Add support for Dell TPM 1.2/2.0 updates and initial support for dock information #49
Conversation
|
Oh it's worth mentioning - this is all dependent upon rhboot/fwupdate#52 as well. |
superm1
force-pushed
the
wip/superm1/dell-support
branch
from
e85e8e0
to
a1b7862
Compare
|
I think this looks good in concept, and I've pushed a few cleanup patches. Good stuff, but a bit more to do before we can merge I guess. |
|
Thanks. Something else that was recently discussed that should be sorted before merging: The main concern is that for some future system if the TPM chip model or vendor changed in a future generation that the wrong device nodes get created on a new system with older distro code and the wrong thing offered. Since the TPM payload GUIDs for this model/vendor combination can't be queried from something like the ESRT this needs to be checked. There's 3 ways I'm exploring.
The validation of the payload's GUID happens later on after it's unpacked (and the embedded GUID is pulled out) rather than checking the capsule header against the ESRT when UpdateCapsule() is called. In any case this approach is my preference if it works and it sounds workable on your end too.
This means fwupd changes when a new GUID is created, but at least no one would see the wrong thing on new systems. Second choice.
It also means fwupd changes when new devices are released. Last choice. |
|
Those commits hopefully handle the TPM case I referred to above nicely. The dependency upon rhboot/fwupdate#52 is now optional. When it's not present the update is stuffed into the ESRT GUID through libfwup. This does bring up a corner case that a UEFI update and TPM or dock update can't be delivered simultaneously when compiled without that support to set a different GUID in fwupdate. |
|
Alright so with this latest set of commits, all the child components for the dock are created independently. The behavior before the docks are flashed for the first time (invalid EC version) will be a bit different than future flashes. In my mind TPM is complete now. If there is anything else you see missing, please let me know. Remaining dock items from my perspective:
|
|
On 27 May 2016 at 15:11, Mario Limonciello notifications@github.com wrote:
I'm wondering if we should have a SIMULATE flag in FwupdInstallFlags, I do like the fact you added so many self tests, good job.
Right! :)
I think that's the most logical thing to do; I hope gnome-software In related news, I've pushed a few fixes to the LVFS that mean you can If you could restrict any uploads of this kind of file to embargo Richard. |
|
On Tue, May 31, 2016 at 4:43 AM Richard Hughes notifications@github.com
I don't think that information about skipping devices is even valuable in
|
|
On 31 May 2016 at 15:39, Mario Limonciello notifications@github.com wrote:
Agree.
What does it do now exactly? What do you think should happen exactly?
Right; I guess fwupd should know about how devices are dependent on
I'd imagine in the order the files were packed into the .cab file. Do Richard. |
I'd expect keep trying all matching devices until something is updatable
At least with the Dell provider I'd expect it to work:
That means i'll need to make the Dell provider still:
|
|
Once #53 (or some form of this) is merged, the only remaining thing from my perspective on the Dell provider being merged is to have it lock common devices upon installation and display an error if you try to unlock. |
|
Since #53 is closed, I checked on the locking common devices. This actually doesn't appear necessary. Calling into fwupdate again doesn't cause any problems since it's the same payload again. The MST and TBT NVM will be features to be added later dependent upon other userspace and kernel work. So Dell provider should be complete now and ready to merge. |
|
Can you rebase, merge some of the fixup commits down, and force push this branch to update the PR please. Then I'll review one last time and we can merge. Thanks! |
superm1
force-pushed
the
wip/superm1/dell-support
branch
from
4636ccf
to
d8965bc
Compare
|
OK, just did that. On Wed, Jul 13, 2016 at 3:06 AM Richard Hughes notifications@github.com
|
superm1
force-pushed
the
wip/superm1/dell-support
branch
from
d8965bc
to
102b6c8
Compare
| @@ -181,6 +181,26 @@ if test x$enable_uefi != xno; then | |||
| fi | |||
| AM_CONDITIONAL(HAVE_UEFI, test x$enable_uefi = xyes) | |||
|
|
|||
| # Dell Non ESRT capsule support | |||
| AC_ARG_ENABLE(rbu, AS_HELP_STRING([--enable-dell],[Enable Dell non-esrt capsule support]), | |||
There was a problem hiding this comment.
probably best with caps, i.e. ESRT
| * Querying the version is also not available at this time | ||
| */ | ||
| /* TB15 NVM */ | ||
| if (buf.record->dock_info_header.dock_type == DOCK_TYPE_TB15){ |
|
Quite a few nits to deal with, but when all those are fixed up I think it's time to push to master. Thanks! |
superm1
force-pushed
the
wip/superm1/dell-support
branch
from
102b6c8
to
3d11bba
Compare
This provider will provide support for items that can be flashed as capsules but aren't present in the ESRT table. The MST hub and TBT NVM are not yet updatable, but GUIDs are created to represent them when they are.
superm1
force-pushed
the
wip/superm1/dell-support
branch
from
3d11bba
to
ffb99c6
Compare
|
OK hopefully that should cover all those nits. side note, I need a plugin for my editor that alerts me about style type stuff. Get mixed up easily on different projects I contribute to :) |
|
So moving out those structs from the .h broke the self tests :( Any chance you could export the bits required to the .h file please? Thanks. |
|
Ah darn, sorry should have ran make check again after shuffling it all around. Moved the relevant important ones back over. |
Dell systems from 2015 support field update-able TPMs that also can switch modes. This adds support for them including switching modes via the newly added unlock mechanisms.
Dell TB15 and WD15 docks can also be updated on Dell systems with Type-C. This is the initial work necessary to be able to support polling information about their updates. Currently a virtual dock device is created when a USB device on the dock (Realtek NIC specific VID/PID) is detected.
This isn't really the ideal end approach for a variety of reasons. The main one is there are multiple individual firmware components that can be updated on the dock via the same payload mechanism and flash mechanism. This means that you really want to query all the components to evaluate whether an update should be offered.
What would be most ideal is creating 3-4 devices that represent the different pieces of the dock, but then only allowing "updates" to a single component of the dock at a given time. If this is the approach taken, I would like to specify the version of each component and match it to a GUID but put them all in the same .CAB file and point them all to the same binary in that .CAB file.
To make matters more complicated, the dock EC's can't communicate the versions of all of these components properly until after the first field update. I think this corner case just needs to hardcode the version of one of the other dock devices to 0.0.0.0 (as it's currently doing with the single dock device) to ensure it gets the first update.