The systemd shutdown script gets called after /snap/fwupd/* gets
unmounted meaning it can't be used to do the activation.
Explicitly check that the symlink for /snap/fwupd/current is mounted
when calling the script.
* Move all the data under a new top-level "packages" key
* Add an empty "trusted_certs" key - our binaries do not do any
further verification with an embedded key.
The offline updates environment is special, and we have to be careful to delete
the trigger before doing anything that can fail to avoid boot loops.
For this reason, split it out to a simple self-contained binary that is easy to
understand.
This currently just outputs the current list of devices with releases and makes
it possible to integrate firmware version reporting with other tools like mgmt.
If a device reports that qmi-pdc is supported (e.g. DW5821e that
supports both fastboot and qmi-pdc), we'll end up first running the
fastboot installation before doing the qmi-pdc installation procedure.
These changes also make sure that the MM device inhibition is kept for
as long as the whole process is ongoing. Only after the last method is
run, the inhibition will be removed.
In order to handle devices being exposed in the system while the MM
inhibition is in place, e.g. to be able to run qmi-pdc after fastboot,
a simple udev based watcher is included, which will take care of
creating the FuMmDevice that is not associated to any modem currently
exposed by MM, but that shares all the details of the original device.
This new logic assumes that the devices don't change their USB layout
during a firmware upgrade, which is not a very good assumption, but it
works for the case at hand. If this is not the case, we may need to
end up doing some custom AT port probing instead of relying on the
original one reported by MM being still valid (note that we don't rely
on the device name, as that may change if some other device is plugged
in the system while we're doing the update, we rely on the USB
interface number).
This is intended for devices that it is not safe to immediately activate
the firmware. It may be called at a more convenient time instead.
Both fwupdmgr and fwupdtool support the feature.
- if called at runtime with fwupdmgr it uses the daemon
- during shutdown fwupdtool uses the pending.db to perform this feature.
For this we need to register as a console application (which fwupdtool is, I
suppose) and also supply a usable icon.
I've used the new GNOME icon theme guidelines so please add a drop shadow
before using: https://gitlab.gnome.org/GNOME/Initiatives/issues/2
The snap build uses xmlb as a subproject. libxmlb actually does
need the uuid-dev dependency.
Resolves this failure:
```
Couldn't use fallback subproject in subprojects/libxmlb for the dependency xmlb
Reason: subprojects/libxmlb/meson.build:107: Native dependency 'uuid' not found
meson.build:158:0: ERROR: Native dependency 'xmlb' not found
```
fwupd installs by default firmware-packager (a python3 script) into
the CrOS image. CrOS does not support python3 interpreter and fails
passing the TestValidInterpreter. Removing this script from the default
installation fixes the issue.
TEST=emerge-sarien fwupd
BUG=chromium:857263,b/121131967
Change-Id: I855c7994fd15faa0ce3d520734537674d7538b4e
This also allows us to write mixed-endian structures and adds tests. As part of
this commit we've also changed the API of something that's not yet been in any
tarball release, so no pitchforks please.
This linker flag is used by Ubuntu by default for packages.
It however doesn't work when compiled with `-Wl,-z,defs` which is
the default behavior since 0e17e6d030.
Recommended-by: Aleksander Morgado <aleksander@aleksander.es>
Signed-off-by: Mario Limonciello <mario.limonciello@dell.com>
Similar to NVME, ATA drives distributed by Dell have special values
that should be used to designate fwupd GUIDs and only run correct
firmware.
When detecting Dell GUIDs remove the standard fwupd GUIDs. "Generic"
firmware targeted to those GUIDs will fail to install.
Some firmware has a different on-device checksum to the hash of the firmware
file itself. This may be because:
* The content is not a binary file, e.g. Intel HEX or SREC
* Only part of the firmware is flashed, e.g. ignoring the bootloader section
* The device checksum is calculated using another method entirely, e.g. PCR0
It's also made complicated as there may be more than one 'correct' device
checksum in some cases, but nothing that a union query can't solve.
We can't actually access the UEFI ROM from userspace, but the PCR0 is a hash
built from the ROM itself. We could use this value to ensure the firmware has
been written correctly, and that the PCR0 matches the expected value specified
in the metadata.
The client uses GObject introspection to use the libfwupd2 library.
The client offers a reduced set of commands, but may be useful in some
environments.
