Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Lenovo Legion Y740 failing HSI tests (missing Intel MEI) #7374

Open
149segolte opened this issue Jun 21, 2024 · 0 comments
Open

Lenovo Legion Y740 failing HSI tests (missing Intel MEI) #7374

149segolte opened this issue Jun 21, 2024 · 0 comments
Labels
bug

Comments

@149segolte
Copy link

Describe the bug
While performing a system update, found out that the system was failing all HSI levels, and fwupd not detecting some UEFI firmware. fwupdmgr security shows MEI v0:12.0.71.1681. Intel's csme detection tool states vulnerable. But fwupdmgr get-devices does not show MEI.

GNOME device security 
Device Security Report
======================

Report details
  Date generated:                                  2024-06-21 12:37:50
  fwupd version:                                   1.9.21

System details
  Hardware model:                                  LENOVO 81UH
  Processor:                                       Intel(R) Core(TM) i7-9750H CPU @ 2.60GHz
  OS:                                              Fedora Linux 40 (Workstation Edition)
  Security level:                                  HSI:0! (v1.9.21)

HSI-1 Tests
  UEFI Platform Key:                               Pass (Valid)
  Intel Management Engine Version:               ! Fail (Not Valid)
  UEFI Bootservice Variables:                      Pass (Locked)
  TPM v2.0:                                        Pass (Found)
  Firmware BIOS Region:                            Pass (Locked)
  UEFI Secure Boot:                                Pass (Enabled)
  Firmware Write Protection Lock:                  Pass (Enabled)
  Platform Debugging:                              Pass (Not Enabled)
  Intel Management Engine Manufacturing Mode:      Pass (Locked)
  BIOS Firmware Updates:                           Pass (Enabled)
  Firmware Write Protection:                       Pass (Not Enabled)
  TPM Platform Configuration:                      Pass (Valid)
  Intel Management Engine Override:                Pass (Locked)

HSI-2 Tests
  Platform Debugging:                              Pass (Locked)
  Intel BootGuard ACM Protected:                 ! Fail (Not Valid)
  IOMMU Protection:                                Pass (Enabled)
  Intel BootGuard Fuse:                            Pass (Valid)
  Intel GDS Mitigation:                            Pass (Enabled)
  Intel BootGuard Verified Boot:                 ! Fail (Not Valid)
  TPM Reconstruction:                              Pass (Valid)
  Intel BootGuard:                                 Pass (Enabled)

HSI-3 Tests
  Pre-boot DMA Protection:                       ! Fail (Not Enabled)
  Intel BootGuard Error Policy:                  ! Fail (Not Valid)
  Control-flow Enforcement Technology:           ! Fail (Not Supported)
  Suspend To RAM:                                  Pass (Not Enabled)
  Suspend To Idle:                               ! Fail (Not Enabled)

HSI-4 Tests
  Encrypted RAM:                                 ! Fail (Not Supported)
  Supervisor Mode Access Prevention:               Pass (Enabled)

Runtime Tests
  Firmware Updater Verification:                   Pass (Not Tainted)
  Linux Swap:                                      Pass (Encrypted)
  Linux Kernel Verification:                     ! Fail (Tainted)
  Linux Kernel Lockdown:                           Pass (Enabled)

Host security events
  2024-06-18 19:49:49   Suspend To RAM               Pass (Enabled → Not Enabled)
  2024-05-11 15:22:53   Suspend To RAM             ! Fail (Not Enabled → Enabled)
  2024-05-11 09:14:51   Suspend To RAM               Pass (Enabled → Not Enabled)
  2024-05-07 11:27:23   Suspend To RAM             ! Fail (Not Enabled → Enabled)
  2024-05-07 09:06:38   Linux Kernel Verification  ! Fail (Not Tainted → Tainted)
  2024-05-01 09:58:54   Linux Kernel Verification    Pass (Tainted → Not Tainted)
  2024-05-01 08:22:06   Linux Kernel Verification  ! Fail (Not Tainted → Tainted)
  2024-04-28 02:36:34   Linux Kernel Verification    Pass (Tainted → Not Tainted)
  2024-04-27 17:20:02   Suspend To RAM               Pass (Enabled → Not Enabled)
  2024-04-27 14:19:19   Linux Kernel Verification  ! Fail (Not Tainted → Tainted)
  2024-04-26 22:32:12   Linux Kernel Verification    Pass (Tainted → Not Tainted)
  2024-04-25 08:34:19   IOMMU Protection             Pass (Not Found → Enabled)
  2024-04-25 01:20:47   Linux Kernel Verification  ! Fail (Not Tainted → Tainted)

For information on the contents of this report, see https://fwupd.github.io/hsi.html
Host Security ID: HSI:0! (v1.9.21)

HSI-1
✔ BIOS firmware updates:         Enabled
✔ csme manufacturing mode:       Locked
✔ csme override:                 Locked
✔ Platform debugging:            Disabled
✔ SPI write:                     Disabled
✔ SPI lock:                      Enabled
✔ SPI BIOS region:               Locked
✔ Supported CPU:                 Valid
✔ TPM empty PCRs:                Valid
✔ TPM v2.0:                      Found
✔ UEFI bootservice variables:    Locked
✔ UEFI platform key:             Valid
✔ UEFI secure boot:              Enabled
✘ csme v0:12.0.71.1681:          Invalid

HSI-2
✔ Intel BootGuard:               Enabled
✔ Intel BootGuard OTP fuse:      Valid
✔ Intel GDS mitigation:          Enabled
✔ IOMMU:                         Enabled
✔ Platform debugging:            Locked
✔ TPM PCR0 reconstruction:       Valid
✘ Intel BootGuard ACM protected: Invalid
✘ Intel BootGuard verified boot: Invalid

HSI-3
✔ Suspend-to-ram:                Disabled
✘ Intel BootGuard error policy:  Invalid
✘ CET Platform:                  Not supported
✘ Pre-boot DMA protection:       Disabled
✘ Suspend-to-idle:               Disabled

HSI-4
✔ SMAP:                          Enabled
✘ Encrypted RAM:                 Not supported

Runtime Suffix -!
✔ fwupd plugins:                 Untainted
✔ Linux kernel lockdown:         Enabled
✔ Linux swap:                    Encrypted
✘ Linux kernel:                  Tainted

This system has a low HSI security level.
 » https://fwupd.github.io/hsi.html#low-security-level

This system has HSI runtime issues.
 » https://fwupd.github.io/hsi.html#hsi-runtime-suffix

