diff --git a/.fwupdate.metadata b/.fwupdate.metadata index 351343c..80e7117 100644 --- a/.fwupdate.metadata +++ b/.fwupdate.metadata @@ -1 +1 @@ -01e66fe30c9b15b017c6111a7962c4a50374ae22 SOURCES/fwupdate-9.tar.bz2 +46029fb9149fce5b26006e85e4e169366fc68a57 SOURCES/fwupdate-12.tar.bz2 diff --git a/.gitignore b/.gitignore index 358fe8c..15069d8 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/fwupdate-9.tar.bz2 +SOURCES/fwupdate-12.tar.bz2 diff --git a/SOURCES/0001-Make-SUBDIRS-overrideable.patch b/SOURCES/0001-Make-SUBDIRS-overrideable.patch deleted file mode 100644 index 4e4ba86..0000000 --- a/SOURCES/0001-Make-SUBDIRS-overrideable.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 1efba61b47670f3dc39bb6c2749283e435bcdc77 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 6 Mar 2017 16:46:01 -0500 -Subject: [PATCH 1/3] Make SUBDIRS overrideable - -Signed-off-by: Peter Jones ---- - Makefile | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/Makefile b/Makefile -index 6585149..6d6511b 100644 ---- a/Makefile -+++ b/Makefile -@@ -3,7 +3,7 @@ default : all - TOPDIR=$(shell pwd) - include $(TOPDIR)/Make.version - include $(TOPDIR)/Make.defaults --SUBDIRS = efi linux docs include -+SUBDIRS ?= efi linux docs include - - all clean install : | check_efidir_error - @set -e ; for x in $(SUBDIRS) ; do \ --- -2.9.3 - diff --git a/SOURCES/0001-Make-some-compiler-versions-ignore-missing-field-ini.patch b/SOURCES/0001-Make-some-compiler-versions-ignore-missing-field-ini.patch new file mode 100644 index 0000000..954ac64 --- /dev/null +++ b/SOURCES/0001-Make-some-compiler-versions-ignore-missing-field-ini.patch @@ -0,0 +1,43 @@ +From dfe3645bb2535904f441d9031080dd4cd118688a Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Mon, 11 Jun 2018 13:04:43 -0400 +Subject: [PATCH 1/2] Make some compiler versions ignore missing field + initializers. + +There's literally no reason for -Wmissing-field-initializers to ever +trigger when you're using -std= /anything c99 or newer/, but some +compilers do, so nerf it out. + +Signed-off-by: Peter Jones +--- + efi/Makefile | 1 + + linux/Makefile | 1 + + 2 files changed, 2 insertions(+) + +diff --git a/efi/Makefile b/efi/Makefile +index 6699af1d400..f4d079e8816 100644 +--- a/efi/Makefile ++++ b/efi/Makefile +@@ -13,6 +13,7 @@ CFLAGS ?= -Og -g3 -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 \ + -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 \ + -grecord-gcc-switches + BUILDFLAGS := $(CFLAGS) -fpic -Werror -Wall -Wextra -fshort-wchar \ ++ -Wno-error=missing-field-initializers -Wno-missing-field-initializers \ + -fno-merge-constants -ffreestanding \ + -fno-stack-protector -fno-stack-check --std=gnu11 -DCONFIG_$(ARCH) \ + -I/usr/include/efi/ -I/usr/include/efi/$(ARCH)/ \ +diff --git a/linux/Makefile b/linux/Makefile +index 6089b4758bb..7aed70495cb 100644 +--- a/linux/Makefile ++++ b/linux/Makefile +@@ -34,6 +34,7 @@ endif + BUILDFLAGS := $(CFLAGS) -Wall -Wextra -Werror -Wno-error=cpp \ + -Wno-unused-result -Wno-unused-function \ + -Wsign-compare -Werror=sign-compare \ ++ -Wno-error=missing-field-initializers -Wno-missing-field-initializers \ + -fshort-wchar --std=gnu11 \ + -DLOCALEDIR=\"$(localedir)\" -D_GNU_SOURCE \ + -DFWUP_EFI_DIR_NAME=\"$(EFIDIR)\" \ +-- +2.17.1 + diff --git a/SOURCES/0002-efi-fwupdate-make-our-mult-wrapper-get-the-type-of-U.patch b/SOURCES/0002-efi-fwupdate-make-our-mult-wrapper-get-the-type-of-U.patch deleted file mode 100644 index ba8e1a3..0000000 --- a/SOURCES/0002-efi-fwupdate-make-our-mult-wrapper-get-the-type-of-U.patch +++ /dev/null @@ -1,27 +0,0 @@ -From cc98981427a6cc19e6612a22528cf7ff6f3ad0f0 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 6 Mar 2017 16:52:29 -0500 -Subject: [PATCH 2/3] efi/fwupdate: make our mult wrapper get the type of UINTN - right. - -Signed-off-by: Peter Jones ---- - efi/fwupdate.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/efi/fwupdate.c b/efi/fwupdate.c -index b82e24e..942d347 100644 ---- a/efi/fwupdate.c -+++ b/efi/fwupdate.c -@@ -44,7 +44,7 @@ static int debugging; - #endif - #ifndef uintn_mult - #define uintn_mult(a, b, c) ({ \ -- const UINTN _limit = ~0ULL; \ -+ const UINTN _limit = ~0UL; \ - int _ret = 1; \ - if ((a) != 0 && (b) != 0) { \ - _ret = _limit / (a) < (b); \ --- -2.9.3 - diff --git a/SOURCES/0002-libfwup-set_up_boot_next-make-sure-we-check-if-our-f.patch b/SOURCES/0002-libfwup-set_up_boot_next-make-sure-we-check-if-our-f.patch new file mode 100644 index 0000000..a97fce4 --- /dev/null +++ b/SOURCES/0002-libfwup-set_up_boot_next-make-sure-we-check-if-our-f.patch @@ -0,0 +1,61 @@ +From a0c57f8759a0548aa7f0334f6839156b1456bb2a Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Wed, 13 Jun 2018 09:57:49 -0400 +Subject: [PATCH 2/2] libfwup: set_up_boot_next(): make sure we check if our + file paths are NULL. + +Coverity's clang scan believes we can sometimes alloca(0) if +fwup_esp_path is NULL, though I don't think this can happen because if +it is NULL get_paths() should have returned error. Nevertheless, just +check both things. + +Additionally, this adds a check to make sure utf8_to_ucs2() and +ucs2len() didn't fail. + +Signed-off-by: Peter Jones +--- + linux/libfwup.c | 19 +++++++++++++++---- + 1 file changed, 15 insertions(+), 4 deletions(-) + +diff --git a/linux/libfwup.c b/linux/libfwup.c +index abab18e96ac..61a9d280c32 100644 +--- a/linux/libfwup.c ++++ b/linux/libfwup.c +@@ -1215,9 +1215,9 @@ set_up_boot_next(void) + uint32_t attributes = LOAD_OPTION_ACTIVE; + + rc = get_paths(&shim_fs_path, &fwup_fs_path, &fwup_esp_path); +- if (rc < 0) { ++ if (rc < 0 || (!shim_fs_path && (!fwup_fs_path || !fwup_esp_path))) { + efi_error("could not find paths for shim and fwup"); +- return -1; ++ goto out; + } + + if (!shim_fs_path) +@@ -1242,9 +1242,20 @@ set_up_boot_next(void) + + if (!use_fwup_path) { + loader_str = utf8_to_ucs2((uint8_t *)fwup_esp_path, -1); ++ if (loader_str == NULL) { ++ efi_error("utf8_to_ucs2() failed"); ++ goto out; ++ } + loader_sz = ucs2len(loader_str, -1) * 2; +- if (loader_sz) +- loader_sz += 2; ++ if (loader_sz < 2) { ++ efi_error("ucs2len(fwup_esp_path) returned %zu", ++ loader_sz); ++ saved_errno = errno; ++ free(loader_str); ++ errno = saved_errno; ++ goto out; ++ } ++ loader_sz += 2; + loader_str = onstack(loader_str, loader_sz); + } + +-- +2.17.1 + diff --git a/SOURCES/0003-Actually-add-fwup_version-to-our-exposed-API-list.patch b/SOURCES/0003-Actually-add-fwup_version-to-our-exposed-API-list.patch new file mode 100644 index 0000000..3a7e766 --- /dev/null +++ b/SOURCES/0003-Actually-add-fwup_version-to-our-exposed-API-list.patch @@ -0,0 +1,25 @@ +From 6101b6b304da06644bd7a90444f729d0fc44940e Mon Sep 17 00:00:00 2001 +From: Peter Jones +Date: Thu, 28 Jun 2018 14:00:19 -0400 +Subject: [PATCH] Actually add fwup_version to our exposed API list. + +Signed-off-by: Peter Jones +--- + linux/libfwup.map.in | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/linux/libfwup.map.in b/linux/libfwup.map.in +index 8746b7a46cc..df9395ce705 100644 +--- a/linux/libfwup.map.in ++++ b/linux/libfwup.map.in +@@ -30,3 +30,7 @@ LIBFWUP_1.11 { + global: fwup_set_guid_forced; + fwup_resource_free; + } libfwup.so.1; ++ ++LIBFWUP_1.12 { ++ global: fwup_version; ++} LIBFWUP_1.11; +-- +2.17.1 + diff --git a/SOURCES/0003-Nerf-SMBIOS-functions-out-of-fwupdate.patch b/SOURCES/0003-Nerf-SMBIOS-functions-out-of-fwupdate.patch deleted file mode 100644 index 4d3cfc5..0000000 --- a/SOURCES/0003-Nerf-SMBIOS-functions-out-of-fwupdate.patch +++ /dev/null @@ -1,33 +0,0 @@ -From c4acdf165ac61bce88cd4264897c8783665b0799 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 13 Mar 2017 16:50:47 -0400 -Subject: [PATCH 3/3] Nerf SMBIOS functions out of fwupdate - -RHEL 7.4 doesn't have libsmbios, so we can't actually use it to do -anything. - -Signed-off-by: Peter Jones ---- - linux/Makefile | 6 ------ - 1 file changed, 6 deletions(-) - -diff --git a/linux/Makefile b/linux/Makefile -index 5122e48..45bd156 100644 ---- a/linux/Makefile -+++ b/linux/Makefile -@@ -8,12 +8,6 @@ LIB_LIBS= pthread - BIN_LIBS= popt pthread - PKLIBS = efivar efiboot - HAVE_LIBSMBIOS=no --ifeq ($(ARCH),x86_64) -- HAVE_LIBSMBIOS=yes --endif --ifeq ($(ARCH),ia32) -- HAVE_LIBSMBIOS=yes --endif - CFLAGS ?= -g -O0 - PJONES = - BIN_CCLDFLAGS = $(foreach lib,$(BIN_LIBS),-l$(lib)) \ --- -2.9.3 - diff --git a/SOURCES/0004-libfwup-get_info-return-whatever-a-second-call-to-ge.patch b/SOURCES/0004-libfwup-get_info-return-whatever-a-second-call-to-ge.patch deleted file mode 100644 index cf7a310..0000000 --- a/SOURCES/0004-libfwup-get_info-return-whatever-a-second-call-to-ge.patch +++ /dev/null @@ -1,36 +0,0 @@ -From eb99a8ffba4963482b3bda2b37266734a1f6ad78 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Mar 2017 13:17:42 -0400 -Subject: [PATCH 04/11] libfwup: get_info: return whatever a second call to - get_info() gave us - -When we recurse and try to get a new variable, just exit with the status -code get_info() gave us on the second pass. - -Caught by coverity. - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 5 ++--- - 1 file changed, 2 insertions(+), 3 deletions(-) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index fe4ece4..bdb8708 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -310,10 +310,9 @@ get_err: - return -1; - } - rc = get_info(guid, hw_inst, info); -- if (rc < 0) { -+ if (rc < 0) - efi_error("get_info() failed"); -- return rc; -- } -+ return rc; - } - local = (update_info *)data; - --- -2.12.2 - diff --git a/SOURCES/0005-read_file_at-don-t-initialize-saved_errno-if-we-re-n.patch b/SOURCES/0005-read_file_at-don-t-initialize-saved_errno-if-we-re-n.patch deleted file mode 100644 index c910ab5..0000000 --- a/SOURCES/0005-read_file_at-don-t-initialize-saved_errno-if-we-re-n.patch +++ /dev/null @@ -1,29 +0,0 @@ -From fd5458603dbd6309e2cc3eba6a1ed0c9c389836e Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Mar 2017 13:19:10 -0400 -Subject: [PATCH 05/11] read_file_at(): don't initialize saved_errno if we're - not using it. - -Coverity caught this completelty insignificant bug. - -Signed-off-by: Peter Jones ---- - linux/util.h | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/linux/util.h b/linux/util.h -index d8dcf3b..23fd7cd 100644 ---- a/linux/util.h -+++ b/linux/util.h -@@ -35,7 +35,7 @@ static inline int - __attribute__((unused)) - read_file_at(int dfd, char *name, uint8_t **buf, size_t *bufsize) - { -- int saved_errno = errno; -+ int saved_errno; - uint8_t *p; - size_t size = 4096; - size_t filesize = 0; --- -2.12.2 - diff --git a/SOURCES/0006-fwup_set_up_update-don-t-lseek-on-our-error-path.patch b/SOURCES/0006-fwup_set_up_update-don-t-lseek-on-our-error-path.patch deleted file mode 100644 index 7d328d9..0000000 --- a/SOURCES/0006-fwup_set_up_update-don-t-lseek-on-our-error-path.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 0b8ddf8fa6d8e2c86b5f3f1f16d87bcd0a921eae Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Mar 2017 13:21:44 -0400 -Subject: [PATCH 06/11] fwup_set_up_update(): don't lseek() on our error path. - -We were doing this as a courtesy to the caller, but all checkers will (I -guess rightly) complain that we're not handling lseek()'s error case. -Since there's no obvious way *to* handle the error case, may as well -not. - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 1 - - 1 file changed, 1 deletion(-) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index bdb8708..d82700f 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -1373,7 +1373,6 @@ fwup_set_up_update(fwup_resource *re, - goto out; - out: - error = errno; -- lseek(infd, offset, SEEK_SET); - if (path) - free(path); - if (fin) --- -2.12.2 - diff --git a/SOURCES/0007-add_to_boot_order-actually-always-pass-in-attributes.patch b/SOURCES/0007-add_to_boot_order-actually-always-pass-in-attributes.patch deleted file mode 100644 index e9a2f39..0000000 --- a/SOURCES/0007-add_to_boot_order-actually-always-pass-in-attributes.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 59e5faa7f29cb4296308720fab36f4f9d1f45ab7 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Mar 2017 13:24:44 -0400 -Subject: [PATCH 07/11] add_to_boot_order(): actually always pass in attributes - for BootOrder. - -Normally BootOrder is set, and we don't hit the uninitialized path, -but... yeah. - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index d82700f..28a4417 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -774,7 +774,9 @@ add_to_boot_order(uint16_t boot_entry) - { - uint16_t *boot_order = NULL, *new_boot_order = NULL; - size_t boot_order_size = 0; -- uint32_t attr; -+ uint32_t attr = EFI_VARIABLE_NON_VOLATILE | -+ EFI_VARIABLE_BOOTSERVICE_ACCESS | -+ EFI_VARIABLE_RUNTIME_ACCESS; - int rc; - unsigned int i; - --- -2.12.2 - diff --git a/SOURCES/0008-fwup_resource_iter_create-make-the-error-path-actual.patch b/SOURCES/0008-fwup_resource_iter_create-make-the-error-path-actual.patch deleted file mode 100644 index 1e4c929..0000000 --- a/SOURCES/0008-fwup_resource_iter_create-make-the-error-path-actual.patch +++ /dev/null @@ -1,68 +0,0 @@ -From f350c8f7f91a17039cabd7b1650609e154a85ccd Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Mar 2017 13:32:17 -0400 -Subject: [PATCH 08/11] fwup_resource_iter_create(): make the error path - actually work... - -coverity noticed that this was horrible. - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 23 ++++++++++++++++------- - 1 file changed, 16 insertions(+), 7 deletions(-) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index 28a4417..3bf2659 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -422,7 +422,8 @@ int - fwup_resource_iter_create(fwup_resource_iter **iter) - { - int error; -- const char *path; -+ char *path; -+ - if (!iter) { - efi_error("invalid iter"); - errno = EINVAL; -@@ -438,16 +439,13 @@ fwup_resource_iter_create(fwup_resource_iter **iter) - path = get_esrt_dir(1); - if (!path) { - efi_error("get_esrt_dir(1) failed"); -- return -1; -+ goto err; - } -+ - new->dir = opendir(path); - if (!new->dir) { - efi_error("opendir(path) failed"); --err: -- error = errno; -- free(new); -- errno = error; -- return -1; -+ goto err; - } - - new->dirfd = dirfd(new->dir); -@@ -458,6 +456,17 @@ err: - - *iter = new; - return 0; -+err: -+ error = errno; -+ if (new) { -+ if (new->dir) -+ closedir(new->dir); -+ free(new); -+ } -+ if (path) -+ free(path); -+ errno = error; -+ return -1; - } - - static void --- -2.12.2 - diff --git a/SOURCES/0009-add_to_boot_order-set-the-new-BootOrder-entry-at-the.patch b/SOURCES/0009-add_to_boot_order-set-the-new-BootOrder-entry-at-the.patch deleted file mode 100644 index 62abf67..0000000 --- a/SOURCES/0009-add_to_boot_order-set-the-new-BootOrder-entry-at-the.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 2931d55f8b547663eee88be432e89d2c18506761 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Mar 2017 13:32:39 -0400 -Subject: [PATCH 09/11] add_to_boot_order(): set the new BootOrder entry at the - right place - -Coverity noticed that this was setting just anything really. - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index 3bf2659..8fb4e2e 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -825,6 +825,7 @@ add_to_boot_order(uint16_t boot_entry) - } - memcpy(new_boot_order, boot_order, boot_order_size); - -+ i = boot_order_size / sizeof (uint16_t); - new_boot_order[i] = boot_entry; - boot_order_size += sizeof (uint16_t); - --- -2.12.2 - diff --git a/SOURCES/0010-fwup_set_up_update-check-lseek-s-return-value.patch b/SOURCES/0010-fwup_set_up_update-check-lseek-s-return-value.patch deleted file mode 100644 index 8be9255..0000000 --- a/SOURCES/0010-fwup_set_up_update-check-lseek-s-return-value.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 544b5623f3eadc16840e3e205ce93528b9a987b2 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 28 Mar 2017 13:33:20 -0400 -Subject: [PATCH 10/11] fwup_set_up_update(): check lseek()'s return value. - -Coverity noticed this wasn't getting done. - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index 8fb4e2e..c14a996 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -1303,6 +1303,10 @@ fwup_set_up_update(fwup_resource *re, - } - - offset = lseek(infd, 0, SEEK_CUR); -+ if (offset < 0) { -+ efi_error("lseek failed"); -+ return -1; -+ } - - /* get device */ - rc = get_info(&re->esre.guid, 0, &info); --- -2.12.2 - diff --git a/SOURCES/0011-put_info-try-to-limit-bounds-of-our-duplicated-devic.patch b/SOURCES/0011-put_info-try-to-limit-bounds-of-our-duplicated-devic.patch deleted file mode 100644 index 40c0dc3..0000000 --- a/SOURCES/0011-put_info-try-to-limit-bounds-of-our-duplicated-devic.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 2192afd376759f9b0e3720692046baccabf114e9 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Mon, 8 May 2017 15:55:59 -0400 -Subject: [PATCH 11/11] put_info(): try to limit bounds of our duplicated - device path more... - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index c14a996..b29a0e5 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -377,7 +377,10 @@ err: - return -1; - } - /* Make sure sizeof(*info) + dps won't integer overflow */ -- if ((size_t)dps > SSIZE_MAX - sizeof(*info)) { -+ if (((size_t)dps >= SSIZE_MAX - sizeof(*info)) || -+ /* Make sure extra hard by just picking an astonishingly large -+ * value that's merely very very unlikely... */ -+ ((ssize_t)dps > sysconf(_SC_PAGESIZE) * 100)) { - efi_error("device path size (%zd) would overflow", dps); - errno = EOVERFLOW; - return -1; --- -2.12.2 - diff --git a/SOURCES/0012-Try-harder-to-satisfy-coverity-about-the-structure-o.patch b/SOURCES/0012-Try-harder-to-satisfy-coverity-about-the-structure-o.patch deleted file mode 100644 index f54da9f..0000000 --- a/SOURCES/0012-Try-harder-to-satisfy-coverity-about-the-structure-o.patch +++ /dev/null @@ -1,88 +0,0 @@ -From 2ca5e334bbc5309fc6329b1263bd8d3d85712d03 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 9 May 2017 09:43:29 -0400 -Subject: [PATCH 12/13] Try harder to satisfy coverity about the structure of - update_info. - -Signed-off-by: Peter Jones ---- - efi/fwupdate.c | 2 +- - efi/mkvar2.c | 2 +- - include/fwup-efi.h | 3 ++- - linux/libfwup.c | 6 +++--- - 4 files changed, 7 insertions(+), 6 deletions(-) - -diff --git a/efi/fwupdate.c b/efi/fwupdate.c -index 942d347..d009267 100644 ---- a/efi/fwupdate.c -+++ b/efi/fwupdate.c -@@ -674,7 +674,7 @@ add_capsule(update_table *update, EFI_CAPSULE_HEADER **capsule_out, - UINTN fsize = 0; - EFI_CAPSULE_HEADER *capsule; - -- rc = open_file((EFI_DEVICE_PATH *)update->info->dp, &fh); -+ rc = open_file((EFI_DEVICE_PATH *)update->info->dp_buf, &fh); - if (EFI_ERROR(rc)) - return rc; - -diff --git a/efi/mkvar2.c b/efi/mkvar2.c -index 0c60a5a..a02a912 100644 ---- a/efi/mkvar2.c -+++ b/efi/mkvar2.c -@@ -44,7 +44,7 @@ efi_main(EFI_HANDLE image, EFI_SYSTEM_TABLE *systab) - InitializeLib(image, systab); - - ZeroMem(&info->time_attempted, sizeof (info->time_attempted)); -- CopyMem(info->dp, devicepath, sizeof (devicepath)-1); -+ CopyMem(info->dp_buf, devicepath, sizeof (devicepath)-1); - CopyMem(&info->guid, &guid, sizeof (guid)); - - EFI_STATUS rc = uefi_call_wrapper(RT->SetVariable, 5, L"FwUpdates", -diff --git a/include/fwup-efi.h b/include/fwup-efi.h -index fe1ec90..37f3459 100644 ---- a/include/fwup-efi.h -+++ b/include/fwup-efi.h -@@ -31,7 +31,8 @@ typedef struct update_info_s { - /* variadic device path */ - union { - efidp_header *dp_ptr; -- uint8_t dp[sizeof(efidp_header)]; -+ efidp_header dp; -+ uint8_t dp_buf[0]; - }; - } __attribute__((__packed__)) update_info; - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index b29a0e5..232eb77 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -321,7 +321,7 @@ get_err: - goto get_err; - } - -- ssize_t sz = efidp_size((efidp)local->dp); -+ ssize_t sz = efidp_size((efidp)local->dp_buf); - if (sz < 0) { - efi_error("efidp_size() failed"); - free(data); -@@ -337,7 +337,7 @@ get_err: - return -1; - } - -- memcpy(dp, local->dp, (size_t)sz); -+ memcpy(dp, local->dp_buf, (size_t)sz); - local->dp_ptr = dp; - - *info = local; -@@ -394,7 +394,7 @@ err: - return -1; - - memcpy(info2, info, sizeof(*info)); -- memcpy(info2->dp, info->dp_ptr, dps); -+ memcpy(info2->dp_buf, info->dp_ptr, dps); - - uint32_t attributes = EFI_VARIABLE_NON_VOLATILE - | EFI_VARIABLE_BOOTSERVICE_ACCESS --- -2.12.2 - diff --git a/SOURCES/0013-Add-coverity-makefile-bits.patch b/SOURCES/0013-Add-coverity-makefile-bits.patch deleted file mode 100644 index dd531c1..0000000 --- a/SOURCES/0013-Add-coverity-makefile-bits.patch +++ /dev/null @@ -1,103 +0,0 @@ -From d27930abbc6af501d8375b1a28001691b91fc952 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Tue, 9 May 2017 11:35:17 -0400 -Subject: [PATCH 13/13] Add coverity makefile bits - -This lets us do semi-automated coverity uploads directly from the repo -checkout. - -Signed-off-by: Peter Jones ---- - .gitignore | 1 + - Make.rules | 6 ++++++ - Makefile | 38 +++++++++++++++++++++++++++++++++++++- - 3 files changed, 44 insertions(+), 1 deletion(-) - create mode 100644 Make.rules - -diff --git a/.gitignore b/.gitignore -index 25be91f..91c3ae6 100644 ---- a/.gitignore -+++ b/.gitignore -@@ -10,3 +10,4 @@ - *.tar.* - .*.sw? - linux/include/fwup-version.h -+cov-int -diff --git a/Make.rules b/Make.rules -new file mode 100644 -index 0000000..b7cd9e8 ---- /dev/null -+++ b/Make.rules -@@ -0,0 +1,6 @@ -+ -+include $(TOPDIR)/Make.version -+ -+define get-config -+$(shell git config --local --get "fwupdate.$(1)") -+endef -diff --git a/Makefile b/Makefile -index 6d6511b..14c3ad6 100644 ---- a/Makefile -+++ b/Makefile -@@ -2,10 +2,11 @@ default : all - - TOPDIR=$(shell pwd) - include $(TOPDIR)/Make.version -+include $(TOPDIR)/Make.rules - include $(TOPDIR)/Make.defaults - SUBDIRS ?