diff --git a/libfwupd/fwupd-bios-attr.c b/libfwupd/fwupd-bios-attr.c index 4ba6d42ad..064f6a1b3 100644 --- a/libfwupd/fwupd-bios-attr.c +++ b/libfwupd/fwupd-bios-attr.c @@ -27,7 +27,6 @@ typedef struct { gchar *description; gchar *path; gchar *current_value; - gchar *preferred_value; guint64 lower_bound; guint64 upper_bound; guint64 scalar_increment; @@ -451,47 +450,6 @@ fwupd_bios_attr_get_description(FwupdBiosAttr *self) return priv->description; } -/** - * fwupd_bios_attr_get_preferred_value: - * @self: a #FwupdBiosAttr - * - * Gets the value that when written to an attribute would activate it or satisfy - * a security requirement. - * - * Returns: the preferred value of the attribute. - * - * Since: 1.8.4 - **/ -const gchar * -fwupd_bios_attr_get_preferred_value(FwupdBiosAttr *self) -{ - FwupdBiosAttrPrivate *priv = GET_PRIVATE(self); - g_return_val_if_fail(FWUPD_IS_BIOS_ATTR(self), NULL); - return priv->preferred_value; -} - -/** - * fwupd_bios_attr_set_preferred_value: - * @self: a #FwupdBiosAttr - * @value: The string to set preferred value to - * - * Sets the string used for the preferred value of an attribute. - * - * Since: 1.8.4 - **/ -void -fwupd_bios_attr_set_preferred_value(FwupdBiosAttr *self, const gchar *value) -{ - FwupdBiosAttrPrivate *priv = GET_PRIVATE(self); - - /* not changed */ - if (g_strcmp0(priv->preferred_value, value) == 0) - return; - - g_free(priv->preferred_value); - priv->preferred_value = g_strdup(value); -} - /** * fwupd_bios_attr_get_current_value: * @self: a #FwupdBiosAttr @@ -582,12 +540,6 @@ fwupd_bios_attr_to_variant(FwupdBiosAttr *self) FWUPD_RESULT_KEY_DESCRIPTION, g_variant_new_string(priv->description)); } - if (priv->preferred_value != NULL) { - g_variant_builder_add(&builder, - "{sv}", - FWUPD_RESULT_KEY_BIOS_ATTR_PREFERRED_VALUE, - g_variant_new_string(priv->preferred_value)); - } g_variant_builder_add(&builder, "{sv}", FWUPD_RESULT_KEY_BIOS_ATTR_CURRENT_VALUE, @@ -643,10 +595,6 @@ fwupd_bios_attr_from_key_value(FwupdBiosAttr *self, const gchar *key, GVariant * fwupd_bios_attr_set_path(self, g_variant_get_string(value, NULL)); return; } - if (g_strcmp0(key, FWUPD_RESULT_KEY_BIOS_ATTR_PREFERRED_VALUE) == 0) { - fwupd_bios_attr_set_preferred_value(self, g_variant_get_string(value, NULL)); - return; - } if (g_strcmp0(key, FWUPD_RESULT_KEY_BIOS_ATTR_CURRENT_VALUE) == 0) { fwupd_bios_attr_set_current_value(self, g_variant_get_string(value, NULL)); return; @@ -725,12 +673,6 @@ fwupd_bios_attr_from_json(FwupdBiosAttr *self, JsonNode *json_node, GError **err json_object_get_string_member_with_default(obj, FWUPD_RESULT_KEY_BIOS_ATTR_CURRENT_VALUE, NULL)); - fwupd_bios_attr_set_preferred_value( - self, - json_object_get_string_member_with_default(obj, - FWUPD_RESULT_KEY_BIOS_ATTR_PREFERRED_VALUE, - NULL)); - if (json_object_has_member(obj, FWUPD_RESULT_KEY_BIOS_ATTR_POSSIBLE_VALUES)) { JsonArray *array = json_object_get_array_member(obj, FWUPD_RESULT_KEY_BIOS_ATTR_POSSIBLE_VALUES); @@ -796,9 +738,6 @@ fwupd_bios_attr_to_json(FwupdBiosAttr *self, JsonBuilder *builder) fwupd_common_json_add_string(builder, FWUPD_RESULT_KEY_BIOS_ATTR_CURRENT_VALUE, priv->current_value); - fwupd_common_json_add_string(builder, - FWUPD_RESULT_KEY_BIOS_ATTR_PREFERRED_VALUE, - priv->preferred_value); if (priv->kind == FWUPD_BIOS_ATTR_KIND_ENUMERATION) { if (priv->possible_values->len > 0) { json_builder_set_member_name(builder, @@ -852,7 +791,6 @@ fwupd_bios_attr_to_string(FwupdBiosAttr *self) fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_FILENAME, priv->path); fwupd_pad_kv_int(str, FWUPD_RESULT_KEY_BIOS_ATTR_TYPE, priv->kind); fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_BIOS_ATTR_CURRENT_VALUE, priv->current_value); - fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_BIOS_ATTR_PREFERRED_VALUE, priv->preferred_value); fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_BIOS_ATTR_READ_ONLY, priv->read_only ? "True" : "False"); @@ -897,7 +835,6 @@ fwupd_bios_attr_finalize(GObject *object) FwupdBiosAttr *self = FWUPD_BIOS_ATTR(object); FwupdBiosAttrPrivate *priv = GET_PRIVATE(self); - g_free(priv->preferred_value); g_free(priv->current_value); g_free(priv->id); g_free(priv->name); diff --git a/libfwupd/fwupd-bios-attr.h b/libfwupd/fwupd-bios-attr.h index 0e1d073bf..69d59d6bc 100644 --- a/libfwupd/fwupd-bios-attr.h +++ b/libfwupd/fwupd-bios-attr.h @@ -113,8 +113,4 @@ fwupd_bios_attr_get_id(FwupdBiosAttr *self); void fwupd_bios_attr_set_id(FwupdBiosAttr *self, const gchar *id); -const gchar * -fwupd_bios_attr_get_preferred_value(FwupdBiosAttr *self); -void -fwupd_bios_attr_set_preferred_value(FwupdBiosAttr *self, const gchar *value); G_END_DECLS diff --git a/libfwupd/fwupd-enums-private.h b/libfwupd/fwupd-enums-private.h index b75d4153d..ef98655b7 100644 --- a/libfwupd/fwupd-enums-private.h +++ b/libfwupd/fwupd-enums-private.h @@ -517,13 +517,13 @@ G_BEGIN_DECLS **/ #define FWUPD_RESULT_KEY_BIOS_ATTR_ID "BiosAttrId" /** - * FWUPD_RESULT_KEY_BIOS_ATTR_PREFERRED_VALUE: + * FWUPD_RESULT_KEY_BIOS_ATTR_TARGET_VALUE: * * Result key to represent the value that would enable this attribute. * * The D-Bus type signature string is 's' i.e. a string. **/ -#define FWUPD_RESULT_KEY_BIOS_ATTR_PREFERRED_VALUE "BiosAttrPreferredValue" +#define FWUPD_RESULT_KEY_BIOS_ATTR_TARGET_VALUE "BiosAttrTargetValue" /** * FWUPD_RESULT_KEY_BIOS_ATTR_CURRENT_VALUE: * diff --git a/libfwupd/fwupd-security-attr.c b/libfwupd/fwupd-security-attr.c index 637563771..1a275b892 100644 --- a/libfwupd/fwupd-security-attr.c +++ b/libfwupd/fwupd-security-attr.c @@ -38,7 +38,8 @@ typedef struct { FwupdSecurityAttrResult result; FwupdSecurityAttrResult result_fallback; FwupdSecurityAttrFlags flags; - gchar *bios_attr; + gchar *bios_attr_id; + gchar *bios_attr_value; } FwupdSecurityAttrPrivate; G_DEFINE_TYPE_WITH_PRIVATE(FwupdSecurityAttr, fwupd_security_attr, G_TYPE_OBJECT) @@ -240,7 +241,7 @@ fwupd_security_attr_get_bios_attr_id(FwupdSecurityAttr *self) { FwupdSecurityAttrPrivate *priv = GET_PRIVATE(self); g_return_val_if_fail(FWUPD_IS_SECURITY_ATTR(self), NULL); - return priv->bios_attr; + return priv->bios_attr_id; } /** @@ -258,10 +259,10 @@ fwupd_security_attr_set_bios_attr_id(FwupdSecurityAttr *self, const gchar *id) { FwupdSecurityAttrPrivate *priv = GET_PRIVATE(self); g_return_if_fail(FWUPD_IS_SECURITY_ATTR(self)); - if (priv->bios_attr == id) + if (priv->bios_attr_id == id) return; - g_free(priv->bios_attr); - priv->bios_attr = g_strdup(id); + g_free(priv->bios_attr_id); + priv->bios_attr_id = g_strdup(id); } /** @@ -500,6 +501,47 @@ fwupd_security_attr_set_name(FwupdSecurityAttr *self, const gchar *name) priv->name = g_strdup(name); } +/** + * fwupd_security_attr_get_bios_attr_value: + * @self: a #FwupdSecurityAttr + * + * Gets the value that when written to an attribute would activate it or satisfy + * a security requirement. + * + * Returns: the target value of the attribute. + * + * Since: 1.8.4 + **/ +const gchar * +fwupd_security_attr_get_bios_attr_value(FwupdSecurityAttr *self) +{ + FwupdSecurityAttrPrivate *priv = GET_PRIVATE(self); + g_return_val_if_fail(FWUPD_IS_SECURITY_ATTR(self), NULL); + return priv->bios_attr_value; +} + +/** + * fwupd_security_attr_set_bios_attr_value: + * @self: a #FwupdSecurityAttr + * @value: The string to set target value to + * + * Sets the string used for the target value of an attribute. + * + * Since: 1.8.4 + **/ +void +fwupd_security_attr_set_bios_attr_value(FwupdSecurityAttr *self, const gchar *value) +{ + FwupdSecurityAttrPrivate *priv = GET_PRIVATE(self); + + /* not changed */ + if (g_strcmp0(priv->bios_attr_value, value) == 0) + return; + + g_free(priv->bios_attr_value); + priv->bios_attr_value = g_strdup(value); +} + /** * fwupd_security_attr_set_title: * @self: a #FwupdSecurityAttr @@ -1013,11 +1055,17 @@ fwupd_security_attr_to_variant(FwupdSecurityAttr *self) FWUPD_RESULT_KEY_METADATA, fwupd_hash_kv_to_variant(priv->metadata)); } - if (priv->bios_attr != NULL) { + if (priv->bios_attr_id != NULL) { g_variant_builder_add(&builder, "{sv}", FWUPD_RESULT_KEY_BIOS_ATTR_ID, - g_variant_new_string(priv->bios_attr)); + g_variant_new_string(priv->bios_attr_id)); + } + if (priv->bios_attr_value != NULL) { + g_variant_builder_add(&builder, + "{sv}", + FWUPD_RESULT_KEY_BIOS_ATTR_TARGET_VALUE, + g_variant_new_string(priv->bios_attr_value)); } return g_variant_new("a{sv}", &builder); } @@ -1135,6 +1183,10 @@ fwupd_security_attr_from_key_value(FwupdSecurityAttr *self, const gchar *key, GV fwupd_security_attr_set_bios_attr_id(self, g_variant_get_string(value, NULL)); return; } + if (g_strcmp0(key, FWUPD_RESULT_KEY_BIOS_ATTR_TARGET_VALUE) == 0) { + fwupd_security_attr_set_bios_attr_value(self, g_variant_get_string(value, NULL)); + return; + } } static void @@ -1219,6 +1271,11 @@ fwupd_security_attr_from_json(FwupdSecurityAttr *self, JsonNode *json_node, GErr fwupd_security_attr_set_bios_attr_id( self, json_object_get_string_member_with_default(obj, FWUPD_RESULT_KEY_BIOS_ATTR_ID, NULL)); + fwupd_security_attr_set_bios_attr_value( + self, + json_object_get_string_member_with_default(obj, + FWUPD_RESULT_KEY_BIOS_ATTR_TARGET_VALUE, + NULL)); /* also optional */ if (json_object_has_member(obj, FWUPD_RESULT_KEY_HSI_RESULT)) { @@ -1297,7 +1354,10 @@ fwupd_security_attr_to_json(FwupdSecurityAttr *self, JsonBuilder *builder) fwupd_common_json_add_string(builder, FWUPD_RESULT_KEY_DESCRIPTION, priv->description); fwupd_common_json_add_string(builder, FWUPD_RESULT_KEY_PLUGIN, priv->plugin); fwupd_common_json_add_string(builder, FWUPD_RESULT_KEY_URI, priv->url); - fwupd_common_json_add_string(builder, FWUPD_RESULT_KEY_BIOS_ATTR_ID, priv->bios_attr); + fwupd_common_json_add_string(builder, + FWUPD_RESULT_KEY_BIOS_ATTR_TARGET_VALUE, + priv->bios_attr_value); + fwupd_common_json_add_string(builder, FWUPD_RESULT_KEY_BIOS_ATTR_ID, priv->bios_attr_id); if (priv->flags != FWUPD_SECURITY_ATTR_FLAG_NONE) { json_builder_set_member_name(builder, FWUPD_RESULT_KEY_FLAGS); @@ -1366,7 +1426,8 @@ fwupd_security_attr_to_string(FwupdSecurityAttr *self) fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_DESCRIPTION, priv->description); fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_PLUGIN, priv->plugin); fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_URI, priv->url); - fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_BIOS_ATTR_ID, priv->bios_attr); + fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_BIOS_ATTR_ID, priv->bios_attr_id); + fwupd_pad_kv_str(str, FWUPD_RESULT_KEY_BIOS_ATTR_TARGET_VALUE, priv->bios_attr_value); for (guint i = 0; i < priv->obsoletes->len; i++) { const gchar *appstream_id = g_ptr_array_index(priv->obsoletes, i); @@ -1413,7 +1474,8 @@ fwupd_security_attr_finalize(GObject *object) if (priv->metadata != NULL) g_hash_table_unref(priv->metadata); - g_free(priv->bios_attr); + g_free(priv->bios_attr_id); + g_free(priv->bios_attr_value); g_free(priv->appstream_id); g_free(priv->name); g_free(priv->title); @@ -1532,7 +1594,7 @@ fwupd_security_attr_copy(FwupdSecurityAttr *self) fwupd_security_attr_set_flags(new, priv->flags); fwupd_security_attr_set_result(new, priv->result); fwupd_security_attr_set_created(new, priv->created); - fwupd_security_attr_set_bios_attr_id(new, priv->bios_attr); + fwupd_security_attr_set_bios_attr_id(new, priv->bios_attr_id); for (guint i = 0; i < priv->guids->len; i++) { const gchar *guid = g_ptr_array_index(priv->guids, i); @@ -1561,6 +1623,9 @@ fwupd_security_attr_copy(FwupdSecurityAttr *self) * * Creates a new security attribute. * + * Plugins should not use this method, and should instead use `fu_plugin_security_attr_new()` or + * `fu_security_attr_new()`. + * * Returns: a new #FwupdSecurityAttr * * Since: 1.5.0 diff --git a/libfwupd/fwupd-security-attr.h b/libfwupd/fwupd-security-attr.h index e55898181..29959e55c 100644 --- a/libfwupd/fwupd-security-attr.h +++ b/libfwupd/fwupd-security-attr.h @@ -130,6 +130,10 @@ const gchar * fwupd_security_attr_get_bios_attr_id(FwupdSecurityAttr *self); void fwupd_security_attr_set_bios_attr_id(FwupdSecurityAttr *self, const gchar *id); +const gchar * +fwupd_security_attr_get_bios_attr_value(FwupdSecurityAttr *self); +void +fwupd_security_attr_set_bios_attr_value(FwupdSecurityAttr *self, const gchar *value); const gchar * fwupd_security_attr_get_appstream_id(FwupdSecurityAttr *self); diff --git a/libfwupd/fwupd.map b/libfwupd/fwupd.map index 2c7304f24..ecaac66fc 100644 --- a/libfwupd/fwupd.map +++ b/libfwupd/fwupd.map @@ -815,7 +815,6 @@ LIBFWUPD_1.8.4 { fwupd_bios_attr_get_name; fwupd_bios_attr_get_path; fwupd_bios_attr_get_possible_values; - fwupd_bios_attr_get_preferred_value; fwupd_bios_attr_get_read_only; fwupd_bios_attr_get_scalar_increment; fwupd_bios_attr_get_type; @@ -829,7 +828,6 @@ LIBFWUPD_1.8.4 { fwupd_bios_attr_set_lower_bound; fwupd_bios_attr_set_name; fwupd_bios_attr_set_path; - fwupd_bios_attr_set_preferred_value; fwupd_bios_attr_set_read_only; fwupd_bios_attr_set_scalar_increment; fwupd_bios_attr_set_upper_bound; @@ -843,6 +841,8 @@ LIBFWUPD_1.8.4 { fwupd_client_modify_bios_attr_async; fwupd_client_modify_bios_attr_finish; fwupd_security_attr_get_bios_attr_id; + fwupd_security_attr_get_bios_attr_value; fwupd_security_attr_set_bios_attr_id; + fwupd_security_attr_set_bios_attr_value; local: *; } LIBFWUPD_1.8.3; diff --git a/libfwupd/meson.build b/libfwupd/meson.build index 99f134038..0ba3106a5 