Commit Graph

7617 Commits

Author SHA1 Message Date
Mario Limonciello
e07eb9afab trivial: pci-psp: Link FwupdBiosAttr to FwupdSecurityAttr when TSME off
Lenovo Z13 offers a BIOS setting called "TSME" that can be potentially
controlled from firmware-attributes API.
2022-07-29 11:31:50 -05:00
Mario Limonciello
64df25d0e7 iommu: map out the known BIOS attributes for IOMMU
This will let fwupd clients offer to change the BIOS setting for
IOMMU.

"IOMMU" -> Lenovo P620
"VtForDirectIo" -> Dell XPS 9310
"AmdVt" -> Lenovo P14s
2022-07-29 11:31:50 -05:00
Mario Limonciello
803967289c uefi-capsule: Set FwupdBiosAttr ID for when secure boot is turned off
Lenovo and Dell both use the same key name 'SecureBoot' for this
functionality.
2022-07-29 11:31:50 -05:00
Mario Limonciello
aa1e321f6e Add support for including a FwupdBiosAttr ID in FwupdSecurityAttr
This can allow clients to let users correct problems found on their
systems.
2022-07-29 11:31:50 -05:00
Mario Limonciello
c0b0a77e21 trivial: make the lenovo plugin only look for thinklmi attributes
This ensures that even if Dell introduces a BootOrderLock attribute
it will not match.
2022-07-29 11:31:50 -05:00
Mario Limonciello
7660222240 Add a unique identifier to all BIOSAttr objects
This identifier can be used by plugins or the daemon to disambiguate
behavior between two different drivers.

Set it up so that plugins don't NEED to use it, but optionally can
find attributes by either name or ID
2022-07-29 11:31:50 -05:00
Richard Hughes
3b80e1f305 Check files are not missing from POTFILES.in during precommit 2022-07-29 17:17:55 +01:00
Richard Hughes
c611e9f37e Use -Db_sanitize=address,undefined in Fedora CI
This would have caught the recent memory corruption automatically.
2022-07-29 17:09:50 +01:00
Richard Hughes
47efacfe5d Remove the firmware builder functionality
We used the firmware builder functionality to either build or modify
firmware images on the end-user system, e.g. copying the MAC address
from the old system image to the new system image.

Unfortunately running fwupd on the command line (e.g. ./src/fwupd)
leaves the tty connected and thus bubblewrap doesn't protect us from
installing malicious signed firmware. The firmware would have to have
been uploaded to the LVFS by a trusted vendor and signed before being
installed, which further decreases the severity of this problem.

As there was only one vendor who asked for this functionality (who have
yet to upload a single firmware to the LVFS...) just rip out this
functionality to reduce our attack surface and completely fix the bug,
and any like it.

Many thanks to Aaron Janse <aaron@ajanse.me> for discovering and
disclosing this issue to us.
2022-07-29 16:52:38 +01:00
Piotr Drąg
d320fe17f7 Update POTFILES.in 2022-07-29 09:58:59 -05:00
Richard Hughes
93266d36be Fix a crash when parsing an empty BIOS attribute 2022-07-29 12:57:35 +01:00
Richard Hughes
4a78fed13c trivial: Check input parameters to fu_strsplit() 2022-07-29 12:57:35 +01:00
Ivan Mikhanchuk
c14129a149 modem-manager: add Quectel secure boot status AT commands 2022-07-29 09:32:56 +01:00
Mario Limonciello
f755f55e4c lenovo-thinklmi: convert to use new firmware attributes API 2022-07-28 17:30:57 -05:00
Mario Limonciello
5ded4f44fe Add support for reading and writing firmware attributes
This support is comprehensive:
 * Client library support
 * Daemon support
 * plugin support
 * Client tool support (with new commands)
2022-07-28 17:30:57 -05:00
Mario Limonciello
9289e7d817 trivial: set firwmare attributes class directory for all tests
We don't want the system's firmware attributes class directory to
conflict.
2022-07-28 17:30:57 -05:00
Richard Hughes
a307f60984 trivial: Show what the user should do for IOMMU failure 2022-07-28 16:45:13 +01:00
Richard Hughes
829258401e Allow plugins and backends to print debugging information to the console
This is really useful for debugging.
2022-07-28 16:10:06 +01:00
Richard Hughes
3092afb9fa trivial: Include the new 'leak' sanitizer in the opt-out list 2022-07-28 13:12:55 +01:00
Richard Hughes
646afd164b Fix meson dist with -Dgresource_quirks=enabled
Fixes https://github.com/fwupd/fwupd/issues/4874
2022-07-28 13:12:46 +01:00
Benson Leung
21b7506b4c cros-ec: Add Prism board
Fixes #4872
2022-07-28 07:05:56 +01:00
Mario Limonciello
17c636686d trivial: libfwupd: move some duplicated code to fwupd-common
Several of the string/integer/time functions are duplicated in multiple
source files for no discernable reason.  Move them into fwupd-common
as private symbols instead.
2022-07-26 20:11:23 +01:00
Richard Hughes
8ba0f7d895 trivial: Fix logic issues to return attr descriptions 2022-07-26 14:30:48 +01:00
Richard Hughes
93a162397c trivial: Ensure HSI attributes are fixed-up when returned as history 2022-07-26 14:30:48 +01:00
Ryan
61a2bead81 ccgx:add new dock to the quirk file 2022-07-26 11:49:52 +01:00
Richard Hughes
dc25187059 Add a title and long translated description for security attributes
We need these in at least two projects (gnome-control-center, cockpit)
and it makes sense to store these where we define the new IDs.
2022-07-26 11:47:27 +01:00
Richard Hughes
b6ad1f248e trivial: Use fu_bytes_new_offset() in more places 2022-07-25 17:07:33 +01:00
Richard Hughes
0e74b89282 trivial: Enable fatal-criticals harder when fuzzing 2022-07-25 17:07:33 +01:00
Richard Hughes
66532a1293 trivial: Make fuzzing less verbose 2022-07-25 17:07:33 +01:00
Richard Hughes
9188060ce2 trivial: Reduce the debug output when fuzzing
At the moment the log is ~150,000 lines, and quite a bit of CPU time is
being spent just generating ignored XML for successful runs.
2022-07-25 17:07:33 +01:00
rrbq
ebd3143cdb Make host-emulate/meson.build compatible with Busybox
Busybox only supports the short option '-k'. (#4866)

