[bionic] fwupd 1.2.x, 1.3.x, 1.4.x: vendor-id requirement on LVFS causes failures

When reviewing the SRU of fwupd and fwupd-signed for Ubuntu 20.10 I noticed a few things which need addressing before the SRUs can be accepted.

1) The debian/changelog references bug 1900935 but it is improperly formatted ('LP:#' vs 'LP: #')
2) That bug is missing SRU information in the bug description
3) "Regression Potential" in some bug descriptions doesn't describe what the SRU team is actually looking for i.e. "what could go wrong". For example in bug 1921539 it sounds like the system could fail to boot if the sbat region isn't looked for in the correct spot so that's what I'd expect in "regression potential".
4) Bug 1909734 is missing SRU information
5) Bug 1886912 is missing SRU information
6) The SRU exception for fwupd (https://wiki.ubuntu.com/firmware-updates) indicates that fwupd "Stay with the same release branch that was launched with that release". The upload for Focal does not do this as it 1.4.7 and Focal released with 1.3.9. Subsequently, I'll reject the Focal upload.

Once these issues have been addressed feel free to ping me and I'll review the SRU again.

YC will work out solving issues 1-5. We also are going to need to spin ALL of them again for an aarch64 issue with SBAT involving all EFI binaries.
(https://github.com/fwupd/fwupd/pull/3087).

Regarding point 6, before rejecting can we please move the discussion into https://bugs.launchpad.net/ubuntu/+source/fwupd-signed/+bug/1900935. I'll add some more context in that bug.

Hello Mario, or anyone else affected,

Accepted fwupd into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fwupd/1.4.7-0~20.10.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Mario, or anyone else affected,

Accepted fwupd-signed into groovy-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fwupd-signed/1.30.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-groovy to verification-done-groovy. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-groovy. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Per check groovy 1.4.5 version, I can't reproduce this bug.

Attached is the log that run with fwupd 1.4.5

fwupd update
fwupd update -v

with WD19 is plugged.

I also install the fwupd 1.4.7-0~20.10.1 from groovy-porposed.

Per check the output, I can't see any obvious difference related to vendor-id.

@Mario, mind confirm the above result expected?

Besides, AFAIK, the needed patch is

https://github.com/fwupd/fwupd/commit/f848d0f25b4bf822c84d71885c90974a05618c6a

Per check fwupd 1.4.5 source code in groovy, it has parts of the patch, just not check the "version == NULL" case.

@Mario, I also do a test on focal fwupd 1.3.11 (1.3.11-1~focal1), I also can't reproduce this bug. Maybe we need some other test cases or this only reproduced in bionic?

per check vendor of WD19, they confirm this bug only happens in bionic, not focal or groovy.

Given so, change the corresponding bug status.

given #8, I think the correct status in groovy and focal should be fix-released.
I am not sure how not to block other SUR, so I am not going to change that for now.
Feel free to do that if the other way is the right one.

per #7, the update code still behave better in other HW case, given so, maybe we still keep this one, just we don't know which specific HW is the right one to do the verification for groovy and focal.

This bug was fixed in the package fwupd - 1.4.7-0~20.10.1

---------------
fwupd (1.4.7-0~20.10.1) groovy; urgency=medium

  * new upstream version (1.4.7)
  * Bug fixes:
    - Check returned volumes before accessing them
    - Correct a Thunderbolt assertion if kernel failed FW read
    - Do not dedupe NVMe devices
    - Do not match all HIDRAW\VEN_06CB devices
    - Don't allow device updates while needing activation
    - Fix adding multiple flags to devices
    - Fix critical warning regression with 'fwupdate -a'
    - Fix probe warning for the Logitech Unifying device
    - Fix the quirk key name for the Lenovo HDMI with power
    - Make TPM more optional
    - Make udisks2 errors more apparent
    - Only set the version format for ESRT entries
    - Remove the Hughski public key
    - Restore recognizing gpg and pkcs7 types still
    - Wait a few ms for the Logitech hardware to settle after detach
  * New features
    - Add support for SBAT. (LP: #1921539)
    - Adds support for Synaptics fingerprinter reader (LP:# 1900935)
  * Fixes TPM PCR0 reading failures if all characters are 0.
    (LP: #1909734)
  * Fixes Synaptics RMI probe causing touchscreen failures
    (LP: #1886912)
  * Backport a patch from upstream 1_4_X branch to fix SBAT character.
  * Backport a patch from upstream 1_4_X branch to fix vendor-id requirement
    error on Dell WD19 (LP: #1921544)

 -- Mario Limonciello <email address hidden> Fri, 26 Mar 2021 13:45:02 -0500

This bug was fixed in the package fwupd-signed - 1.30.1

---------------
fwupd-signed (1.30.1) groovy; urgency=medium

  * Build depend on fwupd 1.4.7-0~20.10.1
    - LP: #1921544
    - LP: #1921539
    - LP: #1909734
    - LP: #1886912
    - LP: #1900935

 -- Mario Limonciello <email address hidden> Fri, 26 Mar 2021 14:04:01 -0500

The verification of the Stable Release Update for fwupd has completed successfully and the package is now being released to -updates. Subsequently, the Ubuntu Stable Release Updates Team is being unsubscribed and will not receive messages about this bug report. In the event that you encounter a regression using the package from -updates please report a new bug using ubuntu-bug and tag the bug report regression-update so we can easily find any regressions.

As we got the fwupd 1.5.11 landed in focal, then we can cherry-pick the patch to bionic.

lower priority per current state.

