Upstream tpm2-tss is moving from ibmswtpm to swtpm as the default TPM
simulator. ibmswtpm still works fine and will be kept around for the
foreseeable future, but adapt to the upstream decision in case ibmswtpm should
ever get dropped from the official Arch Linux repositories (currently there are
no plans to do so).
This is installed by default, but means it can be excluded from the minimal
CoreOS image. It's highly unlikely that anything running CoreOS has anything
unlocked that can be flashed using flashrom.
This drops inclusion of dmidecode, libftdi, pciutils-libs and flashrom as hard
dependencies from the package set.
This is installed by default, but means it can be excluded from the minimal
CoreOS image. It's highly unlikely that anything running CoreOS has mobile
broadband hardware attached.
This drops inclusion of libmbim, libqmi and ModemManager-glib as hard
dependencies from the package set.
Newer version of libgusb has g_usb_device_get_configuration_index which
will be used by cros-ec plugin.
Skip bumping this dependency on Debian and Ubuntu as of this commit date,
they don't know about 0.3.5 yet.
This prevents carrying hacks in the packaging specific to CI things
that will never actually land in Debian.
This will keep CI availability high while new packages are not yet
actually landed into Debian.
This resulted in losing g_usb_source_set_callback@LIBGUSB_0.1.0 which causes a
build failure when building gusb as a subproject, and also the little-used
fu_chunk_to_string() from libfwupdplugin.
Signed-off-by: Richard Hughes <richard@hughsie.com>
We ship 4 *tiny* python scripts that are useful for ODMs and other people
working with low level firmware blobs.
These helper utilities do not warrant dragging Python onto the CoreOS image.
This plugin is only enabled when coreboot isn't detected.
It intentionally does not check for EFI to be disabled at startup
since it can also notify the user that UEFI capsule updates are
disabled on the system even if running in UEFI mode.
Introducing newer gusb caused these builds to run gusb as a subproject
and hence the introspection binaries were looked for.
Fixes: cd65ae ("Require libgusb 0.3.3")
The kernel patches are a log way from being upstreamed, so disable this until
there is even a chance the user might be running it.
This removes the obsoletes line from *every* system running 'fwupdmgr security'.
We can read this from userspace even when SB is turned on and with the kernel
locked down. The kernel securityfs patches are still in-progress, but will take
significant time to get upstream.
The kernel patches are needed when the PCI device is hidden from userspace.
