Lenovo T99W175 / Foxconn SDX55 update on LVFS breaks FCC unlock

Sun May 1 12:57:34 UTC 2022

Thilo-Alexander Ginkel <thilo at ginkel.com> writes:

> IIRC the snap does not support the modem running in an X1E4 that I own
> and Iam not sure wthere it implements the old or the new FCC unlock.

I believe this proves the experiment failed.

I am sure Mark and others in Lenovo have tried.  I do not doubt their
good intentions.  But changing policies involving legal matters inside a
big company is extremely hard. I'm not surprised that it failed.

In my opinion, the vendor binary lock support in MM is a complete waste
of time and resources unless there are any vendors who provide such
binaries in a timely manner for all their systems with locked modems.

To me, "timely manner" means that the enabling Linux binaries must be
available when I buy a laptop requiring it.  Not months later, for a
select subset of models.  That's worthless.  It's like jumping half-way
over the ditch.

The state of the current Lenovo FCC unlock support is that there is no
way for me to figure out if I ever can use the integrated modem in a
Thinkpad I buy today.  And worse: Even if it works today, there is no
way to know that it will continue to work after upgrading firmware.

Not that great selling points, really...

Anyway, it looks like we're back to decompiling, reverse engineering,
and documenting all these mumbo-jumbo US quirks as open source.  Too
bad.  But if we have to, then I'm sure we can.

FWIW, I consider the "FCC unlock" thing another brilliant idea from the
same lawyers who brought us RP-SMA.  It's a techincal solution to a
non-technical problem.  This has never lead to anything good.

Wrt the implementation: Any protocol depending on closed binaries is
broken by design, without exception.  It doesn't matter whether you use
a "secret" algorithm or just store keys inside the binary. Anything that
was compiled can be decompiled.  Sure it can be obfuscated to make that
harder.  We all love a challenge :-)

Actually, if Lenovo wanted to create a *working* FCC lock, then they
could have designed an open interface between system and modem firmware
to securely validate the platform.  This isn't hard. You could e.g use
the TPM, or some other of the many hardware security solutions out
there, to store secret(s) used by an open protocol.

As for the state of the current Lenovo FCC unlock binary, I downloaded
the lenovo-wwan-dpr snap and found that it was last updated in September
2021. It doesn't seem to support any Thinkpad or current modem firmware
at all.  I'm not even sure why we discuss it.  Is there anyone here who
have been able to use this as-is?

bjorn at miraculix:/tmp/_lenovo-wwan-dpr_4.snap.extracted/squashfs-root$ cat snapcraft.yaml 
name: lenovo-wwan-dpr
version: "1.0.2-wwan-dpr"
summary: This APP is used for FCC unlock and DPR of WWAN feature for Lenovo.
description: |
  In this version only FCC unlock App is implemented for DT SE30 product.

confinement: strict
base: core20

grade: stable

parts:
  dpr-wwan:
    plugin: dump
    source: .
    stage-packages:
      - pciutils
      - libmbim-glib-dev

apps:
  wwan-dpr:
    daemon: oneshot
    plugs:
       - hardware-observe
       - modem-manager       
    command: bin/DPR_wwan

  dpr-fcc-unlock:
    command: bin/DPR_Fcc_unlock_service
    plugs:
       - hardware-observe
       - modem-manager

layout:
  /usr/lib/mbim2sar.so:
    bind-file: $SNAP/usr/lib/mbim2sar.so
  /usr/lib/libdpr.so:
    bind-file: $SNAP/usr/lib/libdpr.so

Bjjørn (who still haven't replaced the good old X1 Carbon gen4 - so I'm
safe until the 4G network shuts down :)