proxmox-mirrors/fwupd
1
0
Fork 0
mirror of https://git.proxmox.com/git/fwupd synced 2025-05-30 06:36:22 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,374 Commits 1 Branch 0 Tags 24 MiB
cf9ebdb703
Go to file
Richard Hughes cf9ebdb703 Add startup profiling functionality 
Using `sudo FWUPD_PROFILE=10 ./src/fwupd --verbose` will print a
dump of startup times onto the console so that we can debug which
plugin is slowing down system startup. For example:

    ../src/fu-engine.c:5409:plugins-coldplug [108.55ms]:
        ../plugins/amt/fu-plugin-amt.c:437:amt [27.14ms]:
            :create-context [12.66ms]
            :get-version [8.44ms]
            :add-device [3.95ms]
2022-06-14 22:08:02 +01:00
.circleci Attempt to fix CircleCI build issues 2022-06-06 09:31:34 +01:00
.github trivial: fix publishing of docker containers 2022-06-13 06:56:35 -05:00
.tx Rename the development branch from master to main 2021-09-24 14:20:24 -05:00
contrib Remove fu_i2c_device_read_full() 2022-06-14 14:36:52 -05:00
data trivial: join Corsair KATAR PRO Wireles tests (#4715) 2022-06-07 19:05:35 +03:00
docs Add startup profiling functionality 2022-06-14 22:08:02 +01:00
libfwupd trivial: Add some self tests for fwupd_device_incorporate() 2022-06-14 21:01:57 +01:00
libfwupdplugin Add startup profiling functionality 2022-06-14 22:08:02 +01:00
plugins Remove duplicate ->probe() calls to speed up startup by 150ms 2022-06-14 21:01:57 +01:00
po Release fwupd 1.8.1 2022-05-27 12:09:19 +01:00
policy trivial: switch from meson.source_root to meson.project_source_root 2022-02-28 08:34:48 -06:00
snap Remove gtkdoc build option 2022-06-11 21:26:46 +01:00
src Add startup profiling functionality 2022-06-14 22:08:02 +01:00
subprojects Switch the Windows installer from NSIS to MSI 2022-05-09 15:49:40 +01:00
.clang-format Add protobuf support to clang-format 2021-08-29 20:33:16 +01:00
.editorconfig Release fwupd 1.5.1 2020-11-02 14:52:43 +00:00
.git-blame-ignore-revs trivial: ignore commits for tree wide changes 2021-08-24 11:18:40 -05:00
.gitconfig trivial: ignore commits for tree wide changes 2021-08-24 11:18:40 -05:00
.gitignore trivial: ignore rej files 2022-04-14 10:30:54 -05:00
.gitmodules contrib: Adjust flatpak build for moving to flathub 2018-11-01 06:51:23 -05:00
.markdownlint.json trivial: fix anchors for markdown 2021-10-21 11:48:25 -05:00
.pre-commit-config.yaml trivial: bump python black version to fix CI 2022-03-29 16:03:52 -05:00
AUTHORS Add initial build files and enough code to launch a simple D-Bus daemon 2015-02-26 18:16:40 +00:00
CODE_OF_CONDUCT.md Create CODE_OF_CONDUCT.md 2017-09-12 15:26:14 +01:00
COMMITMENT Add COMMITMENT file as part of GPL Common Cure Rights Commitment 2018-06-18 16:09:54 +01:00
CONTRIBUTING.md trivial: make contrib/reformat-code.py easier to use 2021-07-30 06:42:57 -05:00
COPYING Adjust all licensing to LGPL 2.1+ (Closes: #526) 2018-05-29 09:03:13 +01:00
MAINTAINERS trivial: Add me to maintainers 2021-04-09 16:02:20 +01:00
meson_options.txt Remove gtkdoc build option 2022-06-11 21:26:46 +01:00
meson_post_install.sh trivial: remove unused variable for post install script 2021-08-18 07:58:17 -05:00
meson.build Remove gtkdoc build option 2022-06-11 21:26:46 +01:00
README.md Port from LGTM to CodeQL 2022-04-05 14:45:42 +01:00
RELEASE trivial: post release version bump 2022-05-27 12:16:46 +01:00
SECURITY.md Make the security policy reflect reality 2022-04-25 18:14:14 +01:00

README.md

fwupd

Build Status CodeQL Coverity Scan Build Status Fuzzing Status CircleCI

This project aims to make updating firmware on Linux automatic, safe and reliable.

Additional information is available at the website.

Where to get help?

  • GitHub issues & discussions in this repository
  • Libera IRC channel #fwupd. You can join through Libera's IRC or via the IRC bridge on Matrix.

Compiling

The most up to date compilation instructions are available in the Wiki.

NOTE: In most cases end users should never compile fwupd from scratch; it's a complicated project with dozens of dependencies (and as many configuration options) and there's just too many things that can go wrong.