100644 --- a/libfwupd/meson.build +++ b/libfwupd/meson.build @@ -48,7 +48,7 @@ libfwupd_src = [ 'fwupd-enums.c', # fuzzing 'fwupd-error.c', # fuzzing 'fwupd-bios-attr.c', # fuzzing - 'fwupd-security-attr.c', + 'fwupd-security-attr.c', # fuzzing 'fwupd-release.c', # fuzzing 'fwupd-plugin.c', 'fwupd-remote.c', diff --git a/libfwupdplugin/fu-bios-attrs.c b/libfwupdplugin/fu-bios-attrs.c index 830d8d79b..579a1e911 100644 --- a/libfwupdplugin/fu-bios-attrs.c +++ b/libfwupdplugin/fu-bios-attrs.c @@ -279,34 +279,6 @@ fu_bios_attr_set_file_attributes(FwupdBiosAttr *attr, GError **error) return TRUE; } -/** - * fu_bios_attr_set_preferred_value: - * @attr: a #FwupdBiosAttr - * @needle: The substring of a preferred value - * - * Checks all configured possible values of an enumeration attribute and - * if any match @needle then set as the preferred value. - * - * Since: 1.8.4 - **/ -void -fu_bios_attr_set_preferred_value(FwupdBiosAttr *attr, const gchar *needle) -{ - GPtrArray *values; - - if (fwupd_bios_attr_get_kind(attr) != FWUPD_BIOS_ATTR_KIND_ENUMERATION) - return; - values = fwupd_bios_attr_get_possible_values(attr); - for (guint i = 0; i < values->len; i++) { - const gchar *possible = g_ptr_array_index(values, i); - g_autofree gchar *lower = g_utf8_strdown(possible, -1); - if (g_strrstr(lower, needle)) { - fwupd_bios_attr_set_preferred_value(attr, possible); - return; - } - } -} - static gboolean fu_bios_attrs_set_folder_attributes(FuBiosAttrs *self, FwupdBiosAttr *attr, diff --git a/libfwupdplugin/fu-bios-attrs.h b/libfwupdplugin/fu-bios-attrs.h index dc50b475e..59686e644 100644 --- a/libfwupdplugin/fu-bios-attrs.h +++ b/libfwupdplugin/fu-bios-attrs.h @@ -19,5 +19,3 @@ gboolean fu_bios_attrs_get_pending_reboot(FuBiosAttrs *self, gboolean *result, GError **error); FwupdBiosAttr * fu_bios_attrs_get_attr(FuBiosAttrs *self, const gchar *val); -void -fu_bios_attr_set_preferred_value(FwupdBiosAttr *attr, const gchar *needle); diff --git a/libfwupdplugin/fu-device.c b/libfwupdplugin/fu-device.c index d84e7d249..af3f024d6 100644 --- a/libfwupdplugin/fu-device.c +++ b/libfwupdplugin/fu-device.c @@ -18,6 +18,7 @@ #include "fu-device-private.h" #include "fu-mutex.h" #include "fu-quirks.h" +#include "fu-security-attr.h" #include "fu-string.h" #include "fu-version-common.h" @@ -5396,6 +5397,32 @@ fu_device_build_instance_id_quirk(FuDevice *self, GError **error, const gchar *s return TRUE; } +/** + * fu_device_security_attr_new: + * @self: a #FuDevice + * @appstream_id: (nullable): the AppStream component ID, e.g. `com.intel.BiosGuard` + * + * Creates a new #FwupdSecurityAttr for this specific device. + * + * Returns: (transfer full): a #FwupdSecurityAttr + * + * Since: 1.8.4 + **/ +FwupdSecurityAttr * +fu_device_security_attr_new(FuDevice *self, const gchar *appstream_id) +{ + FuDevicePrivate *priv = fu_device_get_instance_private(self); + g_autoptr(FwupdSecurityAttr) attr = NULL; + + g_return_val_if_fail(FU_IS_DEVICE(self), NULL); + g_return_val_if_fail(appstream_id != NULL, NULL); + + attr = fu_security_attr_new(priv->ctx, appstream_id); + fwupd_security_attr_set_plugin(attr, fu_device_get_plugin(FU_DEVICE(self))); + fwupd_security_attr_add_guids(attr, fu_device_get_guids(FU_DEVICE(self))); + return g_steal_pointer(&attr); +} + static void fu_device_class_init(FuDeviceClass *klass) { diff --git a/libfwupdplugin/fu-device.h b/libfwupdplugin/fu-device.h index 11328154a..753af3869 100644 --- a/libfwupdplugin/fu-device.h +++ b/libfwupdplugin/fu-device.h @@ -726,6 +726,8 @@ gboolean fu_device_has_private_flag(FuDevice *self, guint64 flag); void fu_device_emit_request(FuDevice *self, FwupdRequest *request); +FwupdSecurityAttr * +fu_device_security_attr_new(FuDevice *self, const gchar *appstream_id); void fu_device_add_instance_str(FuDevice *self, const gchar *key, const gchar *value); diff --git a/libfwupdplugin/fu-plugin.c b/libfwupdplugin/fu-plugin.c index 55c8a70f9..61cefdd25 100644 --- a/libfwupdplugin/fu-plugin.c +++ b/libfwupdplugin/fu-plugin.c @@ -22,6 +22,7 @@ #include "fu-mutex.h" #include "fu-path.h" #include "fu-plugin-private.h" +#include "fu-security-attr.h" #include "fu-string.h" /** @@ -2353,6 +2354,31 @@ fu_plugin_get_config_value(FuPlugin *self, const gchar *key) return g_key_file_get_string(keyfile, fu_plugin_get_name(self), key, NULL); } +/** + * fu_plugin_security_attr_new: + * @self: a #FuPlugin + * @appstream_id: (nullable): the AppStream component ID, e.g. `com.intel.BiosGuard` + * + * Creates a new #FwupdSecurityAttr for this specific plugin. + * + * Returns: (transfer full): a #FwupdSecurityAttr + * + * Since: 1.8.4 + **/ +FwupdSecurityAttr * +fu_plugin_security_attr_new(FuPlugin *self, const gchar *appstream_id) +{ + FuPluginPrivate *priv = fu_plugin_get_instance_private(self); + g_autoptr(FwupdSecurityAttr) attr = NULL; + + g_return_val_if_fail(FU_IS_PLUGIN(self), NULL); + g_return_val_if_fail(appstream_id != NULL, NULL); + + attr = fu_security_attr_new(priv->ctx, appstream_id); + fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(self)); + return g_steal_pointer(&attr); +} + /** * fu_plugin_set_config_value: * @self: a #FuPlugin diff --git a/libfwupdplugin/fu-plugin.h b/libfwupdplugin/fu-plugin.h index 6cff3dcfe..1221ee049 100644 --- a/libfwupdplugin/fu-plugin.h +++ b/libfwupdplugin/fu-plugin.h @@ -469,3 +469,5 @@ gboolean fu_plugin_get_config_value_boolean(FuPlugin *self, const gchar *key); gboolean fu_plugin_set_config_value(FuPlugin *self, const gchar *key, const gchar *value, GError **error); +FwupdSecurityAttr * +fu_plugin_security_attr_new(FuPlugin *self, const gchar *appstream_id); diff --git a/libfwupdplugin/fu-security-attr.c b/libfwupdplugin/fu-security-attr.c new file mode 100644 index 000000000..389cf4b52 --- /dev/null +++ b/libfwupdplugin/fu-security-attr.c @@ -0,0 +1,103 @@ +/* + * Copyright (C) 2022 Richard Hughes + * + * SPDX-License-Identifier: LGPL-2.1+ + */ + +#define G_LOG_DOMAIN "FwupdSecurityAttr" + +#include "config.h" + +#include "fu-security-attr.h" + +typedef struct { + FuContext *ctx; +} FuSecurityAttrPrivate; + +G_DEFINE_TYPE_WITH_PRIVATE(FuSecurityAttr, fu_security_attr, FWUPD_TYPE_SECURITY_ATTR) + +#define GET_PRIVATE(o) (fu_security_attr_get_instance_private(o)) + +/** + * fu_security_attr_add_bios_target_value: + * @ctx: a #FuContext + * @attr: a #FwupdSecurityAttr + * @id: a #FwupdBiosAttr ID or name + * @needle: The substring of a target value + * + * Checks all configured possible values of an enumeration attribute and + * if any match @needle then set as the target value. + * + * Since: 1.8.4 + **/ +void +fu_security_attr_add_bios_target_value(FwupdSecurityAttr *attr, + const gchar *id, + const gchar *needle) +{ + FuSecurityAttr *self = FU_SECURITY_ATTR(attr); + FuSecurityAttrPrivate *priv = GET_PRIVATE(self); + FwupdBiosAttr *bios_attr; + GPtrArray *values; + + bios_attr = fu_context_get_bios_attr(priv->ctx, id); + if (bios_attr == NULL) + return; + fwupd_security_attr_set_bios_attr_id(attr, fwupd_bios_attr_get_id(bios_attr)); + if (fwupd_bios_attr_get_kind(bios_attr) != FWUPD_BIOS_ATTR_KIND_ENUMERATION) + return; + values = fwupd_bios_attr_get_possible_values(bios_attr); + for (guint i = 0; i < values->len; i++) { + const gchar *possible = g_ptr_array_index(values, i); + g_autofree gchar *lower = g_utf8_strdown(possible, -1); + if (g_strrstr(lower, needle)) { + fwupd_security_attr_set_bios_attr_value(attr, possible); + return; + } + } +} + +static void +fu_security_attr_init(FuSecurityAttr *self) +{ +} + +static void +fu_security_attr_finalize(GObject *object) +{ + FuSecurityAttr *self = FU_SECURITY_ATTR(object); + FuSecurityAttrPrivate *priv = GET_PRIVATE(self); + if (priv->ctx != NULL) + g_object_unref(priv->ctx); + G_OBJECT_CLASS(fu_security_attr_parent_class)->finalize(object); +} + +static void +fu_security_attr_class_init(FuSecurityAttrClass *klass) +{ + GObjectClass *object_class = G_OBJECT_CLASS(klass); + object_class->finalize = fu_security_attr_finalize; +} + +/** + * fu_security_attr_new: + * @ctx: a #FuContext + * @appstream_id: (nullable): the AppStream component ID, e.g. `com.intel.BiosGuard` + * + * Creates a new #FwupdSecurityAttr with context set. + * + * Returns: (transfer full): a #FwupdSecurityAttr + * + * Since: 1.8.4 + **/ +FwupdSecurityAttr * +fu_security_attr_new(FuContext *ctx, const gchar *appstream_id) +{ + g_autoptr(FuSecurityAttr) self = g_object_new(FU_TYPE_SECURITY_ATTR, NULL); + FuSecurityAttrPrivate *priv = GET_PRIVATE(self); + g_return_val_if_fail(FU_IS_CONTEXT(ctx), NULL); + if (appstream_id != NULL) + fwupd_security_attr_set_appstream_id(FWUPD_SECURITY_ATTR(self), appstream_id); + priv->ctx = g_object_ref(ctx); + return FWUPD_SECURITY_ATTR(g_steal_pointer(&self)); +} diff --git a/libfwupdplugin/fu-security-attr.h b/libfwupdplugin/fu-security-attr.h new file mode 100644 index 000000000..e59719a5f --- /dev/null +++ b/libfwupdplugin/fu-security-attr.h @@ -0,0 +1,25 @@ +/* + * Copyright (C) 2022 Richard Hughes + * + * SPDX-License-Identifier: LGPL-2.1+ + */ + +#pragma once + +#include + +#include "fu-context.h" + +#define FU_TYPE_SECURITY_ATTR (fu_security_attr_get_type()) +G_DECLARE_DERIVABLE_TYPE(FuSecurityAttr, fu_security_attr, FU, SECURITY_ATTR, FwupdSecurityAttr) + +struct _FuSecurityAttrClass { + FwupdSecurityAttrClass parent_class; +}; + +FwupdSecurityAttr * +fu_security_attr_new(FuContext *ctx, const gchar *appstream_id); +void +fu_security_attr_add_bios_target_value(FwupdSecurityAttr *attr, + const gchar *id, + const gchar *needle); diff --git a/libfwupdplugin/fwupdplugin.h b/libfwupdplugin/fwupdplugin.h index 903263bc2..e39a70ded 100644 --- a/libfwupdplugin/fwupdplugin.h +++ b/libfwupdplugin/fwupdplugin.h @@ -62,6 +62,7 @@ #include #include #include +#include #include #include #include diff --git a/libfwupdplugin/fwupdplugin.map b/libfwupdplugin/fwupdplugin.map index b607d7cbf..a79ab80a0 100644 --- a/libfwupdplugin/fwupdplugin.map +++ b/libfwupdplugin/fwupdplugin.map @@ -1071,7 +1071,6 @@ LIBFWUPDPLUGIN_1.8.3 { LIBFWUPDPLUGIN_1.8.4 { global: fu_backend_add_string; - fu_bios_attr_set_preferred_value; fu_bios_attrs_get_all; fu_bios_attrs_get_attr; fu_bios_attrs_get_pending_reboot; @@ -1083,7 +1082,12 @@ LIBFWUPDPLUGIN_1.8.4 { fu_context_get_bios_attr_pending_reboot; fu_context_get_bios_attrs; fu_context_reload_bios_attrs; + fu_device_security_attr_new; fu_plugin_add_string; + fu_plugin_security_attr_new; fu_plugin_to_string; + fu_security_attr_add_bios_target_value; + fu_security_attr_get_type; + fu_security_attr_new; local: *; } LIBFWUPDPLUGIN_1.8.3; diff --git a/libfwupdplugin/meson.build b/libfwupdplugin/meson.build index aa5357fb2..873c2e72d 100644 --- a/libfwupdplugin/meson.build +++ b/libfwupdplugin/meson.build @@ -51,6 +51,7 @@ fwupdplugin_src = [ 'fu-plugin.c', 'fu-quirks.c', # fuzzing 'fu-progress.c', # fuzzing + 'fu-security-attr.c', # fuzzing 'fu-security-attrs.c', 'fu-smbios.c', # fuzzing 'fu-srec-firmware.c', # fuzzing @@ -153,6 +154,7 @@ fwupdplugin_headers = [ 'fu-io-channel.h', 'fu-plugin.h', 'fu-quirks.h', + 'fu-security-attr.h', 'fu-security-attrs.h', 'fu-progress.h', 'fu-smbios.h', diff --git a/plugins/acpi-dmar/fu-plugin-acpi-dmar.c b/plugins/acpi-dmar/fu-plugin-acpi-dmar.c index eb597d452..71f6458ee 100644 --- a/plugins/acpi-dmar/fu-plugin-acpi-dmar.c +++ b/plugins/acpi-dmar/fu-plugin-acpi-dmar.c @@ -25,8 +25,7 @@ fu_plugin_acpi_dmar_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_PREBOOT_DMA_PROTECTION); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_PREBOOT_DMA_PROTECTION); fu_security_attrs_append(attrs, attr); /* load DMAR table */ diff --git a/plugins/acpi-facp/fu-plugin-acpi-facp.c b/plugins/acpi-facp/fu-plugin-acpi-facp.c index b329a215f..b977608e5 100644 --- a/plugins/acpi-facp/fu-plugin-acpi-facp.c +++ b/plugins/acpi-facp/fu-plugin-acpi-facp.c @@ -13,7 +13,6 @@ static void fu_plugin_acpi_facp_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) { - FwupdBiosAttr *bios_attr; g_autofree gchar *fn = NULL; g_autofree gchar *path = NULL; g_autoptr(FuAcpiFacp) facp = NULL; @@ -22,8 +21,7 @@ fu_plugin_acpi_facp_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) g_autoptr(GError) error_local = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SUSPEND_TO_IDLE); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_SUSPEND_TO_IDLE); fu_security_attrs_append(attrs, attr); /* load FACP table */ @@ -42,14 +40,8 @@ fu_plugin_acpi_facp_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) return; } - /* BIOS knob used on Lenovo systems */ - bios_attr = - fu_context_get_bios_attr(fu_plugin_get_context(plugin), "com.thinklmi.SleepState"); - if (bios_attr != NULL) { - fwupd_security_attr_set_bios_attr_id(attr, fwupd_bios_attr_get_id(bios_attr)); - /* options are usually "Linux" (S3) or "Windows" (s2idle) */ - fu_bios_attr_set_preferred_value(bios_attr, "windows"); - } + /* options are usually "Linux" (S3) or "Windows" (s2idle) */ + fu_security_attr_add_bios_target_value(attr, "com.thinklmi.SleepState", "windows"); if (!fu_acpi_facp_get_s2i(facp)) { fwupd_security_attr_set_result(attr, FWUPD_SECURITY_ATTR_RESULT_NOT_ENABLED); diff --git a/plugins/acpi-ivrs/fu-plugin-acpi-ivrs.c b/plugins/acpi-ivrs/fu-plugin-acpi-ivrs.c index 0ca5e545b..167542f51 100644 --- a/plugins/acpi-ivrs/fu-plugin-acpi-ivrs.c +++ b/plugins/acpi-ivrs/fu-plugin-acpi-ivrs.c @@ -26,8 +26,7 @@ fu_plugin_acpi_ivrs_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_PREBOOT_DMA_PROTECTION); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_PREBOOT_DMA_PROTECTION); fu_security_attrs_append(attrs, attr); /* load IVRS table */ diff --git a/plugins/bios/fu-plugin-bios.c b/plugins/bios/fu-plugin-bios.c index 477909011..bd9b3113f 100644 --- a/plugins/bios/fu-plugin-bios.c +++ b/plugins/bios/fu-plugin-bios.c @@ -62,8 +62,7 @@ fu_plugin_bios_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_UEFI_SECUREBOOT); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_UEFI_SECUREBOOT); fu_security_attrs_append(attrs, attr); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_RUNTIME_ISSUE); diff --git a/plugins/cpu/fu-cpu-device.c b/plugins/cpu/fu-cpu-device.c index ba0552938..cdc41c101 100644 --- a/plugins/cpu/fu-cpu-device.c +++ b/plugins/cpu/fu-cpu-device.c @@ -298,9 +298,8 @@ fu_cpu_device_add_security_attrs_intel_cet_enabled(FuCpuDevice *self, FuSecurity g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_CET_ENABLED); - fwupd_security_attr_set_plugin(attr, fu_device_get_plugin(FU_DEVICE(self))); - fwupd_security_attr_add_guids(attr, fu_device_get_guids(FU_DEVICE(self))); + attr = + fu_device_security_attr_new(FU_DEVICE(self), FWUPD_SECURITY_ATTR_ID_INTEL_CET_ENABLED); fu_security_attrs_append(attrs, attr); /* check for CET */ @@ -329,9 +328,8 @@ fu_cpu_device_add_security_attrs_intel_cet_active(FuCpuDevice *self, FuSecurityA return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_CET_ACTIVE); - fwupd_security_attr_set_plugin(attr, fu_device_get_plugin(FU_DEVICE(self))); - fwupd_security_attr_add_guids(attr, fu_device_get_guids(FU_DEVICE(self))); + attr = + fu_device_security_attr_new(FU_DEVICE(self), FWUPD_SECURITY_ATTR_ID_INTEL_CET_ACTIVE); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_RUNTIME_ISSUE); fu_security_attrs_append(attrs, attr); @@ -361,9 +359,7 @@ fu_cpu_device_add_security_attrs_intel_tme(FuCpuDevice *self, FuSecurityAttrs *a g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); - fwupd_security_attr_set_plugin(attr, fu_device_get_plugin(FU_DEVICE(self))); - fwupd_security_attr_add_guids(attr, fu_device_get_guids(FU_DEVICE(self))); + attr = fu_device_security_attr_new(FU_DEVICE(self), FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); fu_security_attrs_append(attrs, attr); /* check for TME */ @@ -383,9 +379,7 @@ fu_cpu_device_add_security_attrs_intel_smap(FuCpuDevice *self, FuSecurityAttrs * g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_SMAP); - fwupd_security_attr_set_plugin(attr, fu_device_get_plugin(FU_DEVICE(self))); - fwupd_security_attr_add_guids(attr, fu_device_get_guids(FU_DEVICE(self))); + attr = fu_device_security_attr_new(FU_DEVICE(self), FWUPD_SECURITY_ATTR_ID_INTEL_SMAP); fu_security_attrs_append(attrs, attr); /* check for SMEP and SMAP */ @@ -404,10 +398,7 @@ fu_cpu_device_add_supported_cpu_attribute(FuCpuDevice *self, FuSecurityAttrs *at { g_autoptr(FwupdSecurityAttr) attr = NULL; - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SUPPORTED_CPU); - fwupd_security_attr_set_plugin(attr, fu_device_get_plugin(FU_DEVICE(self))); - fwupd_security_attr_add_guids(attr, fu_device_get_guids(FU_DEVICE(self))); - + attr = fu_device_security_attr_new(FU_DEVICE(self), FWUPD_SECURITY_ATTR_ID_SUPPORTED_CPU); switch (fu_cpu_get_vendor()) { case FU_CPU_VENDOR_INTEL: case FU_CPU_VENDOR_AMD: diff --git a/plugins/intel-spi/fu-intel-spi-device.c b/plugins/intel-spi/fu-intel-spi-device.c index d517d195e..8d3fa37d3 100644 --- a/plugins/intel-spi/fu-intel-spi-device.c +++ b/plugins/intel-spi/fu-intel-spi-device.c @@ -214,9 +214,7 @@ fu_intel_spi_device_add_security_attrs(FuDevice *device, FuSecurityAttrs *attrs) g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SPI_DESCRIPTOR); - fwupd_security_attr_set_plugin(attr, fu_device_get_plugin(FU_DEVICE(self))); - fwupd_security_attr_add_guids(attr, fu_device_get_guids(device)); + attr = fu_device_security_attr_new(device, FWUPD_SECURITY_ATTR_ID_SPI_DESCRIPTOR); fu_security_attrs_append(attrs, attr); /* check for read access from other regions */ diff --git a/plugins/iommu/fu-plugin-iommu.c b/plugins/iommu/fu-plugin-iommu.c index b6e146cf5..b987b9b85 100644 --- a/plugins/iommu/fu-plugin-iommu.c +++ b/plugins/iommu/fu-plugin-iommu.c @@ -45,12 +45,10 @@ static void fu_plugin_iommu_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) { FuPluginData *priv = fu_plugin_get_data(plugin); - const gchar *iommu_attributes[] = {"AmdVt", "IOMMU", "VtForDirectIo", NULL}; g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_IOMMU); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_IOMMU); fu_security_attrs_append(attrs, attr); if (priv == NULL) { @@ -58,16 +56,10 @@ fu_plugin_iommu_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) return; } - for (guint i = 0; iommu_attributes[i] != NULL; i++) { - FwupdBiosAttr *bios_attr = - fu_context_get_bios_attr(fu_plugin_get_context(plugin), iommu_attributes[i]); - if (bios_attr != NULL) { - fwupd_security_attr_set_bios_attr_id(attr, - fwupd_bios_attr_get_id(bios_attr)); - fu_bios_attr_set_preferred_value(bios_attr, "enable"); - break; - } - } + fu_security_attr_add_bios_target_value(attr, "AmdVt", "enable"); + fu_security_attr_add_bios_target_value(attr, "IOMMU", "enable"); + fu_security_attr_add_bios_target_value(attr, "VtForDirectIo", "enable"); + if (!priv->has_iommu) { fwupd_security_attr_set_result(attr, FWUPD_SECURITY_ATTR_RESULT_NOT_FOUND); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_ACTION_CONTACT_OEM); diff --git a/plugins/linux-lockdown/fu-plugin-linux-lockdown.c b/plugins/linux-lockdown/fu-plugin-linux-lockdown.c index 130dbaf39..c7895d0ff 100644 --- a/plugins/linux-lockdown/fu-plugin-linux-lockdown.c +++ b/plugins/linux-lockdown/fu-plugin-linux-lockdown.c @@ -128,8 +128,7 @@ fu_plugin_linux_lockdown_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *a g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_KERNEL_LOCKDOWN); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_KERNEL_LOCKDOWN); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_RUNTIME_ISSUE); fu_security_attrs_append(attrs, attr); diff --git a/plugins/linux-sleep/fu-plugin-linux-sleep.c b/plugins/linux-sleep/fu-plugin-linux-sleep.c index d1b273de5..a79301611 100644 --- a/plugins/linux-sleep/fu-plugin-linux-sleep.c +++ b/plugins/linux-sleep/fu-plugin-linux-sleep.c @@ -18,8 +18,7 @@ fu_plugin_linux_sleep_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attr g_autoptr(GFile) file = g_file_new_for_path("/sys/power/mem_sleep"); /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SUSPEND_TO_RAM); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_SUSPEND_TO_RAM); fu_security_attrs_append(attrs, attr); /* load file */ diff --git a/plugins/linux-swap/fu-plugin-linux-swap.c b/plugins/linux-swap/fu-plugin-linux-swap.c index a5a325fda..b98c3b288 100644 --- a/plugins/linux-swap/fu-plugin-linux-swap.c +++ b/plugins/linux-swap/fu-plugin-linux-swap.c @@ -86,8 +86,7 @@ fu_plugin_linux_swap_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_KERNEL_SWAP); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_KERNEL_SWAP); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_RUNTIME_ISSUE); fu_security_attrs_append(attrs, attr); diff --git a/plugins/linux-tainted/fu-plugin-linux-tainted.c b/plugins/linux-tainted/fu-plugin-linux-tainted.c index fc0e9214c..536427796 100644 --- a/plugins/linux-tainted/fu-plugin-linux-tainted.c +++ b/plugins/linux-tainted/fu-plugin-linux-tainted.c @@ -73,8 +73,7 @@ fu_plugin_linux_tainted_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *at g_autoptr(GError) error_local = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_KERNEL_TAINTED); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_KERNEL_TAINTED); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_RUNTIME_ISSUE); fu_security_attrs_append(attrs, attr); diff --git a/plugins/msr/fu-plugin-msr.c b/plugins/msr/fu-plugin-msr.c index 6106ccdaa..afee75874 100644 --- a/plugins/msr/fu-plugin-msr.c +++ b/plugins/msr/fu-plugin-msr.c @@ -313,8 +313,7 @@ fu_plugin_add_security_attr_dci_enabled(FuPlugin *plugin, FuSecurityAttrs *attrs return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_ENABLED); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_ENABLED); if (device != NULL) fwupd_security_attr_add_guids(attr, fu_device_get_guids(device)); fu_security_attrs_append(attrs, attr); @@ -355,8 +354,7 @@ fu_plugin_add_security_attr_intel_tme_enabled(FuPlugin *plugin, FuSecurityAttrs /* create attr (which should already have been created in the cpu plugin) */ attr = fu_security_attrs_get_by_appstream_id(attrs, FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); if (attr == NULL) { - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); fu_security_attrs_append(attrs, attr); } @@ -403,8 +401,7 @@ fu_plugin_add_security_attr_dci_locked(FuPlugin *plugin, FuSecurityAttrs *attrs) return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_LOCKED); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_LOCKED); if (device != NULL) fwupd_security_attr_add_guids(attr, fu_device_get_guids(device)); fu_security_attrs_append(attrs, attr); @@ -479,8 +476,7 @@ fu_plugin_add_security_attr_amd_sme_enabled(FuPlugin *plugin, FuSecurityAttrs *a return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); if (device != NULL) fwupd_security_attr_add_guids(attr, fu_device_get_guids(device)); fu_security_attrs_append(attrs, attr); diff --git a/plugins/pci-bcr/fu-plugin-pci-bcr.c b/plugins/pci-bcr/fu-plugin-pci-bcr.c index 56252e6a6..3b2405e70 100644 --- a/plugins/pci-bcr/fu-plugin-pci-bcr.c +++ b/plugins/pci-bcr/fu-plugin-pci-bcr.c @@ -85,8 +85,7 @@ fu_plugin_add_security_attr_bioswe(FuPlugin *plugin, FuSecurityAttrs *attrs) g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SPI_BIOSWE); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_SPI_BIOSWE); if (msf_device != NULL) fwupd_security_attr_add_guids(attr, fu_device_get_guids(msf_device)); fu_security_attrs_append(attrs, attr); @@ -123,8 +122,7 @@ fu_plugin_add_security_attr_ble(FuPlugin *plugin, FuSecurityAttrs *attrs) g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SPI_BLE); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_SPI_BLE); if (msf_device != NULL) fwupd_security_attr_add_guids(attr, fu_device_get_guids(msf_device)); fu_security_attrs_append(attrs, attr); @@ -160,8 +158,7 @@ fu_plugin_add_security_attr_smm_bwp(FuPlugin *plugin, FuSecurityAttrs *attrs) g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SPI_SMM_BWP); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_SPI_SMM_BWP); if (msf_device != NULL) fwupd_security_attr_add_guids(attr, fu_device_get_guids(msf_device)); fu_security_attrs_append(attrs, attr); diff --git a/plugins/pci-mei/fu-plugin-pci-mei.c b/plugins/pci-mei/fu-plugin-pci-mei.c index c4fed1868..5200f26cc 100644 --- a/plugins/pci-mei/fu-plugin-pci-mei.c +++ b/plugins/pci-mei/fu-plugin-pci-mei.c @@ -243,8 +243,7 @@ fu_plugin_add_security_attrs_manufacturing_mode(FuPlugin *plugin, FuSecurityAttr g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_MEI_MANUFACTURING_MODE); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_MEI_MANUFACTURING_MODE); fu_security_attrs_append(attrs, attr); /* not enabled */ @@ -281,8 +280,7 @@ fu_plugin_add_security_attrs_override_strap(FuPlugin *plugin, FuSecurityAttrs *a g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_MEI_OVERRIDE_STRAP); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_MEI_OVERRIDE_STRAP); fu_security_attrs_append(attrs, attr); /* not enabled */ @@ -319,8 +317,7 @@ fu_plugin_add_security_attrs_bootguard_enabled(FuPlugin *plugin, FuSecurityAttrs g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_ENABLED); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_ENABLED); fu_security_attrs_append(attrs, attr); /* not enabled */ @@ -360,8 +357,7 @@ fu_plugin_add_security_attrs_bootguard_verified(FuPlugin *plugin, FuSecurityAttr g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_VERIFIED); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_VERIFIED); fu_security_attrs_append(attrs, attr); /* not enabled */ @@ -407,8 +403,7 @@ fu_plugin_add_security_attrs_bootguard_acm(FuPlugin *plugin, FuSecurityAttrs *at g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_ACM); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_ACM); fu_security_attrs_append(attrs, attr); /* not enabled */ @@ -454,8 +449,7 @@ fu_plugin_add_security_attrs_bootguard_policy(FuPlugin *plugin, FuSecurityAttrs g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_POLICY); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_POLICY); fu_security_attrs_append(attrs, attr); /* not enabled */ @@ -501,8 +495,7 @@ fu_plugin_add_security_attrs_bootguard_otp(FuPlugin *plugin, FuSecurityAttrs *at g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_OTP); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_OTP); fu_security_attrs_append(attrs, attr); /* not enabled */ @@ -559,8 +552,7 @@ fu_plugin_add_security_attrs_mei_version(FuPlugin *plugin, FuSecurityAttrs *attr g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_MEI_VERSION); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_MEI_VERSION); fu_security_attrs_append(attrs, attr); /* not enabled */ diff --git a/plugins/pci-psp/fu-plugin-pci-psp.c b/plugins/pci-psp/fu-plugin-pci-psp.c index d48e51f15..7a6fecf40 