This release adds the following features:
diff -Nru fwupd-1.3.9/debian/changelog fwupd-1.3.11/debian/changelog
--- fwupd-1.3.9/debian/changelog 2020-06-09 13:53:33.000000000 +0000
+++ fwupd-1.3.11/debian/changelog 2020-06-18 16:04:18.000000000 +0000
@@ -1,3 +1,34 @@
+fwupd (1.3.11-1~focal1) focal; urgency=medium
+
+ * New upstream stable release: (LP: #1883568)
+ - Actually reload the DFU device after upgrade has completed
+ - Capture the dock SKU in report metadata
+ - Correctly set the Logitech device protocol
+ - Do not use shim for non-secure boot configurations
+ - Ensure that the DeviceID is set for child devices
+ - Fix an error when detaching MSP430
+ - Fix the DeviceID set by GetDetails
+ - Force the prometheus minor version from 0x02 to 0x01 to fix updates
+ - Parse the CSR firmware as a DFU file
+ - Prevent dell-dock updates to occur via synaptics-mst plugin
+ - Rather than hardcoding thunderbolt to PCI slot numbers, use domain in GUID
+ - Remove a dock device from the whitelist that is never going to be updated
+ - Validate that gpgme_op_verify_result() returned at least one signature
+ - Wait for the cxaudio device to reboot after writing firmware
+ - Add more module types for the Dell dock
+ - Fix the TPM PCR0 calculation
+ - Check for free space after cleaning up ESP
+ * Drop following patches, now incorporated upstream:
+ - Thunderbolt: create correct GUID for dual controller devices
+ - CSR: Fix parsing
+ - Motd: Fix refresh target to be network.target
+ - Logitech: Fix error in logs on unsigned devices and set protocol for
+ signed devices properly.
+ - Fix a FTBFS on empty /etc/machine-id in some buildd environments.
+ - CVE-2020-10759
+
+ -- Mario Limonciello Thu, 18 Jun 2020 11:04:18 -0500
+
fwupd (1.3.9-4ubuntu0.1) focal-security; urgency=medium
* SECURITY UPDATE: Signature verification bypass
diff -Nru fwupd-1.3.9/debian/patches/0001-csr-Parse-the-firmware-as-a-DFU-file.patch fwupd-1.3.11/debian/patches/0001-csr-Parse-the-firmware-as-a-DFU-file.patch
--- fwupd-1.3.9/debian/patches/0001-csr-Parse-the-firmware-as-a-DFU-file.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-csr-Parse-the-firmware-as-a-DFU-file.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,38 +0,0 @@
-From 60af4a8bb03566b9747331a76c8f47e81e7cf5fa Mon Sep 17 00:00:00 2001
-From: Richard Hughes
-Date: Sun, 22 Mar 2020 15:58:10 +0000
-Subject: [PATCH] csr: Parse the firmware as a DFU file
-
-This was changed to Intel hex in 7afd7cba0d327b155b2201c9fbb5414ced9cfe06,
-probbaly due to a copy-paste mistake. Change it back to DFU.
-
-Fixes https://github.com/fwupd/fwupd/issues/1890
----
- plugins/csr/fu-csr-device.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/plugins/csr/fu-csr-device.c b/plugins/csr/fu-csr-device.c
-index ea76a062..09161a3f 100644
---- a/plugins/csr/fu-csr-device.c
-+++ b/plugins/csr/fu-csr-device.c
-@@ -10,7 +10,7 @@
-
- #include "fu-chunk.h"
- #include "fu-csr-device.h"
--#include "fu-ihex-firmware.h"
-+#include "fu-dfu-firmware.h"
-
- #include "dfu-common.h"
-
-@@ -426,7 +426,7 @@ fu_csr_device_prepare_firmware (FuDevice *device,
- FwupdInstallFlags flags,
- GError **error)
- {
-- g_autoptr(FuFirmware) firmware = fu_ihex_firmware_new ();
-+ g_autoptr(FuFirmware) firmware = fu_dfu_firmware_new ();
-
- /* parse the file */
- if (!fu_firmware_parse (firmware, fw, flags, error))
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/0001-data-motd-fwupd-refresh-Only-order-after-network.tar.patch fwupd-1.3.11/debian/patches/0001-data-motd-fwupd-refresh-Only-order-after-network.tar.patch
--- fwupd-1.3.9/debian/patches/0001-data-motd-fwupd-refresh-Only-order-after-network.tar.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-data-motd-fwupd-refresh-Only-order-after-network.tar.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,43 +0,0 @@
-From d195cb1af9cd2ed3c289ad477056796f2187cb3c Mon Sep 17 00:00:00 2001
-From: Paul Menzel
-Date: Wed, 1 Apr 2020 13:08:59 +0200
-Subject: [PATCH] data/motd/fwupd-refresh: Only order after network.target
-MIME-Version: 1.0
-Content-Type: text/plain; charset=UTF-8
-Content-Transfer-Encoding: 8bit
-
-From [Lennart’s answer on systemd-devel][1]:
-
-> fwupd.target should not list the various network management solutions,
-> that is unnecessary, and ordering after network.target should be
-> sufficient to achieve the same, in a generic fashion. i.e. network
-> managers should order themselves before network.target, so that
-> ordering yourself after that automatically orders you after all
-> implementations at once...
-
-So, remove the unneeded targets. As the service unit is not
-installed/enabled, and instead called by a timer, the system will most
-probably be online already.
-
-[1]: https://lists.freedesktop.org/archives/systemd-devel/2020-March/044205.html
- "Best practices for starting unit only if network is online"
----
- data/motd/fwupd-refresh.service.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/data/motd/fwupd-refresh.service.in b/data/motd/fwupd-refresh.service.in
-index 8a67a3fd..21bd7896 100644
---- a/data/motd/fwupd-refresh.service.in
-+++ b/data/motd/fwupd-refresh.service.in
-@@ -1,7 +1,7 @@
- [Unit]
- Description=Refresh fwupd metadata and update motd
- Documentation=man:fwupdmgr(1)
--After=network.target network-online.target systemd-networkd.service NetworkManager.service connman.service
-+After=network.target
-
- [Service]
- Type=oneshot
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/0001-fix-fwupd.shutdown.in-according-to-the-movement-of-f.patch fwupd-1.3.11/debian/patches/0001-fix-fwupd.shutdown.in-according-to-the-movement-of-f.patch
--- fwupd-1.3.9/debian/patches/0001-fix-fwupd.shutdown.in-according-to-the-movement-of-f.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-fix-fwupd.shutdown.in-according-to-the-movement-of-f.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,23 +0,0 @@
-From d9597df863ca21e0fb2ff821f0c612e0eb0558b2 Mon Sep 17 00:00:00 2001
-From: Dennis Kadioglu
-Date: Thu, 5 Mar 2020 09:37:56 +0100
-Subject: [PATCH] fix fwupd.shutdown.in according to the movement of fwupdtool
- to bindir
-
----
- data/fwupd.shutdown.in | 2 +-
- 1 file changed, 1 insertion(+), 1 deletion(-)
-
-diff --git a/data/fwupd.shutdown.in b/data/fwupd.shutdown.in
-index 4c027e7a..53b33455 100755
---- a/data/fwupd.shutdown.in
-+++ b/data/fwupd.shutdown.in
-@@ -4,4 +4,4 @@
- [ -f @localstatedir@/lib/fwupd/pending.db ] || exit 0
-
- # activate firmware when we have a read-only filesysten
--@libexecdir@/fwupd/fwupdtool activate
-+@bindir@/fwupdtool activate
---
-2.25.0
-
diff -Nru fwupd-1.3.9/debian/patches/0001-logitech-Correctly-set-the-protocol.patch fwupd-1.3.11/debian/patches/0001-logitech-Correctly-set-the-protocol.patch
--- fwupd-1.3.9/debian/patches/0001-logitech-Correctly-set-the-protocol.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-logitech-Correctly-set-the-protocol.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,33 +0,0 @@
-From 39aa4068ab0284bfc3e9879cf73c1daf2a750446 Mon Sep 17 00:00:00 2001
-From: Mario Limonciello
-Date: Tue, 17 Mar 2020 14:22:14 -0500
-Subject: [PATCH] logitech: Correctly set the protocol
-
-Fixes updates on signed receivers.
----
- plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c | 4 +++-
- 1 file changed, 3 insertions(+), 1 deletion(-)
-
-diff --git a/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c b/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c
-index c82f6e8a..74b8509b 100644
---- a/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c
-+++ b/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c
-@@ -229,6 +229,9 @@ fu_logitech_hidpp_runtime_setup_internal (FuDevice *device, GError **error)
- if ((self->version_bl_major == 0x01 && config[8] >= 0x04) ||
- (self->version_bl_major == 0x03 && config[8] >= 0x02)) {
- self->signed_firmware = TRUE;
-+ fu_device_set_protocol (device, "com.logitech.unifyingsigned");
-+ } else {
-+ fu_device_set_protocol (device, "com.logitech.unifying");
- }
- }
-
-@@ -324,5 +327,4 @@ fu_logitech_hidpp_runtime_init (FuLogitechHidPpRuntime *self)
- fu_device_set_name (FU_DEVICE (self), "Unifying Receiver");
- fu_device_set_summary (FU_DEVICE (self), "A miniaturised USB wireless receiver");
- fu_device_set_remove_delay (FU_DEVICE (self), FU_DEVICE_REMOVE_DELAY_RE_ENUMERATE);
-- fu_device_set_protocol (FU_DEVICE (self), "com.logitech.unifying");
- }
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/0001-logitech_hidpp-set-the-bootloader-protocol.patch fwupd-1.3.11/debian/patches/0001-logitech_hidpp-set-the-bootloader-protocol.patch
--- fwupd-1.3.9/debian/patches/0001-logitech_hidpp-set-the-bootloader-protocol.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-logitech_hidpp-set-the-bootloader-protocol.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,50 +0,0 @@
-From 7512fe10f54273b0c3557732011415db97d9d91a Mon Sep 17 00:00:00 2001
-From: Mario Limonciello
-Date: Tue, 31 Mar 2020 12:33:54 -0500
-Subject: [PATCH] logitech_hidpp: set the bootloader protocol
-
----
- .../logitech-hidpp/fu-logitech-hidpp-bootloader.c | 15 +++++++++++----
- 1 file changed, 11 insertions(+), 4 deletions(-)
-
-diff --git a/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c b/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c
-index 6b32194d..7aad8b9d 100644
---- a/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c
-+++ b/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c
-@@ -217,6 +217,8 @@ static gboolean
- fu_logitech_hidpp_bootloader_set_bl_version (FuLogitechHidPpBootloader *self, GError **error)
- {
- guint16 build;
-+ guint8 major;
-+ guint8 minor;
- g_autofree gchar *version = NULL;
- g_autoptr(FuLogitechHidPpBootloaderRequest) req = fu_logitech_hidpp_bootloader_request_new ();
-
-@@ -231,15 +233,20 @@ fu_logitech_hidpp_bootloader_set_bl_version (FuLogitechHidPpBootloader *self, GE
- * 012345678901234 */
- build = (guint16) fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 10) << 8;
- build += fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 12);
-- version = fu_logitech_hidpp_format_version ("BOT",
-- fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 3),
-- fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 6),
-- build);
-+ major = fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 3);
-+ minor = fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 6);
-+ version = fu_logitech_hidpp_format_version ("BOT", major, minor, build);
- if (version == NULL) {
- g_prefix_error (error, "failed to format firmware version: ");
- return FALSE;
- }
- fu_device_set_version_bootloader (FU_DEVICE (self), version);
-+
-+ if ((major == 0x01 && minor >= 0x04) ||
-+ (major == 0x03 && minor >= 0x02))
-+ fu_device_set_protocol (FU_DEVICE (self), "com.logitech.unifyingsigned");
-+ else
-+ fu_device_set_protocol (FU_DEVICE (self), "com.logitech.unifying");
- return TRUE;
- }
-
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/0001-Revert-thunderbolt-Create-a-unique-GUID-including-Th.patch fwupd-1.3.11/debian/patches/0001-Revert-thunderbolt-Create-a-unique-GUID-including-Th.patch
--- fwupd-1.3.9/debian/patches/0001-Revert-thunderbolt-Create-a-unique-GUID-including-Th.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-Revert-thunderbolt-Create-a-unique-GUID-including-Th.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,76 +0,0 @@
-From 9c022171b101da15f8783a9ca44186deb4fd1a72 Mon Sep 17 00:00:00 2001
-From: Mario Limonciello
-Date: Tue, 24 Mar 2020 14:01:40 -0500
-Subject: [PATCH] Revert "thunderbolt: Create a unique GUID including
- Thunderbolt controller path"
-
-This reverts commit 7e38dffdcbbed046e1e5e6beb6eb3790b9f137ba.
----
- plugins/thunderbolt/README.md | 6 ------
- plugins/thunderbolt/fu-plugin-thunderbolt.c | 12 ------------
- 2 files changed, 18 deletions(-)
-
-diff --git a/plugins/thunderbolt/README.md b/plugins/thunderbolt/README.md
-index 42e31c21..63a2f703 100644
---- a/plugins/thunderbolt/README.md
-+++ b/plugins/thunderbolt/README.md
-@@ -31,12 +31,6 @@ When the device is in "safe mode" the GUID is hardcoded using:
-
- * `TBT-$(vid)$(pid)-native` when native, and `TBT-$(vid)$(pid)` otherwise.
-
--Additionally for host system thunderbolt controllers another GUID is added
--containing the PCI slot designation of the controller. This is intended to be
--used for systems with multiple host controllers to disambiguiate between controllers.
--
--* `TBT-$(vid)$(pid)-native-$(slot)`
--
- Vendor ID Security
- ------------------
-
-diff --git a/plugins/thunderbolt/fu-plugin-thunderbolt.c b/plugins/thunderbolt/fu-plugin-thunderbolt.c
-index d5f838fa..204a7201 100644
---- a/plugins/thunderbolt/fu-plugin-thunderbolt.c
-+++ b/plugins/thunderbolt/fu-plugin-thunderbolt.c
-@@ -282,7 +282,6 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- g_autofree gchar *version = NULL;
- g_autofree gchar *vendor_id = NULL;
- g_autofree gchar *device_id = NULL;
-- g_autofree gchar *device_id_with_path = NULL;
- g_autoptr(FuDevice) dev = NULL;
- g_autoptr(GError) error_vid = NULL;
- g_autoptr(GError) error_did = NULL;
-@@ -359,7 +358,6 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- * so don't try to read a native attribute from their NVM */
- if (is_host && gen < 4) {
- g_autoptr(GError) native_error = NULL;
-- g_autoptr(GUdevDevice) udev_parent = NULL;
- if (!fu_plugin_thunderbolt_is_native (device,
- &is_native,
- &native_error)) {
-@@ -370,14 +368,6 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- fu_plugin_add_report_metadata (plugin,
- "ThunderboltNative",
- is_native ? "True" : "False");
-- udev_parent = g_udev_device_get_parent_with_subsystem (device, "pci", NULL);
-- if (udev_parent != NULL)
-- device_id_with_path = g_strdup_printf ("TBT-%04x%04x%s-%s",
-- (guint) vid,
-- (guint) did,
-- is_native ? "-native" : "",
-- g_udev_device_get_property (udev_parent,
-- "PCI_SLOT_NAME"));
- }
- vendor_id = g_strdup_printf ("TBT:0x%04X", (guint) vid);
- device_id = g_strdup_printf ("TBT-%04x%04x%s",
-@@ -419,8 +409,6 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- fu_device_set_vendor_id (dev, vendor_id);
- if (device_id != NULL)
- fu_device_add_instance_id (dev, device_id);
-- if (device_id_with_path != NULL)
-- fu_device_add_instance_id (dev, device_id_with_path);
- if (version != NULL)
- fu_device_set_version (dev, version, FWUPD_VERSION_FORMAT_PAIR);
- if (is_host)
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/0001-thunderbolt-Rather-than-hardcoding-to-PCI-slot-numbe.patch fwupd-1.3.11/debian/patches/0001-thunderbolt-Rather-than-hardcoding-to-PCI-slot-numbe.patch
--- fwupd-1.3.9/debian/patches/0001-thunderbolt-Rather-than-hardcoding-to-PCI-slot-numbe.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-thunderbolt-Rather-than-hardcoding-to-PCI-slot-numbe.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,77 +0,0 @@
-From 16c7aa9191b8364a9f08aad7c9ab8e5ae8a51976 Mon Sep 17 00:00:00 2001
-From: Mario Limonciello
-Date: Tue, 24 Mar 2020 14:20:43 -0500
-Subject: [PATCH] thunderbolt: Rather than hardcoding to PCI slot numbers, use
- domain in GUID
-
-This allows the PCI topology to change, but assumes that thunderbolt host controllers
-are enumerated in the same order every time.
-It won't matter if the first controller jumped from bus 5 to 7 and consequently the
-second from 65 to 71, but rather that the first was enumerated followed by the second.
----
- plugins/thunderbolt/README.md | 6 ++++++
- plugins/thunderbolt/fu-plugin-thunderbolt.c | 10 ++++++++++
- 2 files changed, 16 insertions(+)
-
-diff --git a/plugins/thunderbolt/README.md b/plugins/thunderbolt/README.md
-index 63a2f703..914257cb 100644
---- a/plugins/thunderbolt/README.md
-+++ b/plugins/thunderbolt/README.md
-@@ -31,6 +31,12 @@ When the device is in "safe mode" the GUID is hardcoded using:
-
- * `TBT-$(vid)$(pid)-native` when native, and `TBT-$(vid)$(pid)` otherwise.
-
-+Additionally for host system thunderbolt controllers another GUID is added
-+containing the domain designation of the controller. This is intended to be
-+used for systems with multiple host controllers to disambiguiate between controllers.
-+
-+* `TBT-$(vid)$(pid)-native-controller$(num)`
-+
- Vendor ID Security
- ------------------
-
-diff --git a/plugins/thunderbolt/fu-plugin-thunderbolt.c b/plugins/thunderbolt/fu-plugin-thunderbolt.c
-index 204a7201..7f468d37 100644
---- a/plugins/thunderbolt/fu-plugin-thunderbolt.c
-+++ b/plugins/thunderbolt/fu-plugin-thunderbolt.c
-@@ -282,6 +282,7 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- g_autofree gchar *version = NULL;
- g_autofree gchar *vendor_id = NULL;
- g_autofree gchar *device_id = NULL;
-+ g_autofree gchar *domain_id = NULL;
- g_autoptr(FuDevice) dev = NULL;
- g_autoptr(GError) error_vid = NULL;
- g_autoptr(GError) error_did = NULL;
-@@ -357,6 +358,7 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- /* USB4 controllers don't have a concept of legacy vs native
- * so don't try to read a native attribute from their NVM */
- if (is_host && gen < 4) {
-+ g_autofree gchar *domain = g_path_get_basename (devpath);
- g_autoptr(GError) native_error = NULL;
- if (!fu_plugin_thunderbolt_is_native (device,
- &is_native,
-@@ -368,6 +370,12 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- fu_plugin_add_report_metadata (plugin,
- "ThunderboltNative",
- is_native ? "True" : "False");
-+ domain_id = g_strdup_printf ("TBT-%04x%04x%s-controller%s",
-+ (guint) vid,
-+ (guint) did,
-+ is_native ? "-native" : "",
-+ domain);
-+
- }
- vendor_id = g_strdup_printf ("TBT:0x%04X", (guint) vid);
- device_id = g_strdup_printf ("TBT-%04x%04x%s",
-@@ -409,6 +417,8 @@ fu_plugin_thunderbolt_add (FuPlugin *plugin, GUdevDevice *device)
- fu_device_set_vendor_id (dev, vendor_id);
- if (device_id != NULL)
- fu_device_add_instance_id (dev, device_id);
-+ if (domain_id != NULL)
-+ fu_device_add_instance_id (dev, domain_id);
- if (version != NULL)
- fu_device_set_version (dev, version, FWUPD_VERSION_FORMAT_PAIR);
- if (is_host)
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/0001-trivial-fix-self-tests-for-empty-etc-machine-id-LP-1.patch fwupd-1.3.11/debian/patches/0001-trivial-fix-self-tests-for-empty-etc-machine-id-LP-1.patch
--- fwupd-1.3.9/debian/patches/0001-trivial-fix-self-tests-for-empty-etc-machine-id-LP-1.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-trivial-fix-self-tests-for-empty-etc-machine-id-LP-1.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,37 +0,0 @@
-From cda3f57a9928ae6ee0870d9543829d864d9e15c9 Mon Sep 17 00:00:00 2001
-From: Mario Limonciello
-Date: Wed, 1 Apr 2020 13:09:52 -0500
-Subject: [PATCH] trivial: fix self tests for empty `/etc/machine-id` (LP:
- #1870051)
-
-This ports the fix https://github.com/hughsie/libjcat/commit/6ac46df8e754006b0e8900e16a8ee6412a8d7360
-from libjcat to fwupd 1_3_X. master is not affected.
----
- src/fu-self-test.c | 4 ++--
- 1 file changed, 2 insertions(+), 2 deletions(-)
-
-diff --git a/src/fu-self-test.c b/src/fu-self-test.c
-index 9438e187..db8bdcd5 100644
---- a/src/fu-self-test.c
-+++ b/src/fu-self-test.c
-@@ -2708,6 +2708,7 @@ static void
- fu_keyring_pkcs7_self_signed_func (gconstpointer user_data)
- {
- #ifdef ENABLE_PKCS7
-+ static const gchar payload_str[] = "Hello, world!";
- gboolean ret;
- g_autoptr(FuKeyring) kr = NULL;
- g_autoptr(FuKeyringResult) kr_result = NULL;
-@@ -2726,8 +2727,7 @@ fu_keyring_pkcs7_self_signed_func (gconstpointer user_data)
- ret = fu_keyring_setup (kr, &error);
- g_assert_no_error (error);
- g_assert_true (ret);
-- payload = fu_common_get_contents_bytes ("/etc/machine-id", &error);
-- g_assert_no_error (error);
-+ payload = g_bytes_new_static (payload_str, sizeof (payload_str));
- g_assert_nonnull (payload);
- signature = fu_keyring_sign_data (kr, payload, FU_KEYRING_SIGN_FLAG_ADD_TIMESTAMP, &error);
- g_assert_no_error (error);
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/0001-uefi-Don-t-use-shim-for-non-secure-boot-configuratio.patch fwupd-1.3.11/debian/patches/0001-uefi-Don-t-use-shim-for-non-secure-boot-configuratio.patch
--- fwupd-1.3.9/debian/patches/0001-uefi-Don-t-use-shim-for-non-secure-boot-configuratio.patch 2020-04-01 18:43:21.000000000 +0000
+++ fwupd-1.3.11/debian/patches/0001-uefi-Don-t-use-shim-for-non-secure-boot-configuratio.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,90 +0,0 @@
-From b09ee7ab3169d3f06050ccfc2c4b330db19d26c0 Mon Sep 17 00:00:00 2001
-From: Mario Limonciello
-Date: Sun, 15 Mar 2020 13:27:25 -0500
-Subject: [PATCH] uefi: Don't use shim for non-secure boot configurations
-
-Since the entry is dynamically created this removes one area that
-can potentially cause failures.
-Helps: #1794
-
-Cherry-picked from 7b866e5f92e2249c9de52b4fcacaa79839aa5c97 with
-slight modifications due to b87d48a042b64c068a2b1c10b91771f733a01d4f
-not being included in 1_3_X branch.
----
- plugins/uefi/fu-uefi-bootmgr.c | 45 ++++++++++++++++++----------------
- 1 file changed, 24 insertions(+), 21 deletions(-)
-
-diff --git a/plugins/uefi/fu-uefi-bootmgr.c b/plugins/uefi/fu-uefi-bootmgr.c
-index a14f647c..f6353b9c 100644
---- a/plugins/uefi/fu-uefi-bootmgr.c
-+++ b/plugins/uefi/fu-uefi-bootmgr.c
-@@ -280,7 +280,8 @@ fu_uefi_bootmgr_bootnext (const gchar *esp_path,
- GError **error)
- {
- const gchar *filepath;
-- gboolean use_fwup_path = FALSE;
-+ gboolean use_fwup_path = TRUE;
-+ gboolean secure_boot = FALSE;
- gsize loader_sz = 0;
- gssize opt_size = 0;
- gssize sz, dp_size = 0;
-@@ -303,34 +304,36 @@ fu_uefi_bootmgr_bootnext (const gchar *esp_path,
- if (source_app == NULL)
- return FALSE;
-
-- /* test to make sure shim is there if we need it */
-- shim_app = fu_uefi_get_esp_app_path (esp_path, "shim", error);
-- if (shim_app == NULL)
-- return FALSE;
-- if (g_file_test (shim_app, G_FILE_TEST_EXISTS)) {
-- /* use a custom copy of shim for firmware updates */
-- if (flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_UNIQUE) {
-- shim_cpy = fu_uefi_get_esp_app_path (esp_path, "shimfwupd", error);
-- if (shim_cpy == NULL)
-- return FALSE;
-- if (!fu_uefi_cmp_asset (shim_app, shim_cpy)) {
-- if (!fu_uefi_copy_asset (shim_app, shim_cpy, error))
-+ /* test if we should use shim */
-+ secure_boot = fu_uefi_secure_boot_enabled ();
-+ if (secure_boot) {
-+ /* test to make sure shim is there if we need it */
-+ shim_app = fu_uefi_get_esp_app_path (esp_path, "shim", error);
-+ if (shim_app == NULL)
-+ return FALSE;
-+
-+ if (g_file_test (shim_app, G_FILE_TEST_EXISTS)) {
-+ /* use a custom copy of shim for firmware updates */
-+ if (flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_UNIQUE) {
-+ shim_cpy = fu_uefi_get_esp_app_path (esp_path, "shimfwupd", error);
-+ if (shim_cpy == NULL)
- return FALSE;
-+ if (!fu_uefi_cmp_asset (shim_app, shim_cpy)) {
-+ if (!fu_uefi_copy_asset (shim_app, shim_cpy, error))
-+ return FALSE;
-+ }
-+ filepath = shim_cpy;
-+ } else {
-+ filepath = shim_app;
- }
-- filepath = shim_cpy;
-- } else {
-- filepath = shim_app;
-- }
-- } else {
-- if (fu_uefi_secure_boot_enabled () &&
-- (flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_FOR_SB) > 0) {
-+ use_fwup_path = FALSE;
-+ } else if ((flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_FOR_SB) > 0) {
- g_set_error_literal (error,
- FWUPD_ERROR,
- FWUPD_ERROR_BROKEN_SYSTEM,
- "Secure boot is enabled, but shim isn't installed to the EFI system partition");
- return FALSE;
- }
-- use_fwup_path = TRUE;
- }
-
- /* test if correct asset in place */
---
-2.25.1
-
diff -Nru fwupd-1.3.9/debian/patches/CVE-2020-10759.patch fwupd-1.3.11/debian/patches/CVE-2020-10759.patch
--- fwupd-1.3.9/debian/patches/CVE-2020-10759.patch 2020-06-09 13:53:27.000000000 +0000
+++ fwupd-1.3.11/debian/patches/CVE-2020-10759.patch 1970-01-01 00:00:00.000000000 +0000
@@ -1,37 +0,0 @@
-From 21f2d12fccef63b8aaa99ec53278ce18250b0444 Mon Sep 17 00:00:00 2001
-From: Richard Hughes
-Date: Thu, 28 May 2020 16:42:18 +0100
-Subject: [PATCH] Validate that gpgme_op_verify_result() returned at least one
- signature
-
-If a detached signature is actually a PGP message, gpgme_op_verify() returns
-the rather perplexing GPG_ERR_NO_ERROR, and then gpgme_op_verify_result()
-builds an empty list.
-
-Explicitly check for no signatures present to avoid returning a FuKeyringResult
-with no timestamp and an empty authority.
-
-Many thanks to Justin Steven for the discovery and
-coordinated disclosure of this issue. Fixes CVE-2020-10759
----
- src/fu-keyring-gpg.c | 7 +++++++
- 1 file changed, 7 insertions(+)
-
-diff --git a/src/fu-keyring-gpg.c b/src/fu-keyring-gpg.c
-index f06449cf2..15d6e2c32 100644
---- a/src/fu-keyring-gpg.c
-+++ b/src/fu-keyring-gpg.c
-@@ -297,6 +297,13 @@ fu_keyring_gpg_verify_data (FuKeyring *keyring,
- "no result record from libgpgme");
- return NULL;
- }
-+ if (result->signatures == NULL) {
-+ g_set_error_literal (error,
-+ FWUPD_ERROR,
-+ FWUPD_ERROR_INTERNAL,
-+ "no signatures from libgpgme");
-+ return NULL;
-+ }
-
- /* look at each signature */
- for (s = result->signatures; s != NULL ; s = s->next ) {
diff -Nru fwupd-1.3.9/debian/patches/series fwupd-1.3.11/debian/patches/series
--- fwupd-1.3.9/debian/patches/series 2020-06-09 13:53:27.000000000 +0000
+++ fwupd-1.3.11/debian/patches/series 2020-06-15 16:55:15.000000000 +0000
@@ -1,11 +1 @@
-0001-fix-fwupd.shutdown.in-according-to-the-movement-of-f.patch
0001-ci-build-Debian-using-libflashrom.patch
-0001-uefi-Don-t-use-shim-for-non-secure-boot-configuratio.patch
-0001-Revert-thunderbolt-Create-a-unique-GUID-including-Th.patch
-0001-thunderbolt-Rather-than-hardcoding-to-PCI-slot-numbe.patch
-0001-csr-Parse-the-firmware-as-a-DFU-file.patch
-0001-data-motd-fwupd-refresh-Only-order-after-network.tar.patch
-0001-logitech-Correctly-set-the-protocol.patch
-0001-logitech_hidpp-set-the-bootloader-protocol.patch
-0001-trivial-fix-self-tests-for-empty-etc-machine-id-LP-1.patch
-CVE-2020-10759.patch
diff -Nru fwupd-1.3.9/.lgtm.yml fwupd-1.3.11/.lgtm.yml
--- fwupd-1.3.9/.lgtm.yml 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/.lgtm.yml 2020-06-18 15:28:45.000000000 +0000
@@ -9,15 +9,14 @@
- libarchive-tools
- libcogl-pango-dev
- python3-pil
+ - python3-pip
+ - python3-setuptools
+ - python3-wheel
- python3-cairo
- libssl-dev
after_prepare:
- - "wget -O libxmlb.zip https://github.com/hughsie/libxmlb/archive/0.1.13.zip"
- - "mkdir -p subprojects/libxmlb"
- - "bsdtar --strip-components=1 -xvf libxmlb.zip -C subprojects/libxmlb"
- - "wget https://download.flashrom.org/releases/flashrom-v1.2.tar.bz2"
- - "mkdir -p subprojects/flashrom"
- - "bsdtar --strip-components=1 -xvf flashrom-v1.2.tar.bz2 -C subprojects/flashrom"
+ - python3 -m pip install --user "meson >= 0.52.0"
+ - export PATH="$HOME/.local/bin:$PATH"
- "cd $LGTM_WORKSPACE"
- "mkdir installdir"
- "wget https://github.com/tpm2-software/tpm2-tss/releases/download/2.3.0/tpm2-tss-2.3.0.tar.gz"
diff -Nru fwupd-1.3.9/libfwupdplugin/fu-device.c fwupd-1.3.11/libfwupdplugin/fu-device.c
--- fwupd-1.3.9/libfwupdplugin/fu-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/libfwupdplugin/fu-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -547,6 +547,9 @@
}
}
+ /* ensure the ID is converted */
+ fu_device_ensure_id (child, NULL);
+
/* ensure the parent is also set on the child */
fu_device_set_parent (child, self);
@@ -1325,6 +1328,22 @@
fwupd_device_set_name (FWUPD_DEVICE (self), new->str);
}
+static gboolean
+fu_device_id_is_valid (const gchar *device_id)
+{
+ if (device_id == NULL)
+ return FALSE;
+ if (strlen (device_id) != 40)
+ return FALSE;
+ for (guint i = 0; device_id[i] != '\0'; i++) {
+ gchar tmp = device_id[i];
+ /* isalnum isn't case specific */
+ if ((tmp < 'a' || tmp > 'f') && (tmp < '0' || tmp > '9'))
+ return FALSE;
+ }
+ return TRUE;
+}
+
/**
* fu_device_set_id:
* @self: A #FuDevice
@@ -1334,9 +1353,9 @@
* device, so that any similar device plugged into a different slot will
* have a different @id string.