Host Security Events
  2024-06-18 14:19:49:  ✔ Suspend-to-ram changed: Enabled → Disabled
  2024-05-11 09:52:53:  ✘ Suspend-to-ram changed: Disabled → Enabled
  2024-05-11 03:44:51:  ✔ Suspend-to-ram changed: Enabled → Disabled
  2024-05-07 05:57:23:  ✘ Suspend-to-ram changed: Disabled → Enabled
  2024-05-07 03:36:38:  ✘ Kernel is tainted
  2024-05-01 04:28:54:  ✔ Kernel is no longer tainted
  2024-05-01 02:52:06:  ✘ Kernel is tainted
  2024-04-27 21:06:34:  ✔ Kernel is no longer tainted
  2024-04-27 11:50:02:  ✔ Suspend-to-ram changed: Enabled → Disabled

Some logs from commands found on other similar issues:

sudo fwupdtool get-plugins --plugins pci-mei -vv 
06:54:11.568 FuDebug              verbose to debug (on console 1)
06:54:11.568 FuEngine             starting fwupd 1.9.21…
06:54:11.569 FuMain               locked /run/lock/fwupdtool
06:54:11.571 FuMain               failed to stop daemon: failed to find fwupd.service: GDBus.Error:org.freedesktop.systemd1.NoSuchUnit: Unit fwupd.service not loaded.
Loading…                 [ -                                     ]06:54:11.572 FuConfig             loading config /etc/fwupd/fwupd.conf
06:54:11.572 FuConfig             not loading config /var/etc/fwupd/fwupd.conf
06:54:11.572 FuConfig             skipping mode check for /var/etc/fwupd/fwupd.conf as not writable
06:54:11.572 FuConfig             trying to load config values from /etc/fwupd/fwupd.conf
06:54:11.572 FuCommon             mapped file /etc/fwupd/fwupd.conf of size 0x33
06:54:11.572 FuConfig             trying to load config values from /var/etc/fwupd/fwupd.conf
06:54:11.572 FuConfig             Failed to open file “/var/etc/fwupd/fwupd.conf”: No such file or directory
06:54:11.572 FuConfig             ::configuration loaded
Loading…                 [                                       ]06:54:11.572 Jcat                 ignoring GPG-KEY-Linux-Foundation-Firmware as not PKCS-7 certificate
06:54:11.572 Jcat                 ignoring GPG-KEY-Linux-Vendor-Firmware-Service as not PKCS-7 certificate
06:54:11.572 Jcat                 reading /etc/pki/fwupd/LVFS-CA.pem with 1679 bytes
06:54:11.572 Jcat                 loaded 1 certificates
06:54:11.572 Jcat                 ignoring GPG-KEY-Linux-Foundation-Metadata as not PKCS-7 certificate
06:54:11.572 Jcat                 ignoring GPG-KEY-Linux-Vendor-Firmware-Service as not PKCS-7 certificate
06:54:11.573 Jcat                 reading /etc/pki/fwupd-metadata/LVFS-CA.pem with 1679 bytes
06:54:11.573 Jcat                 loaded 1 certificates
06:54:11.573 Jcat                 reading /var/lib/fwupd/pki/secret.key with 2459 bytes
06:54:11.573 Jcat                 reading /var/lib/fwupd/pki/client.pem with 1383 bytes
06:54:11.573 FuEngine             client certificate now exists: nothing to do
Loading…                 [                                       ]06:54:11.573 FuHistory            trying to open database '/var/lib/fwupd/pending.db'
06:54:11.574 FuHistory            got schema version of 12
Loading…                 [*                                      ]06:54:11.581 FuPlugin             load(/usr/lib64/fwupd-1.9.21/libfu_plugin_modem_manager.so)
06:54:11.582 FuQuirks             loading quirks from /usr/share/fwupd/quirks.d
06:54:11.582 FuQuirks             loading quirks from /var/lib/fwupd/quirks.d
06:54:11.582 XbSilo               attempting to load /var/cache/fwupd/quirks.xmlb
06:54:11.582 XbSilo               file: 2ee553be-be26-5895-3bb9-90e4ae49e124, current:2ee553be-be26-5895-3bb9-90e4ae49e124
06:54:11.582 XbSilo               loading silo with existing file contents
Loading…                 [*                                      ]06:54:11.583 FuConfig             loading config /etc/fwupd/fwupd.conf
06:54:11.583 FuConfig             not loading config /var/etc/fwupd/fwupd.conf
06:54:11.583 FuConfig             skipping mode check for /var/etc/fwupd/fwupd.conf as not writable
06:54:11.583 FuConfig             trying to load config values from /etc/fwupd/fwupd.conf
06:54:11.583 FuCommon             mapped file /etc/fwupd/fwupd.conf of size 0x33
06:54:11.583 FuConfig             trying to load config values from /var/etc/fwupd/fwupd.conf
06:54:11.583 FuConfig             Failed to open file “/var/etc/fwupd/fwupd.conf”: No such file or directory
06:54:11.583 FuConfig             ::configuration loaded
06:54:11.584 FuStruct             SmbiosEp64:
  anchor_str: _SM3_
  entry_point_csum: 0x65
  entry_point_len: 0x18
  smbios_major_ver: 0x3
  smbios_minor_ver: 0x0
  smbios_docrev: 0x1
  entry_point_rev: 0x1
  reserved0: 0x0
  structure_table_len: 0xf7f
  structure_table_addr: 0x3ed15000
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x0
  length: 0x18
  handle: 0x0
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x1
  length: 0x1b
  handle: 0x1
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x2
  length: 0xf
  handle: 0x2
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x3
  length: 0x16
  handle: 0x3
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x4
  length: 0x30
  handle: 0x4
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x7
  length: 0x1b
  handle: 0x5
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x7
  length: 0x1b
  handle: 0x6
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x7
  length: 0x1b
  handle: 0x7
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x8
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x9
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0xa
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0xb
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0xc
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0xd
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0xe
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0xf
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x10
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x11
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x12
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x13
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x14
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x15
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x16
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x17
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x8
  length: 0x9
  handle: 0x18
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x9
  length: 0x11
  handle: 0x19
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x9
  length: 0x11
  handle: 0x1a
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x9
  length: 0x11
  handle: 0x1b
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x9
  length: 0x11
  handle: 0x1c
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x9
  length: 0x11
  handle: 0x1d
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xb
  length: 0x5
  handle: 0x1e
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xc
  length: 0x5
  handle: 0x1f
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xd
  length: 0x16
  handle: 0x20
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xe
  length: 0x8
  handle: 0x21
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xe
  length: 0x8
  handle: 0x22
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xe
  length: 0x8
  handle: 0x23
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xf
  length: 0x1d
  handle: 0x24
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x10
  length: 0x17
  handle: 0x25
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x11
  length: 0x28
  handle: 0x26
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x11
  length: 0x28
  handle: 0x27
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x13
  length: 0x1f
  handle: 0x28
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x14
  length: 0x23
  handle: 0x29
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x14
  length: 0x23
  handle: 0x2a
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x15
  length: 0x7
  handle: 0x2b
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x16
  length: 0x1a
  handle: 0x2c
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x18
  length: 0x5
  handle: 0x2d
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x1a
  length: 0x18
  handle: 0x2e
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x1b
  length: 0xf
  handle: 0x2f
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x1c
  length: 0x18
  handle: 0x30
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x20
  length: 0xb
  handle: 0x31
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x27
  length: 0x16
  handle: 0x32
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x28
  length: 0x11
  handle: 0x33
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x29
  length: 0xb
  handle: 0x34
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x80
  length: 0x8
  handle: 0x35
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x81
  length: 0x8
  handle: 0x36
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x82
  length: 0x14
  handle: 0x37
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x83
  length: 0x40
  handle: 0x38
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x85
  length: 0x5
  handle: 0x39
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0x88
  length: 0x6
  handle: 0x3a
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xc8
  length: 0x10
  handle: 0x3b
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xdb
  length: 0x6a
  handle: 0x3c
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xdd
  length: 0x1a
  handle: 0x3d
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xdd
  length: 0x1a
  handle: 0x3e
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xdd
  length: 0x52
  handle: 0x3f
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xdd
  length: 0x36
  handle: 0x40
06:54:11.584 FuStruct             SmbiosStructure:
  type: 0xdd
  length: 0xc
  handle: 0x41
06:54:11.585 FuStruct             SmbiosStructure:
  type: 0xdd
  length: 0x59
  handle: 0x42
06:54:11.585 FuStruct             SmbiosStructure:
  type: 0xde
  length: 0xe
  handle: 0x43
06:54:11.585 FuStruct             SmbiosStructure:
  type: 0xf8
  length: 0x12
  handle: 0x44
06:54:11.585 FuStruct             SmbiosStructure:
  type: 0x7f
  length: 0x4
  handle: 0xfeff
06:54:11.585 FuContext            SMBIOS Manufacturer=LENOVO
06:54:11.585 FuContext            SMBIOS EnclosureKind=a
06:54:11.585 FuContext            SMBIOS Family=Legion Y740-15IRHg
06:54:11.585 FuContext            SMBIOS ProductName=81UH
06:54:11.585 FuContext            SMBIOS ProductSku=LENOVO_MT_81UH_BU_idea_FM_Legion Y740-15IRHg
06:54:11.585 FuContext            SMBIOS BiosVendor=LENOVO
06:54:11.585 FuContext            SMBIOS BiosVersion=BVCN16WW(V1.12)
06:54:11.585 FuContext            SMBIOS BiosMajorRelease=01
06:54:11.585 FuContext            SMBIOS BiosMinorRelease=10
06:54:11.585 FuContext            SMBIOS FirmwareMajorRelease=01
06:54:11.585 FuContext            SMBIOS FirmwareMinorRelease=10
06:54:11.585 FuContext            SMBIOS BaseboardManufacturer=LENOVO
06:54:11.585 FuContext            SMBIOS BaseboardProduct=LNVNB161216
06:54:11.585 FuContext            failed to load fdt: cannot find /sys/firmware/fdt or override /var/lib/fwupd/system.dtb
06:54:11.585 FuContext            added udev subsystem watch of firmware-attributes
06:54:11.585 FuContext            Error opening directory “/sys/class/firmware-attributes”: No such file or directory
Loading…                 [**                                     ]06:54:11.585 FuProgress           raw timing data was { 0.002, 0.000, 0.000, 0.000 } -- steps were set as [ 1 1 3 95 ] but should have been [ 77 3 18 2 ] at ../libfwupdplugin/fu-context.c:986
06:54:11.586 FuEngine             ignoring: Error opening directory “/var/lib/fwupd/local.d”: No such file or directory
06:54:11.586 FuEngine             ignoring: Error opening directory “/usr/share/fwupd/local.d”: No such file or directory
06:54:11.586 XbSilo               attempting to load /var/cache/fwupd/metadata.xmlb
06:54:11.591 XbSilo               file: 96a3a693-fb41-e4e8-96a1-efe2f05bc784, current:a5af16d0-c556-28b6-1f97-afd15fefba19
06:54:11.591 XbSilo               loading silo with existing file contents
06:54:11.593 FuEngine             2632 components now in silo
Loading…                 [***                                    ]06:54:11.599 FuPlugin             constructed(pci_mei)
06:54:11.599 FuContext            added udev subsystem watch of pci
06:54:11.599 FuEngine             plugins disabled: flashrom, modem_manager, uefi_capsule, acpi_dmar, acpi_facp, acpi_ivrs, acpi_phat, algoltek_usb, amd_pmc, amd_gpu, analogix, android_boot, ata, audio_s5gen2, aver_hid, bcm57xx, bios, ccgx, ccgx_dmc, cfu, ch341a, ch347, colorhug, corsair, cpu, cros_ec, dell, dell_dock, dfu, dfu_csr, ebitdo, elantp, elanfp, emmc, ep963x, fastboot, focalfp, fpc, fresco_pd, genesys, genesys_gl32xx, goodixmoc, goodixtp, gpio, hailuck, igsc, intel_me, intel_usb4, iommu, jabra, jabra_gnp, kinetic_dp, lenovo_thinklmi, linux_display, linux_lockdown, linux_sleep, linux_swap, linux_tainted, logind, logitech_hidpp, logitech_bulkcontroller, logitech_rallysystem, logitech_scribe, logitech_tap, mediatek_scaler, msr, mtd, nitrokey, nordic_hid, nvme, optionrom, parade_lspcon, pci_bcr, pci_psp, pixart_rf, qsi_dock, realtek_mst, redfish, rts54hid, rts54hub, steelseries, scsi, superio, synaptics_cape, synaptics_cxaudio, synaptics_mst, synaptics_prometheus, synaptics_rmi, synaptics_vmm9, system76_launch, test, test_ble, thelio_io, thunderbolt, ti_tps6598x, tpm, uefi_dbx, uefi_esrt, uefi_pk, uefi_recovery, uf2, upower, usi_dock, vbe, vli, wacom_raw, wacom_usb, wistron_dock
Loading…                 [***                                    ]06:54:11.600 FuContext            battery threshold now 25
Loading…                 [************************************** ]06:54:11.600 FuEngine             FuUsbBackend:
  Name:                 usb
  Enabled:              true
  DoneSetup:            false
  CanInvalidate:        false
FuUdevBackend:
  Name:                 udev
  Enabled:              true
  DoneSetup:            false
  CanInvalidate:        false
DoneColdplug:           false
FuBluezBackend:
  Name:                 bluez
  Enabled:              true
  DoneSetup:            false
  CanInvalidate:        false
FuPciMeiPlugin:
  Name:                 pci_mei
  HFSTS1:
    WorkingState:       reset
    MfgMode:            false
    FptBad:             false
    OperationState:     preboot
    FwInitComplete:     false
    FtBupLdFlr:         false
    UpdateInProgress:   false
    ErrorCode:          no-error
    OperationMode:      normal
    ResetCount:         0x0
    BootOptions_present:false
    BistFinished:       false
    BistTestState:      false
    BistResetRequest:   false
    CurrentPowerSource: 0x0
    D3SupportValid:     false
    D0i3SupportValid:   false
  HFSTS2:
    NftpLoadFailure:    false
    IccProgStatus:      0x0
    InvokeMebx:         false
    CpuReplaced:        false
    Rsvd0:              false
    MfsFailure:         false
    WarmResetRqst:      false
    CpuReplacedValid:   false
    LowPowerState:      false
    MePowerGate:        false
    IpuNeeded:          false
    ForcedSafeBoot:     false
    Rsvd1:              0x0
    ListenerChange:     false
    StatusData:         0x0
    CurrentPmevent:     0x0
    Phase:              0x0
  HFSTS3:
    Chunk0:             0x0
    Chunk1:             0x0
    Chunk2:             0x0
    Chunk3:             0x0
    FwSku:              0x0
    EncryptKeyCheck:    false
    PchConfigChange:    false
    IbbVerificationResult:false
    IbbVerificationDone:false
    Reserved11:         0x0
    ActualIbbSize:      0x0
    NumberOfChunks:     0
    EncryptKeyOverride: false
    PowerDownMitigation:false
  HFSTS4:
    Rsvd0:              0x0
    EnforcementFlow:    false
    SxResumeType:       false
    Rsvd1:              false
    TpmsDisconnected:   false
    Rvsd2:              false
    FwstsValid:         false
    BootGuardSelfTest:  false
    Rsvd3:              0x0
  HFSTS5:
    AcmActive:          false
    Valid:              false
    ResultCodeSource:   false
    ErrorStatusCode:    0x0
    AcmDoneSts:         0x0
    TimeoutCount:       0x0
    ScrtmIndicator:     false
    IncBootGuardAcm:    0x0
    IncKeyManifest:     0x0
    IncBootPolicy:      0x0
    Rsvd0:              0x0
    StartEnforcement:   false
  HFSTS6:
    ForceBootGuardAcm:  false
    CpuDebugDisable:    false
    BspInitDisable:     false
    ProtectBiosEnv:     false
    Rsvd0:              0x0
    ErrorEnforcePolicy: 0x0
    MeasuredBoot:       false
    VerifiedBoot:       false
    BootGuardAcmsvn:    0x0
    Kmsvn:              0x0
    Bpmsvn:             0x0
    KeyManifestId:      0x0
    BootPolicyStatus:   false
    Error:              false
    BootGuardDisable:   false
    FpfDisable:         false
    FpfSocLock:         false
    TxtSupport:         false