100644 --- a/plugins/pci-psp/fu-plugin-pci-psp.c +++ b/plugins/pci-psp/fu-plugin-pci-psp.c @@ -54,13 +54,11 @@ fu_plugin_pci_psp_get_attr(FwupdSecurityAttr *attr, static void fu_plugin_add_security_attrs_tsme(FuPlugin *plugin, const gchar *path, FuSecurityAttrs *attrs) { - FwupdBiosAttr *bios_attr; g_autoptr(FwupdSecurityAttr) attr = NULL; g_autoptr(GError) error_local = NULL; gboolean val; - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); - fwupd_security_attr_set_plugin(attr, "pci_psp"); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM); fu_security_attrs_append(attrs, attr); if (!fu_plugin_pci_psp_get_attr(attr, path, "tsme_status", &val, &error_local)) { @@ -69,11 +67,7 @@ fu_plugin_add_security_attrs_tsme(FuPlugin *plugin, const gchar *path, FuSecurit } /* BIOS knob used on Lenovo systems */ - bios_attr = fu_context_get_bios_attr(fu_plugin_get_context(plugin), "com.thinklmi.TSME"); - if (bios_attr != NULL) { - fwupd_security_attr_set_bios_attr_id(attr, fwupd_bios_attr_get_id(bios_attr)); - fu_bios_attr_set_preferred_value(bios_attr, "enable"); - } + fu_security_attr_add_bios_target_value(attr, "com.thinklmi.TSME", "enable"); if (!val) { fwupd_security_attr_set_result(attr, FWUPD_SECURITY_ATTR_RESULT_NOT_ENCRYPTED); @@ -87,14 +81,13 @@ fu_plugin_add_security_attrs_tsme(FuPlugin *plugin, const gchar *path, FuSecurit } static void -fu_plugin_add_security_attrs_fused_part(const gchar *path, FuSecurityAttrs *attrs) +fu_plugin_add_security_attrs_fused_part(FuPlugin *plugin, const gchar *path, FuSecurityAttrs *attrs) { g_autoptr(FwupdSecurityAttr) attr = NULL; g_autoptr(GError) error_local = NULL; gboolean val; - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_PLATFORM_FUSED); - fwupd_security_attr_set_plugin(attr, "pci_psp"); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_PLATFORM_FUSED); fu_security_attrs_append(attrs, attr); if (!fu_plugin_pci_psp_get_attr(attr, path, "fused_part", &val, &error_local)) { @@ -115,14 +108,15 @@ fu_plugin_add_security_attrs_fused_part(const gchar *path, FuSecurityAttrs *attr } static void -fu_plugin_add_security_attrs_debug_locked_part(const gchar *path, FuSecurityAttrs *attrs) +fu_plugin_add_security_attrs_debug_locked_part(FuPlugin *plugin, + const gchar *path, + FuSecurityAttrs *attrs) { g_autoptr(FwupdSecurityAttr) attr = NULL; g_autoptr(GError) error_local = NULL; gboolean val; - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_LOCKED); - fwupd_security_attr_set_plugin(attr, "pci_psp"); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_LOCKED); fu_security_attrs_append(attrs, attr); if (!fu_plugin_pci_psp_get_attr(attr, path, "debug_lock_on", &val, &error_local)) { @@ -143,14 +137,15 @@ fu_plugin_add_security_attrs_debug_locked_part(const gchar *path, FuSecurityAttr } static void -fu_plugin_add_security_attrs_rollback_protection(const gchar *path, FuSecurityAttrs *attrs) +fu_plugin_add_security_attrs_rollback_protection(FuPlugin *plugin, + const gchar *path, + FuSecurityAttrs *attrs) { g_autoptr(FwupdSecurityAttr) attr = NULL; g_autoptr(GError) error_local = NULL; gboolean val; - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_AMD_ROLLBACK_PROTECTION); - fwupd_security_attr_set_plugin(attr, "pci_psp"); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_AMD_ROLLBACK_PROTECTION); fu_security_attrs_append(attrs, attr); if (!fu_plugin_pci_psp_get_attr(attr, path, "anti_rollback_status", &val, &error_local)) { @@ -170,15 +165,14 @@ fu_plugin_add_security_attrs_rollback_protection(const gchar *path, FuSecurityAt } static void -fu_plugin_add_security_attrs_rom_armor(const gchar *path, FuSecurityAttrs *attrs) +fu_plugin_add_security_attrs_rom_armor(FuPlugin *plugin, const gchar *path, FuSecurityAttrs *attrs) { g_autoptr(FwupdSecurityAttr) attr = NULL; g_autoptr(GError) error_local = NULL; gboolean val; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_AMD_SPI_WRITE_PROTECTION); - fwupd_security_attr_set_plugin(attr, "pci_psp"); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_AMD_SPI_WRITE_PROTECTION); fu_security_attrs_append(attrs, attr); if (!fu_plugin_pci_psp_get_attr(attr, path, "rom_armor_enforced", &val, &error_local)) { @@ -199,15 +193,15 @@ fu_plugin_add_security_attrs_rom_armor(const gchar *path, FuSecurityAttrs *attrs } static void -fu_plugin_add_security_attrs_rpmc(const gchar *path, FuSecurityAttrs *attrs) +fu_plugin_add_security_attrs_rpmc(FuPlugin *plugin, const gchar *path, FuSecurityAttrs *attrs) { g_autoptr(FwupdSecurityAttr) attr = NULL; g_autoptr(GError) error_local = NULL; gboolean val; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_AMD_SPI_REPLAY_PROTECTION); - fwupd_security_attr_set_plugin(attr, "pci_psp"); + attr = + fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_AMD_SPI_REPLAY_PROTECTION); fu_security_attrs_append(attrs, attr); if (!fu_plugin_pci_psp_get_attr(attr, path, "rpmc_spirom_available", &val, &error_local)) { @@ -242,12 +236,11 @@ fu_plugin_add_security_attrs_rpmc(const gchar *path, FuSecurityAttrs *attrs) } static void -fu_plugin_pci_psp_set_missing_data(FuSecurityAttrs *attrs) +fu_plugin_pci_psp_set_missing_data(FuPlugin *plugin, FuSecurityAttrs *attrs) { g_autoptr(FwupdSecurityAttr) attr = NULL; - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_SUPPORTED_CPU); - fwupd_security_attr_set_plugin(attr, "pci_psp"); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_SUPPORTED_CPU); fwupd_security_attr_add_obsolete(attr, "cpu"); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_MISSING_DATA); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_ACTION_CONTACT_OEM); @@ -271,16 +264,16 @@ fu_plugin_pci_psp_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) test_file = g_build_filename(sysfs_path, "tsme_status", NULL); } if (sysfs_path == NULL || !g_file_test(test_file, G_FILE_TEST_EXISTS)) { - fu_plugin_pci_psp_set_missing_data(attrs); + fu_plugin_pci_psp_set_missing_data(plugin, attrs); return; } fu_plugin_add_security_attrs_tsme(plugin, sysfs_path, attrs); - fu_plugin_add_security_attrs_fused_part(sysfs_path, attrs); - fu_plugin_add_security_attrs_debug_locked_part(sysfs_path, attrs); - fu_plugin_add_security_attrs_rollback_protection(sysfs_path, attrs); - fu_plugin_add_security_attrs_rpmc(sysfs_path, attrs); - fu_plugin_add_security_attrs_rom_armor(sysfs_path, attrs); + fu_plugin_add_security_attrs_fused_part(plugin, sysfs_path, attrs); + fu_plugin_add_security_attrs_debug_locked_part(plugin, sysfs_path, attrs); + fu_plugin_add_security_attrs_rollback_protection(plugin, sysfs_path, attrs); + fu_plugin_add_security_attrs_rpmc(plugin, sysfs_path, attrs); + fu_plugin_add_security_attrs_rom_armor(plugin, sysfs_path, attrs); } void