*
- * The @id will be converted to a SHA1 hash before the device is added to the
- * daemon, and plugins should not assume that the ID that is set here is the
- * same as what is returned by fu_device_get_id().
+ * The @id will be converted to a SHA1 hash if required before the device is
+ * added to the daemon, and plugins should not assume that the ID that is set
+ * here is the same as what is returned by fu_device_get_id().
*
* Since: 0.7.1
**/
@@ -1349,8 +1368,13 @@
g_return_if_fail (FU_IS_DEVICE (self));
g_return_if_fail (id != NULL);
- id_hash = g_compute_checksum_for_string (G_CHECKSUM_SHA1, id, -1);
- g_debug ("using %s for %s", id_hash, id);
+ /* allow sane device-id to be set directly */
+ if (fu_device_id_is_valid (id)) {
+ id_hash = g_strdup (id);
+ } else {
+ id_hash = g_compute_checksum_for_string (G_CHECKSUM_SHA1, id, -1);
+ g_debug ("using %s for %s", id_hash, id);
+ }
fwupd_device_set_id (FWUPD_DEVICE (self), id_hash);
/* ensure the parent ID is set */
@@ -1848,6 +1872,10 @@
g_autofree gchar *sz = g_strdup_printf ("%" G_GUINT64_FORMAT, priv->size_max);
fu_common_string_append_kv (str, idt + 1, "FirmwareSizeMax", sz);
}
+ if (priv->order > 0)
+ fu_common_string_append_ku (str, idt + 1, "Order", priv->order);
+ if (priv->priority > 0)
+ fu_common_string_append_ku (str, idt + 1, "Priority", priv->priority);
keys = g_hash_table_get_keys (priv->metadata);
for (GList *l = keys; l != NULL; l = l->next) {
const gchar *key = l->data;
diff -Nru fwupd-1.3.9/libfwupdplugin/fu-firmware-image.c fwupd-1.3.11/libfwupdplugin/fu-firmware-image.c
--- fwupd-1.3.9/libfwupdplugin/fu-firmware-image.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/libfwupdplugin/fu-firmware-image.c 2020-06-18 15:28:45.000000000 +0000
@@ -298,7 +298,7 @@
if (priv->addr != 0x0)
fu_common_string_append_kx (str, idt, "Address", priv->addr);
if (priv->version != NULL)
- fu_common_string_append_kv (str, 0, "Version", priv->version);
+ fu_common_string_append_kv (str, idt, "Version", priv->version);
if (priv->bytes != NULL) {
fu_common_string_append_kx (str, idt, "Data",
g_bytes_get_size (priv->bytes));
diff -Nru fwupd-1.3.9/libfwupdplugin/fu-ihex-firmware.c fwupd-1.3.11/libfwupdplugin/fu-ihex-firmware.c
--- fwupd-1.3.9/libfwupdplugin/fu-ihex-firmware.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/libfwupdplugin/fu-ihex-firmware.c 2020-06-18 15:28:45.000000000 +0000
@@ -108,6 +108,8 @@
for (guint ln = 0; lines[ln] != NULL; ln++) {
g_autoptr(FuIhexFirmwareRecord) rcd = NULL;
g_strdelimit (lines[ln], "\r\x1a", '\0');
+ if (lines[ln][0] == '\0')
+ continue;
rcd = fu_ihex_firmware_record_new (ln + 1, lines[ln]);
g_ptr_array_add (self->records, g_steal_pointer (&rcd));
}
diff -Nru fwupd-1.3.9/meson.build fwupd-1.3.11/meson.build
--- fwupd-1.3.9/meson.build 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/meson.build 2020-06-18 15:28:45.000000000 +0000
@@ -1,5 +1,5 @@
project('fwupd', 'c',
- version : run_command('contrib/get-version.py').stdout().strip(),
+ version : '1.3.11',
license : 'LGPL-2.1+',
meson_version : '>=0.47.0',
default_options : ['warning_level=2', 'c_std=c99'],
@@ -9,20 +9,26 @@
varr = fwupd_version.split('.')
fwupd_major_version = varr[0]
fwupd_minor_version = varr[1]
-fwupd_micro_version = varr[2].split('-')[0]
-conf = configuration_data()
+fwupd_micro_version = varr[2]
-if varr[2].contains('-')
- fwupd_dirty_version = varr[2].split('-')[1]
- fwupd_commit = varr[2].split('-')[2]
- conf.set('FWUPD_DIRTY_VERSION', fwupd_dirty_version)
- conf.set_quoted('FWUPD_COMMIT_VERSION', fwupd_commit)
-endif
+conf = configuration_data()
conf.set('FWUPD_MAJOR_VERSION', fwupd_major_version)
conf.set('FWUPD_MINOR_VERSION', fwupd_minor_version)
conf.set('FWUPD_MICRO_VERSION', fwupd_micro_version)
conf.set_quoted('PACKAGE_VERSION', fwupd_version)
+# get source version, falling back to package version
+git = find_program('git', required : false)
+if git.found()
+ source_version = run_command(git, 'describe').stdout().strip()
+ if source_version == ''
+ source_version = fwupd_version
+ endif
+else
+ source_version = fwupd_version
+endif
+conf.set_quoted('SOURCE_VERSION', source_version)
+
# libtool versioning - this applies to libfwupd
#
# See http://sources.redhat.com/autobook/autobook/autobook_91.html#SEC91 for details
diff -Nru fwupd-1.3.9/plugins/csr/fu-csr-device.c fwupd-1.3.11/plugins/csr/fu-csr-device.c
--- fwupd-1.3.9/plugins/csr/fu-csr-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/csr/fu-csr-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -10,7 +10,7 @@
#include "fu-chunk.h"
#include "fu-csr-device.h"
-#include "fu-ihex-firmware.h"
+#include "fu-dfu-firmware.h"
#include "dfu-common.h"
@@ -426,7 +426,7 @@
FwupdInstallFlags flags,
GError **error)
{
- g_autoptr(FuFirmware) firmware = fu_ihex_firmware_new ();
+ g_autoptr(FuFirmware) firmware = fu_dfu_firmware_new ();
/* parse the file */
if (!fu_firmware_parse (firmware, fw, flags, error))
diff -Nru fwupd-1.3.9/plugins/dell/fu-self-test.c fwupd-1.3.11/plugins/dell/fu-self-test.c
--- fwupd-1.3.9/plugins/dell/fu-self-test.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dell/fu-self-test.c 2020-06-18 15:28:45.000000000 +0000
@@ -264,11 +264,8 @@
g_clear_error (&error);
/* test override */
- g_test_expect_message ("FuPluginUefi", G_LOG_LEVEL_WARNING,
- "missing or invalid embedded capsule header");
ret = fu_plugin_runner_update (plugin_uefi, device_v20, blob_fw,
FWUPD_INSTALL_FLAG_FORCE, &error);
- g_test_assert_expected_messages ();
g_assert_no_error (error);
g_assert (ret);
}
diff -Nru fwupd-1.3.9/plugins/dell-dock/dell-dock.quirk fwupd-1.3.11/plugins/dell-dock/dell-dock.quirk
--- fwupd-1.3.9/plugins/dell-dock/dell-dock.quirk 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dell-dock/dell-dock.quirk 2020-06-18 15:28:45.000000000 +0000
@@ -86,7 +86,7 @@
Name = VMM5331 in Dell dock
Summary = Multi Stream Transport controller
Vendor = Dell Inc.
-Plugin = synaptics_mst
+Plugin = dell_dock
ParentGuid = USB\VID_413C&PID_B06E&hub&embedded
Flags = skip-restart,require-ac,dual-image,usable-during-update
FirmwareSize=524288
diff -Nru fwupd-1.3.9/plugins/dell-dock/fu-dell-dock-i2c-ec.c fwupd-1.3.11/plugins/dell-dock/fu-dell-dock-i2c-ec.c
--- fwupd-1.3.9/plugins/dell-dock/fu-dell-dock-i2c-ec.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dell-dock/fu-dell-dock-i2c-ec.c 2020-06-18 15:28:45.000000000 +0000
@@ -100,9 +100,13 @@
} FuDellDockEcQueryEntry;
typedef enum {
- MODULE_TYPE_SINGLE = 1,
- MODULE_TYPE_DUAL,
- MODULE_TYPE_TBT,
+ MODULE_TYPE_45_TBT = 1,
+ MODULE_TYPE_45,
+ MODULE_TYPE_130_TBT,
+ MODULE_TYPE_130_DP,
+ MODULE_TYPE_130_UNIVERSAL,
+ MODULE_TYPE_240_TRIN,
+ MODULE_TYPE_210_DUAL,
} FuDellDockDockModule;
typedef struct __attribute__ ((packed)) {
@@ -181,6 +185,30 @@
return self->symbiote;
}
+const gchar *
+fu_dell_dock_ec_get_module_type (FuDevice *device)
+{
+ FuDellDockEc *self = FU_DELL_DOCK_EC (device);
+ switch (self->data->module_type) {
+ case MODULE_TYPE_45_TBT:
+ return "45 (TBT)";
+ case MODULE_TYPE_45:
+ return "45";
+ case MODULE_TYPE_130_TBT:
+ return "130 (TBT)";
+ case MODULE_TYPE_130_DP:
+ return "130 (DP)";
+ case MODULE_TYPE_130_UNIVERSAL:
+ return "130 (Universal)";
+ case MODULE_TYPE_240_TRIN:
+ return "240 (Trinity)";
+ case MODULE_TYPE_210_DUAL:
+ return "210 (Dual)";
+ default:
+ return "unknown";
+ }
+}
+
gboolean
fu_dell_dock_ec_needs_tbt (FuDevice *device)
{
@@ -188,7 +216,8 @@
gboolean port0_tbt_mode = self->data->port0_dock_status & TBT_MODE_MASK;
/* check for TBT module type */
- if (self->data->module_type != MODULE_TYPE_TBT)
+ if (self->data->module_type != MODULE_TYPE_130_TBT &&
+ self->data->module_type != MODULE_TYPE_45_TBT)
return FALSE;
g_debug ("found thunderbolt dock, port mode: %d", port0_tbt_mode);
@@ -388,7 +417,8 @@
device_entry[i].version.version_8[3]);
g_debug ("\tParsed version %s", self->mst_version);
} else if (map->device_type == FU_DELL_DOCK_DEVICETYPE_TBT &&
- self->data->module_type == MODULE_TYPE_TBT) {
+ (self->data->module_type == MODULE_TYPE_130_TBT ||
+ self->data->module_type == MODULE_TYPE_45_TBT)) {
/* guard against invalid Thunderbolt version read from EC */
if (!fu_dell_dock_test_valid_byte (device_entry[i].version.version_8, 2)) {
g_warning ("[EC bug] EC read invalid Thunderbolt version %08x",
@@ -421,7 +451,8 @@
}
/* Thunderbolt SKU takes a little longer */
- if (self->data->module_type == MODULE_TYPE_TBT) {
+ if (self->data->module_type == MODULE_TYPE_130_TBT ||
+ self->data->module_type == MODULE_TYPE_45_TBT) {
guint64 tmp = fu_device_get_install_duration (device);
fu_device_set_install_duration (device, tmp + 20);
}
@@ -518,9 +549,9 @@
fu_device_add_flag (device, FWUPD_DEVICE_FLAG_UPDATABLE);
} else {
fu_device_add_flag (device, FWUPD_DEVICE_FLAG_NEEDS_ACTIVATION);
- fu_device_set_update_error (device, "An update is pending "
+ fu_device_set_update_error (device, "A pending update will be completed "
"next time the dock is "
- "unplugged");
+ "unplugged from your computer");
}
} else {
g_warning ("This utility does not support this board, disabling updates for %s",
diff -Nru fwupd-1.3.9/plugins/dell-dock/fu-dell-dock-i2c-ec.h fwupd-1.3.11/plugins/dell-dock/fu-dell-dock-i2c-ec.h
--- fwupd-1.3.9/plugins/dell-dock/fu-dell-dock-i2c-ec.h 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dell-dock/fu-dell-dock-i2c-ec.h 2020-06-18 15:28:45.000000000 +0000
@@ -26,6 +26,7 @@
FuDellDockEc *fu_dell_dock_ec_new (FuDevice *symbiote);
+const gchar *fu_dell_dock_ec_get_module_type (FuDevice *device);
gboolean fu_dell_dock_ec_needs_tbt (FuDevice *device);
gboolean fu_dell_dock_ec_tbt_passive (FuDevice *device);
gboolean fu_dell_dock_ec_modify_lock (FuDevice *self,
diff -Nru fwupd-1.3.9/plugins/dell-dock/fu-plugin-dell-dock.c fwupd-1.3.11/plugins/dell-dock/fu-plugin-dell-dock.c
--- fwupd-1.3.9/plugins/dell-dock/fu-plugin-dell-dock.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dell-dock/fu-plugin-dell-dock.c 2020-06-18 15:28:45.000000000 +0000
@@ -171,9 +171,13 @@
{
FuDevice *parent = fu_plugin_dell_dock_get_ec (devices);
gboolean remaining_replug = FALSE;
+ const gchar *sku;
if (parent == NULL)
return TRUE;
+ sku = fu_dell_dock_ec_get_module_type (parent);
+ if (sku != NULL)
+ fu_plugin_add_report_metadata (plugin, "DellDockSKU", sku);
for (guint i = 0; i < devices->len; i++) {
FuDevice *dev = g_ptr_array_index (devices, i);
diff -Nru fwupd-1.3.9/plugins/dfu/dfu-device.c fwupd-1.3.11/plugins/dfu/dfu-device.c
--- fwupd-1.3.9/plugins/dfu/dfu-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dfu/dfu-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -964,6 +964,13 @@
}
static gboolean
+dfu_device_reload (FuDevice *device, GError **error)
+{
+ DfuDevice *self = DFU_DEVICE (device);
+ return dfu_device_refresh_and_clear (self, error);
+}
+
+static gboolean
dfu_device_detach (FuDevice *device, GError **error)
{
DfuDevice *self = DFU_DEVICE (device);
@@ -1731,6 +1738,18 @@
"invalid DFU version");
return FALSE;
}
+ if (g_strcmp0 (key, "DfuForceTimeout") == 0) {
+ guint64 tmp = fu_common_strtoull (value);
+ if (tmp < G_MAXUINT) {
+ priv->timeout_ms = tmp;
+ return TRUE;
+ }
+ g_set_error_literal (error,
+ G_IO_ERROR,
+ G_IO_ERROR_INVALID_DATA,
+ "invalid DFU timeout");
+ return FALSE;
+ }
/* failed */
g_set_error_literal (error,
@@ -1796,6 +1815,7 @@
klass_device->write_firmware = dfu_device_write_firmware;
klass_device->attach = dfu_device_attach;
klass_device->detach = dfu_device_detach;
+ klass_device->reload = dfu_device_reload;
klass_usb_device->open = dfu_device_open;
klass_usb_device->close = dfu_device_close;
klass_usb_device->probe = dfu_device_probe;
diff -Nru fwupd-1.3.9/plugins/dfu/dfu.quirk fwupd-1.3.11/plugins/dfu/dfu.quirk
--- fwupd-1.3.9/plugins/dfu/dfu.quirk 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dfu/dfu.quirk 2020-06-18 15:28:45.000000000 +0000
@@ -325,3 +325,9 @@
# ATxmega32E5 [USER] USER=0x8000
[AvrChipId=0x1e954c]
DfuAltName = @Flash/0x0/1*32Kg
+
+# STM32F745 dfuse bootloader
+[DeviceInstanceId=USB\VID_0483&PID_DF11]
+Plugin = dfu
+DfuForceVersion = 011a
+DfuForceTimeout = 5000
diff -Nru fwupd-1.3.9/plugins/dfu/README.md fwupd-1.3.11/plugins/dfu/README.md
--- fwupd-1.3.9/plugins/dfu/README.md 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/dfu/README.md 2020-06-18 15:28:45.000000000 +0000
@@ -40,3 +40,4 @@
|------------------------|---------------------------------------------|-----------------------|
|`DfuFlags` | Optional quirks for a DFU device which doesn't follow the DFU 1.0 or 1.1 specification | 1.0.1|
|`DfuForceVersion` | Forces a specific DFU version for the hardware device. This is required if the device does not set, or sets incorrectly, items in the DFU functional descriptor. |1.0.1|
+|`DfuForceTimeout` | Forces a specific device timeout, in ms | 1.4.0 |
diff -Nru fwupd-1.3.9/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c fwupd-1.3.11/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c
--- fwupd-1.3.9/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader.c 2020-06-18 15:28:45.000000000 +0000
@@ -217,6 +217,8 @@
fu_logitech_hidpp_bootloader_set_bl_version (FuLogitechHidPpBootloader *self, GError **error)
{
guint16 build;
+ guint8 major;
+ guint8 minor;
g_autofree gchar *version = NULL;
g_autoptr(FuLogitechHidPpBootloaderRequest) req = fu_logitech_hidpp_bootloader_request_new ();
@@ -231,15 +233,20 @@
* 012345678901234 */
build = (guint16) fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 10) << 8;
build += fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 12);
- version = fu_logitech_hidpp_format_version ("BOT",
- fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 3),
- fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 6),
- build);
+ major = fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 3);
+ minor = fu_logitech_hidpp_buffer_read_uint8 ((const gchar *) req->data + 6);
+ version = fu_logitech_hidpp_format_version ("BOT", major, minor, build);
if (version == NULL) {
g_prefix_error (error, "failed to format firmware version: ");
return FALSE;
}
fu_device_set_version_bootloader (FU_DEVICE (self), version);
+
+ if ((major == 0x01 && minor >= 0x04) ||
+ (major == 0x03 && minor >= 0x02))
+ fu_device_set_protocol (FU_DEVICE (self), "com.logitech.unifyingsigned");
+ else
+ fu_device_set_protocol (FU_DEVICE (self), "com.logitech.unifying");
return TRUE;
}
