Microsoft's Component Firmware Update Is Their Latest Short-Sighted Spec

Written by Michael Larabel in Microsoft on 15 August 2019 at 08:03 AM EDT. 13 Comments
MICROSOFT
Microsoft's newest specification is the "Component Firmware Update" that they envision as a standard for OEMs/IHVs to be able to handle device firmware/microcode updating in a robust and secure manner. While nice in theory, the actual implementation has a number of issues that complicate the process and could quickly evolve into another troubling specification from Microsoft in the hardware space.

Red Hat's Richard Hughes who is the lead developer on Fwupd and LVFS for firmware updating on Linux has written a lengthy blog post with his thoughts after studying the specification. Now that vendors have begun asking him about CFU, he's getting his opinions out there now and there are issues with the specification. Ultimately though if there is enough interest/adoption, he could support Component Firmware Update via Fwupd but he certainly isn't eager to do so.

Among the issues Richard takes with the Component Firmware Update specification is its pre-download phase with offloading dependency resolution to the micro-controller, the scope of the resolution handling being difficult for multi-component SoCs/devices, greater flash storage requirements for devices, and the concept of CFU updates happening in the background without any user interaction.

Richard ended his blog post with "Not a fan, but could support in fwupd if required."

The CFU protocol specification is at least open and available on GitHub.
13 Comments
Related News
Microsoft Updates Cascadia Code: Its Open-Source Font For Developers
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
Microsoft Helping Out In Making The Linux Kernel Language More Inclusive
Microsoft Engineer Sends Rust Linux Kernel Patches For In-Place Module Initialization
Microsoft Enables DNS Tunneling By Default For WSL - More Reliable Networking
Microsoft Better Seeds The RNG For Hyper-V VMs In Linux 6.9
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
systemd Rolling Out "run0" As sudo Alternative
Linux Mint Looks To Fork More GNOME Software, Make XApp More Independent
Microsoft Open-Sources MS-DOS 4.0 Under MIT License
Systemd 256-rc1 Brings A Huge Number Of New Features
NVIDIA Developer Opens Feature Pull Request For Open-Source NVK Driver
Microsoft Updates Cascadia Code: Its Open-Source Font For Developers
Rust-Based Coreutils 0.0.26 Increases Compatibility With GNU Coreutils
Ubuntu 24.04 LTS Downloads Now Available