06:54:11.600 FuEngine             failed to update history database: device ID 362301da643102b9f38477387e2193e57abaa590 was not found
06:54:11.605 FuEngine             resetting update motd timeout

acpi_dmar:
  Flags:                • Disabled

acpi_facp:
  Flags:                • Disabled

acpi_ivrs:
  Flags:                • Disabled

acpi_phat:
  Flags:                • Disabled

algoltek_usb:
  Flags:                • Disabled

amd_gpu:
  Flags:                • Disabled

amd_pmc:
  Flags:                • Disabled

analogix:
  Flags:                • Disabled

android_boot:
  Flags:                • Disabled

ata:
  Flags:                • Disabled

audio_s5gen2:
  Flags:                • Disabled

aver_hid:
  Flags:                • Disabled

bcm57xx:
  Flags:                • Disabled

bios:
  Flags:                • Disabled

ccgx:
  Flags:                • Disabled

ccgx_dmc:
  Flags:                • Disabled

cfu:
  Flags:                • Disabled

ch341a:
  Flags:                • Disabled

ch347:
  Flags:                • Disabled

colorhug:
  Flags:                • Disabled

corsair:
  Flags:                • Disabled

cpu:
  Flags:                • Disabled

cros_ec:
  Flags:                • Disabled

dell:
  Flags:                • Disabled

dell_dock:
  Flags:                • Disabled

dfu:
  Flags:                • Disabled

dfu_csr:
  Flags:                • Disabled

ebitdo:
  Flags:                • Disabled

elanfp:
  Flags:                • Disabled

elantp:
  Flags:                • Disabled

emmc:
  Flags:                • Disabled

ep963x:
  Flags:                • Disabled

fastboot:
  Flags:                • Disabled

flashrom:
  Flags:                • Disabled
                        • Loaded from an external module

focalfp:
  Flags:                • Disabled

fpc:
  Flags:                • Disabled

fresco_pd:
  Flags:                • Disabled

genesys:
  Flags:                • Disabled

genesys_gl32xx:
  Flags:                • Disabled

goodixmoc:
  Flags:                • Disabled

goodixtp:
  Flags:                • Disabled

gpio:
  Flags:                • Disabled

hailuck:
  Flags:                • Disabled

igsc:
  Flags:                • Disabled

intel_me:
  Flags:                • Disabled

intel_usb4:
  Flags:                • Disabled

iommu:
  Flags:                • Disabled

jabra:
  Flags:                • Disabled

jabra_gnp:
  Flags:                • Disabled

kinetic_dp:
  Flags:                • Disabled

lenovo_thinklmi:
  Flags:                • Disabled

linux_display:
  Flags:                • Disabled

linux_lockdown:
  Flags:                • Disabled

linux_sleep:
  Flags:                • Disabled

linux_swap:
  Flags:                • Disabled

linux_tainted:
  Flags:                • Disabled

logind:
  Flags:                • Disabled

logitech_bulkcontroller:
  Flags:                • Disabled

logitech_hidpp:
  Flags:                • Disabled

logitech_rallysystem:
  Flags:                • Disabled

logitech_scribe:
  Flags:                • Disabled

logitech_tap:
  Flags:                • Disabled

mediatek_scaler:
  Flags:                • Disabled

modem_manager:
  Flags:                • Disabled
                        • Loaded from an external module

