0

So here are some details that matter and that I know about. Of course, if there are any encryption keys installed on the freshly manufactured piece of ROM, then I will not be able to get them back, which, if we are talking about PCs, will have the consequences of Windows not being able to boot in secure mode, (maybe some popular Linux distros like Ubuntu or Fedora will not boot either as they rely of signatures from Microsoft?). But if after flashing, say, coreboot, into the ROM, along with TianoCore, I am able to run any operating system that will be compatible with this firmware, then how can I "brick" my laptop? I have seen a lot of folks talking about bricking their Chomebooks, but in the end, they can just flash anything into the ROM, then in case something went wrong, flash it again, so why does this notion of a bricked laptop even exist?

And yes, I understand that it may be physically difficult to do the flashing (due to embedded controllers, for example, as this page suggests https://www.flashrom.org/Laptops), but if you want to answer, please suppose we are able to flash (as is the case with Chromebooks, as far as I know)

Edit: by ROM I mean erasable and programmable non-volatile memory, in particular flash.

sawdust
  • 18,591
Artyom Gevorgyan
  • 103

1 Answers1

2

You might be able to flash an image into the ROM while the ROM is functional, but if the ROM is erased without some kind of "backup" bootloader it may be that you need specialised hardware and the "factory" files in order to recover.

The case is this:

  1. The firmware contains boot code that starts up the machine. It looks for the OS booloader and potentially firmware update files.
  2. If that code is corrupt or erased then your machine will not start.
  3. If your machine will not start then you cannot get to an operating system to boot.
  4. If your operating system (or bootloader) cannot start then you cannot reflash the firmware without special tools.
  5. If you do not have those tools then you cannot reflash the bootloader.
  6. The system is effectively bricked.

Your assumption that people can "flash whatever they like" into the ROM is wrong. While the ROM contains functional code that allows the system to boot then sure, it is recoverable, but there are times when you can erase that code. Particularly on "embedded" devices like phones, tablets and so on. Some devices lack a "backup" safety net system to deal with accidental erasure.

Imagine that you pulled the BIOS chip out of a computer. How would the computer know how to initialise the hardware, what devices to probe and set up, where to search for boot files, and so on.

You could simply replace the physical chip, but what if that chip is soldered into your board?

You could simply de-solder and re-solder the chip a working chip, but what if that chip is a special type used only for that system?

What if that chip needs some special code, written by the manufacturer, in order to work in the first place?

What if that manufacturer doesn't supply those chips pre programmed?

While your system is working then you can reflash the system using the tools you have to your hearts content, but you have no idea of the heartache of seeing an "Erase bootloader" message followed by an "Unable to flash image: file not found" message.

Once you get that message then chances are you are going to need to learn about things like JTAG, buy some specialised hardware and hope to hell that the system designer left some easy to find test points for you.

If you never reflash coreboot and only ever have to update the TianoCore on top of it then you might be fine. But one day you might have to, for whatever reason, reflash coreboot, and on that day you will pray it just works.

Mokubai
  • 95,412