This feature adds support for platform capability BOS descriptors which allows
the device itself to ship quirk data.
Use `sudo fwupdtool get-devices --save-backends=FILENAME` to save fake backend
devices to a file. This allows easy creation of self tests that do not require
physical hardware.
We used the firmware builder functionality to either build or modify
firmware images on the end-user system, e.g. copying the MAC address
from the old system image to the new system image.
Unfortunately running fwupd on the command line (e.g. ./src/fwupd)
leaves the tty connected and thus bubblewrap doesn't protect us from
installing malicious signed firmware. The firmware would have to have
been uploaded to the LVFS by a trusted vendor and signed before being
installed, which further decreases the severity of this problem.
As there was only one vendor who asked for this functionality (who have
yet to upload a single firmware to the LVFS...) just rip out this
functionality to reduce our attack surface and completely fix the bug,
and any like it.
Many thanks to Aaron Janse <aaron@ajanse.me> for discovering and
disclosing this issue to us.
The four commands `get-details`, `install`, `install-blob`, and
`firmware-plugin` use device-id as second command argument but the
fwupdtool bash completion script does not completed it yet.
This calls function `_show_device_ids` to add completion for device-id
if completion the second argument of the commands mention above.
The commands `attach`, `detach`, `activate`, `verify-update`,
`reinstall`, and `get-updates` calls `_show_device_ids` but that
function is not defined in the fwduptool bash-completion script.
This defines the function `_show_device_ids` by reusing the function
of the name in the fwupdmgr bash-completion script.
Fixes:
$ sudo fwupdtool attach
^-- tabulation
bash: _show_device_ids: command not found
In most cases 'fwupdtool firmware-dump' and 'fwupdtool firmware-read'
are going to be the same. This isn't true in all cases, especially when
dealing with composite firmware like archives.
See https://github.com/fwupd/fwupd/pull/4623#issuecomment-1129227133
When developing code it's really convenient to only run the new plugin. This
means you don't have to wait for the other hardware to initialize and there
are no side-effects from other plugins when installing firmware.
You can specify multiple plugins as globs, for instance:
fwupdtool get-devices \
--plugin-whitelist wacom \
--plugin-whitelist "thunderbolt*"