Hello Mario, or anyone else affected,

Accepted fwupd into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fwupd/1.2.14-0~18.04.1 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Mario, or anyone else affected,

Accepted fwupd-signed into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fwupd-signed/1.10~ubuntu18.04.5 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Mario, or anyone else affected,

Accepted fwupd into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fwupd/1.2.14-0~18.04.2 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

Hello Mario, or anyone else affected,

Accepted fwupd-signed into bionic-proposed. The package will build now and be available at https://launchpad.net/ubuntu/+source/fwupd-signed/1.10~ubuntu18.04.6 in a few hours, and then in the -proposed repository.

Please help us by testing this new package. See https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how to enable and use -proposed. Your feedback will aid us getting this update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug, mentioning the version of the package you tested, what testing has been performed on the package and change the tag from verification-needed-bionic to verification-done-bionic. If it does not fix the bug for you, please add a comment stating that, and change the tag to verification-failed-bionic. In either case, without details of your testing we will not be able to proceed.

Further information regarding the verification process can be found at https://wiki.ubuntu.com/QATeam/PerformingSRUVerification . Thank you in advance for helping!

N.B. The updated package will be released to -updates after the bug(s) fixed by this package have been verified and the package has been in -proposed for a minimum of 7 days.

test the one in focal-update, it does have the error mentioned in bug descript like "No releases found for device:.."

after upgrade fwupd / libfwupd2 to 1.2.14-0~18.04.2 from bionic-proposed, then this is fixed.

I also upgrade

WD19SC fw from 01.00.00.05 to 01.00.01.01
WD19SC package level from 01.00.15.01 to 01.00.21.01

and it works fine.

This bug was fixed in the package fwupd - 1.2.14-0~18.04.2

---------------
fwupd (1.2.14-0~18.04.2) bionic; urgency=medium

  * debian/rules: catch up to generate sbat section.

fwupd (1.2.14-0~18.04.1) bionic; urgency=medium

  * New upstream version (1.2.14) (LP: #1884788)
  * Bug fixes:
    - Fixes crashes on fwupdaa64.efi on startup (LP: #1858590)
    - Check version was updated by checking version
    - Correctly import PKCS-7 remote metadata
    - Decrease minimum battery requirement to 10%
    - Disable the battery percentage checks if UPower is unavailable
    - Do not do semver conversion in fu_common_vercmp()
    - Fix the DeviceID set by GetDetails
    - Force the synaptics-prometheus minor version from 0x02 to 0x01
    - Prevent Dell updates to occur via synaptics-mst
    - Read all releases and convert versions when comparing
    - Use the correct timeout for unifying IO channel writes
    - Validate that gpgme_op_verify_result() returned at least one signature
    - Avoid checking for bolt support when not required
    - Correct HWID support in wacom-raw
    - Fix offset of vendor id of hidraw devices
    - Make loading vendor/product/serial strings non-fatal
    - Only check the vendor ID if the device has one set
    - Use more systemd directives for directories
    - Actually write the new device path if different than before
    - Add a SynapticsMSTBoardID for a few Lenovo docks
    - Add the counterpart GUID for the DW5821e
    - Be more accepting when trying to recover a failed database migration
    - Do not ask the user to upload a report if ReportURI is not set
    - Do not segfault when trying to quit the downgrade selection
    - Fix a crash when stopping the fwupd service
    - Never show AppStream markup on the console
    - Relax the certificate time checks in the self tests for the legacy certificate
    - Reload metadata store when configuration changes
    - Remove replug flag after the device comes back from reboot
    - Update device_modified in sql database during updates
    - Work properly with ICL thunderbolt controller
  * New features:
    - Add support for tpm2-tools 4.X
    - Allow specifying a firmware GUID to check any version exists
    - Add SBAT region support (LP: #1921539)
  * Don't cleanup /var/cache/fwupdate anymore
  * Drop upstreamed patches:
    - 0001-Relax-the-certificate-time-checks-in-the-self-tests-.patch
    - 0001-trivial-libfwupd-skip-tests-if-machine-id-is-empty-t.patch
    - 0001-Allows-confined-snaps-to-activate-fwupd-via-D-Bus.patch
    - 0001-Only-check-the-vendor-ID-if-the-device-has-one-set.patch
    - 0001-efi-use-a-wildcard-section-copy-for-final-EFI-genera.patch
    - CVE-2020-10759.patch
  * Remaining changes:
    - meson-0.45-bc.patch: Fix build with meson 0.45
    - Drop added Recommends: on bolt which is not in flavor seeds and adds a
      new service.
  * Backport a patch from upstream 1_2_X branch to fix SBAT character.
  * Backport a patch from upstream 1_2_X branch to fix vendor-id requirement
    error on Dell WD19 (LP: #1921544)

 -- Yuan-Chen Cheng <email address hidden> Tue, 31 Aug 2021 15:58:09 +0800

This bug was fixed in the package fwupd-signed - 1.10~ubuntu18.04.6

---------------
fwupd-signed (1.10~ubuntu18.04.6) bionic; urgency=medium

  * Build depends on fwupd version 1.2.14-0~18.04.2. (LP: #1921539)

fwupd-signed (1.10~ubuntu18.04.5) bionic; urgency=medium

  * Build depends on fwupd version 1.2.14-0~18.04.1
    - LP: #1921544
    - LP: #1921539
    - LP: #1884788
    - LP: #1858590

 -- Yuan-Chen Cheng <email address hidden> Tue, 31 Aug 2021 17:50:22 +0800