From mprivozn at redhat.com Fri Feb 1 14:19:59 2013 From: mprivozn at redhat.com (Michal Privoznik) Date: Fri, 01 Feb 2013 15:19:59 +0100 Subject: [Libosinfo] [libosinfo] Use gnulib's ignore-value.h to silence gcc In-Reply-To: <1359636202-25516-1-git-send-email-cfergeau@redhat.com> References: <1359636202-25516-1-git-send-email-cfergeau@redhat.com> Message-ID: <510BCF0F.2040907@redhat.com> On 31.01.2013 13:43, Christophe Fergeau wrote: > osinfo_loader.c contains a few local hacks to avoid gcc warnings > about set-but-not-read variables. While they are good to silence > gcc, they also cause warnings from the Coverity checker. > Use the ignore_value() macro from gnulib to avoid these warnings > as they don't cause Coverity warnings. > --- > osinfo/ignore-value.h | 47 +++++++++++++++++++++++++++++++++++++++++++++++ > osinfo/osinfo_loader.c | 19 ++++++------------- > 2 files changed, 53 insertions(+), 13 deletions(-) > create mode 100644 osinfo/ignore-value.h > > diff --git a/osinfo/ignore-value.h b/osinfo/ignore-value.h > new file mode 100644 > index 0000000..6bab971 > --- /dev/null > +++ b/osinfo/ignore-value.h > @@ -0,0 +1,47 @@ > +/* ignore a function return without a compiler warning > + > + Copyright (C) 2008-2013 Free Software Foundation, Inc. > + > + This program is free software: you can redistribute it and/or modify > + it under the terms of the GNU Lesser General Public License as published by > + the Free Software Foundation; either version 2.1 of the License, or > + (at your option) any later version. > + > + This program is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the > + GNU Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public License > + along with this program. If not, see . */ > + > +/* Written by Jim Meyering, Eric Blake and P?draig Brady. */ > + > +/* Use "ignore_value" to avoid a warning when using a function declared with > + gcc's warn_unused_result attribute, but for which you really do want to > + ignore the result. Traditionally, people have used a "(void)" cast to > + indicate that a function's return value is deliberately unused. However, > + if the function is declared with __attribute__((warn_unused_result)), > + gcc issues a warning even with the cast. > + > + Caution: most of the time, you really should heed gcc's warning, and > + check the return value. However, in those exceptional cases in which > + you're sure you know what you're doing, use this function. > + > + For the record, here's one of the ignorable warnings: > + "copy.c:233: warning: ignoring return value of 'fchown', > + declared with attribute warn_unused_result". */ > + > +#ifndef _GL_IGNORE_VALUE_H > +# define _GL_IGNORE_VALUE_H > + > +/* The __attribute__((__warn_unused_result__)) feature > + is available in gcc versions 3.4 and newer, > + while the typeof feature has been available since 2.7 at least. */ > +# if __GNUC__ < 3 || (__GNUC__ == 3 && __GNUC_MINOR__ < 4) > +# define ignore_value(x) ((void) (x)) > +# else > +# define ignore_value(x) (({ __typeof__ (x) __x = (x); (void) __x; })) > +# endif > + > +#endif > diff --git a/osinfo/osinfo_loader.c b/osinfo/osinfo_loader.c > index d713767..76e9bc2 100644 > --- a/osinfo/osinfo_loader.c > +++ b/osinfo/osinfo_loader.c > @@ -34,6 +34,7 @@ > #include > #include > #include > +#include "ignore-value.h" > #include "osinfo_install_script_private.h" > #include "osinfo_device_driver_private.h" > > @@ -1486,20 +1487,15 @@ osinfo_loader_process_file_reg_ids(OsinfoLoader *loader, > WANT_ID(subvendor_id); > WANT_ID(subdevice_id); > WANT_REST(subsystem); > - > - /* Pretend we 'use' these variables to get around > - * 'gcc' warnings about set-but-not-read vars */ > - if (subvendor_id || subdevice_id || subsystem) > - subsystem = subsystem; > + ignore_value(subvendor_id); > + ignore_value(subdevice_id); > + ignore_value(subsystem); The code looks okay, but why do we have these variable if they are not used anywhere? Michal From zeeshanak at gnome.org Fri Feb 1 15:54:42 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Fri, 