msr:
  Flags:                • Disabled

mtd:
  Flags:                • Disabled

nitrokey:
  Flags:                • Disabled

nordic_hid:
  Flags:                • Disabled

nvme:
  Flags:                • Disabled

optionrom:
  Flags:                • Disabled

parade_lspcon:
  Flags:                • Disabled

pci_bcr:
  Flags:                • Disabled

pci_mei:
  Flags:                • Enabled

pci_psp:
  Flags:                • Disabled

pixart_rf:
  Flags:                • Disabled

qsi_dock:
  Flags:                • Disabled

realtek_mst:
  Flags:                • Disabled

redfish:
  Flags:                • Disabled

rts54hid:
  Flags:                • Disabled

rts54hub:
  Flags:                • Disabled

scsi:
  Flags:                • Disabled

steelseries:
  Flags:                • Disabled

superio:
  Flags:                • Disabled

synaptics_cape:
  Flags:                • Disabled

synaptics_cxaudio:
  Flags:                • Disabled

synaptics_mst:
  Flags:                • Disabled

synaptics_prometheus:
  Flags:                • Disabled

synaptics_rmi:
  Flags:                • Disabled

synaptics_vmm9:
  Flags:                • Disabled

system76_launch:
  Flags:                • Disabled

test:
  Flags:                • Disabled
                        • Plugin is only for testing

test_ble:
  Flags:                • Disabled
                        • Plugin is only for testing

thelio_io:
  Flags:                • Disabled

thunderbolt:
  Flags:                • Disabled

ti_tps6598x:
  Flags:                • Disabled

tpm:
  Flags:                • Disabled

uefi_capsule:
  Flags:                • Disabled
                        • Will measure elements of system integrity around an update

uefi_dbx:
  Flags:                • Disabled

uefi_esrt:
  Flags:                • Disabled

uefi_pk:
  Flags:                • Disabled

uefi_recovery:
  Flags:                • Disabled

uf2:
  Flags:                • Disabled

upower:
  Flags:                • Disabled

usi_dock:
  Flags:                • Disabled

vbe:
  Flags:                • Disabled

vli:
  Flags:                • Disabled

wacom_raw:
  Flags:                • Disabled

wacom_usb:
  Flags:                • Disabled

wistron_dock:
  Flags:                • Disabled

06:54:11.608 FuPluginTest         destroy
06:54:11.609 FuProgress           raw timing data was { 0.002, 0.000, 0.000, 0.000 } -- steps were set as [ 1 1 3 95 ] but should have been [ 77 3 18 2 ] at ../libfwupdplugin/fu-context.c:986
sudo fwupdtool --plugins uefi-capsule get-devices -v 
07:33:43.843 FuDebug              verbose to info (on console 1)
07:33:43.844 FuEngine             starting fwupd 1.9.21…
Loading…                 [ -                                     ]07:33:43.854 FuRemoteList         loading remote from /etc/fwupd/remotes.d/lvfs-testing.conf
07:33:43.854 FuRemoteList         loading remote from /etc/fwupd/remotes.d/lvfs.conf
07:33:43.854 FuRemoteList         loading remote from /etc/fwupd/remotes.d/vendor-directory.conf
07:33:43.854 FuRemoteList         enabled remotes: vendor-directory[1000], lvfs[0]
Loading…                 [                                       ]07:33:43.855 FuEngine             client certificate now exists: nothing to do
Loading…                 [*                                      ]07:33:43.861 FuQuirks             loading quirks from /usr/share/fwupd/quirks.d
07:33:43.861 FuQuirks             loading quirks from /var/lib/fwupd/quirks.d
Loading…                 [*                                      ]07:33:43.862 FuContext            SMBIOS Manufacturer=LENOVO
07:33:43.862 FuContext            SMBIOS EnclosureKind=a
07:33:43.862 FuContext            SMBIOS Family=Legion Y740-15IRHg
07:33:43.862 FuContext            SMBIOS ProductName=81UH
07:33:43.862 FuContext            SMBIOS ProductSku=LENOVO_MT_81UH_BU_idea_FM_Legion Y740-15IRHg
07:33:43.862 FuContext            SMBIOS BiosVendor=LENOVO
07:33:43.862 FuContext            SMBIOS BiosVersion=BVCN16WW(V1.12)
07:33:43.862 FuContext            SMBIOS BiosMajorRelease=01
07:33:43.862 FuContext            SMBIOS BiosMinorRelease=10
07:33:43.862 FuContext            SMBIOS FirmwareMajorRelease=01
07:33:43.862 FuContext            SMBIOS FirmwareMinorRelease=10
07:33:43.862 FuContext            SMBIOS BaseboardManufacturer=LENOVO
07:33:43.862 FuContext            SMBIOS BaseboardProduct=LNVNB161216
07:33:43.862 FuContext            failed to load fdt: cannot find /sys/firmware/fdt or override /var/lib/fwupd/system.dtb
07:33:43.863 FuContext            added udev subsystem watch of firmware-attributes
Loading…                 [**                                     ]07:33:43.863 FuEngine             loading metadata for remote 'vendor-directory'
07:33:43.863 FuEngine             ignoring: /usr/share/fwupd/remotes.d/vendor/firmware/README.md
07:33:43.863 FuEngine             ignoring: Error opening directory “/var/lib/fwupd/local.d”: No such file or directory
07:33:43.863 FuEngine             ignoring: Error opening directory “/usr/share/fwupd/local.d”: No such file or directory
07:33:43.865 FuEngine             2632 components now in silo
Loading…                 [***                                    ]07:33:43.880 FuEngine             plugins disabled: flashrom, modem_manager, acpi_dmar, acpi_facp, acpi_ivrs, acpi_phat, algoltek_usb, amd_pmc, amd_gpu, analogix, android_boot, ata, audio_s5gen2, aver_hid, bcm57xx, bios, ccgx, ccgx_dmc, cfu, ch341a, ch347, colorhug, corsair, cpu, cros_ec, dell, dell_dock, dfu, dfu_csr, ebitdo, elantp, elanfp, emmc, ep963x, fastboot, focalfp, fpc, fresco_pd, genesys, genesys_gl32xx, goodixmoc, goodixtp, gpio, hailuck, igsc, intel_me, intel_usb4, iommu, jabra, jabra_gnp, kinetic_dp, lenovo_thinklmi, linux_display, linux_lockdown, linux_sleep, linux_swap, linux_tainted, logind, logitech_hidpp, logitech_bulkcontroller, logitech_rallysystem, logitech_scribe, logitech_tap, mediatek_scaler, msr, mtd, nitrokey, nordic_hid, nvme, optionrom, parade_lspcon, pci_bcr, pci_mei, pci_psp, pixart_rf, qsi_dock, realtek_mst, redfish, rts54hid, rts54hub, steelseries, scsi, superio, synaptics_cape, synaptics_cxaudio, synaptics_mst, synaptics_prometheus, synaptics_rmi, synaptics_vmm9, system76_launch, test, test_ble, thelio_io, thunderbolt, ti_tps6598x, tpm, uefi_dbx, uefi_esrt, uefi_pk, uefi_recovery, uf2, upower, usi_dock, vbe, vli, wacom_raw, wacom_usb, wistron_dock
Loading…                 [***                                    ]07:33:43.881 FuContext            battery threshold now 25
Loading…                 [*****                                  ]07:33:43.891 FuVolume             Looking for volumes of type c12a7328-f81f-11d2-ba4b-00a0c93ec93b
07:33:43.894 FuVolume             device /org/freedesktop/UDisks2/block_devices/nvme0n1p2, type: bc13c2ff-59e6-4262-a352-b275fd6f7172, internal: 1, fs: ext4
07:33:43.897 FuVolume             device /org/freedesktop/UDisks2/block_devices/nvme0n1p3, type: 0fc63daf-8483-4772-8e79-3d69d8477de4, internal: 1, fs: crypto_LUKS
07:33:43.901 FuVolume             device /org/freedesktop/UDisks2/block_devices/sda2, type: 0fc63daf-8483-4772-8e79-3d69d8477de4, internal: 1, fs: btrfs
07:33:43.903 FuVolume             device /org/freedesktop/UDisks2/block_devices/nvme0n1p1, type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b, internal: 1, fs: vfat
07:33:43.911 FuVolume             Looking for volumes of type ebd0a0a2-b9e5-4433-87c0-68b6b72699c7
07:33:43.914 FuVolume             device /org/freedesktop/UDisks2/block_devices/nvme0n1p2, type: bc13c2ff-59e6-4262-a352-b275fd6f7172, internal: 1, fs: ext4
07:33:43.917 FuVolume             device /org/freedesktop/UDisks2/block_devices/nvme0n1p3, type: 0fc63daf-8483-4772-8e79-3d69d8477de4, internal: 1, fs: crypto_LUKS
07:33:43.922 FuVolume             device /org/freedesktop/UDisks2/block_devices/sda2, type: 0fc63daf-8483-4772-8e79-3d69d8477de4, internal: 1, fs: btrfs
07:33:43.923 FuVolume             device /org/freedesktop/UDisks2/block_devices/nvme0n1p1, type: c12a7328-f81f-11d2-ba4b-00a0c93ec93b, internal: 1, fs: vfat
07:33:43.934 FuDeviceList         ::added e265489e781528fac08a8db4ac738d85ba8f291e [System Firmware]
07:33:43.935 FuDeviceList         ::added 80dc997f756e6c5b381cf2299e9fe5da8f8f6ae9 [UEFI Device Firmware]
07:33:43.935 FuDeviceList         ::added 7d3140db0d00ada46a46f6d30cbd4c8489e036c0 [UEFI Device Firmware]
07:33:43.940 FuPluginUefiCapsule  UX capsule support : Enabled
Loading…                 [*****                                  ]07:33:43.941 FuEngine             using plugins: uefi_capsule
Loading…                 [**************************             ]07:33:44.094 FuBackend            adding suitable BlueZ device: /org/bluez/hci0/dev_14_3F_A6_22_A2_79
Loading…                 [************************************** ]07:33:44.095 FuEngine             FuUsbBackend:
  Name:                 usb
  Enabled:              true
  DoneSetup:            true
  CanInvalidate:        false
FuUdevBackend:
  Name:                 udev
  Enabled:              true
  DoneSetup:            true
  CanInvalidate:        false
DoneColdplug:           true
FuBluezBackend:
  Name:                 bluez
  Enabled:              true
  DoneSetup:            true
  CanInvalidate:        false
FuUefiCapsulePlugin:
  Name:                 uefi_capsule
  Flags:                measure-system-integrity,ready
  FuUefiBackendLinux:
    Name:               uefi
    Enabled:            true
    DoneSetup:          true
    CanInvalidate:      false
  DeviceGType:          FuUefiCodDevice
  BgrtSupported:        true

07:33:44.108 FuEngine             resetting update motd timeout

LENOVO 81UH
│
├─System Firmware:
│     Device ID:          e265489e781528fac08a8db4ac738d85ba8f291e
│     Summary:            UEFI System Resource Table device (Updated via capsule-on-disk)
│     Current version:    1480728598
│     Minimum Version:    1380122624
│     Vendor:             LENOVO (DMI:LENOVO)
│     Update State:       Success
│     GUID:               405d582c-97da-4efd-8d2d-0a9c4176e985
│     Device Flags:       • Internal device
│                         • Updatable
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│     Device Requests:    • Message
│   
├─UEFI Device Firmware:
│     Device ID:          80dc997f756e6c5b381cf2299e9fe5da8f8f6ae9
│     Summary:            UEFI System Resource Table device (Updated via capsule-on-disk)
│     Current version:    1681
│     Minimum Version:    1000
│     Vendor:             DMI:LENOVO
│     Update State:       Success
│     GUID:               865d322c-6ac7-4734-b43e-55db5a557d63
│     Device Flags:       • Internal device
│                         • Updatable
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│     Device Requests:    • Message
│   
└─UEFI Device Firmware:
      Device ID:          7d3140db0d00ada46a46f6d30cbd4c8489e036c0
      Summary:            UEFI System Resource Table device (Updated via capsule-on-disk)
      Current version:    2739137
      Vendor:             DMI:LENOVO
      Update State:       Success
      GUID:               88a59a11-5b5d-4516-adf3-724df8c1f3b8
      Device Flags:       • Internal device
                          • Updatable
                          • System requires external power source
                          • Needs a reboot after installation
                          • Device is usable for the duration of the update
      Device Requests:    • Message

fwupd version information
Please provide the version of the daemon and client.

compile   org.freedesktop.fwupd         1.9.21
compile   com.hughsie.libxmlb           0.3.19
compile   org.freedesktop.Passim        0.1.7
compile   com.hughsie.libjcat           0.2.1
runtime   org.freedesktop.fwupd-efi     1.6
compile   org.freedesktop.gusb          0.4.9
runtime   com.hughsie.libxmlb           0.3.19
runtime   com.hughsie.libjcat           0.2.1
runtime   org.freedesktop.Passim        0.1.7
runtime   org.freedesktop.gusb          0.4.9
runtime   org.kernel                    6.9.4-200.fc40.x86_64
runtime   org.freedesktop.fwupd         1.9.21

Please note how you installed it (apt, dnf, pacman, source, etc): pre-installed with Fedora

**fwupd device information**

Please provide the output of the fwupd devices recognized in your system.

