Some devices (e.g. Wacom, DFU and SuperIO) require the device to be in
'bootloader' mode before the device checksums can be populated.
Rather than each plugin handle both the open()->detach()->detach()->close()
sequence handle this in the plugin loader. It's not super-easy to do the right
thing for the failure case, and having two new dedicated vfuncs makes it a lot
simpler.
I'm not sure why we can't just use SIO_LDNxx_IDX_CHIPID1, but lets do the same
as the vendor tool in case there is a good reason that I don't know about.
Some system firmware helpfully 'deduplicate' the boot loader entries based on
the filepath, without taking into account either the label or optional data.
This means we have to use a custom copy of shim for firmware updates.
There are a lot of failures in the LVFS with 'device version not updated on
success' and this is because we were looking at the original FuDevice, rather
than the FuDevice that came back after the bootloader replug phase.
Before doing the check get the new FuDevice to prevent failing the check with
a false positive.
This ensures the certificate is always present even before the user has
generated a report or manually signed test data.
Also, if the GnuTLS version is too old just log a message and continue.
* Move all the data under a new top-level "packages" key
* Add an empty "trusted_certs" key - our binaries do not do any
further verification with an embedded key.
On some hardware the SHA1 checksum is not set and so we want to use the SHA256
hash value as well.
The LVFS doesn't currently read the ChecksumDevice value and so nothing will
explode serverside when changing this type from 'string' to 'array of strings'.
The offline updates environment is special, and we have to be careful to delete
the trigger before doing anything that can fail to avoid boot loops.
For this reason, split it out to a simple self-contained binary that is easy to
understand.
If another offline update task is run at the same time, e.g. pk-offline-update
from PackageKit then we might corrupt the package database when the client
D-Bus request times out.
Copy the fixes from PackageKit so that the offline updates work together.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1685471
For my future self, to debug the fwupd.shutdown activation failure, you can do:
mount /dev/sdc1 /mnt
/usr/libexec/fwupd/fwupdtool activate --verbose &> /mnt/log.txt
umount /dev/sdc1
...where /dev/sdc1 is an attached FAT32-formatted USB drive.
