The coSWID is a child of the parent, and the parent container does not have a
version. Also fix a small memory leak when parsing container formats.
Fixes https://github.com/fwupd/fwupd/issues/4294
the autopkgtest environment in Ubuntu seems to not be preparing the mtdram
device properly. Sometimes the udev node "exists" but the /dev/mtd0 does not
exist.
Look for this explicitly and skip the test if it happens.
It's true that the USB4 spec won't require x86, but a recent autopkgtest
failure on powerpc doesn't make sense to debug. You won't ever see TBT
in a powerpc machine.
We can loosen this to any non-x86 architectures later that DO prove to
have support for USB4 add-in cards.
Add a plugin for supporting Android bootloaders which are used on
all Qualcomm-based Android devices. These bootloaders are stored on
their own partitions and the partition table cannot be altered on
Qualcomm devices. This plugin supports any block device, but only
exposes the ones defined in the quirk file as updatable.
S3 is not supported by AMD and is not exposed in the GUI on these
systems. Lenovo however exports it to their WMI interface and changing
it will means it can only be changed from the OS.
This is being used for other products, e.g. USB4 docks.
If non-Intel firmware is being used (e.g. ASMedia) then the explicit
calls to `fu_intel_thunderbolt_nvm_new()` can be changed to something
like `fu_firmware_new_from_gtypes()` with all the formats listed.
There isn't any reason that we need to have a system advertising a
GUID with `main-system-firmware` in order to check that PCR0 reconstruction
matches what the TPM actually has.
Fixes: #4961
These are currently used interchangeably since there was indecisiveness
which to use as the feature was being developed.
As outward facing it will be named with "settings", change all uses
in the code to match this.
Add the HwId for the Star LabTop Mk III when using coreboot firmware,
as this differs to AMI.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Set BcrAddr to 0x0 for all coreboot devices, so that the check of
BIOS Control is skipped as coreboot won't forcibly set this.
Signed-off-by: Sean Rhodes <sean@starlabs.systems>
Semantically it is the desire of the security attribute, not the bios
attribute, i.e. you could imagine that a specific attribute would have
to be *foo or bar or baz* for HSI-1 and *only foo* for HSI-2
Also make it easier to add possible BIOS attribute target values in
plugin code.
We used the firmware builder functionality to either build or modify
firmware images on the end-user system, e.g. copying the MAC address
from the old system image to the new system image.
Unfortunately running fwupd on the command line (e.g. ./src/fwupd)
leaves the tty connected and thus bubblewrap doesn't protect us from
installing malicious signed firmware. The firmware would have to have
been uploaded to the LVFS by a trusted vendor and signed before being
installed, which further decreases the severity of this problem.
As there was only one vendor who asked for this functionality (who have
yet to upload a single firmware to the LVFS...) just rip out this
functionality to reduce our attack surface and completely fix the bug,
and any like it.
Many thanks to Aaron Janse <aaron@ajanse.me> for discovering and
disclosing this issue to us.
