You are not logged in.
Pages: 1
So I have a fairly recent laptop, which still regularly gets BIOS updates. Because its lacking support for fwupd, I dual boot windoze to apply updates. Latest update came with a curious release note:
Important notice:
##############################################################################################################
The system cannot downgrade BIOS to V0.19 or earlier version due to enabling AMD PSB.
##############################################################################################################
This was a bit worrying, since I run a messy setup, which I myself don't fully understand. So I searched the internet about this AMD PSB and learned that its an abbreviation for Platform Secure Boot, I couldn't find much info beside old articles about AMD abusing it to obsolete EPYC CPUs. I did however find a couple places which mention it:
this GitHub repo and
this tweet (nitter link) which references a very recent article about AMD PSB
both of which mention it forbidding users to install their own firmware.
I run full disk encryption with secure boot and TPM2 (exact setup), and I'm not sure whether this could affect me. I need to able to enroll my own keys using sbctl and to enroll the TPM. I'm also curious if this would affect the ability to use linux-firmware packages, I don't think that's the case, since these are loaded after the UEFI/BIOS and overwrite the firmware, as far as I could understand.
Offline
I would never do a bios flash from within a full blown OS - modern systems have an integrated flash tool - older systems used a removable media (usb thumbdrive, cd ... even floppy).
Usually the bios protects itself against modifications from the OS hence it can often only be done from DOS or within the bios itself or from some boot medium.
Also: flashing your bios should only be done if either required - or if you benefit from the update in other ways - it's one of those typical "if it aint broke - don't touch it!"
Online
Pages: 1