versions with pci id's against a list of know bad combinations.

This is one area were i would give microsoft an F- given all the information that they collect from people you would think they could do a better job it's pathetic honestly. I don't know who thought it was a good idea at microsoft to force driver updates without a mechanism to disable automatic driver update like they had in past versions of windows. It's one thing if there are no drivers on the system for a given piece of hardware it's valid then to try something if they have drivers. But upgrading should always be optional in a automated system like this.
PurpleGurl
Posts: 1790
Joined: Fri Aug 07, 2009 5:11 am
Location: USA

Re: Bundling of firmware in ReactOS update.

Post by PurpleGurl »

I know this is a little different, but Windows has been updating microcode for a long time now. Doing it for security reasons is more recent, but they've done it for a long time for stability and compatibility reasons. AMD and Intel each has their own way of doing it, and it seems to be proprietary, since they don't want just anyone providing soft-updates for their CPUs, since that can be exploited. Intel likely started providing this mechanism after the Pentium recall embarrassment. They lost a lot of money and stocks likely went down for a while. So they wanted to hide any future goofs or newly found bugs.

Now, would the Foundation be willing to create part in blobs and abide by a NDA if that were a condition for AMD/Intel to give the microcode updates and the handshaking code. I'm not sure how that would work in terms of licensing. I know that a CC-ND agreement is generally used for art/music/documents, not software, but that might be a way to work it.

Anyway, microcode patches are applied in two ways. The best way is for Intel/AMD to give the updated microcodes to the ROM-BIOS manufacturers, and then you can flash your BIOS and get them. But many users can't/won't or don't know how to safely flash the BIOS (or EFI, System NRAM, System Firmware, or whatever you want to call it). I've ran into unstable machines before that were cured after flashing the BIOS, since it is usually a microcode problem or a timing issue. So that is why Microsoft also does this in HAL or wherever. That way, in case that machine is affected and not patched in the firmware, then that machine can run in a stable manner.

And you are right. Things are even worse now, and it would be nice if we could do this. I understand that one of them (maybe AMD, not sure) is easier to patch than the other (maybe Intel), and all you need are the most recent patches as they supercede previous ones. If what you give is the same or older, since a date or date signature is required, I think the chip is supposed to reject it. Thus the newest patch active will be the one used.

It has nothing to do with how savvy the users are. The microcodes are available to the BIOS and OS manufacturers. So if you flash your BIOS with one that has the microcodes, or we update the kernel to include them, the users simply use the updated kernel files and/or firmware. So if new ones are available, assuming ROS supports it, you simply update or reinstall ROS.
User avatar
dizt3mp3r
Posts: 1874
Joined: Mon Jun 14, 2010 5:54 pm

Re: Bundling of firmware in ReactOS update.

Post by dizt3mp3r »

Rather than ROS performing microcode patches as per Windows it might be wise to consider a tool that does something similar that is distinct from the o/s, a tool perhaps, an advisor. A tool that the user uses at his/her own risk, assuming that the patches are made available to other o/s makers...

Purplegurl - In your experience was this functionality heavily applied under NT5?
My limited experience of it is only since the Spectre/Meltdown exploits were discovered, since which I have been keeping my eyes/ears open. It seems such a dangerous tool to simply bundle into the o/s, confirmed it has lead to server instability and reboots when the relatively untested patches were initially bundled.

I really think ReactOS should avoid replicating Windows in this respect.
Skillset: VMS,DOS,Windows Sysadmin from 1985, fault-tolerance, VaxCluster, Alpha,Sparc. DCL,QB,VBDOS- VB6,.NET, PHP,NODE.JS, Graphic Design, Project Manager, CMS, Quad Electronics. classic cars & m'bikes. Artist in water & oils. Historian.
middings
Posts: 1073
Joined: Tue May 07, 2013 9:18 pm
Location: California, USA

Re: Bundling of firmware in ReactOS update.

Post by middings »

Unless someone is close to releasing a ReactOS Update client and server, this discussion is a bit premature, isn't it? I don't expect to see a ReactOS Update feature until some years after ReactOS has been released for production use. Maybe never. I expect that ReactOS will always require a skilled user/operator to install and provide some on-site self-support for ReactOS. These user/operators should be able to use a tool or utility program if clear instructions are provided.

The publishers of Linux distributions (distros) are mostly small organizations, a few are even single individuals. What do they do if their users' PCs require unavoidable firmware updates to the BIOS (or equivalent) or CPU microcode? My totally uninformed guess is that ReactOS will resolve such problems just as the publishers of Linux distros do.
User avatar
dizt3mp3r
Posts: 1874
Joined: Mon Jun 14, 2010 5:54 pm

Re: Bundling of firmware in ReactOS update.

Post by dizt3mp3r »

ALL questions and ALL discussions are premature when it comes to ReactOS, massively premature - that doesn't even need saying, especially not to us. You might as well add that to you signature as well the other rules on how-to, what-to &c.

Rule 11. Don't post, no point, it's all premature, ReactOS won't be ready for 'n' years in any case (please replace n with any random number from 5-20).
Skillset: VMS,DOS,Windows Sysadmin from 1985, fault-tolerance, VaxCluster, Alpha,Sparc. DCL,QB,VBDOS- VB6,.NET, PHP,NODE.JS, Graphic Design, Project Manager, CMS, Quad Electronics. classic cars & m'bikes. Artist in water & oils. Historian.
Post Reply

Who is online

Users browsing this forum: No registered users and 35 guests