The software updater on my Lenovo laptop is complaining that my SSD needs a firmware update, so I tried to do so. The update software uses a Tiny Core Linux to start at boot, but it fails and aborts. After reading the documentation, the SSD should be unencrypted to update the firmware. Now I am not going to decrypt my whole system partition and then encrypt it again, but I was wondering if there is another route.
Would it be possible to boot VeraCrypt, but if succesfully unlocked, not boot into Windows but into the Tiny Core directly? It might be possible to update the firmware then, since the drive is unencrypted, right? What do you think? And is this possible?
Regards,
jandv1
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm surprised to hear that the firmware update requires the SSD disk to
be unencrypted. This means that the update software need access to the
filesystem which makes no sens since a the user can put any filesystem
on the SSD disk that the update software will not always be able to
access. For example, how is the update software is going to distinguish
between an encrypted disk and a raw disk that is not formatted at all?
Or are users obliged to always use popular filesystems like NTFS or Ext4
this SSD disk and not some exotic filesystem like OpenBFS?
This leads me to believe that the problem is elsewhere and probably the
wording of the SSD documentation is not correct. And if the manufacturer
of this SSD really wants its software to access the filesystem, then I
would prefer using an SSD from another manufacturer.
Concerning the launch of Tiny Core Linux instead of Windows after
VeraCrypt Pre-Boot authentication, it will not work since Tiny Code
would need to have a specific kernel module that would handle the
on-the-fly decryption once the execution is switch from VeraCrypt
bootloader to Linux bootloader. This mechanism works in Windows because
VeraCrypt driver is installed on Windows and it is configured to be
launched at boot in order to handle the transparent filesystem
encryption/decryption. VeraCrypt doesn't have an equivalent mechanism
for Linux.
So my advice would be to check with the SSD manufacturer on the reason
why their update software fails to work with raw unformatted disks. I'm
sure they will give you a solution to update the firmware without
decrypting first (like other SSD manufacturers).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I'm surprised to hear that the firmware update requires the SSD disk to
be unencrypted. This means that the update software need access to the
filesystem which makes no sens since a the user can put any filesystem
on the SSD disk that the update software will not always be able to
access. For example, how is the update software is going to distinguish
between an encrypted disk and a raw disk that is not formatted at all?
Or are users obliged to always use popular filesystems like NTFS or Ext4
this SSD disk and not some exotic filesystem like OpenBFS?
This leads me to believe that the problem is elsewhere and probably the
wording of the SSD documentation is not correct. And if the manufacturer
of this SSD really wants its software to access the filesystem, then I
would prefer using an SSD from another manufacturer.
Concerning the launch of Tiny Core Linux instead of Windows after
VeraCrypt Pre-Boot authentication, it will not work since Tiny Code
would need to have a specific kernel module that would handle the
on-the-fly decryption once the execution is switch from VeraCrypt
bootloader to Linux bootloader. This mechanism works in Windows because
VeraCrypt driver is installed on Windows and it is configured to be
launched at boot in order to handle the transparent filesystem
encryption/decryption. VeraCrypt doesn't have an equivalent mechanism
for Linux.
So my advice would be to check with the SSD manufacturer on the reason
why their update software fails to work with raw unformatted disks. I'm
sure they will give you a solution to update the firmware without
decrypting first (like other SSD manufacturers).
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
My guess is that it loads the firmware from the disk itself when updating. I also wonder if it is possible to update the firmware while Windows is reading/writing from the disk, so I would guess that would be the reason for updating in this way. Moreover, the instructions mention very clearly that there may not be any optical disk present, so it possibly interferes with that too.
It's just a Samsung SSD, nothing very special. Thank you for the extensive comment, I will ask Samsung/Lenovo if there is another option to update the disk and will let you know.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Hi,
The software updater on my Lenovo laptop is complaining that my SSD needs a firmware update, so I tried to do so. The update software uses a Tiny Core Linux to start at boot, but it fails and aborts. After reading the documentation, the SSD should be unencrypted to update the firmware. Now I am not going to decrypt my whole system partition and then encrypt it again, but I was wondering if there is another route.
Would it be possible to boot VeraCrypt, but if succesfully unlocked, not boot into Windows but into the Tiny Core directly? It might be possible to update the firmware then, since the drive is unencrypted, right? What do you think? And is this possible?
Regards,
jandv1
Hi,
I'm surprised to hear that the firmware update requires the SSD disk to
be unencrypted. This means that the update software need access to the
filesystem which makes no sens since a the user can put any filesystem
on the SSD disk that the update software will not always be able to
access. For example, how is the update software is going to distinguish
between an encrypted disk and a raw disk that is not formatted at all?
Or are users obliged to always use popular filesystems like NTFS or Ext4
this SSD disk and not some exotic filesystem like OpenBFS?
This leads me to believe that the problem is elsewhere and probably the
wording of the SSD documentation is not correct. And if the manufacturer
of this SSD really wants its software to access the filesystem, then I
would prefer using an SSD from another manufacturer.
Concerning the launch of Tiny Core Linux instead of Windows after
VeraCrypt Pre-Boot authentication, it will not work since Tiny Code
would need to have a specific kernel module that would handle the
on-the-fly decryption once the execution is switch from VeraCrypt
bootloader to Linux bootloader. This mechanism works in Windows because
VeraCrypt driver is installed on Windows and it is configured to be
launched at boot in order to handle the transparent filesystem
encryption/decryption. VeraCrypt doesn't have an equivalent mechanism
for Linux.
So my advice would be to check with the SSD manufacturer on the reason
why their update software fails to work with raw unformatted disks. I'm
sure they will give you a solution to update the firmware without
decrypting first (like other SSD manufacturers).
Hi,
I'm surprised to hear that the firmware update requires the SSD disk to
be unencrypted. This means that the update software need access to the
filesystem which makes no sens since a the user can put any filesystem
on the SSD disk that the update software will not always be able to
access. For example, how is the update software is going to distinguish
between an encrypted disk and a raw disk that is not formatted at all?
Or are users obliged to always use popular filesystems like NTFS or Ext4
this SSD disk and not some exotic filesystem like OpenBFS?
This leads me to believe that the problem is elsewhere and probably the
wording of the SSD documentation is not correct. And if the manufacturer
of this SSD really wants its software to access the filesystem, then I
would prefer using an SSD from another manufacturer.
Concerning the launch of Tiny Core Linux instead of Windows after
VeraCrypt Pre-Boot authentication, it will not work since Tiny Code
would need to have a specific kernel module that would handle the
on-the-fly decryption once the execution is switch from VeraCrypt
bootloader to Linux bootloader. This mechanism works in Windows because
VeraCrypt driver is installed on Windows and it is configured to be
launched at boot in order to handle the transparent filesystem
encryption/decryption. VeraCrypt doesn't have an equivalent mechanism
for Linux.
So my advice would be to check with the SSD manufacturer on the reason
why their update software fails to work with raw unformatted disks. I'm
sure they will give you a solution to update the firmware without
decrypting first (like other SSD manufacturers).
My guess is that it loads the firmware from the disk itself when updating. I also wonder if it is possible to update the firmware while Windows is reading/writing from the disk, so I would guess that would be the reason for updating in this way. Moreover, the instructions mention very clearly that there may not be any optical disk present, so it possibly interferes with that too.
It's just a Samsung SSD, nothing very special. Thank you for the extensive comment, I will ask Samsung/Lenovo if there is another option to update the disk and will let you know.