LENOVO 81UH
│
├─Unknown Device:
│     Device ID:          a6c89aee142798063900a459b2f564f72137305e
│     Serial Number:      3CM0110WPS   
│     GUID:               23cd09e7-1c3f-5432-8b6d-460098dc585f ← DRM\VEN_HWP&DEV_3320
│   
├─Unknown Device:
│     Device ID:          4a4907dbb1b96c6a1177dfd1b95eb41c781d1265
│     GUID:               1199a818-4c52-5137-b536-d59e2e2cada9 ← GPIO\ID_INT3450:00
│   
├─CoffeeLake-H GT2 [UHD Graphics 630]:
│     Device ID:          5792b48846ce271fab11c4a545f7a3df0d36e00a
│     Vendor:             Intel Corporation (PCI:0x8086)
│     GUIDs:              db677673-1102-5481-a11e-6f397e123ced ← PCI\VEN_8086&DEV_3E9B
│                         d60a6c86-6079-510e-a3f7-1f34d8a17680 ← PCI\VEN_8086&DEV_3E9B&SUBSYS_17AA3FEE
│     Device Flags:       • Internal device
│                         • Cryptographic hash verification is available
│   
├─Core™ i7-9750H CPU @ 2.60GHz:
│     Device ID:          4bde70ba4e39b28f9eab1628f9dd6e6244c03027
│     Current version:    0x000000f4
│     Vendor:             Intel
│     GUIDs:              809a0b93-8a12-5338-a571-ad5583acf896 ← CPUID\PRO_0&FAM_06&MOD_9E
│                         72ec2ff3-49ff-5ec2-bdbb-525badd47543 ← CPUID\PRO_0&FAM_06&MOD_9E&STP_A
│     Device Flags:       • Internal device
│   
├─NV156FHM-N4G:
│     Device ID:          aec1a869eb0df71b7cea6b3ac71d39b830faf164
│     GUID:               52efe30b-91eb-5e64-b1a1-a8bf85ff5212 ← DRM\VEN_BOE&DEV_084D
│     Device Flags:       • Internal device
│   
├─ST1000LM049-2GH172:
│     Device ID:          5dbeb140337f610d54913c0f43d15fdaa0eafb51
│     Summary:            ATA drive
│     Current version:    LXM4
│     Vendor:             Seagate (ATA:0x1BB1, OUI:000c50)
│     Serial Number:      WGS6D8LP
│     GUIDs:              dc946164-7e10-5595-af90-cefde550b9c8 ← IDE\ST1000LM049-2GH172______________________LXM4
│                         d626493f-6f20-5ff0-be1c-f974f27ed235 ← IDE\0ST1000LM049-2GH172______________________
│                         1f88728a-56e2-553c-bc70-b1757bc28b15 ← ST1000LM049-2GH172
│     Device Flags:       • Internal device
│                         • Updatable
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│   
├─System Firmware:
│ │   Device ID:          e265489e781528fac08a8db4ac738d85ba8f291e
│ │   Summary:            UEFI System Resource Table device (Updated via capsule-on-disk)
│ │   Current version:    1480728598
│ │   Minimum Version:    1380122624
│ │   Vendor:             LENOVO (DMI:LENOVO)
│ │   Update State:       Success
│ │   GUID:               405d582c-97da-4efd-8d2d-0a9c4176e985
│ │   Device Flags:       • Internal device
│ │                       • Updatable
│ │                       • System requires external power source
│ │                       • Needs a reboot after installation
│ │                       • Cryptographic hash verification is available
│ │                       • Device is usable for the duration of the update
│ │   Device Requests:    • Message
│ │ 
│ └─UEFI dbx:
│       Device ID:        362301da643102b9f38477387e2193e57abaa590
│       Summary:          UEFI revocation database
│       Current version:  371
│       Minimum Version:  371
│       Vendor:           UEFI:Linux Foundation
│       Install Duration: 1 second
│       Update State:     Needs reboot
│       GUID:             f8ba2887-9411-5c36-9cee-88995bb39731 ← UEFI\CRT_A1117F516A32CEFCBA3F2D1ACE10A87972FD6BBE8FE0D0B996E09E65D802A503&ARCH_X64
│       Device Flags:     • Internal device
│                         • Updatable
│                         • Supported on remote server
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│                         • Only version upgrades are allowed
│                         • Signed Payload
│     
├─TPM:
│     Device ID:          c6a80ac3a22083423992a3cb15018989f37834d6
│     Summary:            TPM 2.0 Device
│     Current version:    403.1.0.0
│     Vendor:             Intel (TPM:INTC)
│     GUIDs:              34801700-3a50-5b05-820c-fe14580e4c2d ← TPM\VEN_INTC&DEV_0000
│                         8e1cbc5d-5a11-5149-bfea-b6065d5296ba ← TPM\VEN_INTC&MOD_Intel
│                         03f304f4-223e-54f4-b2c1-c3cf3b5817c6 ← TPM\VEN_INTC&DEV_0000&VER_2.0
│                         52d7b679-db28-5bf7-bd87-41d77aeec600 ← TPM\VEN_INTC&MOD_Intel&VER_2.0
│     Device Flags:       • Internal device
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device can recover flash failures
│                         • Full disk encryption secrets may be invalidated when updating
│                         • Signed Payload
│   
├─TU106BM [GeForce RTX 2070 Mobile / Max-Q]:
│     Device ID:          ce4c74a5188d5b9cdb1e72ed32dad2d313c1c999
│     Current version:    a1
│     Vendor:             NVIDIA Corporation (PCI:0x10DE, PCI:0x8086)
│     GUIDs:              80c4deae-7d64-5489-8e73-728b7404c3b6 ← PCI\VEN_10DE&DEV_1F50
│                         012f9156-6eed-53b6-bfee-1f60c69488a2 ← PCI\VEN_10DE&DEV_1F50&SUBSYS_17AA3FEE
│                         d29269b6-e458-5f45-975c-9d52bb38e35f ← PCI\VEN_8086&DEV_1901
│                         929b58aa-3e30-595e-94d1-38ee0ea984df ← PCI\VEN_8086&DEV_1901&SUBSYS_17AA3805
│     Device Flags:       • Internal device
│                         • Cryptographic hash verification is available
│   
├─UEFI Device Firmware:
│     Device ID:          80dc997f756e6c5b381cf2299e9fe5da8f8f6ae9
│     Summary:            UEFI System Resource Table device (Updated via capsule-on-disk)
│     Current version:    1681
│     Minimum Version:    1000
│     Vendor:             DMI:LENOVO
│     Update State:       Success
│     GUID:               865d322c-6ac7-4734-b43e-55db5a557d63
│     Device Flags:       • Internal device
│                         • Updatable
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│     Device Requests:    • Message
│   
├─UEFI Device Firmware:
│     Device ID:          7d3140db0d00ada46a46f6d30cbd4c8489e036c0
│     Summary:            UEFI System Resource Table device (Updated via capsule-on-disk)
│     Current version:    2739137
│     Vendor:             DMI:LENOVO
│     Update State:       Success
│     GUID:               88a59a11-5b5d-4516-adf3-724df8c1f3b8
│     Device Flags:       • Internal device
│                         • Updatable
│                         • System requires external power source
│                         • Needs a reboot after installation
│                         • Device is usable for the duration of the update
│     Device Requests:    • Message
│   
├─UEFI Platform Key:
│     Device ID:          6924110cde4fa051bfdc600a60620dc7aa9d3c6a
│     Summary:            Trust - Lenovo Certificate
│     GUID:               a5ace873-b5ff-5d82-9051-52a46d71b6a4 ← UEFI\CRT_D1FA4BAE5073E699B7D04455F4F1126530BD69A4
│   
└─WDC PC SN720 SDAPNTW-512G-1101:
      Device ID:          c82980cd3fe66f7d0a8bb83b353cbc271177efd4
      Summary:            NVM Express solid state drive
      Current version:    10130001
      Vendor:             Sandisk Corp (NVME:0x15B7)
      Serial Number:      19276E801352
      GUIDs:              ff2112dc-038c-596d-90ca-d43c5077c6ec ← NVME\VEN_15B7&DEV_5002
                          c528df4b-7972-5880-8cb1-330415e2dc6a ← NVME\VEN_15B7&DEV_5002&SUBSYS_15B75002
                          5a20bd79-1fd6-5e93-ba08-5a2858623d31 ← WDC PC SN720 SDAPNTW-512G-1101
      Device Flags:       • Internal device
                          • Updatable
                          • System requires external power source
                          • Needs a reboot after installation
                          • Device is usable for the duration of the update