Using this instead of '--keep' allows fwupd to be built on systems like Alpine Linux where /bin/gzip is supplied by Busybox.
2022-07-24 16:35:45 +01:00
Mario Limonciello
4a02a154fe trivial: don't use /proc/self/exe on Windows
Fixes: #4864
2022-07-24 09:27:16 -05:00
Mario Limonciello
98cd40e09a trivial: shuffle the order of contrib/setup
By pre-commit getting setup early we were installing markdown and
meson into the virtual environment.  This might not be a bad thing
if we encouraged virtual environments for development, but we don't.
2022-07-23 14:01:31 -05:00
Mario Limonciello
1addd4d045 trivial: fixup setup helpers to install right version of meson
if meson wasn't installed by pip it won't have a version string
2022-07-23 14:01:31 -05:00
Bruno Pagani
757b03998c contrib/ci: do not upgrade Arch continuously
`yu` was added in 014e5526ff to solve cache issues.

But since then several other invocations of pacman have been added and doing so constantly is pointless, as you are unlikely to see new upgrades while the CI is running (and it might not be desired either). It also breaks testing older versions of fwupd as seen in GH-4860. So upgrade only once at the beginning and keep installing from the same cache afterwards.
2022-07-23 09:49:55 -05:00
Richard Hughes
ef079609bc trivial: post release version bump 2022-07-22 10:59:14 +01:00
Richard Hughes
5caaf461a8 Release fwupd 1.8.3 2022-07-22 10:50:25 +01:00
Richard Hughes
f0980cbdda logitech-hidpp: Lower a debug level when updating the Bolt radio 2022-07-21 21:27:24 +01:00
Richard Hughes
8dc50c086f Fix a crash when a peripheral uses _USE_PARENT_FOR_BATTERY
Call the parent class method to avoid getting stuck in a recursive loop
which eventually causes the daemon to segfault.
2022-07-21 21:27:24 +01:00
Richard Hughes
74e9b04b39 trivial: Return a more invalid value if FWUPD_IS_DEVICE() fails
We don't want to return something that's actually the initial value.
2022-07-21 21:27:24 +01:00
Richard Hughes
ac3f7f5521 trivial: Add some checks when adding children and setting the parent 2022-07-21 21:27:24 +01:00
Richard Hughes
22a94e3bfe trivial: Fix a small memory leak when making a request 2022-07-21 21:27:24 +01:00
Richard Hughes
1d590bb32a trivial: Fix a thinko when waiting for acquiesce
Of course, the timeout has to be restarted after a qualifying hotplug event...
2022-07-21 17:19:21 +01:00
Richard Hughes
f4c0c7fe01 corsair: Fix two g_prefix_error() typos 2022-07-21 15:28:24 +01:00
Richard Hughes
b8a5f4945f corsair: trivial: Do not set the physical ID, as it's also set by _add_child() 2022-07-21 15:28:24 +01:00
Richard Hughes
b507f3af59 corsair: trivial: Style fix 2022-07-21 15:28:24 +01:00
Richard Hughes
470258ac24 corsair: Use hex format constants
This means it's easier to match up with the verbose logs.
2022-07-21 15:28:24 +01:00
Richard Hughes
221238b4c0 trivial: Allow each device to specify a different acquiesce delay
Different device classes may need different values, and these may need
modifying by quirks. Also use 50ms to flush out any pending events.
2022-07-21 15:27:04 +01:00
Richard Hughes
4f9b455880 Add UDev devices to the _REQUIRES_ACQUIESCE opt-in 2022-07-21 15:27:04 +01:00
Richard Hughes
027a75a146 Wait for system acquiesce when installing each device of composite firmware
This makes installing firmware onto docks a bit less confusing.
2022-07-21 15:27:04 +01:00