= efi linux docs include - --all clean install : | check_efidir_error -+all install : | check_efidir_error - @set -e ; for x in $(SUBDIRS) ; do \ - $(MAKE) DESTDIR=$(DESTDIR) TOPDIR=$(TOPDIR) VERSION=$(VERSION) \ - LIBDIR=$(LIBDIR) bindir=$(bindir) mandir=$(mandir) \ -@@ -15,6 +16,39 @@ all clean install : | check_efidir_error - fwupdate.spec : fwupdate.spec.in Makefile - @sed -e "s,@@VERSION@@,$(VERSION),g" $< > $@ - -+COV_EMAIL=$(call get-config,coverity.email) -+COV_TOKEN=$(call get-config,coverity.token) -+COV_URL=$(call get-config,coverity.url) -+COV_FILE=fwupdate-coverity-$(VERSION)-$(COMMIT_ID).tar.bz2 -+COMMIT_ID=$(shell git log -1 --pretty=%H 2>/dev/null || echo master) -+ -+clean : -+ @set -e ; for x in $(SUBDIRS) ; do \ -+ $(MAKE) DESTDIR=$(DESTDIR) TOPDIR=$(TOPDIR) VERSION=$(VERSION) \ -+ LIBDIR=$(LIBDIR) bindir=$(bindir) mandir=$(mandir) \ -+ -C $$x $@ ; \ -+ done -+ @rm -vrf cov-int fwupdate-coverity-*.tar.* -+ -+cov-int : clean -+ cov-build --dir cov-int make all -+ -+$(COV_FILE) : cov-int -+ tar caf $@ cov-int -+ -+cov-upload : -+ @if [[ -n "$(COV_URL)" ]] && \ -+ [[ -n "$(COV_TOKEN)" ]] && \ -+ [[ -n "$(COV_EMAIL)" ]] ; \ -+ then \ -+ echo curl --form token=$(COV_TOKEN) --form email="$(COV_EMAIL)" --form file=@"$(COV_FILE)" --form version=$(VERSION).1 --form description="$(COMMIT_ID)" "$(COV_URL)" ; \ -+ curl --form token=$(COV_TOKEN) --form email="$(COV_EMAIL)" --form file=@"$(COV_FILE)" --form version=$(VERSION).1 --form description="$(COMMIT_ID)" "$(COV_URL)" ; \ -+ else \ -+ echo Coverity output is in $(COV_FILE) ; \ -+ fi -+ -+coverity : $(COV_FILE) cov-upload -+ - GITTAG = $(VERSION) - - test-archive: fwupdate.spec -@@ -40,3 +74,5 @@ archive: tag fwupdate.spec - @dir=$$PWD; cd /tmp; tar -c --bzip2 -f $$dir/fwupdate-$(VERSION).tar.bz2 fwupdate-$(VERSION) - @rm -rf /tmp/fwupdate-$(VERSION) - @echo "The archive is in fwupdate-$(VERSION).tar.bz2" -+ -+.PHONY: $(SUBDIRS) coverity cov-upload --- -2.12.2 - diff --git a/SOURCES/0014-Don-t-free-alloca-d-memory.patch b/SOURCES/0014-Don-t-free-alloca-d-memory.patch deleted file mode 100644 index 5d051c5..0000000 --- a/SOURCES/0014-Don-t-free-alloca-d-memory.patch +++ /dev/null @@ -1,32 +0,0 @@ -From b0340e15ffde4c508d753cb610166bd7124ecdb1 Mon Sep 17 00:00:00 2001 -From: Peter Jones -Date: Fri, 19 May 2017 15:35:17 -0400 -Subject: [PATCH] Don't free() alloca()'d memory. - -get_esrt_dir() returns a value on the caller's local stack, so don't -free it on the error path in fwup_resource_iter_create(). - -This fixes a SIGABRT from free() on the case where the machine doesn't -have an ESRT. - -Signed-off-by: Peter Jones ---- - linux/libfwup.c | 2 -- - 1 file changed, 2 deletions(-) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index 4c9b7c8..929c106 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -466,8 +466,6 @@ err: - closedir(new->dir); - free(new); - } -- if (path) -- free(path); - errno = error; - return -1; - } --- -2.12.2 - diff --git a/SOURCES/0015-Fix-uninitialized-variable.patch b/SOURCES/0015-Fix-uninitialized-variable.patch deleted file mode 100644 index 406cd40..0000000 --- a/SOURCES/0015-Fix-uninitialized-variable.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 2fe9e690e019d2e25db3be22b57623c0618148d7 Mon Sep 17 00:00:00 2001 -From: Mirco Tischler -Date: Mon, 6 Mar 2017 23:45:46 +0100 -Subject: [PATCH] Fix uninitialized variable. - -If boot_order_size is 0, i was never set. On gcc-6.3.1, this broke the -build if compiled with -O2 (-Werror=maybe_uninitialized). This is the -error: - -libfwup.c: In function 'set_up_boot_next': -libfwup.c:818:16: error: 'i' may be used uninitialized in this function [-Werror=maybe-uninitialized] - new_boot_order[i] = boot_entry; - ^ -libfwup.c:780:15: note: 'i' was declared here - unsigned int i; - ^ -cc1: all warnings being treated as errors ---- - linux/libfwup.