Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fwupd: Initial integration for possible acceptance #4823

Merged
merged 1 commit into from Dec 12, 2020
Merged

fwupd: Initial integration for possible acceptance #4823

merged 1 commit into from Dec 12, 2020

Conversation

hughsie
Copy link
Contributor

@hughsie hughsie commented Dec 11, 2020

The fwupd daemon is a firmware installer deployed onto tens (hundreds?) of
millions of devices. It parses untrusted firmware blobs from OEMs, ODMs and
IHVs writing using dozens of different protocols.

See https://fwupd.org/ for a whole ton more details about the project.

Using the LVFS we've deployed at least 22 million updates in the last few years,
although that number could be a lot higher in reality as we allow the LVFS to
be anonymously mirrored and for fwupd to be run without phoning home.

We used to fuzz with afl but recently switched to honggfuzz which found an
additional 17 critical warnings or crashes. Hence my interest in oss-fuzz!

My actual email address richard@hughsie.com is aliased to the email address
given here, and I can confirm I'm the upstream maintainer. The github project
has 1.1k stars and 172 forks if that means anything in reality.

The fwupd project is used by almost all distributions, including ChromeOS.

@google-cla
Copy link

google-cla bot commented Dec 11, 2020

Thanks for your pull request. It looks like this may be your first contribution to a Google open source project (if not, look below for help). Before we can look at your pull request, you'll need to sign a Contributor License Agreement (CLA).

📝 Please visit https://cla.developers.google.com/ to sign.

Once you've signed (or fixed any issues), please reply here with @googlebot I signed it! and we'll verify it.


What to do if you already signed the CLA

Individual signers
Corporate signers

ℹ️ Googlers: Go here for more info.

The fwupd daemon is a firmware installer deployed onto tens (hundreds?) of
millions of devices. It parses untrusted firmware blobs from OEMs, ODMs and
IHVs writing using dozens of different protocols.

See https://fwupd.org/ for a whole ton more details about the project.

Using the LVFS we've deployed at least 22 million updates in the last few years,
although that number could be a lot higher in reality as we allow the LVFS to
be anonymously mirrored and for fwupd to be run without phoning home.

We used to fuzz with afl but recently switched to honggfuzz which found an
additional 17 critical warnings or crashes. Hence my interest in oss-fuzz!

My actual email address richard@hughsie.com is aliased to the email address
given here, and I can confirm I'm the upstream maintainer. The github project
has 1.1k stars and 172 forks if that means anything in reality.

The fwupd project is used by almost all distributions, *including* ChromeOS.
@hughsie
Copy link
Contributor Author

hughsie commented Dec 11, 2020

@googlebot I signed it!

I've repushed this with my corporate email address as Red Hat already has a company CLA agreement with Google. I've just been added onto the CLA group. Any questions welcome, thanks!

@inferno-chromium
Copy link
Collaborator

Your project serves a noble purpose with updating firmware. Happy to accept this project, welcome to OSS-Fuzz.

@inferno-chromium inferno-chromium merged commit 1ad593f into google:master Dec 12, 2020
@hughsie hughsie deleted the fwupd branch February 8, 2021 09:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants