commit | a3bb9f5dba76d5f10eb08c638ff82d62403a35aa | [log] [tgz] |
---|---|---|
author | Benson Leung <bleung@chromium.org> | Sat May 23 03:43:35 2020 |
committer | Commit Bot <commit-bot@chromium.org> | Sun Jun 07 05:26:46 2020 |
tree | 0a053868e8c2abce84753ca3c90397332d2c35a5 | |
parent | c708b1ace0a2b81c409c624999ca2eb894606a1c [diff] |
UPSTREAM: cros-ec: Provide device metadata as a part of to_string Provide the following metadata: "Dirty firmware" bit Protocol version Header type Maximum PDU Size Flash protection status Raw version string Key Version Minimum rollback (cherry picked from commit a22310374e3c24ec6544b943257a1d00d5ccd81f) BUG=b:157086895 TEST=fwupdtool --plugin-whitelist cros_ec get-devices --verbose See the following output: Servo Micro DeviceId: 84d0e3f2a0f8b2328f7995767b23ebb40494723f Guid: 8e2f7625-a164-55d7-8f09-f193c8ec33f1 <- USB\VID_18D1&PID_501A&REV_0100 Guid: 13564257-c649-586d-b4e4-4f048d480f36 <- USB\VID_18D1&PID_501A Guid: 98f707d0-8a65-52e9-b216-dc60f91ae2cd <- servo_micro Serial: CMO653-00166-040491U00771 Summary: Servo Micro (aka "uServo") Debug Board Plugin: cros_ec Flags: registered Vendor: Google Inc. VendorId: USB:0x18D1 Version: 2.4.17 VersionFormat: triplet Created: 2020-05-29 PhysicalId: usb:03:00:02 GitHash: df61092c3 Dirty: false ProtocolVersion: 6 HeaderType: 1 MaxPDUSize: 1024 FlashProtectionStatus: 0x8 RawVersion: servo_micro_v2.4.17-df61092c3 KeyVersion: 0 MinRollback: -1 Change-Id: Ib91dd8b68221ed31f199be8a3b2a0fbf623d764b Reviewed-on: https://chromium-review.googlesource.com/c/chromiumos/third_party/fwupd/+/2222562 Reviewed-by: Sean Paul <seanpaul@chromium.org> Reviewed-by: Daniel Campello <campello@chromium.org> Tested-by: Benson Leung <bleung@google.com> Auto-Submit: Benson Leung <bleung@chromium.org> Commit-Queue: Benson Leung <bleung@google.com>
This project aims to make updating firmware on Linux automatic, safe and reliable.
Additional information is available at the website: https://fwupd.org/
The most up to date compilation instructions are available in the Wiki.
This project is configured by default to download firmware from the Linux Vendor Firmware Service (LVFS).
This service is available to all OEMs and firmware creators who would like to make their firmware available to Linux users.
You can find more information about the technical details of creating a firmware capsule in the hardware vendors section of the fwupd website.
If you have a device with firmware supported by fwupd, this is how you will check for updates and apply them using fwupd's command line tools.
# fwupdmgr get-devices
This will display all devices detected by fwupd.
# fwupdmgr refresh
This will download the latest metadata from LVFS.
# fwupdmgr get-updates
If updates are available for any devices on the system, they'll be displayed.
# fwupdmgr update
This will download and apply all updates for your system.
You can find more information about the update workflow in the end users section of the fwupd website.
fwupd will encourage users to report both successful and failed updates back to LVFS. This is an optional feature, but encouraged as it provides valuable feedback to LVFS administrators and OEM developers regarding firmware update process efficacy.
The privacy policy regarding this data can be viewed on the fwupd website.
To report the status of an update run:
# fwupdmgr report-history
To clear the local history of updates:
# fwupdmgr clear-history
Only updates that were distributed from the LVFS will be reported to the LVFS.
The flow of updates can be controlled in the enterprise using the “approved updates” feature. This allows the domain administrator to filter the possible updates from a central server (e.g. the LVFS, or a mirror) to only firmware that have been tested specifically in your organisation.
The list of approved updates can be enabled by adding ApprovalRequired=true
to the remote configuration file, e.g. lvfs.conf
. Once enabled, the list of approved updates can be set in daemon.conf
using a comma delimited list.
For example:
ApprovedFirmware=foo,bar
Where foo,bar
refers to the container checksums that would correspond to two updates in the metadata file.
Additionally, the list of approved firmware can be supplemented using fwupdmgr set-approved-firmware baz
or using the D-Bus interface.
GNOME Software is the graphical frontend available. When compiled with firmware support, it will check for updates periodically and automatically download firmware in the background. After the firmware has been downloaded a popup will be displayed in GNOME Software to perform the update.
KDE Discover is the software centre, generally bundled with KDE Plasma. With the release of KDE Plasma 5.14, a new fwupd backend has been implemented in KDE Discover for firmware updates. These firmware updates are shown with other system updates.
Wyse Management Suite A software suite available on Dell IoT gateways and Wyse thin clients with built-in fwupd support. The remote administration interface can be used to download and deploy firmware updates.
There are several automated fuzzing tests in fwupd. These take some time to run:
CC=afl-gcc meson --default-library=static ../ AFL_HARDEN=1 ninja ninja fuzz-synaptics-rmi ninja fuzz-firmware ninja fuzz-smbios