diff -Nru fwupd-1.3.9/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader-texas.c fwupd-1.3.11/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader-texas.c
--- fwupd-1.3.9/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader-texas.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/logitech-hidpp/fu-logitech-hidpp-bootloader-texas.c 2020-06-18 15:28:45.000000000 +0000
@@ -191,8 +191,10 @@
if ((payload->addr + 0x10) % 0x80 == 0 &&
req->cmd != FU_UNIFYING_BOOTLOADER_CMD_WRITE_SIGNATURE) {
guint16 addr_start = payload->addr - (7 * 0x10);
- g_debug ("addr flush @ 0x%04x for 0x%04x",
- payload->addr, addr_start);
+ if (g_getenv ("FWUPD_LOGITECH_HIDPP") != NULL) {
+ g_debug ("addr flush @ 0x%04x for 0x%04x",
+ payload->addr, addr_start);
+ }
if (!fu_logitech_hidpp_bootloader_texas_flash_ram_buffer (self,
addr_start,
error)) {
diff -Nru fwupd-1.3.9/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c fwupd-1.3.11/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c
--- fwupd-1.3.9/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/logitech-hidpp/fu-logitech-hidpp-runtime.c 2020-06-18 15:28:45.000000000 +0000
@@ -229,8 +229,11 @@
if ((self->version_bl_major == 0x01 && config[8] >= 0x04) ||
(self->version_bl_major == 0x03 && config[8] >= 0x02)) {
self->signed_firmware = TRUE;
+ fu_device_set_protocol (device, "com.logitech.unifyingsigned");
}
}
+ if (!self->signed_firmware)
+ fu_device_set_protocol (device, "com.logitech.unifying");
/* enable HID++ notifications */
if (!fu_logitech_hidpp_runtime_enable_notifications (self, error)) {
@@ -324,5 +327,4 @@
fu_device_set_name (FU_DEVICE (self), "Unifying Receiver");
fu_device_set_summary (FU_DEVICE (self), "A miniaturised USB wireless receiver");
fu_device_set_remove_delay (FU_DEVICE (self), FU_DEVICE_REMOVE_DELAY_RE_ENUMERATE);
- fu_device_set_protocol (FU_DEVICE (self), "com.logitech.unifying");
}
diff -Nru fwupd-1.3.9/plugins/synaptics-cxaudio/fu-synaptics-cxaudio-device.c fwupd-1.3.11/plugins/synaptics-cxaudio/fu-synaptics-cxaudio-device.c
--- fwupd-1.3.9/plugins/synaptics-cxaudio/fu-synaptics-cxaudio-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/synaptics-cxaudio/fu-synaptics-cxaudio-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -459,7 +459,7 @@
FuSynapticsCxaudioDevice *self = FU_SYNAPTICS_CXAUDIO_DEVICE (device);
GUsbDevice *usb_device = fu_usb_device_get_dev (FU_USB_DEVICE (device));
FuSynapticsCxaudioEepromCustomInfo cinfo = { 0x0 };
- guint32 addr;
+ guint32 addr = FU_SYNAPTICS_CXAUDIO_EEPROM_CPX_PATCH_VERSION_ADDRESS;
guint8 chip_id_offset = 0x0;
guint8 sigbuf[2] = { 0x0 };
guint8 verbuf_fw[4] = { 0x0 };
@@ -611,8 +611,8 @@
if (!fu_synaptics_cxaudio_device_ensure_patch_level (self, error))
return FALSE;
}
- addr = self->patch_level == 0 ? FU_SYNAPTICS_CXAUDIO_EEPROM_CPX_PATCH_VERSION_ADDRESS :
- FU_SYNAPTICS_CXAUDIO_EEPROM_CPX_PATCH2_VERSION_ADDRESS;
+ if (self->patch_level == 2)
+ addr = FU_SYNAPTICS_CXAUDIO_EEPROM_CPX_PATCH2_VERSION_ADDRESS;
if (!fu_synaptics_cxaudio_device_operation (self,
FU_SYNAPTICS_CXAUDIO_OPERATION_READ,
FU_SYNAPTICS_CXAUDIO_MEM_KIND_EEPROM,
@@ -807,6 +807,7 @@
/* if supported, self reset */
if (self->sw_reset_supported) {
fu_device_set_status (device, FWUPD_STATUS_DEVICE_RESTART);
+ fu_device_add_flag (device, FWUPD_DEVICE_FLAG_WAIT_FOR_REPLUG);
return fu_synaptics_cxaudio_device_reset (self, error);
}
diff -Nru fwupd-1.3.9/plugins/synaptics-mst/fu-synaptics-mst-device.c fwupd-1.3.11/plugins/synaptics-mst/fu-synaptics-mst-device.c
--- fwupd-1.3.9/plugins/synaptics-mst/fu-synaptics-mst-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/synaptics-mst/fu-synaptics-mst-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -996,6 +996,7 @@
const gchar *guid_template;
const gchar *name_parent;
const gchar *name_family;
+ const gchar *plugin;
guint8 buf_ver[16];
/* read vendor ID */
@@ -1085,6 +1086,16 @@
}
fu_device_set_name (FU_DEVICE (self), name);
+ plugin = fu_quirks_lookup_by_id (quirks, group, FU_QUIRKS_PLUGIN);
+ if (plugin != NULL && g_strcmp0 (plugin, "synaptics_mst") != 0) {
+ g_set_error (error,
+ FWUPD_ERROR,
+ FWUPD_ERROR_NOT_SUPPORTED,
+ "%s is only supported by %s",
+ name, plugin);
+ return FALSE;
+ }
+
/* this is a host system, use system ID */
guid_template = fu_quirks_lookup_by_id (quirks, group, "DeviceKind");
name_family = fu_synaptics_mst_family_to_string (self->family);
diff -Nru fwupd-1.3.9/plugins/synaptics-mst/synaptics-mst.quirk fwupd-1.3.11/plugins/synaptics-mst/synaptics-mst.quirk
--- fwupd-1.3.9/plugins/synaptics-mst/synaptics-mst.quirk 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/synaptics-mst/synaptics-mst.quirk 2020-06-18 15:28:45.000000000 +0000
@@ -39,9 +39,6 @@
Name = Dell Rugged Platform
DeviceKind = system
-[SynapticsMSTBoardID=259]
-Name = Dell dock
-
# ThinkPad Workstation Dock
[DeviceInstanceId=MST-tesla-vmm2322-513]
ParentGuid = USB\VID_17EF&PID_305A
diff -Nru fwupd-1.3.9/plugins/synaptics-prometheus/fu-synaprom-device.c fwupd-1.3.11/plugins/synaptics-prometheus/fu-synaprom-device.c
--- fwupd-1.3.9/plugins/synaptics-prometheus/fu-synaprom-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/synaptics-prometheus/fu-synaprom-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -142,6 +142,14 @@
{
g_autofree gchar *str = NULL;
+ /* We decide to skip 10.02.xxxxxx firmware, so we force the minor version from 0x02
+ ** to 0x01 to make the devices with 0x02 minor version firmware allow to be updated
+ ** back to minor version 0x01. */
+ if (vmajor == 0x0a && vminor == 0x02) {
+ g_debug ("quirking vminor from %02x to 01", vminor);
+ vminor = 0x01;
+ }
+
/* set display version */
str = g_strdup_printf ("%02u.%02u.%u", vmajor, vminor, buildnum);
fu_device_set_version (FU_DEVICE (self), str, FWUPD_VERSION_FORMAT_TRIPLET);
diff -Nru fwupd-1.3.9/plugins/thunderbolt/fu-plugin-thunderbolt.c fwupd-1.3.11/plugins/thunderbolt/fu-plugin-thunderbolt.c
--- fwupd-1.3.9/plugins/thunderbolt/fu-plugin-thunderbolt.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/thunderbolt/fu-plugin-thunderbolt.c 2020-06-18 15:28:45.000000000 +0000
@@ -282,7 +282,7 @@
g_autofree gchar *version = NULL;
g_autofree gchar *vendor_id = NULL;
g_autofree gchar *device_id = NULL;
- g_autofree gchar *device_id_with_path = NULL;
+ g_autofree gchar *domain_id = NULL;
g_autoptr(FuDevice) dev = NULL;
g_autoptr(GError) error_vid = NULL;
g_autoptr(GError) error_did = NULL;
@@ -358,8 +358,8 @@
/* USB4 controllers don't have a concept of legacy vs native
* so don't try to read a native attribute from their NVM */
if (is_host && gen < 4) {
+ g_autofree gchar *domain = g_path_get_basename (devpath);
g_autoptr(GError) native_error = NULL;
- g_autoptr(GUdevDevice) udev_parent = NULL;
if (!fu_plugin_thunderbolt_is_native (device,
&is_native,
&native_error)) {
@@ -370,14 +370,12 @@
fu_plugin_add_report_metadata (plugin,
"ThunderboltNative",
is_native ? "True" : "False");
- udev_parent = g_udev_device_get_parent_with_subsystem (device, "pci", NULL);
- if (udev_parent != NULL)
- device_id_with_path = g_strdup_printf ("TBT-%04x%04x%s-%s",
- (guint) vid,
- (guint) did,
- is_native ? "-native" : "",
- g_udev_device_get_property (udev_parent,
- "PCI_SLOT_NAME"));
+ domain_id = g_strdup_printf ("TBT-%04x%04x%s-controller%s",
+ (guint) vid,
+ (guint) did,
+ is_native ? "-native" : "",
+ domain);
+
}
vendor_id = g_strdup_printf ("TBT:0x%04X", (guint) vid);
device_id = g_strdup_printf ("TBT-%04x%04x%s",
@@ -419,8 +417,8 @@
fu_device_set_vendor_id (dev, vendor_id);
if (device_id != NULL)
fu_device_add_instance_id (dev, device_id);
- if (device_id_with_path != NULL)
- fu_device_add_instance_id (dev, device_id_with_path);
+ if (domain_id != NULL)
+ fu_device_add_instance_id (dev, domain_id);
if (version != NULL)
fu_device_set_version (dev, version, FWUPD_VERSION_FORMAT_PAIR);
if (is_host)
diff -Nru fwupd-1.3.9/plugins/thunderbolt/README.md fwupd-1.3.11/plugins/thunderbolt/README.md
--- fwupd-1.3.9/plugins/thunderbolt/README.md 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/thunderbolt/README.md 2020-06-18 15:28:45.000000000 +0000
@@ -32,10 +32,10 @@
* `TBT-$(vid)$(pid)-native` when native, and `TBT-$(vid)$(pid)` otherwise.
Additionally for host system thunderbolt controllers another GUID is added
-containing the PCI slot designation of the controller. This is intended to be
+containing the domain designation of the controller. This is intended to be
used for systems with multiple host controllers to disambiguiate between controllers.