Users should just have fwupd installed and updated by their distro, managed and tested by the package maintainer. The distribution will have also done some testing with how fwupd interacts with other software on your system, for instance using GNOME Software.

Installing fwupd using Snap or using Flatpak might be useful to update a specific device on the command line that needs a bleeding edge fwupd version, but it should not be considered as a replacement to the distro-provided system version.

LVFS

This project is configured by default to download firmware from the Linux Vendor Firmware Service (LVFS).

This service is available to all OEMs and firmware creators who would like to make their firmware available to Linux users.

You can find more information about the technical details of creating a firmware capsule in the hardware vendors section of the fwupd website.

Basic usage flow (command line)

If you have a device with firmware supported by fwupd, this is how you will check for updates and apply them using fwupd's command line tools.

# fwupdmgr get-devices

This will display all devices detected by fwupd.

# fwupdmgr refresh

This will download the latest metadata from LVFS.

# fwupdmgr get-updates

If updates are available for any devices on the system, they'll be displayed.

# fwupdmgr update

This will download and apply all updates for your system.

  • Updates that can be applied live will be done immediately.
  • Updates that run at bootup will be staged for the next reboot.

You can find more information about the update workflow in the end users section of the fwupd website.

Reporting status

fwupd will encourage users to report both successful and failed updates back to LVFS. This is an optional feature, but encouraged as it provides valuable feedback to LVFS administrators and OEM developers regarding firmware update process efficacy.

The privacy policy regarding this data can be viewed on the fwupd website.

To report the status of an update run:

# fwupdmgr report-history

Only updates that were distributed from the LVFS will be reported to the LVFS.

Enterprise use

The flow of updates can be controlled in the enterprise using the "approved updates" feature. This allows the domain administrator to filter the possible updates from a central server (e.g. the LVFS, or a mirror) to only firmware that have been tested specifically in your organization.

The list of approved updates can be enabled by adding ApprovalRequired=true to the remote configuration file, e.g. lvfs.conf. Once enabled, the list of approved updates can be set in daemon.conf using a comma delimited list.

For example:

ApprovedFirmware=foo,bar

Where foo,bar refers to the container checksums that would correspond to two updates in the metadata file.

Additionally, the list of approved firmware can be supplemented using fwupdmgr set-approved-firmware baz or using the D-Bus interface.

Local metadata

Local metadata can be saved in /var/lib/fwupd/local.d or /usr/share/fwupd/local.d which are scanned at daemon startup. This can be used to add site-specific BKC tags to existing metadata stores. For instance:

<?xml version='1.0' encoding='utf-8'?>
<components origin="mycompanyname">
  <component merge="append">
    <provides>
      <firmware>3ef35d3b-ceeb-5e27-8c0a-ac25f90367ab</firmware>
      <firmware>2ef35d3b-ceeb-5e27-8c0a-ac25f90367ac</firmware>
      <firmware>1ef35d3b-ceeb-5e27-8c0a-ac25f90367ad</firmware>
    </provides>
    <releases>
      <release version="225.53.1649"/>
      <release version="224.48.1605"/>
    </releases>
    <tags>
      <tag>mycompanyname-2022q1</tag>
    </tags>
  </component>
</components>

This then appears when getting the releases for that specific GUID:

fwupdmgr get-releases --json 3ef35d3b-ceeb-5e27-8c0a-ac25f90367ab
{
  "Releases" : [
    {
      ...
      "Version" : "225.53.1649",
      "Tags" : [
        "mycompanyname-2022q1"
      ],
      ...
    },
    {
      ...
      "Version" : "224.48.1605",
      "Tags" : [
        "mycompanyname-2022q1"
      ],
      ...
    },
    {
      ...
      "Version" : "224.45.1389",
      ...
    }
  ]
}

Other frontends

  1. GNOME Software is the graphical frontend available. When compiled with firmware support, it will check for updates periodically and automatically download firmware in the background. After the firmware has been downloaded a popup will be displayed in GNOME Software to perform the update.

  2. KDE Discover is the software center, generally bundled with KDE Plasma. With the release of KDE Plasma 5.14, a new fwupd backend has been implemented in KDE Discover for firmware updates. These firmware updates are shown with other system updates.

  3. Wyse Management Suite A software suite available on Dell IoT gateways and Wyse thin clients with built-in fwupd support. The remote administration interface can be used to download and deploy firmware updates.

Fuzzing

There are several automated fuzzing tests in fwupd. These take some time to run:

CC=hfuzz-clang meson --default-library=static \
    -Dudevdir=/tmp -Dsystemd_root_prefix=/tmp \
    -Dplugin_redfish=disabled -Dcurl=disabled \
    -Dintrospection=false ../
ninja install
ninja fuzz-firmware
ninja fuzz-tpm-eventlog