Pine64 PinePhone (Pro) EG25-G firmware upgrade support
This MR provides support for the EG25-G firmware in
fwupd and enables
fwupd in GNOME Software.
KDE Discover has
fwupd already enabled.
This will allow us to avoid firmware malware that abuses known CVEs of the Quectel firmware. See: https://hackaday.com/2021/12/16/pinephone-malware-surprises-users-raises-questions/
Disclaimer for distros and their maintainers
DO NOT SHIP THIS TO ANY DISTRO REPOSITORY. Did I tell you cannot ship this yet? DO NOT DO THIS, I DON'T TAKE ANY RESPONSIBILITIES FOR ANYTHING AND I WILL BLAME THE DISTRO FOR ANYTHING. Moreover, do not make any buzz about this on social media or anything else. This is still being tested, has known bugs, and must be verified that it doesn't cause ANY regression as you mess with the modem firmware which can in theory brick it, but I did as much as I can to avoid it.
You need the magic sauce (AKA the packaged firmware) as well which is not publicly available yet due to unknown licenses, so please do not ship this.
The PinePhone and PinePhone Pro feature a Quectel EG25-G modem which is upgradable through either:
- Quectel firmware upgrades: https://github.com/Biktorgj/quectel_eg25_recovery
- Biktorgj's (almost) FOSS firmware: https://github.com/Biktorgj/pinephone_modem_sdk
However, this involves risky operations with
fastboot using scripts running root.
Moreover, it is not user friendly and error prone while these upgrades improve the stability of the modem...
fwupd to the rescue
After some discussion with @ollieparanoid about this, we came up with 2 options:
- A custom tool to do this and make it easier
- Leverage existing tools which are properly battle tested: fwupd
Since we have an upstream-first methodology, option 2 was picked. Therefore I digged into this and after days of Wireshark, debug statements, etc. I figured out the quirks necessary to support the Quectel EG25-G modem in fwupd and upstreamed it: https://github.com/fwupd/fwupd/pull/4076
In short, the EG25-G modem needs the following quirks to successfully flash a device:
- Blocksize must be
16384bytes, not a byte more or less. If you still try another size, the next chunk the
fastbootplugin writes to the modem fails which reboots the bootloader. I discovered this by analyzing the USB traffic of the same payload (once with
fwupdand once with the original fastboot binary) with Wireshark.
- Writing and reading data cannot happen at
fwupd's rate otherwise the fastboot bootloader crashes and reboot, the original fastboot binary seems to have some delay between writes/reads. If you enable the debug prints of the
fastbootplugin, this is also 'fixed', but I properly fixed it by introducing a new quirk.
- The modem shows up under an entirely different USB vendor and device ID which causes
fwupdto not see it. Adding the necessary quirks in
modem-managerfixes it (like done for all other modems there).
- ModemManager/fwupd might crash when you start the upgrade. This happens rarely and is still being investigated. Retrying to update a few seconds later works around the issue. Tracking it here: https://github.com/fwupd/fwupd/issues/4128
ModemManager might not see the modem after the upgrade is complete. This also happens rarely and is a race condition. The cause of this is still being investigated. Restarting ModemManager works around the issue.Fixed by https://github.com/fwupd/fwupd/pull/4112 Only the Quectel EG25-G stock firmware is packaged. I want to package Biktorgj's firmware as well before shipping this.
eg25-manager kills the upgrade. You have to kill it withFix upstream: https://gitlab.com/mobian1/devices/eg25-manager/-/merge_requests/44
kill -9 $PIDbefore starting the upgrade. It thinks it lost the modem.
Fixed thanks to Biktorgj by implementing custom AT responses! Biktorgj's firmware now properly reports the firmware branch and version to fwupd through a bunch of patches from my side. Upstreaming at https://github.com/fwupd/fwupd/pull/4133.
fwupddoesn't seem to remember branches properly, this might not be seen at first sight, but will be an issue when a next upgrade is released.
Currently no idea why, biktorgj's firmware needs to provide the branch through an AT command first, issue upstream: https://github.com/fwupd/fwupd/issues/4114
- GNOME Firmware Updater always display switch branch dialog even when not switching branches (doesn't influence the upgrade process, just the UX). Issue upstream: https://gitlab.gnome.org/hughsie/gnome-firmware-updater/-/issues/24 and https://gitlab.gnome.org/hughsie/gnome-firmware-updater/-/issues/25
Why this MR exist?
This MR needs to be tested in detail with the firmware stored in https://gitlab.com/postmarketOS/eg25-firmware with the
fwupmgr CLI, GNOME Software and KDE Discover to make sure that everything works properly before shipping this out.
This repository is currently private as the firmware license and rights are currently unclear. There's a discussion with Quectel going on to get this in LVFS so we don't need to ship this ourselves.
fwupd will get the firmware then from its LVFS repository.
Testing this MR
- Enable LVFS testing (https://github.com/fwupd/fwupd/wiki/LVFS-Testing-remote):
fwupdmgr enable-remote lvfs-testingand refresh everything:
fwupmgr refresh --force
- GNOME Software: Upgrades > Properties > scroll down to fwupd > Turn on LVFS testing with the switch
- Install it (multiple options, pick one):
- GNOME Software/KDE Discover: Open the app, search for updates and it should come up if you have already 0.5.6 or higher installed of Biktorgj's firmware, if not, you have to use the CLI or GNOME Firmware Updater to switch branches.
- GNOME Firmware Updater: Open the app, select the Quectel EG25-G modem, click Show Releases button, pick a firmware you want. Supports branches thus biktorgj firmware can be installed, but until biktorgj firmware reports its branch name, fwupd won't notice that you run alternative firmware.
If nothing shows up, you might have already a firmware version which is higher than the one in the repository.
You can check the supported devices with
If you still want to install it, you can force it with
Initial support: https://github.com/fwupd/fwupd/pull/4076
Stability and safety improvements: https://github.com/fwupd/fwupd/pull/4086
ModemManager not unhibited fix: https://github.com/fwupd/fwupd/pull/4112
Branch support for modem-manager plugin: https://github.com/fwupd/fwupd/pull/4133
GNOME Software enable fwupd for all arches. Currently only enabled for x86 in Alpine. Will upstream soon.https://gitlab.alpinelinux.org/alpine/aports/-/merge_requests/28536
eg25-manager: do not reset the modem during upgrade. https://gitlab.com/mobian1/devices/eg25-manager/-/merge_requests/44
GNOME Firmware Updater: make adaptive and test with the changes here: https://gitlab.gnome.org/hughsie/gnome-firmware-updater/-/merge_requests/66
ModemManager: correctly advertise firmware versions. https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/merge_requests/712 and https://gitlab.freedesktop.org/mobile-broadband/ModemManager/-/merge_requests/713
- fwupd >= 1.7.5
- ModemManager >= 1.18.6
- eg25-manager >= 0.4.3
- GNOME Firmware Updater >= 42.beta
- Biktorgj's firmware >= 0.5.6
Fixes #887 (closed)