Hi, everyone.
I have recently reflashed the firmware image on my Librem 14 with he newly updated Release-19, by using the official update script provided by Purism, while on a debian live system.
Immediately after flashing, I proceeded with re-reading the flashed firmware image with
flashrom -p internal:ich_spi_mode:hwseq -r current.rom
The sha1sum of the extracted current.rom
indeed matched the one from the official image that was just flashed seconds before.
I then rebooted my machine and I was prompted with the expected alerts asking me to add gpg public keys to the keyring and to initialize a new HOTP code.
I skipped those steps because I didn’t want the firmware image to change, and I proceeded to boot again the Debian live USB.
I then extracted again the firmware image with flashrom (same command as above), but this time, to my surprise, the sha1sum of the extracted image dit not match the one of the image I flashed prior to rebooting.
I investigated further by comparing all the files in the two images (the official one and the one extracted from my system) with the help of cbfstool
.
Each and every file was confirmed to be exactly identical between the two images, by comparing sha1sums.
Puzzled by the mysterious circumstances, I re-flashed the official image again, and once again I read back the contents of the flash with flashrom before rebooting: the flashed image’s checksum matched the official image’s.
I rebooted, again skipping the keyring creation and HOTP initialization.
After reboot, the firmware image content read by flashrom resulted again different from the one I had flashed prior to rebooting.
I repeated the above steps for 5/6 times, and every time I rebooted, the firmware image read via flashrom was different from the one I flashed.
I then created hexdumps of both the official image and mine and ediff
ed them to check what regions were different.
It seems like an entire flash region (not the cbfs one) changes from FF
in the official rom to other hex values that I’m not able to understand or analyze further in the running firmware image.
So, here’s the question:
Is it expected behaviour for the flash contents to change after the first reboot?
I would expect that the flash contents remain the same forever after flashing; otherwise, how can one trust their own firmware to be exactly the one that was flashed?
Remarks:
- the flash image only changes after the first reboot after flashing: reading it after subsequent system boots always yields the same sha1sum, different from the one flashed originally, but consistent across reboots.
- I also tried injecting already-existing
pubring.kbx
andtrustdb.gpg
files prior to flashing, in the attempt to skip the keyring generation step altogether and it indeed skipped the keyring prompt at boot, but the image still resulted altered after the first reboot. - every time I flash the image, the one that is read after rebooting is always different from the previous flash-and-reboot attempts, but the altered data are always in the same flash region (can’t tell what region it is).
- each and every time I reboot after flashing the firmware, the screen is blank for 2/3 seconds after powering on and before showing the pureboot splash screen, while the splash screen appears almost immediately in subsequent reboots.
Can someone help me solve this “mystery”?
Thanks.
@Kyle_Rankin and other puri.sm staff: I can provide you with the different flash images on demand.