-* `TBT-$(vid)$(pid)-native-$(slot)`
+* `TBT-$(vid)$(pid)-native-controller$(num)`
Vendor ID Security
------------------
diff -Nru fwupd-1.3.9/plugins/tpm-eventlog/fu-tpm-eventlog-parser.c fwupd-1.3.11/plugins/tpm-eventlog/fu-tpm-eventlog-parser.c
--- fwupd-1.3.9/plugins/tpm-eventlog/fu-tpm-eventlog-parser.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/tpm-eventlog/fu-tpm-eventlog-parser.c 2020-06-18 15:28:45.000000000 +0000
@@ -141,7 +141,7 @@
if (alg_type == TPM2_ALG_SHA1)
checksum_sha1 = g_bytes_new_take (g_steal_pointer (&digest), alg_size);
else if (alg_type == TPM2_ALG_SHA256)
- checksum_sha1 = g_bytes_new_take (g_steal_pointer (&digest), alg_size);
+ checksum_sha256 = g_bytes_new_take (g_steal_pointer (&digest), alg_size);
}
/* next block */
diff -Nru fwupd-1.3.9/plugins/uefi/fu-uefi-bootmgr.c fwupd-1.3.11/plugins/uefi/fu-uefi-bootmgr.c
--- fwupd-1.3.9/plugins/uefi/fu-uefi-bootmgr.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/uefi/fu-uefi-bootmgr.c 2020-06-18 15:28:45.000000000 +0000
@@ -280,7 +280,8 @@
GError **error)
{
const gchar *filepath;
- gboolean use_fwup_path = FALSE;
+ gboolean use_fwup_path = TRUE;
+ gboolean secure_boot = FALSE;
gsize loader_sz = 0;
gssize opt_size = 0;
gssize sz, dp_size = 0;
@@ -303,34 +304,36 @@
if (source_app == NULL)
return FALSE;
- /* test to make sure shim is there if we need it */
- shim_app = fu_uefi_get_esp_app_path (esp_path, "shim", error);
- if (shim_app == NULL)
- return FALSE;
- if (g_file_test (shim_app, G_FILE_TEST_EXISTS)) {
- /* use a custom copy of shim for firmware updates */
- if (flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_UNIQUE) {
- shim_cpy = fu_uefi_get_esp_app_path (esp_path, "shimfwupd", error);
- if (shim_cpy == NULL)
- return FALSE;
- if (!fu_uefi_cmp_asset (shim_app, shim_cpy)) {
- if (!fu_uefi_copy_asset (shim_app, shim_cpy, error))
+ /* test if we should use shim */
+ secure_boot = fu_uefi_secure_boot_enabled ();
+ if (secure_boot) {
+ /* test to make sure shim is there if we need it */
+ shim_app = fu_uefi_get_esp_app_path (esp_path, "shim", error);
+ if (shim_app == NULL)
+ return FALSE;
+
+ if (g_file_test (shim_app, G_FILE_TEST_EXISTS)) {
+ /* use a custom copy of shim for firmware updates */
+ if (flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_UNIQUE) {
+ shim_cpy = fu_uefi_get_esp_app_path (esp_path, "shimfwupd", error);
+ if (shim_cpy == NULL)
return FALSE;
+ if (!fu_uefi_cmp_asset (shim_app, shim_cpy)) {
+ if (!fu_uefi_copy_asset (shim_app, shim_cpy, error))
+ return FALSE;
+ }
+ filepath = shim_cpy;
+ } else {
+ filepath = shim_app;
}
- filepath = shim_cpy;
- } else {
- filepath = shim_app;
- }
- } else {
- if (fu_uefi_secure_boot_enabled () &&
- (flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_FOR_SB) > 0) {
+ use_fwup_path = FALSE;
+ } else if ((flags & FU_UEFI_BOOTMGR_FLAG_USE_SHIM_FOR_SB) > 0) {
g_set_error_literal (error,
FWUPD_ERROR,
FWUPD_ERROR_BROKEN_SYSTEM,
"Secure boot is enabled, but shim isn't installed to the EFI system partition");
return FALSE;
}
- use_fwup_path = TRUE;
}
/* test if correct asset in place */
diff -Nru fwupd-1.3.9/plugins/uefi/fu-uefi-device.c fwupd-1.3.11/plugins/uefi/fu-uefi-device.c
--- fwupd-1.3.9/plugins/uefi/fu-uefi-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/uefi/fu-uefi-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -35,6 +35,7 @@
guint64 fmp_hardware_instance;
gboolean missing_header;
gboolean automounted_esp;
+ gboolean requires_header;
};
G_DEFINE_TYPE (FuUefiDevice, fu_uefi_device, FU_TYPE_DEVICE)
@@ -320,9 +321,8 @@
if (efi_guid_cmp (&esrt_guid, &payload_guid) == 0) {
g_debug ("ESRT matches payload GUID");
return g_bytes_new_from_bytes (fw, 0, fw_length);
- /* FMP payload */
- } else if (fu_uefi_device_get_kind (self) == FU_UEFI_DEVICE_KIND_FMP) {
- g_debug ("performing FMP update");
+ /* Type that doesn't require a header */
+ } else if (!self->requires_header) {
return g_bytes_new_from_bytes (fw, 0, fw_length);
/* Missing, add a header */
} else {
@@ -515,10 +515,10 @@
/* sanity checks */
if (!fu_uefi_device_is_esp_mounted (device, error))
return FALSE;
- if (!fu_uefi_device_check_esp_free (device, error))
- return FALSE;
if (!fu_uefi_device_cleanup_esp (device, error))
return FALSE;
+ if (!fu_uefi_device_check_esp_free (device, error))
+ return FALSE;
return TRUE;
}
@@ -712,6 +712,13 @@
g_warning ("Failed to get PCR0s: %s", error_local->message);
}
+ /* whether to create a missing header */
+ if (self->kind == FU_UEFI_DEVICE_KIND_FMP ||
+ self->kind == FU_UEFI_DEVICE_KIND_DELL_TPM_FIRMWARE)
+ self->requires_header = FALSE;
+ else
+ self->requires_header = TRUE;
+
/* Windows seems to be case insensitive, but for convenience we'll
* match the upper case values typically specified in the .inf file */
guid_strup = g_ascii_strup (self->fw_class, -1);
diff -Nru fwupd-1.3.9/plugins/vli/fu-vli-pd-device.c fwupd-1.3.11/plugins/vli/fu-vli-pd-device.c
--- fwupd-1.3.9/plugins/vli/fu-vli-pd-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/vli/fu-vli-pd-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -299,7 +299,7 @@
if (fu_vli_device_get_kind (device) == FU_VLI_DEVICE_KIND_UNKNOWN) {
if (!fu_vli_pd_device_read_reg (self, 0x0018, &tmp, error))
return FALSE;
- switch (tmp) {
+ switch (tmp & 0xF0) {
case 0x00:
fu_vli_device_set_kind (device, FU_VLI_DEVICE_KIND_VL100);
break;
@@ -317,7 +317,7 @@
g_set_error (error,
FWUPD_ERROR,
FWUPD_ERROR_INVALID_FILE,
- "unable to map 0x0018=%0x02x to device kind",
+ "unable to map 0x0018=0x%02X to device kind",
tmp);
return FALSE;
}
diff -Nru fwupd-1.3.9/plugins/vli/fu-vli-usbhub-i2c-device.c fwupd-1.3.11/plugins/vli/fu-vli-usbhub-i2c-device.c
--- fwupd-1.3.9/plugins/vli/fu-vli-usbhub-i2c-device.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/vli/fu-vli-usbhub-i2c-device.c 2020-06-18 15:28:45.000000000 +0000
@@ -74,19 +74,31 @@
fu_vli_usbhub_i2c_device_detach (FuDevice *device, GError **error)
{
FuVliUsbhubDevice *parent = FU_VLI_USBHUB_DEVICE (fu_device_get_parent (device));
+ FuVliUsbhubI2cStatus status = 0xff;
+ g_autoptr(FuDeviceLocker) locker = NULL;
const guint8 buf[] = {
FU_VLI_USBHUB_I2C_ADDR_WRITE,
FU_VLI_USBHUB_I2C_CMD_UPGRADE,
};
+
+ /* open device */
+ locker = fu_device_locker_new (parent, error);
+ if (locker == NULL)
+ return FALSE;
if (!fu_vli_usbhub_device_i2c_write_data (parent, 0, 0, buf, sizeof(buf), error))
return FALSE;
- /* avoid power instability */
+ /* avoid power instability by waiting T1 */
fu_device_set_status (device, FWUPD_STATUS_DEVICE_RESTART);
- g_usleep (5000);
+ fu_device_set_progress (device, 0);
+ g_usleep (G_USEC_PER_SEC);
- /* success */
- return TRUE;
+ /* check the device came back */
+ if (!fu_vli_usbhub_device_i2c_read_status (parent, &status, error)) {
+ g_prefix_error (error, "device did not come back after detach");
+ return FALSE;
+ }
+ return fu_vli_usbhub_i2c_check_status (status, error);
}
static FuFirmware *
@@ -110,7 +122,7 @@
{
FuVliUsbhubDevice *parent = FU_VLI_USBHUB_DEVICE (fu_device_get_parent (device));
GPtrArray *records = fu_ihex_firmware_get_records (FU_IHEX_FIRMWARE (firmware));
- guint16 usbver = fu_usb_device_get_spec (FU_USB_DEVICE (device));
+ guint16 usbver = fu_usb_device_get_spec (FU_USB_DEVICE (parent));
g_autoptr(FuDeviceLocker) locker = NULL;
/* open device */
diff -Nru fwupd-1.3.9/plugins/vli/vli-usbhub-lenovo.quirk fwupd-1.3.11/plugins/vli/vli-usbhub-lenovo.quirk
--- fwupd-1.3.9/plugins/vli/vli-usbhub-lenovo.quirk 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/plugins/vli/vli-usbhub-lenovo.quirk 2020-06-18 15:28:45.000000000 +0000
@@ -60,17 +60,6 @@
GType = FuVliUsbhubDevice
Flags = usb2,usb3
-# Lenovo Payton dock
-[DeviceInstanceId=USB\VID_17EF&PID_305A]
-Plugin = vli
-GType = FuVliUsbhubDevice
-Flags = usb2,usb3
-[DeviceInstanceId=USB\VID_17EF&PID_305B]
-Plugin = vli
-GType = FuVliUsbhubDevice
-Flags = usb2,usb3
-ParentGuid = USB\VID_17EF&PID_305A
-
# Lenovo USB3 Ultra Dock
[DeviceInstanceId=USB\VID_17EF&PID_1014]
Plugin = vli
diff -Nru fwupd-1.3.9/RELEASE fwupd-1.3.11/RELEASE
--- fwupd-1.3.9/RELEASE 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/RELEASE 2020-06-18 15:28:45.000000000 +0000
@@ -1,24 +1,15 @@
fwupd Release Notes
-0. Create release version
+Write release entries:
-export release_ver=
-
-1. Write release entries:
-
-git log --format="%s" --cherry-pick --right-only $(git describe --tags --abbrev=0)..HEAD | grep -i -v trivial | grep -v Merge | sort | uniq
+git log --format="%s" --cherry-pick --right-only 1.3.10... | grep -i -v trivial | grep -v Merge | sort | uniq
Add any user visible changes into ../data/org.freedesktop.fwupd.metainfo.xml
appstream-util appdata-to-news ../data/org.freedesktop.fwupd.metainfo.xml > NEWS
-2. Update translations:
+2. Commit changes to git:
-ninja-build fwupd-pot
-tx push --source
-tx pull --all --force --minimum-perc=5
-ninja-build fix-translations
-git add ../po/*.po
-
-3. Commit changes to git:
+# MAKE SURE THIS IS CORRECT
+export release_ver="1.3.11"
git commit -a -m "Release fwupd ${release_ver}"
git tag -s -f -m "Release fwupd ${release_ver}" "${release_ver}"
@@ -26,14 +17,21 @@
git push --tags
git push
-4. Generate the tarball:
+3. Generate the tarball:
ninja dist
-4a. Generate the additional verification metadata
+3a. Generate the additional verification metadata
gpg -b -a meson-dist/fwupd-${release_ver}.tar.xz
-5. Upload tarball:
+4. Upload tarball:
scp meson-dist/fwupd-${release_ver}.tar.* hughsient@people.freedesktop.org:~/public_html/releases
+
+5. Do post release version bump in meson.build
+
+6. Commit changes:
+
+git commit -a -m "trivial: post release version bump"
+git push
diff -Nru fwupd-1.3.9/SECURITY.md fwupd-1.3.11/SECURITY.md
--- fwupd-1.3.9/SECURITY.md 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/SECURITY.md 2020-06-18 15:28:45.000000000 +0000
@@ -5,7 +5,7 @@
## Supported Versions
-The `1.2.x` and `1.1.x` branches are fully supported by the upstream authors.
+The `1.3.x`, `1.2.x` and `1.1.x` branches are fully supported by the upstream authors.
Additionally, the `1.0.x` branch is supported for security and bug fixes.
