Hello!
I set up the Windows 11 part of my 12th Gen with the initial update package.
Since then only various updates for Intel drivers have come in via Windows-Update but none for example for the fingerprint reader or the integrated camera, the USB-C network card, …
While I do not have any problems right now this does not necessarily mean, there are not any.
For example there might be security problems, better energy management, …
Because the fingerprint reader is axplicitly labled “Framework” in the device manager I presume, that generic updates cannot be used?!
Given the at best mixed feelings I get from the bios updates for my device and various older threads that ended without a solution, I wonder whether there are none, or whether they are not being published via Windows-Update or by Framework.
There’s a saying: If it ain’t broke don’t fix it
For instance, energy management is OK in Intel version (AMD version got an update a few days ago), camera and microphone are plug and play, no software update is needed, an update fixing LogoFail is upcoming.
Well, one thing is annoying if you switch regularly between Windows 11 and Linux. Booting into Windows will reset your fingerprint reader firmware to version 252. After starting Linux, fwupdmgr will suggest an LVFS update to 330. You update, the new version will persist until you boot into Windows, are back to 252 and the cycle starts again…
Windows is known for updates breaking drivers, and some manufacturers such as Logitech bundle bloatwares in the name of “drivers” as "important updates, despite the device is plug and play. To solve this, open the group policy and make Windows update not including drivers.
To make it clear, this is not Windows Update updating a driver (there isn’t anything available for the Goodix fingerprint reader anyway), this is the original driver (as installed via the original Framework driver package) resetting the firmware version.
This was actually great when new input modules came with a linux-incompatible firmware version for the fingerprint reader - just booting into Windows (as long as the driver had been already installed) reverted the version to a linux-compatible one. Problem solved. However, now that there’s a newer Linux version (but not Windows version), the annoying cycling between versions starts.
Hi there!
I am already on the 3.08 beta, so I think I already have the LogoFail fix.
What worried me more was the fact that I got something new for the fingerprint reader when searching for it with Linux, as @next_to_utter_chaos mentioned, and that @Ray519 mentioned issues with Realtek drivers here. This led me to the conclusion that there is no “full driver support” for my Framework via Windowsupdate.
I also wonder if Windows chooses the best driver for the camera. A lot of things work out of the box with Windows, but that does not necessarily mean that they cannot be enhanced with a (proprietary) driver.
There are standardized device classes, such as USB Mass Storage or USB Audio stuff. Those are typically implemented by Windows and come with Windows. They could be replaced with other drivers that add non-standardized features on top of that.
Drivers that are installed via Windows Update are the same proprietary drivers you can get manually. Just that the manufacturer handed a specific version to Microsoft to auto-install. They can be as old as new or whatever the manufacturer responsible for the device in question chooses. Often for notebooks this is done by the manufacturer of the notebook and not by the various OEMs. So Dell for example will ship you the same ancient iGPU drivers they list as official on their website and they might have been customized with hacks or not be the generic version Intel makes available themselves (to either work around hardware flaws of the device or gimp the machine to achieve some sort of goal the manufacturer has).
Drivers shipped through Windows are typically a horrible experience, because if you allow Windows to update drivers, they will force them on to your machine, no matter if they are older or worse than your currently installed drivers.
Device name in Device Manager is often a label the device provides itself and not dictated solely by the driver, so that does not mean anything at all. The fingerprint sensor specifically what you are seeing with Linux is a firmware update, not a driver. And it should still be marked as “testing”.
To the point of if drivers could provide more functionality: sure. For the Realtek USB network controller for example, Windows has an integrated driver that works, but supports no advanced power saving options at all. Drivers from Realtek add those on top.
For the camera: in principle there is not much a driver could do to improve the performance of the camera itself. A ton of drivers simply add software processing on the host. But that is often not the best idea. Why tie relatively generic features into a specific driver. This is often just shiny gimick-stuff added for marketing purposes that will not age well, does not have the quality of more generic drivers and is not maintained / prevents new features that the generic & standard-based drivers get added over time.
Just as an example: Dell has the habit of shipping Waves Maxx Audio drivers. They are needed to get good audio quality out of their devices. I.e. they do a lot of processing in the driver, not in the audio hardware. This only works in Windows. But those drivers are on purpose locked to a specific notebook generation (i.e. they have like MaxxAudio 2022 versions. That will only work with notebooks of that generation. Newer devices will use the incompatible 2023 drivers). And they have the habit of reintroducing the same bugs every generation. It takes them many months to fix their issues. They hold back pure software advancements from older notebooks without any technical reason and are overall a buggy mess (hangs, crashes, wasting 30% CPU, memory leaks where the audio drivers consumes like 7 GiB of system memory on boot).
Or like the many USB headsets. They often are based on USB Audio drivers. So work 95% without custom drivers. But may need specific drivers to control features such as setting EQ, additional buttons or automated stuff not handled where it would be better. But those often tend to block Windows’ integrated Atmos features, that are good, have improved and changed over time. Those very specialized drivers for a single device are often not updated to allow new OS features, because by then the manufacturer is 2 generations removed from the device you have.
TL;DR; it’s possible for more specialized drivers to do sth. better. If you cannot get those drivers from the chip manufacturer itself, they often are bad or only better than the base level drivers for a short time and not maintained long. And for long the term you’d probably prefer more generic drivers. Framework seems to be doing things mostly right here. And for just taking available drivers from the manufacturer and republishing them, they probably have far too little resources, given how the firmware update situation is, where they are required to do their part to get those updates out. Do not forget Realtek themselves has removed, regressed their features in their drivers, so who knows what’s behind that.
Well, it looks, like the new firmware for the fingerprint reader fixes a security issue: BETA update for the fingerprint reader in LVFS testing .
So it could be interesting when or if this also ships for Windows.
If you read the Touch of Pwn report, it was about using 2 vastly different protocols with Windows and Linux. With windows a secure protocol designed by Microsoft was used. And with Linux they used basically nothing.
And then they managed to hijack the security under Windows by switching to the Linux database of fingerprints while Windows was running.
So the security issue was more or less the existence of the separate Linux support with all security removed. Would require more details to know if the new firmware solves anything for the security of Windows. Especially if the vendor producing the firwmware did not even acknowledge the security problem with a CVE.
There standpoint might as well be to disable the current Linux support and it would have been secure all along (it seems they do not care about security under Linux and Linux does not support the secure protocol Microsoft designed for that purpose and that the vendor chose to rely upon).
Getting tired of ping-ponging between versions 334 on Linux and 252 on Windows, I decided to give the driver for the fingerprint reader from Framework Laptop 13 Ryzen 7040 BIOS 3.05 Release and Driver Bundle BETA a chance (something like peazip or 7-zip can open the driver bundle .exe as archive).
It’s possible to install the extracted Goodix driver on the 12th Gen Intel. So far, that seems to stop the downgrade when booting into Windows.
However, I don’t actually use the fingerprint reader in Windows, so I haven’t tested if you need to re-enroll your fingerprints or if there are other unexpected side-effects.
Edit: According to @Ray519 it seems to work fine: