This allows us to show in the tools if a device is currently affected
by a specific CVE. For instance, we could inform the user that a device
requires a critical firmware update that is being actively exploited.
Note, this also means we can show the user a firmware update is now
required, even though the firmware may not be available on the LVFS.
Also show the issue in the `fwupdmgr security` output, e.g.
There are devices with issues:
Samsung — MZVLB2T0HALB-000L7:
• CVE-2022-12345
• CVE-2022-54321
This adds support for optionally using a UNIX domain socket where a
D-Bus daemon may not be running.
To use this, launch the daemon and clients with something like
`FWUPD_DBUS_SOCKET=/var/run/fwupd.sock fwupdmgr get-devices`
This makes it easier to test the fwupd in the installed tests:
sudo gdbus call --system \
--dest org.freedesktop.fwupd \
--object-path / \
--method org.freedesktop.fwupd.Quit
Merged fu_util_update_all() and fu_util_update_by_id() to simplify the
maintaince work and streamline the flow for consistent behavior across
a normal update for all updatable devices and a small set of chosen
devices.
This commit also added support for specifying mutliple DEVICE-IDs or
GUIDs in a single run, previously error message 'Invalid Argument' is
seen and soon aborted.
At the moment a lot of the failures are only visible when running the
daemon in verbose mode, and the inhibit functionalit provides us a way
to unset FWUPD_DEVICE_FLAG_UPDATABLE from multiple places, as well as
setting the update error for the user to see why.
This should make it so that the message doesn't pop up for someone
who has used udev rules that match permissions to do
```
fwupdtool install-blob --plugins=dfu foo.bin
```
Unless there really was a failure
Decrease the GUsb polling interval when any of the devices is in
`WAIT_FOR_REPLUG` on when running on Windows. Any device that can
re-enumerate much faster than the default 1000ms may be missed and the
detach may fail.
Linux doesn't have this problem as it has `LIBUSB_CAP_HAS_HOTPLUG`.
Now all plugins define custom GTypes in the _init() vfunc, and so
there's no need to actually probe devices to just get access to those.
This means you can get results from `fwupdtool get-firmware-types`
about two orders of magnitude quicker.
We need to load the quirks (respecting NO_CACHE), then load the SMBIOS,
and only then match the hwids using the quick database.
This means we don't get a console warning when using fwupdtool commands
as a non-root user.
This allows us to replace the 'dfu-tool replace' with a much more
controlled 'fwupdtool firmware-patch' command that patches at a set of
specific offsets.
Drop in the new functionality into the existing firmware ->write()
vfuncs so that the image headers, footers and/or checksums are correct.