Older releases than this are unsupported by upstream but may be supported by
@@ -16,6 +16,7 @@
| Version | Supported |
| ------- | ------------------ |
+| 1.3.x | :heavy_check_mark: |
| 1.2.x | :heavy_check_mark: |
| 1.1.x | :heavy_check_mark: |
| 1.0.x | :white_check_mark: |
diff -Nru fwupd-1.3.9/snap/snapcraft.yaml fwupd-1.3.11/snap/snapcraft.yaml
--- fwupd-1.3.9/snap/snapcraft.yaml 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/snap/snapcraft.yaml 2020-06-18 15:28:45.000000000 +0000
@@ -27,6 +27,8 @@
command: fwupdmgr.wrapper
completer:
share/bash-completion/completions/fwupdmgr
+ fwupdtpmevlog:
+ command: fwupdtpmevlog.wrapper
parts:
tpm2-tss:
@@ -266,3 +268,4 @@
- fwupdtool.wrapper
- fwupd.wrapper
- fwupdmgr.wrapper
+ - fwupdtpmevlog.wrapper
diff -Nru fwupd-1.3.9/src/fu-engine.c fwupd-1.3.11/src/fu-engine.c
--- fwupd-1.3.9/src/fu-engine.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-engine.c 2020-06-18 15:28:45.000000000 +0000
@@ -2703,9 +2703,10 @@
g_autoptr(XbBuilderSource) source = NULL;
g_autoptr(GError) error_local = NULL;
const gchar *fn = g_ptr_array_index (files, i);
+ g_autofree gchar *fn_lowercase = g_ascii_strdown (fn, -1);
/* check is cab file */
- if (!g_str_has_suffix (fn, ".cab")) {
+ if (!g_str_has_suffix (fn_lowercase, ".cab")) {
g_debug ("ignoring: %s", fn);
continue;
}
diff -Nru fwupd-1.3.9/src/fu-keyring-gpg.c fwupd-1.3.11/src/fu-keyring-gpg.c
--- fwupd-1.3.9/src/fu-keyring-gpg.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-keyring-gpg.c 2020-06-18 15:28:45.000000000 +0000
@@ -297,6 +297,13 @@
"no result record from libgpgme");
return NULL;
}
+ if (result->signatures == NULL) {
+ g_set_error_literal (error,
+ FWUPD_ERROR,
+ FWUPD_ERROR_INTERNAL,
+ "no signatures from libgpgme");
+ return NULL;
+ }
/* look at each signature */
for (s = result->signatures; s != NULL ; s = s->next ) {
diff -Nru fwupd-1.3.9/src/fu-main.c fwupd-1.3.11/src/fu-main.c
--- fwupd-1.3.9/src/fu-main.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-main.c 2020-06-18 15:28:45.000000000 +0000
@@ -1359,7 +1359,7 @@
fu_engine_idle_reset (priv->engine);
if (g_strcmp0 (property_name, "DaemonVersion") == 0)
- return g_variant_new_string (VERSION);
+ return g_variant_new_string (SOURCE_VERSION);
if (g_strcmp0 (property_name, "Tainted") == 0)
return g_variant_new_boolean (fu_engine_get_tainted (priv->engine));
diff -Nru fwupd-1.3.9/src/fu-self-test.c fwupd-1.3.11/src/fu-self-test.c
--- fwupd-1.3.9/src/fu-self-test.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-self-test.c 2020-06-18 15:28:45.000000000 +0000
@@ -2708,6 +2708,7 @@
fu_keyring_pkcs7_self_signed_func (gconstpointer user_data)
{
#ifdef ENABLE_PKCS7
+ static const gchar payload_str[] = "Hello, world!";
gboolean ret;
g_autoptr(FuKeyring) kr = NULL;
g_autoptr(FuKeyringResult) kr_result = NULL;
@@ -2726,8 +2727,7 @@
ret = fu_keyring_setup (kr, &error);
g_assert_no_error (error);
g_assert_true (ret);
- payload = fu_common_get_contents_bytes ("/etc/machine-id", &error);
- g_assert_no_error (error);
+ payload = g_bytes_new_static (payload_str, sizeof (payload_str));
g_assert_nonnull (payload);
signature = fu_keyring_sign_data (kr, payload, FU_KEYRING_SIGN_FLAG_ADD_TIMESTAMP, &error);
g_assert_no_error (error);
diff -Nru fwupd-1.3.9/src/fu-tool.c fwupd-1.3.11/src/fu-tool.c
--- fwupd-1.3.9/src/fu-tool.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-tool.c 2020-06-18 15:28:45.000000000 +0000
@@ -673,7 +673,7 @@
return FALSE;
}
}
- priv->flags = FWUPD_INSTALL_FLAG_NO_HISTORY;
+ priv->flags |= FWUPD_INSTALL_FLAG_NO_HISTORY;
if (!fu_engine_install_blob (priv->engine, device, blob_fw, priv->flags, error))
return FALSE;
if (priv->cleanup_blob) {
@@ -1911,7 +1911,7 @@
fu_util_monitor);
fu_util_cmd_array_add (cmd_array,
"update,upgrade",
- NULL,
+ "[DEVICE-ID]",
/* TRANSLATORS: command description */
_("Update all devices that match local metadata"),
fu_util_update);
diff -Nru fwupd-1.3.9/src/fu-util.c fwupd-1.3.11/src/fu-util.c
--- fwupd-1.3.9/src/fu-util.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-util.c 2020-06-18 15:28:45.000000000 +0000
@@ -1316,6 +1316,7 @@
fu_util_check_oldest_remote (FuUtilPrivate *priv, guint64 *age_oldest, GError **error)
{
g_autoptr(GPtrArray) remotes = NULL;
+ gboolean checked = FALSE;
/* get the age of the oldest enabled remotes */
remotes = fwupd_client_get_remotes (priv->client, NULL, error);
@@ -1327,9 +1328,18 @@
continue;
if (fwupd_remote_get_kind (remote) != FWUPD_REMOTE_KIND_DOWNLOAD)
continue;
+ checked = TRUE;
if (fwupd_remote_get_age (remote) > *age_oldest)
*age_oldest = fwupd_remote_get_age (remote);
}
+ if (!checked) {
+ g_set_error_literal (error,
+ FWUPD_ERROR,
+ FWUPD_ERROR_NOTHING_TO_DO,
+ /* TRANSLATORS: error message for a user who ran fwupdmgr refresh recently but no remotes */
+ "No remotes enabled.");
+ return FALSE;
+ }
return TRUE;
}
@@ -2368,16 +2378,15 @@
static gboolean
fu_util_check_daemon_version (FuUtilPrivate *priv, GError **error)
{
- g_autofree gchar *client = fu_util_get_client_version ();
const gchar *daemon = fwupd_client_get_daemon_version (priv->client);
- if (g_strcmp0 (daemon, client) != 0) {
+ if (g_strcmp0 (daemon, SOURCE_VERSION) != 0) {
g_set_error (error,
FWUPD_ERROR,
FWUPD_ERROR_NOT_SUPPORTED,
/* TRANSLATORS: error message */
_("Unsupported daemon version %s, client version is %s"),
- daemon, client);
+ daemon, SOURCE_VERSION);
return FALSE;
}
@@ -2543,7 +2552,7 @@
fu_util_get_updates);
fu_util_cmd_array_add (cmd_array,
"update,upgrade",
- NULL,
+ "[DEVICE-ID]",
/* TRANSLATORS: command description */
_("Updates all firmware to latest versions available"),
fu_util_update);
diff -Nru fwupd-1.3.9/src/fu-util-common.c fwupd-1.3.11/src/fu-util-common.c
--- fwupd-1.3.9/src/fu-util-common.c 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-util-common.c 2020-06-18 15:28:45.000000000 +0000
@@ -266,31 +266,11 @@
}
gchar *
-fu_util_get_client_version (void)
-{
- GString *string = g_string_new ("");
-
- g_string_append_printf (string,
- "%i.%i.%i",
- FWUPD_MAJOR_VERSION,
- FWUPD_MINOR_VERSION,
- FWUPD_MICRO_VERSION);
-#ifdef FWUPD_DIRTY_VERSION
- g_string_append_printf (string,
- "-%i-%s",
- FWUPD_DIRTY_VERSION,
- FWUPD_COMMIT_VERSION);
-#endif
- return g_string_free (string, FALSE);
-}
-
-gchar *
fu_util_get_versions (void)
{
GString *string = g_string_new ("");
- g_autofree gchar *client_version = fu_util_get_client_version ();
- g_string_append_printf (string, "client version:\t%s\n", client_version);
+ g_string_append_printf (string, "client version:\t%s\n", SOURCE_VERSION);
g_string_append_printf (string,
"compile-time dependency versions\n");
g_string_append_printf (string,
diff -Nru fwupd-1.3.9/src/fu-util-common.h fwupd-1.3.11/src/fu-util-common.h
--- fwupd-1.3.9/src/fu-util-common.h 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/fu-util-common.h 2020-06-18 15:28:45.000000000 +0000
@@ -33,8 +33,6 @@
gboolean fu_util_is_interesting_device (FwupdDevice *dev);
gchar *fu_util_get_user_cache_path (const gchar *fn);
SoupSession *fu_util_setup_networking (GError **error);
-
-gchar *fu_util_get_client_version (void);
gchar *fu_util_get_versions (void);
void fu_util_warning_box (const gchar *str,
diff -Nru fwupd-1.3.9/src/meson.build fwupd-1.3.11/src/meson.build
--- fwupd-1.3.9/src/meson.build 2020-03-04 16:18:38.000000000 +0000
+++ fwupd-1.3.11/src/meson.build 2020-06-18 15:28:45.000000000 +0000
@@ -193,20 +193,22 @@
install : true,
install_dir : join_paths(mandir, 'man1'),
)
- custom_target('fwupdagent-man',
- input : fwupdagent,
- output : 'fwupdagent.1',
- command : [
- help2man, '@INPUT@',
- '--no-info',
- '--output', '@OUTPUT@',
- '--name', 'Firmware updating agent',
- '--manual', 'User Commands',
- '--version-string', fwupd_version,
- ],
- install : true,
- install_dir : join_paths(mandir, 'man1'),
- )
+ if get_option('agent')
+ custom_target('fwupdagent-man',
+ input : fwupdagent,
+ output : 'fwupdagent.1',
+ command : [
+ help2man, '@INPUT@',
+ '--no-info',
+ '--output', '@OUTPUT@',
+ '--name', 'Firmware updating agent',
+ '--manual', 'User Commands',
+ '--version-string', fwupd_version,
+ ],
+ install : true,
+ install_dir : join_paths(mandir, 'man1'),
+ )
+ endif
endif
if get_option('man')
custom_target('fwupdtool-man',