diff --git a/plugins/tpm/fu-plugin-tpm.c b/plugins/tpm/fu-plugin-tpm.c index ba136cfd7..599ea966a 100644 --- a/plugins/tpm/fu-plugin-tpm.c +++ b/plugins/tpm/fu-plugin-tpm.c @@ -119,8 +119,7 @@ fu_plugin_tpm_add_security_attr_version(FuPlugin *plugin, FuSecurityAttrs *attrs g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_TPM_VERSION_20); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_TPM_VERSION_20); fu_security_attrs_append(attrs, attr); /* check exists, and in v2.0 mode */ @@ -155,8 +154,7 @@ fu_plugin_tpm_add_security_attr_eventlog(FuPlugin *plugin, FuSecurityAttrs *attr return; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_TPM_RECONSTRUCTION_PCR0); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_TPM_RECONSTRUCTION_PCR0); fwupd_security_attr_add_guids(attr, fu_device_get_guids(priv->tpm_device)); fu_security_attrs_append(attrs, attr); @@ -217,8 +215,7 @@ fu_plugin_tpm_add_security_attr_empty(FuPlugin *plugin, FuSecurityAttrs *attrs) return; /* add attributes */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_TPM_EMPTY_PCR); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_TPM_EMPTY_PCR); fwupd_security_attr_add_guids(attr, fu_device_get_guids(priv->tpm_device)); fu_security_attrs_append(attrs, attr); diff --git a/plugins/uefi-capsule/fu-plugin-uefi-capsule.c b/plugins/uefi-capsule/fu-plugin-uefi-capsule.c index e956c3bb2..11c361bae 100644 --- a/plugins/uefi-capsule/fu-plugin-uefi-capsule.c +++ b/plugins/uefi-capsule/fu-plugin-uefi-capsule.c @@ -181,21 +181,16 @@ fu_plugin_uefi_capsule_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *att g_autoptr(GError) error = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_UEFI_SECUREBOOT); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_UEFI_SECUREBOOT); fu_security_attrs_append(attrs, attr); /* SB not available or disabled */ if (!fu_efivar_secure_boot_enabled(&error)) { - FwupdBiosAttr *bios_attr; if (g_error_matches(error, FWUPD_ERROR, FWUPD_ERROR_NOT_SUPPORTED)) { fwupd_security_attr_set_result(attr, FWUPD_SECURITY_ATTR_RESULT_NOT_FOUND); return; } - bios_attr = fu_context_get_bios_attr(fu_plugin_get_context(plugin), "SecureBoot"); - if (bios_attr != NULL) - fwupd_security_attr_set_bios_attr_id(attr, - fwupd_bios_attr_get_id(bios_attr)); + fu_security_attr_add_bios_target_value(attr, "SecureBoot", "enable"); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_RUNTIME_ISSUE); fwupd_security_attr_add_flag(attr, FWUPD_SECURITY_ATTR_FLAG_ACTION_CONFIG_FW); fwupd_security_attr_set_result(attr, FWUPD_SECURITY_ATTR_RESULT_NOT_ENABLED); diff --git a/plugins/uefi-pk/fu-plugin-uefi-pk.c b/plugins/uefi-pk/fu-plugin-uefi-pk.c index c3398e13e..f026f3178 100644 --- a/plugins/uefi-pk/fu-plugin-uefi-pk.c +++ b/plugins/uefi-pk/fu-plugin-uefi-pk.c @@ -177,8 +177,7 @@ fu_plugin_uefi_pk_add_security_attrs(FuPlugin *plugin, FuSecurityAttrs *attrs) g_autoptr(FwupdSecurityAttr) attr = NULL; /* create attr */ - attr = fwupd_security_attr_new(FWUPD_SECURITY_ATTR_ID_UEFI_PK); - fwupd_security_attr_set_plugin(attr, fu_plugin_get_name(plugin)); + attr = fu_plugin_security_attr_new(plugin, FWUPD_SECURITY_ATTR_ID_UEFI_PK); if (msf_device != NULL) fwupd_security_attr_add_guids(attr, fu_device_get_guids(msf_device)); fu_security_attrs_append(attrs, attr); diff --git a/po/POTFILES.in b/po/POTFILES.in index 812bd26ea..b34f029a1 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -12,7 +12,7 @@ src/fu-main.c src/fu-offline.c src/fu-progressbar.c src/fu-remote-list.c -src/fu-security-attr.c +src/fu-security-attr-common.c src/fu-tool.c src/fu-util.c src/fu-util-bios-attr.c diff --git a/src/fu-engine.c b/src/fu-engine.c index c1cd8fb62..3b9965dca 100644 --- a/src/fu-engine.c +++ b/src/fu-engine.c @@ -56,7 +56,7 @@ #include "fu-plugin-private.h" #include "fu-release.h" #include "fu-remote-list.h" -#include "fu-security-attr.h" +#include "fu-security-attr-common.h" #include "fu-security-attrs-private.h" #include "fu-udev-device-private.h" #include "fu-version.h" diff --git a/src/fu-history.c b/src/fu-history.c index 40f90c021..6c2d10b42 100644 --- a/src/fu-history.c +++ b/src/fu-history.c @@ -20,7 +20,7 @@ #include "fu-device-private.h" #include "fu-history.h" #include "fu-mutex.h" -#include "fu-security-attr.h" +#include "fu-security-attr-common.h" #define FU_HISTORY_CURRENT_SCHEMA_VERSION 8 diff --git a/src/fu-security-attr.c b/src/fu-security-attr-common.c similarity index 99% rename from src/fu-security-attr.c rename to src/fu-security-attr-common.c index 4dd4a01fe..958cd8059 100644 --- a/src/fu-security-attr.c +++ b/src/fu-security-attr-common.c @@ -11,7 +11,7 @@ #include "fwupd-security-attr-private.h" -#include "fu-security-attr.h" +#include "fu-security-attr-common.h" #include "fu-security-attrs-private.h" gchar * diff --git a/src/fu-security-attr.h b/src/fu-security-attr-common.h similarity index 100% rename from src/fu-security-attr.h rename to src/fu-security-attr-common.h diff --git a/src/fu-self-test.c b/src/fu-self-test.c index c60ed848f..7dfb10dac 100644 --- a/src/fu-self-test.c +++ b/src/fu-self-test.c @@ -28,7 +28,7 @@ #include "fu-plugin-private.h" #include "fu-progressbar.h" #include "fu-release-common.h" -#include "fu-security-attr.h" +#include "fu-security-attr-common.h" #include "fu-smbios-private.h" #include "fu-spawn.h" diff --git a/src/fu-tool.c b/src/fu-tool.c index 0d34b5440..b2811f794 100644 --- a/src/fu-tool.c +++ b/src/fu-tool.c @@ -36,7 +36,7 @@ #include "fu-hwids.h" #include "fu-plugin-private.h" #include "fu-progressbar.h" -#include "fu-security-attr.h" +#include "fu-security-attr-common.h" #include "fu-security-attrs-private.h" #include "fu-smbios-private.h" #include "fu-util-bios-attr.h" diff --git a/src/fu-util-common.c b/src/fu-util-common.c index b43d6a933..e5f4be4a9 100644 --- a/src/fu-util-common.c +++ b/src/fu-util-common.c @@ -26,7 +26,7 @@ #endif #include "fu-device-private.h" -#include "fu-security-attr.h" +#include "fu-security-attr-common.h" #include "fu-util-common.h" #ifdef HAVE_SYSTEMD diff --git a/src/meson.build b/src/meson.build index 288c90e4d..692831806 100644 --- a/src/meson.build +++ b/src/meson.build @@ -46,7 +46,7 @@ daemon_src = [ 'fu-keyring-utils.c', 'fu-plugin-list.c', 'fu-remote-list.c', - 'fu-security-attr.c', + 'fu-security-attr-common.c', ] + systemd_src if gudev.found() @@ -84,7 +84,7 @@ fwupdmgr = executable( 'fu-util.c', 'fu-history.c', 'fu-progressbar.c', - 'fu-security-attr.c', + 'fu-security-attr-common.c', 'fu-util-bios-attr.c', 'fu-util-common.c', client_src, @@ -126,7 +126,7 @@ fwupdoffline = executable( 'fu-history.c', 'fu-offline.c', 'fu-spawn.c', - 'fu-security-attr.c', + 'fu-security-attr-common.c', 'fu-util-common.c', systemd_src ],