System UEFI configuration
Please provide the output of the following commands:

> efibootmgr -v
BootCurrent: 0003
Timeout: 0 seconds
BootOrder: 0003,0000,2001,2002,2003
Boot0000* Fedora	HD(1,GPT,57c8d443-ff69-4fe5-9b20-c01094a621cc,0x800,0x12c000)/\EFI\fedora\shim.efiRC
      dp: 04 01 2a 00 01 00 00 00 00 08 00 00 00 00 00 00 00 c0 12 00 00 00 00 00 43 d4 c8 57 69 ff e5 4f 9b 20 c0 10 94 a6 21 cc 02 02 / 04 04 2e 00 5c 00 45 00 46 00 49 00 5c 00 66 00 65 00 64 00 6f 00 72 00 61 00 5c 00 73 00 68 00 69 00 6d 00 2e 00 65 00 66 00 69 00 00 00 / 7f ff 04 00
    data: 52 43
Boot0003* Fedora	HD(1,GPT,57c8d443-ff69-4fe5-9b20-c01094a621cc,0x800,0x12c000)/\EFI\fedora\shimx64.efi
      dp: 04 01 2a 00 01 00 00 00 00 08 00 00 00 00 00 00 00 c0 12 00 00 00 00 00 43 d4 c8 57 69 ff e5 4f 9b 20 c0 10 94 a6 21 cc 02 02 / 04 04 34 00 5c 00 45 00 46 00 49 00 5c 00 66 00 65 00 64 00 6f 00 72 00 61 00 5c 00 73 00 68 00 69 00 6d 00 78 00 36 00 34 00 2e 00 65 00 66 00 69 00 00 00 / 7f ff 04 00
Boot0006* EFI PXE 0 for IPv4 (7C-8A-E1-02-5B-BD) 	PciRoot(0x0)/Pci(0x1d,0x0)/Pci(0x0,0x0)/MAC(7c8ae1025bbd,0)/IPv4(0.0.0.0,0,DHCP,0.0.0.0,0.0.0.0,0.0.0.0)RC
      dp: 02 01 0c 00 d0 41 03 0a 00 00 00 00 / 01 01 06 00 00 1d / 01 01 06 00 00 00 / 03 0b 25 00 7c 8a e1 02 5b bd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 / 03 0c 1b 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 / 7f ff 04 00
    data: 52 43
Boot0008* EFI PXE 0 for IPv6 (7C-8A-E1-02-5B-BD) 	PciRoot(0x0)/Pci(0x1d,0x0)/Pci(0x0,0x0)/MAC(7c8ae1025bbd,0)/IPv6([::],0,Static,[::],[::],64)RC
      dp: 02 01 0c 00 d0 41 03 0a 00 00 00 00 / 01 01 06 00 00 1d / 01 01 06 00 00 00 / 03 0b 25 00 7c 8a e1 02 5b bd 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 / 03 0d 3c 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 40 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 / 7f ff 04 00
    data: 52 43
Boot2001* EFI USB Device	RC
      dp: 7f ff 04 00
    data: 52 43
Boot2002* EFI DVD/CDROM	RC
      dp: 7f ff 04 00
    data: 52 43
Boot2003* EFI Network	RC
      dp: 7f ff 04 00
    data: 52 43

> efivar -l | grep fw
  • Blank output.
> tree /boot
/boot
├── config-6.8.10-300.fc40.x86_64
├── config-6.8.11-300.fc40.x86_64
├── config-6.9.4-200.fc40.x86_64
├── efi  [error opening dir]
├── grub2  [error opening dir]
├── initramfs-0-rescue-01181f550fab432a8a609e9395d513f9.img
├── initramfs-6.8.10-300.fc40.x86_64.img
├── initramfs-6.8.11-300.fc40.x86_64.img
├── initramfs-6.9.4-200.fc40.x86_64.img
├── loader
│   └── entries  [error opening dir]
├── lost+found  [error opening dir]
├── symvers-6.8.10-300.fc40.x86_64.xz -> /lib/modules/6.8.10-300.fc40.x86_64/symvers.xz
├── symvers-6.8.11-300.fc40.x86_64.xz -> /lib/modules/6.8.11-300.fc40.x86_64/symvers.xz
├── symvers-6.9.4-200.fc40.x86_64.xz
├── System.map-6.8.10-300.fc40.x86_64
├── System.map-6.8.11-300.fc40.x86_64
├── System.map-6.9.4-200.fc40.x86_64
├── vmlinuz-0-rescue-01181f550fab432a8a609e9395d513f9
├── vmlinuz-6.8.10-300.fc40.x86_64
├── vmlinuz-6.8.11-300.fc40.x86_64
└── vmlinuz-6.9.4-200.fc40.x86_64

6 directories, 17 files

Additional questions

  • Operating system and version: Fedora Workstation 40
  • Have you tried rebooting? Yes
  • Is this a regression? Don't know.
  • Are you using an NVMe disk? Yes (as boot disk).
  • Is secure boot enabled? Yes
  • Is this a Lenovo system with 'Boot Order Lock' turned on in the BIOS? No, It is a Lenovo device, but no setting named 'Boot Order Lock' in UEFI, still can manipulate the boot order using arrow keys.
@149segolte 149segolte added the bug label Jun 21, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Milestone
No milestone
Development

No branches or pull requests
1 participant
@149segolte