/src/fwupd/libfwupdplugin/fu-security-attr.c
Line | Count | Source (jump to first uncovered line) |
1 | | /* |
2 | | * Copyright 2022 Richard Hughes <richard@hughsie.com> |
3 | | * |
4 | | * SPDX-License-Identifier: LGPL-2.1-or-later |
5 | | */ |
6 | | |
7 | 0 | #define G_LOG_DOMAIN "FwupdSecurityAttr" |
8 | | |
9 | | #include "config.h" |
10 | | |
11 | | #include "fu-security-attr.h" |
12 | | #include "fu-version-common.h" |
13 | | |
14 | | typedef struct { |
15 | | FuContext *ctx; |
16 | | } FuSecurityAttrPrivate; |
17 | | |
18 | | G_DEFINE_TYPE_WITH_PRIVATE(FuSecurityAttr, fu_security_attr, FWUPD_TYPE_SECURITY_ATTR) |
19 | | |
20 | 0 | #define GET_PRIVATE(o) (fu_security_attr_get_instance_private(o)) |
21 | | |
22 | | /** |
23 | | * fu_security_attr_check_fwupd_version: |
24 | | * @attr: a #FwupdSecurityAttr |
25 | | * @fwupd_version: a fwupd version, e.g. `2.0.7` |
26 | | * |
27 | | * Checks if this attribute was available in a given fwupd release. |
28 | | * |
29 | | * If @fwupd_version is %NULL then expect %TRUE. |
30 | | * |
31 | | * Returns: %TRUE if the fwupd release contained this attribute |
32 | | * |
33 | | * Since: 2.0.7 |
34 | | **/ |
35 | | gboolean |
36 | | fu_security_attr_check_fwupd_version(FwupdSecurityAttr *attr, const gchar *fwupd_version) |
37 | 0 | { |
38 | 0 | g_return_val_if_fail(FWUPD_IS_SECURITY_ATTR(attr), FALSE); |
39 | 0 | if (fwupd_version == NULL) |
40 | 0 | return TRUE; |
41 | 0 | if (fwupd_security_attr_get_fwupd_version(attr) == NULL) |
42 | 0 | return TRUE; |
43 | 0 | return fu_version_compare(fwupd_version, |
44 | 0 | fwupd_security_attr_get_fwupd_version(attr), |
45 | 0 | FWUPD_VERSION_FORMAT_UNKNOWN) >= 0; |
46 | 0 | } |
47 | | |
48 | | /** |
49 | | * fu_security_attr_add_bios_target_value: |
50 | | * @attr: a #FwupdSecurityAttr |
51 | | * @id: a #FwupdBiosSetting ID or name |
52 | | * @needle: The substring of a target value |
53 | | * |
54 | | * Checks all configured possible values of an enumeration attribute and |
55 | | * if any match @needle then set as the target value. |
56 | | * |
57 | | * Since: 1.8.4 |
58 | | **/ |
59 | | void |
60 | | fu_security_attr_add_bios_target_value(FwupdSecurityAttr *attr, |
61 | | const gchar *id, |
62 | | const gchar *needle) |
63 | 0 | { |
64 | 0 | FuSecurityAttr *self = FU_SECURITY_ATTR(attr); |
65 | 0 | FuSecurityAttrPrivate *priv = GET_PRIVATE(self); |
66 | 0 | FwupdBiosSetting *bios_setting; |
67 | 0 | GPtrArray *values; |
68 | 0 | const gchar *current; |
69 | |
|
70 | 0 | bios_setting = fu_context_get_bios_setting(priv->ctx, id); |
71 | 0 | if (bios_setting == NULL) |
72 | 0 | return; |
73 | 0 | current = fwupd_bios_setting_get_current_value(bios_setting); |
74 | 0 | fwupd_security_attr_set_bios_setting_id(attr, fwupd_bios_setting_get_id(bios_setting)); |
75 | 0 | fwupd_security_attr_set_bios_setting_current_value(attr, current); |
76 | 0 | if (fwupd_bios_setting_get_kind(bios_setting) != FWUPD_BIOS_SETTING_KIND_ENUMERATION) |
77 | 0 | return; |
78 | 0 | if (fwupd_bios_setting_get_read_only(bios_setting)) |
79 | 0 | return; |
80 | 0 | values = fwupd_bios_setting_get_possible_values(bios_setting); |
81 | 0 | for (guint i = 0; i < values->len; i++) { |
82 | 0 | const gchar *possible = g_ptr_array_index(values, i); |
83 | 0 | g_autofree gchar *lower = g_utf8_strdown(possible, -1); |
84 | 0 | if (g_strrstr(lower, needle)) { |
85 | 0 | fwupd_security_attr_set_bios_setting_target_value(attr, possible); |
86 | | /* this is built-in to the engine */ |
87 | 0 | if (g_strcmp0(possible, current) != 0) { |
88 | 0 | fwupd_security_attr_add_flag(attr, |
89 | 0 | FWUPD_SECURITY_ATTR_FLAG_CAN_FIX); |
90 | 0 | fwupd_security_attr_add_flag(attr, |
91 | 0 | FWUPD_SECURITY_ATTR_FLAG_CAN_UNDO); |
92 | 0 | } |
93 | 0 | return; |
94 | 0 | } |
95 | 0 | } |
96 | 0 | } |
97 | | |
98 | | static void |
99 | | fu_security_attr_init(FuSecurityAttr *self) |
100 | 0 | { |
101 | 0 | } |
102 | | |
103 | | static void |
104 | | fu_security_attr_dispose(GObject *object) |
105 | 0 | { |
106 | 0 | FuSecurityAttr *self = FU_SECURITY_ATTR(object); |
107 | 0 | FuSecurityAttrPrivate *priv = GET_PRIVATE(self); |
108 | 0 | g_clear_object(&priv->ctx); |
109 | 0 | G_OBJECT_CLASS(fu_security_attr_parent_class)->dispose(object); |
110 | 0 | } |
111 | | |
112 | | static void |
113 | | fu_security_attr_class_init(FuSecurityAttrClass *klass) |
114 | 0 | { |
115 | 0 | GObjectClass *object_class = G_OBJECT_CLASS(klass); |
116 | 0 | object_class->dispose = fu_security_attr_dispose; |
117 | 0 | } |
118 | | |
119 | | /** |
120 | | * fu_security_attr_new: |
121 | | * @ctx: a #FuContext |
122 | | * @appstream_id: (nullable): the AppStream component ID, e.g. `com.intel.BiosGuard` |
123 | | * |
124 | | * Creates a new #FwupdSecurityAttr with context set. |
125 | | * |
126 | | * Returns: (transfer full): a #FwupdSecurityAttr |
127 | | * |
128 | | * Since: 1.8.4 |
129 | | **/ |
130 | | FwupdSecurityAttr * |
131 | | fu_security_attr_new(FuContext *ctx, const gchar *appstream_id) |
132 | 0 | { |
133 | 0 | g_autoptr(FuSecurityAttr) self = g_object_new(FU_TYPE_SECURITY_ATTR, NULL); |
134 | 0 | FuSecurityAttrPrivate *priv = GET_PRIVATE(self); |
135 | 0 | g_return_val_if_fail(FU_IS_CONTEXT(ctx), NULL); |
136 | 0 | if (appstream_id != NULL) |
137 | 0 | fwupd_security_attr_set_appstream_id(FWUPD_SECURITY_ATTR(self), appstream_id); |
138 | 0 | priv->ctx = g_object_ref(ctx); |
139 | 0 | return FWUPD_SECURITY_ATTR(g_steal_pointer(&self)); |
140 | 0 | } |