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/linux/libfwup.c b/linux/libfwup.c -index 232eb77..30cf56a 100644 ---- a/linux/libfwup.c -+++ b/linux/libfwup.c -@@ -790,7 +790,7 @@ add_to_boot_order(uint16_t boot_entry) - EFI_VARIABLE_BOOTSERVICE_ACCESS | - EFI_VARIABLE_RUNTIME_ACCESS; - int rc; -- unsigned int i; -+ unsigned int i = 0; - - rc = efi_get_variable_size(efi_guid_global, "BootOrder", - &boot_order_size); --- -2.12.2 - diff --git a/SOURCES/centos-ca-secureboot.der b/SOURCES/centos-ca-secureboot.der deleted file mode 100644 index 44a2563..0000000 Binary files a/SOURCES/centos-ca-secureboot.der and /dev/null differ diff --git a/SOURCES/centossecureboot001.crt b/SOURCES/centossecureboot001.crt deleted file mode 100644 index 321c4ec..0000000 --- a/SOURCES/centossecureboot001.crt +++ /dev/null @@ -1,81 +0,0 @@ -Certificate: - Data: - Version: 3 (0x2) - Serial Number: - b6:16:15:71:72:fb:31:7e - Signature Algorithm: sha256WithRSAEncryption - Issuer: CN=CentOS Secure Boot (CA key 1)/emailAddress=security@centos.org - Validity - Not Before: Aug 1 11:47:30 2018 GMT - Not After : Dec 31 11:47:30 2037 GMT - Subject: CN=CentOS Secure Boot (key 1)/emailAddress=security@centos.org - Subject Public Key Info: - Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): - 00:c1:a3:6a:f4:2d:71:83:6c:21:ca:0c:b7:ac:fa: - 76:80:43:03:40:87:5d:de:e9:1e:df:ad:e7:2b:51: - cb:f8:31:0f:9a:db:ab:23:25:04:11:05:57:7d:f2: - 4b:8d:1e:b3:75:78:1d:b9:57:8b:18:0b:bb:7e:e3: - 24:0f:6a:40:5f:2b:4f:03:a5:85:94:d2:f9:08:a0: - bc:db:a5:ea:4f:7f:e8:7c:d1:a9:f8:f0:9c:25:18: - 00:14:c4:c4:35:7d:1d:4c:8a:8d:95:f8:ed:65:97: - a5:a4:da:7d:cb:f0:33:3b:b7:03:94:68:47:05:57: - 6c:96:91:ac:14:f2:e3:f6:6d:4a:18:cf:68:8a:35: - 6f:8e:26:99:7f:db:c9:83:54:c2:c3:bf:ad:45:a0: - aa:a0:86:5f:20:b1:86:1b:ae:b7:28:15:11:f9:65: - 53:5d:70:33:9b:a3:c7:b5:c8:11:ff:55:3b:e7:46: - f1:6c:6b:8c:bb:f2:9f:36:23:b1:2d:23:2f:8f:4f: - 6c:a8:cc:ae:f5:56:9e:22:6c:0e:9a:4a:b1:bd:b2: - 76:15:5c:05:85:b8:5e:dc:8c:a5:c3:e0:75:51:a4: - 94:9b:03:2e:7b:f8:d3:b9:dd:7f:88:ce:2e:2f:28: - 4c:b4:92:2f:e6:e0:67:0a:d0:ff:c5:d2:79:a6:ef: - 94:0f - Exponent: 65537 (0x10001) - X509v3 extensions: - X509v3 Basic Constraints: critical - CA:FALSE - X509v3 Key Usage: - Digital Signature - X509v3 Subject Key Identifier: - F0:37:C6:EA:EC:36:D4:05:7A:52:6C:0E:C6:D5:A9:5B:32:4E:E1:29 - X509v3 Authority Key Identifier: - keyid:54:EC:81:85:89:3E:E9:1A:DB:08:F7:44:88:54:7E:8E:3F:74:3A:F3 - - Signature Algorithm: sha256WithRSAEncryption - 97:97:ba:a6:0b:5b:bb:84:39:2e:ef:8b:51:9a:89:bb:65:3c: - dc:15:d0:5a:88:c5:af:ce:93:f5:c1:74:98:15:59:a9:38:da: - 11:fd:46:d5:4f:23:7c:03:1f:ae:0c:70:93:94:a7:61:2f:4b: - 2f:5f:bb:cc:8a:d7:4a:24:66:73:85:b4:19:13:fc:6a:61:4a: - 28:1f:a2:38:f4:72:90:03:c4:3e:64:63:8b:fb:15:22:22:4e: - b9:43:d9:b4:3d:3a:60:c1:4d:3a:09:85:68:7a:bc:3b:f9:ef: - f3:f5:e9:c9:4f:80:8c:c6:e9:cb:ef:28:44:b0:5d:d4:9e:4f: - 0f:02:9a:65:aa:98:35:b4:6f:d2:80:e3:08:ef:12:d0:17:56: - a6:a1:42:1e:1d:ab:e5:33:c0:fd:88:0d:40:42:81:c8:27:30: - 17:07:57:3e:05:9d:aa:05:0e:5b:3a:79:b4:29:aa:7c:42:5a: - ad:43:59:fb:34:4d:dc:62:58:63:e4:fb:de:bb:fd:6c:4e:97: - 58:f4:b9:99:4a:71:fe:7f:16:50:55:25:46:39:96:9b:88:6c: - 75:19:33:9e:70:b3:04:82:fe:16:a8:8e:22:47:83:6d:16:77: - da:26:ad:31:d8:06:6d:c5:7e:46:4b:21:ab:ae:ec:2a:93:71: - da:7f:89:1d ------BEGIN CERTIFICATE----- -MIIDdTCCAl2gAwIBAgIJALYWFXFy+zF+MA0GCSqGSIb3DQEBCwUAMEwxJjAkBgNV -BAMMHUNlbnRPUyBTZWN1cmUgQm9vdCAoQ0Ega2V5IDEpMSIwIAYJKoZIhvcNAQkB -FhNzZWN1cml0eUBjZW50b3Mub3JnMB4XDTE4MDgwMTExNDczMFoXDTM3MTIzMTEx -NDczMFowSTEjMCEGA1UEAxMaQ2VudE9TIFNlY3VyZSBCb290IChrZXkgMSkxIjAg -BgkqhkiG9w0BCQEWE3NlY3VyaXR5QGNlbnRvcy5vcmcwggEiMA0GCSqGSIb3DQEB -AQUAA4IBDwAwggEKAoIBAQDBo2r0LXGDbCHKDLes+naAQwNAh13e6R7frecrUcv4 -MQ+a26sjJQQRBVd98kuNHrN1eB25V4sYC7t+4yQPakBfK08DpYWU0vkIoLzbpepP -f+h80an48JwlGAAUxMQ1fR1Mio2V+O1ll6Wk2n3L8DM7twOUaEcFV2yWkawU8uP2 -bUoYz2iKNW+OJpl/28mDVMLDv61FoKqghl8gsYYbrrcoFRH5ZVNdcDObo8e1yBH/ -VTvnRvFsa4y78p82I7EtIy+PT2yozK71Vp4ibA6aSrG9snYVXAWFuF7cjKXD4HVR -pJSbAy57+NO53X+Izi4vKEy0ki/m4GcK0P/F0nmm75QPAgMBAAGjXTBbMAwGA1Ud -EwEB/wQCMAAwCwYDVR0PBAQDAgeAMB0GA1UdDgQWBBTwN8bq7DbUBXpSbA7G1alb -Mk7hKTAfBgNVHSMEGDAWgBRU7IGFiT7pGtsI90SIVH6OP3Q68zANBgkqhkiG9w0B -AQsFAAOCAQEAl5e6pgtbu4Q5Lu+LUZqJu2U83BXQWojFr86T9cF0mBVZqTjaEf1G -1U8jfAMfrgxwk5SnYS9LL1+7zIrXSiRmc4W0GRP8amFKKB+iOPRykAPEPmRji/sV -IiJOuUPZtD06YMFNOgmFaHq8O/nv8/XpyU+AjMbpy+8oRLBd1J5PDwKaZaqYNbRv -0oDjCO8S0BdWpqFCHh2r5TPA/YgNQEKByCcwFwdXPgWdqgUOWzp5tCmqfEJarUNZ -+zRN3GJYY+T73rv9bE6XWPS5mUpx/n8WUFUlRjmWm4hsdRkznnCzBIL+FqiOIkeD -bRZ32iatMdgGbcV+Rkshq67sKpNx2n+JHQ== ------END CERTIFICATE----- diff --git a/SPECS/fwupdate.spec b/SPECS/fwupdate.spec index 960fc8f..dda4373 100644 --- a/SPECS/fwupdate.spec +++ b/SPECS/fwupdate.spec @@ -1,13 +1,11 @@ -%global efivar_version 31-1 -%global efibootmgr_version 15-1 -%global gnu_efi_version 1:3.0.5-9 +%global efivar_version 36-1 +%global efibootmgr_version 17-1 +%global gnu_efi_version 1:3.0.8-1 %global pesign_version 0.109-10 -%define pesign_name centossecureboot001 - Name: fwupdate -Version: 9 -Release: 8%{?dist} +Version: 12 +Release: 5%{?dist} Summary: Tools to manage UEFI firmware updates License: GPLv2+ URL: https://github.com/rhinstaller/fwupdate @@ -20,23 +18,11 @@ BuildRequires: elfutils popt-devel git gettext pkgconfig BuildRequires: systemd ExclusiveArch: x86_64 aarch64 Source0: https://github.com/rhinstaller/fwupdate/releases/download/%{name}-%{version}/%{name}-%{version}.tar.bz2 -Source1: centos-ca-secureboot.der -Source2: centossecureboot001.crt -Patch0001: 0001-Make-SUBDIRS-overrideable.patch -Patch0002: 0002-efi-fwupdate-make-our-mult-wrapper-get-the-type-of-U.patch -Patch0003: 0003-Nerf-SMBIOS-functions-out-of-fwupdate.patch -Patch0004: 0004-libfwup-get_info-return-whatever-a-second-call-to-ge.patch -Patch0005: 0005-read_file_at-don-t-initialize-saved_errno-if-we-re-n.patch -Patch0006: 0006-fwup_set_up_update-don-t-lseek-on-our-error-path.patch -Patch0007: 0007-add_to_boot_order-actually-always-pass-in-attributes.patch -Patch0008: 0008-fwup_resource_iter_create-make-the-error-path-actual.patch -Patch0009: 0009-add_to_boot_order-set-the-new-BootOrder-entry-at-the.patch -Patch0010: 0010-fwup_set_up_update-check-lseek-s-return-value.patch -Patch0011: 0011-put_info-try-to-limit-bounds-of-our-duplicated-devic.patch -Patch0012: 0012-Try-harder-to-satisfy-coverity-about-the-structure-o.patch -Patch0013: 0013-Add-coverity-makefile-bits.patch -Patch0014: 0014-Don-t-free-alloca-d-memory.patch -Patch0015: 0015-Fix-uninitialized-variable.patch +Source1: securebootca.cer +Source2: secureboot.cer +Patch0001: 0001-Make-some-compiler-versions-ignore-missing-field-ini.patch +Patch0002: 0002-libfwup-set_up_boot_next-make-sure-we-check-if-our-f.patch +Patch0003: 0003-Actually-add-fwup_version-to-our-exposed-API-list.patch %ifarch x86_64 %global efiarch x64 @@ -91,13 +77,13 @@ setarch linux32 -B make CFLAGS="$RPM_OPT_FLAGS" libdir=%{_libdir} \ bindir=%{_bindir} EFIDIR=%{efidir} %{?_smp_mflags} \ SUBDIRS=efi ARCH=ia32 mv -v efi/fwupia32.efi fwupia32.unsigned.efi -%pesign -s -i fwupia32.unsigned.efi -o fwupia32.efi -a %{SOURCE1} -c %{SOURCE2} -n %{pesign_name} +%pesign -s -i fwupia32.unsigned.efi -o fwupia32.efi -a %{SOURCE1} -c %{SOURCE2} -n redhatsecureboot301 make clean %endif make CFLAGS="$RPM_OPT_FLAGS" libdir=%{_libdir} bindir=%{_bindir} \ EFIDIR=%{efidir} %{?_smp_mflags} mv -v efi/fwup%{efiarch}.efi efi/fwup%{efiarch}.unsigned.efi -%pesign -s -i efi/fwup%{efiarch}.unsigned.efi -o efi/fwup%{efiarch}.efi -a %{SOURCE1} -c %{SOURCE2} -n %{pesign_name} +%pesign -s -i efi/fwup%{efiarch}.unsigned.efi -o efi/fwup%{efiarch}.efi -a %{SOURCE1} -c %{SOURCE2} -n redhatsecureboot301 %install rm -rf $RPM_BUILD_ROOT @@ -145,20 +131,40 @@ mv fwupia32.efi $RPM_BUILD_ROOT/boot/efi/EFI/%{efidir}/ %{_libdir}/*.so.* %{_datadir}/locale/en/libfwup.po %{_unitdir}/fwupdate-cleanup.service -%attr(0755,root,root) %dir %{_datadir}/fwupdate/ -%config(noreplace) %ghost %{_datadir}/fwupdate/done +%attr(0755,root,root) %dir %{_sharedstatedir}/fwupdate/ +%config(noreplace) %ghost %{_sharedstatedir}/fwupdate/done %attr(0755,root,root) %dir %{_libexecdir}/fwupdate/ %{_libexecdir}/fwupdate/cleanup %endif %files efi %defattr(-,root,root,-) -%attr(0700,root,root) %dir /boot/efi -%dir /boot/efi/EFI/%{efidir}/ -%dir /boot/efi/EFI/%{efidir}/fw/ -/boot/efi/EFI/%{efidir}/fwup*.efi +%dir %attr(0700,root,root) %dir /boot/efi +%dir %attr(0700,root,root)/boot/efi/EFI/%{efidir}/ +%dir %attr(0700,root,root)/boot/efi/EFI/%{efidir}/fw/ +%attr(0700,root,root)/boot/efi/EFI/%{efidir}/fwup*.efi %changelog +* Thu Jun 28 2018 Peter Jones - 12-5 +- Make sure fwup_version() gets exported correctly. + Related: rhbz#1570032 + +* Thu Jun 21 2018 Peter Jones - 12-4 +- Fix permissions on /boot/efi/... + Related: rhbz#1496952 + +* Thu Jun 14 2018 Peter Jones - 12-3 +- Fix some more covscan nits. + Related: rhbz#1570032 + +* Wed Jun 13 2018 Peter Jones - 12-2 +- Fix some covscan nits. + Related: rhbz#1570032 + +* Mon Jun 11 2018 Peter Jones - 12-1 +- Update to fwupdate-12 + Resolves: rhbz#1570032 + * Fri May 19 2017 Peter Jones - 9-8 - Hopefully the last TPS related rebuild. Related: rhbz#1380825