1 Feb 2013 16:54:42 +0100 Subject: [Libosinfo] [PATCH 7/8] winxp, win7: Add virtio & QXL device drivers info In-Reply-To: <20130129091905.GO22845@teriyaki.redhat.com> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-8-git-send-email-zeeshanak@gnome.org> <20130128110122.GG2332@teriyaki.redhat.com> <20130128172506.GE22845@teriyaki.redhat.com> <20130129091905.GO22845@teriyaki.redhat.com> Message-ID: On Tue, Jan 29, 2013 at 10:19 AM, Christophe Fergeau wrote: > On Mon, Jan 28, 2013 at 11:11:56PM +0200, Zeeshan Ali (Khattak) wrote: >> I value not breaking unattended installation. > > Once again, I'm not pushing for any of this to be the default, I just don't > want we close that (API/ABI) door if people (even us!) need to do that in > the future. Thanks for clarification and I agree, as long as it doesn't involve a lot of work. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Fri Feb 1 15:57:37 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Fri, 1 Feb 2013 16:57:37 +0100 Subject: [Libosinfo] [PATCH 4/8] installer: API to query supported device driver formats In-Reply-To: <20130129093114.GP22845@teriyaki.redhat.com> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-5-git-send-email-zeeshanak@gnome.org> <20130128102735.GD2332@teriyaki.redhat.com> <20130128172830.GF22845@teriyaki.redhat.com> <20130129093114.GP22845@teriyaki.redhat.com> Message-ID: On Tue, Jan 29, 2013 at 10:31 AM, Christophe Fergeau wrote: > On Mon, Jan 28, 2013 at 11:24:55PM +0200, Zeeshan Ali (Khattak) wrote: >> On Mon, Jan 28, 2013 at 7:28 PM, Christophe Fergeau wrote: >> > On Mon, Jan 28, 2013 at 04:40:06PM +0200, Zeeshan Ali (Khattak) wrote: >> >> On Mon, Jan 28, 2013 at 12:27 PM, Christophe Fergeau >> >> wrote: >> >> > On Mon, Jan 28, 2013 at 05:18:43AM +0200, Zeeshan Ali (Khattak) wrote: >> >> >> From: "Zeeshan Ali (Khattak)" >> >> >> diff --git a/osinfo/osinfo_install_script.h b/osinfo/osinfo_install_script.h >> >> >> index d91751e..82486ef 100644 >> >> >> --- a/osinfo/osinfo_install_script.h >> >> >> +++ b/osinfo/osinfo_install_script.h >> >> >> @@ -163,6 +165,9 @@ OsinfoPathFormat osinfo_install_script_get_path_format(OsinfoInstallScript *scri >> >> >> gboolean osinfo_install_script_get_can_pre_install_drivers(OsinfoInstallScript *script); >> >> >> gboolean osinfo_install_script_get_can_post_install_drivers(OsinfoInstallScript *script); >> >> >> >> >> >> +OsinfoDeviceDriverFormat osinfo_install_script_get_pre_install_driver_format(OsinfoInstallScript *script); >> >> >> +OsinfoDeviceDriverFormat osinfo_install_script_get_post_install_driver_format(OsinfoInstallScript *script); >> >> > >> >> > I don't think assuming that a given installer will support only one driver >> >> > format is expressive enough. For Windows post-install drivers, supporting >> >> > unpacked Windows drivers in addition to running a .exe shouldn't be very >> >> > hard, and this API would not work there. >> >> >> >> I see you point. I can make it a list. Would that be good? >> > >> > I think so. Though concretely why do we need to expose this information? In >> > all cases user of this information will need to drop it to a disk image >> > which will be passed to the VM, no? >> >> Without this information, apps not only have to copy unnecessary >> driver files but most probably (as is the case with spice-guest-tools >> binary in Boxes) also need to create a redundant disk image to copy >> the files to when drivers are incompatible with scripts. Also same >> drivers can be available in multiple formats so Apps should be able to >> pick one in compatible (with script) format. > > At this point, this is all theoritical, isn't it? We support one > post-install format, which must be a .exe supporting the /S switch, and > which has to be copied to an ISO image. Wouldn't it be better to postpone > this API until there's a need for it? No, apps need to know this to already put the right checks/filters in place. Things will break for them when we actually have incompatibility between driver format and what scripts support. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Fri Feb 1 16:03:31 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Fri, 1 Feb 2013 17:03:31 +0100 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: <20130130092619.GJ22845@teriyaki.redhat.com> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-3-git-send-email-zeeshanak@gnome.org> <20130128101953.GC2332@teriyaki.redhat.com> <20130128154157.GB22845@teriyaki.redhat.com> <20130128161327.GC22845@teriyaki.redhat.com> <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> Message-ID: On Wed, Jan 30, 2013 at 10:26 AM, Christophe Fergeau wrote: > On Tue, Jan 29, 2013 at 04:49:05PM +0200, Zeeshan Ali (Khattak) wrote: >> On Tue, Jan 29, 2013 at 11:15 AM, Christophe Fergeau >> wrote: >> > On Mon, Jan 28, 2013 at 10:54:52PM +0200, Zeeshan Ali (Khattak) wrote: >> >> On Mon, Jan 28, 2013 at 6:13 PM, Christophe Fergeau wrote: >> >> > On Mon, Jan 28, 2013 at 06:05:53PM +0200, Zeeshan Ali (Khattak) wrote: >> >> >> whats the difference between copyleft and free, as in Free Software? >> >> >> Reading this, I don't see any: >> >> >> >> >> >> http://en.wikipedia.org/wiki/Copyleft >> >> > >> >> > http://en.wikipedia.org/wiki/Copyleft#Types_of_copyleft_and_relation_to_other_licenses >> >> >> >> OK, I stand corrected about the exact definition of copyleft. :) >> >> >> >> Since you are stressing on this distinction, I imagine you know some >> >> free drivers out there that are signed? >> > >> > Nope, but that does not mean they do not exist. >> >> Well then I'm just not being very precise in my commit log. With the >> API I'm proposing, Apps can easily decide to not use unsigned drivers >> even if script supports it. So I don't see the need for Apps to have >> to use a configuration parameter to disable this manually. > > https://www.redhat.com/archives/libosinfo/2013-January/msg00108.html I already replied to that: "The problem is that having it configurable would mean that we can't have a static info on the script about the signature requirement (see "installer: API to query signed device driver requirement" patch). I don't really see this a real security feature of windows but more a control feature of Microsoft as they have made it impossible for free drivers to be signed. So not very much motivated to do a lot of rework to accommodate configurability here." I'm not going to make it configurable unless you can suggest a solution for the problem mentioned in the first para. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From cfergeau at redhat.com Mon Feb 4 08:01:11 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Mon, 4 Feb 2013 09:01:11 +0100 Subject: [Libosinfo] [libosinfo] Use gnulib's ignore-value.h to silence gcc In-Reply-To: <510BCF0F.2040907@redhat.com> References: <1359636202-25516-1-git-send-email-cfergeau@redhat.com> <510BCF0F.2040907@redhat.com> Message-ID: <20130204080110.GD17128@teriyaki.ams2.redhat.com> On Fri, Feb 01, 2013 at 03:19:59PM +0100, Michal Privoznik wrote: > The code looks okay, but why do we have these variable if they are not > used anywhere? I must say that I initially chose not to look at why in details as I worked on the assumption that the warnings had been worked around for a good reason. Looking at this a bit more, they happen in the code parsing the pciids/usbids files, and we need to skip these values in the file during parsing, having a name for them makes the code more readable, and easier to extend later if we need these, so I'd be in favour of keeping them. Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From cfergeau at redhat.com Wed Feb 6 12:42:24 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Wed, 6 Feb 2013 13:42:24 +0100 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <20130128101953.GC2332@teriyaki.redhat.com> <20130128154157.GB22845@teriyaki.redhat.com> <20130128161327.GC22845@teriyaki.redhat.com> <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> Message-ID: <20130206124224.GD22064@teriyaki.redhat.com> On Fri, Feb 01, 2013 at 05:03:31PM +0100, Zeeshan Ali (Khattak) wrote: > On Wed, Jan 30, 2013 at 10:26 AM, Christophe Fergeau > wrote: > > On Tue, Jan 29, 2013 at 04:49:05PM +0200, Zeeshan Ali (Khattak) wrote: > >> On Tue, Jan 29, 2013 at 11:15 AM, Christophe Fergeau > >> wrote: > >> > On Mon, Jan 28, 2013 at 10:54:52PM +0200, Zeeshan Ali (Khattak) wrote: > >> >> On Mon, Jan 28, 2013 at 6:13 PM, Christophe Fergeau wrote: > >> >> > On Mon, Jan 28, 2013 at 06:05:53PM +0200, Zeeshan Ali (Khattak) wrote: > >> >> >> whats the difference between copyleft and free, as in Free Software? > >> >> >> Reading this, I don't see any: > >> >> >> > >> >> >> http://en.wikipedia.org/wiki/Copyleft > >> >> > > >> >> > http://en.wikipedia.org/wiki/Copyleft#Types_of_copyleft_and_relation_to_other_licenses > >> >> > >> >> OK, I stand corrected about the exact definition of copyleft. :) > >> >> > >> >> Since you are stressing on this distinction, I imagine you know some > >> >> free drivers out there that are signed? > >> > > >> > Nope, but that does not mean they do not exist. > >> > >> Well then I'm just not being very precise in my commit log. With the > >> API I'm proposing, Apps can easily decide to not use unsigned drivers > >> even if script supports it. So I don't see the need for Apps to have > >> to use a configuration parameter to disable this manually. > > > > https://www.redhat.com/archives/libosinfo/2013-January/msg00108.html > > I already replied to that: You tried to reply, then we had a discussion about the wrong assumption on which you based the 2nd paragraph. With that 2nd paragraph removed, this does not leave a lot of compelling reasons for always disabling, even when not needed, something that improves the security of the system. > I'm not going to make it configurable unless you can suggest a > solution for the problem mentioned in the first para. You are the one who wants to be able to install unsigned drivers, one would think it's up to you to try to suggest good ways of achieving that. I'm personnally fine with not being to install unsigned drivers without getting warnings (which solves your 'not configurable' requirement). Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From cfergeau at redhat.com Wed Feb 6 12:57:52 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Wed, 6 Feb 2013 13:57:52 +0100 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-3-git-send-email-zeeshanak@gnome.org> <20130128101953.GC2332@teriyaki.redhat.com> Message-ID: <20130206125751.GE22064@teriyaki.redhat.com> On Mon, Jan 28, 2013 at 05:05:28PM +0200, Zeeshan Ali (Khattak) wrote: > The problem is that having it configurable would mean that we can't > have a static info on the script about the signature requirement (see > "installer: API to query signed device driver requirement" patch). Why is it not possible? The query API would return REQ_STRICT/REQ_WARN/REQ_NONE as it currently does. If you get REQ_STRICT/REQ_WARN, then the user can try to call osinfo_install_script_disable_driver_signature_checks() (with a better naming, this name is just for the purpose of this discussion) if they wants to install drivers fully unattended. This setter can fail in case libosinfo does not know how to do it. Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From zeeshanak at gnome.org Wed Feb 6 13:17:00 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Wed, 6 Feb 2013 15:17:00 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: <20130206124224.GD22064@teriyaki.redhat.com> References: <20130128101953.GC2332@teriyaki.redhat.com> <20130128154157.GB22845@teriyaki.redhat.com> <20130128161327.GC22845@teriyaki.redhat.com> <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> Message-ID: On Wed, Feb 6, 2013 at 2:42 PM, Christophe Fergeau wrote: > On Fri, Feb 01, 2013 at 05:03:31PM +0100, Zeeshan Ali (Khattak) wrote: >> On Wed, Jan 30, 2013 at 10:26 AM, Christophe Fergeau >> wrote: >> > On Tue, Jan 29, 2013 at 04:49:05PM +0200, Zeeshan Ali (Khattak) wrote: >> >> On Tue, Jan 29, 2013 at 11:15 AM, Christophe Fergeau >> >> wrote: >> >> > On Mon, Jan 28, 2013 at 10:54:52PM +0200, Zeeshan Ali (Khattak) wrote: >> >> >> On Mon, Jan 28, 2013 at 6:13 PM, Christophe Fergeau wrote: >> >> >> > On Mon, Jan 28, 2013 at 06:05:53PM +0200, Zeeshan Ali (Khattak) wrote: >> >> >> >> whats the difference between copyleft and free, as in Free Software? >> >> >> >> Reading this, I don't see any: >> >> >> >> >> >> >> >> http://en.wikipedia.org/wiki/Copyleft >> >> >> > >> >> >> > http://en.wikipedia.org/wiki/Copyleft#Types_of_copyleft_and_relation_to_other_licenses >> >> >> >> >> >> OK, I stand corrected about the exact definition of copyleft. :) >> >> >> >> >> >> Since you are stressing on this distinction, I imagine you know some >> >> >> free drivers out there that are signed? >> >> > >> >> > Nope, but that does not mean they do not exist. >> >> >> >> Well then I'm just not being very precise in my commit log. With the >> >> API I'm proposing, Apps can easily decide to not use unsigned drivers >> >> even if script supports it. So I don't see the need for Apps to have >> >> to use a configuration parameter to disable this manually. >> > >> > https://www.redhat.com/archives/libosinfo/2013-January/msg00108.html >> >> I already replied to that: > > You tried to reply, then we had a discussion about the wrong assumption on > which you based the 2nd paragraph. With that 2nd paragraph removed, this > does not leave a lot of compelling reasons for always disabling, even when > not needed, something that improves the security of the system. Why not let apps decide that? We are giving them info on the signed status of drivers and they can make an informed decision. If this "security" was so black-and-white, MS wouldn't have made it so easily to disable it. >> I'm not going to make it configurable unless you can suggest a >> solution for the problem mentioned in the first para. > > You are the one who wants to be able to install unsigned drivers, one would > think it's up to you to try to suggest good ways of achieving that. I'm > personnally fine with not being to install unsigned drivers without getting > warnings (which solves your 'not configurable' requirement). That would break unattended installation and I don't understand how can you even think about breaking that for the user, even if it adds any "security" (that apps will have the API to make an informed decision about). -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From cfergeau at redhat.com Wed Feb 6 13:23:54 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Wed, 6 Feb 2013 14:23:54 +0100 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <20130128154157.GB22845@teriyaki.redhat.com> <20130128161327.GC22845@teriyaki.redhat.com> <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> Message-ID: <20130206132354.GF22064@teriyaki.redhat.com> On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: > Why not let apps decide that? We are giving them info on the signed > status of drivers and they can make an informed decision. This is exactly my point, applications cannot say "I'm only using signed drivers, don't disable signature checking" with the current series as far as I understand it. Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From zeeshanak at gnome.org Wed Feb 6 13:25:55 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Wed, 6 Feb 2013 15:25:55 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: <20130206125751.GE22064@teriyaki.redhat.com> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-3-git-send-email-zeeshanak@gnome.org> <20130128101953.GC2332@teriyaki.redhat.com> <20130206125751.GE22064@teriyaki.redhat.com> Message-ID: On Wed, Feb 6, 2013 at 2:57 PM, Christophe Fergeau wrote: > On Mon, Jan 28, 2013 at 05:05:28PM +0200, Zeeshan Ali (Khattak) wrote: >> The problem is that having it configurable would mean that we can't >> have a static info on the script about the signature requirement (see >> "installer: API to query signed device driver requirement" patch). > > Why is it not possible? The query API would return > REQ_STRICT/REQ_WARN/REQ_NONE as it currently does. > If you get REQ_STRICT/REQ_WARN, Actually I got mixed up in these discussions so I wrongly remembered that we agreed on that API for drivers, not the scripts. Sorry for that. > then the user can try to call > osinfo_install_script_disable_driver_signature_checks() (with a > better naming, this name is just for the purpose of this discussion) if > they wants to install drivers fully unattended. This setter can fail > in case libosinfo does not know how to do it. Yeah, now that I remember correctly this shouldn't be a problem. I'll make it configurable then if I must. I still don't think there is any need for it (at least yet). -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Thu Feb 7 00:04:57 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Thu, 7 Feb 2013 02:04:57 +0200 Subject: [Libosinfo] [PATCH] install-script tool: Display names of generated files Message-ID: <1360195497-4974-1-git-send-email-zeeshanak@gnome.org> From: "Zeeshan Ali (Khattak)" Also add a commandline option (-q/--quiet) to disable this behavior. --- tools/osinfo-install-script.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/tools/osinfo-install-script.c b/tools/osinfo-install-script.c index ac71cc0..73f1d3d 100644 --- a/tools/osinfo-install-script.c +++ b/tools/osinfo-install-script.c @@ -34,6 +34,7 @@ static const gchar *prefix; static gboolean list_config = FALSE; static gboolean list_profile = FALSE; +static gboolean quiet = FALSE; static OsinfoInstallConfig *config; @@ -78,6 +79,8 @@ static GOptionEntry entries[] = N_("List configuration parameters"), NULL }, { "list-profiles", '\0', 0, G_OPTION_ARG_NONE, (void*)&list_profile, N_("List install script profiles"), NULL }, + { "quiet", 'q', 0, G_OPTION_ARG_NONE, (void*)&quiet, + N_("Do not display output filenames"), NULL }, { NULL } }; @@ -229,6 +232,8 @@ static gboolean generate_script(OsinfoOs *os) error->message ? error->message : "unknown"); goto cleanup; } + if (!quiet) + g_print ("%s\n", osinfo_install_script_get_output_filename(script)); } ret = TRUE; -- 1.8.1 From zeeshanak at gnome.org Thu Feb 7 00:16:52 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Thu, 7 Feb 2013 02:16:52 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: <20130206132354.GF22064@teriyaki.redhat.com> References: <20130128154157.GB22845@teriyaki.redhat.com> <20130128161327.GC22845@teriyaki.redhat.com> <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> Message-ID: On Wed, Feb 6, 2013 at 3:23 PM, Christophe Fergeau wrote: > On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: >> Why not let apps decide that? We are giving them info on the signed >> status of drivers and they can make an informed decision. > > This is exactly my point, applications cannot say "I'm only using signed > drivers, don't disable signature checking" with the current series as far > as I understand it. If applications are only going to use signed drivers, they don't need to disable anything. So really there is no app that is going to need this API but to get this very important work in, I'll live with a bit of redundant API. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Thu Feb 7 03:11:19 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Thu, 7 Feb 2013 05:11:19 +0200 Subject: [Libosinfo] =?utf-8?q?=5BPATCH=5D_Add_Marc-Andr=C3=A9_to_AUTHORS?= Message-ID: <1360206679-23761-1-git-send-email-zeeshanak@gnome.org> From: "Zeeshan Ali (Khattak)" Fixes `make syntax-check` Pushed under trivial rule. --- AUTHORS | 1 + 1 file changed, 1 insertion(+) diff --git a/AUTHORS b/AUTHORS index 65fc04a..626c17b 100644 --- a/AUTHORS +++ b/AUTHORS @@ -21,6 +21,7 @@ Patches contributed by: David Zeuthen Eric Blake Yuri Chornoivan + Marc-Andr? Lureau ...send patches to get your name here... -- End -- 1.8.1 From zeeshanak at gnome.org Thu Feb 7 03:43:06 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Thu, 7 Feb 2013 05:43:06 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-3-git-send-email-zeeshanak@gnome.org> <20130128101953.GC2332@teriyaki.redhat.com> <20130206125751.GE22064@teriyaki.redhat.com> Message-ID: On Wed, Feb 6, 2013 at 3:25 PM, Zeeshan Ali (Khattak) wrote: > On Wed, Feb 6, 2013 at 2:57 PM, Christophe Fergeau wrote: >> On Mon, Jan 28, 2013 at 05:05:28PM +0200, Zeeshan Ali (Khattak) wrote: >>> The problem is that having it configurable would mean that we can't >>> have a static info on the script about the signature requirement (see >>> "installer: API to query signed device driver requirement" patch). >> >> Why is it not possible? The query API would return >> REQ_STRICT/REQ_WARN/REQ_NONE as it currently does. >> If you get REQ_STRICT/REQ_WARN, > > Actually I got mixed up in these discussions so I wrongly remembered > that we agreed on that API for drivers, not the scripts. Sorry for > that. While implementing DeviceDriverSigningReq etc, I realized one issue here: The post installation drivers are being used/setup by windows-cmd.xml while the setting to ignore unsigned drivers is in windows-sif.xml. So app sees that drivers can be utilized by a script and get info on whats the requirement of that script about driver signature, whereas it needs to disable the driver checking in another script. That seems like a very confusing API to me. So I don't think DeviceDriverSigningReq API helps here. However, you could still argue that apps can decide to simply enable/disable the signing requirement globally (on every script) but then whats the relationship of this signing configuration API to DeviceDriverSigningReq? Again, I see confusing API. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From cfergeau at redhat.com Thu Feb 7 08:56:06 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Thu, 7 Feb 2013 09:56:06 +0100 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <20130128161327.GC22845@teriyaki.redhat.com> <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> Message-ID: <20130207085605.GA2368@teriyaki.redhat.com> On Thu, Feb 07, 2013 at 02:16:52AM +0200, Zeeshan Ali (Khattak) wrote: > On Wed, Feb 6, 2013 at 3:23 PM, Christophe Fergeau wrote: > > On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: > >> Why not let apps decide that? We are giving them info on the signed > >> status of drivers and they can make an informed decision. > > > > This is exactly my point, applications cannot say "I'm only using signed > > drivers, don't disable signature checking" with the current series as far > > as I understand it. > > If applications are only going to use signed drivers, they don't need > to disable anything. So really there is no app that is going to need > this API but to get this very important work in, I'll live with a bit > of redundant API. Yes, applications using signed drivers will not need to disable anything. However, my understanding is that you want to use *unsigned* drivers in your application, in that case you need to disable signature verification. You are designing the whole thing with the nominal case being unsigned drivers being case, which makes sense for your use case. The fact that you are using unsigned drivers in the first place is a 'bug' imo, and the right way of handling that is doing whatever it takes to get signed drivers instead the unsigned ones. Hence, the unsigned driver code in libosinfo is just a workaround for that, and since this workaround involves disabling some built-in OS checks, then we need an API to explicitly disable these if that's what we want. I even remember you telling me that MS says signature checks on Win7 should only be disabled in test setups, not on production machines, which seems consistent with not doing this by default in libosinfo.. Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From cfergeau at redhat.com Thu Feb 7 11:01:12 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Thu, 7 Feb 2013 12:01:12 +0100 Subject: [Libosinfo] [libosinfo] spec: Switch URL to libosinfo.org Message-ID: <1360234872-9609-1-git-send-email-cfergeau@redhat.com> Now that libosinfo has an official website, let's point the .spec at it. --- libosinfo.spec.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libosinfo.spec.in b/libosinfo.spec.in index 9aa9d13..0c49950 100644 --- a/libosinfo.spec.in +++ b/libosinfo.spec.in @@ -18,7 +18,7 @@ License: LGPLv2+ Group: Development/Libraries Source: https://fedorahosted.org/releases/l/i/%{name}/%{name}-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) -URL: https://fedorahosted.org/libosinfo/ +URL: http://libosinfo.org/ BuildRequires: intltool BuildRequires: glib2-devel BuildRequires: check-devel -- 1.8.1 From berrange at redhat.com Thu Feb 7 12:33:32 2013 From: berrange at redhat.com (Daniel P. Berrange) Date: Thu, 7 Feb 2013 12:33:32 +0000 Subject: [Libosinfo] [PATCH] install-script tool: Display names of generated files In-Reply-To: <1360195497-4974-1-git-send-email-zeeshanak@gnome.org> References: <1360195497-4974-1-git-send-email-zeeshanak@gnome.org> Message-ID: <20130207123332.GD2244@redhat.com> On Thu, Feb 07, 2013 at 02:04:57AM +0200, Zeeshan Ali (Khattak) wrote: > From: "Zeeshan Ali (Khattak)" > > Also add a commandline option (-q/--quiet) to disable this behavior. > --- > tools/osinfo-install-script.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/tools/osinfo-install-script.c b/tools/osinfo-install-script.c > index ac71cc0..73f1d3d 100644 > --- a/tools/osinfo-install-script.c > +++ b/tools/osinfo-install-script.c > @@ -34,6 +34,7 @@ static const gchar *prefix; > > static gboolean list_config = FALSE; > static gboolean list_profile = FALSE; > +static gboolean quiet = FALSE; > > static OsinfoInstallConfig *config; > > @@ -78,6 +79,8 @@ static GOptionEntry entries[] = > N_("List configuration parameters"), NULL }, > { "list-profiles", '\0', 0, G_OPTION_ARG_NONE, (void*)&list_profile, > N_("List install script profiles"), NULL }, > + { "quiet", 'q', 0, G_OPTION_ARG_NONE, (void*)&quiet, > + N_("Do not display output filenames"), NULL }, > { NULL } > }; > > @@ -229,6 +232,8 @@ static gboolean generate_script(OsinfoOs *os) > error->message ? error->message : "unknown"); > goto cleanup; > } > + if (!quiet) > + g_print ("%s\n", osinfo_install_script_get_output_filename(script)); > } > ret = TRUE; ACK Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| From berrange at redhat.com Thu Feb 7 12:35:44 2013 From: berrange at redhat.com (Daniel P. Berrange) Date: Thu, 7 Feb 2013 12:35:44 +0000 Subject: [Libosinfo] [libosinfo] spec: Switch URL to libosinfo.org In-Reply-To: <1360234872-9609-1-git-send-email-cfergeau@redhat.com> References: <1360234872-9609-1-git-send-email-cfergeau@redhat.com> Message-ID: <20130207123544.GF2244@redhat.com> On Thu, Feb 07, 2013 at 12:01:12PM +0100, Christophe Fergeau wrote: > Now that libosinfo has an official website, let's point the .spec > at it. > --- > libosinfo.spec.in | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/libosinfo.spec.in b/libosinfo.spec.in > index 9aa9d13..0c49950 100644 > --- a/libosinfo.spec.in > +++ b/libosinfo.spec.in > @@ -18,7 +18,7 @@ License: LGPLv2+ > Group: Development/Libraries > Source: https://fedorahosted.org/releases/l/i/%{name}/%{name}-%{version}.tar.gz > BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) > -URL: https://fedorahosted.org/libosinfo/ > +URL: http://libosinfo.org/ > BuildRequires: intltool > BuildRequires: glib2-devel > BuildRequires: check-devel ACK Daniel -- |: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :| |: http://libvirt.org -o- http://virt-manager.org :| |: http://autobuild.org -o- http://search.cpan.org/~danberr/ :| |: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :| From zeeshanak at gnome.org Thu Feb 7 14:49:43 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Thu, 7 Feb 2013 16:49:43 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: <20130207085605.GA2368@teriyaki.redhat.com> References: <20130128161327.GC22845@teriyaki.redhat.com> <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> <20130207085605.GA2368@teriyaki.redhat.com> Message-ID: On Thu, Feb 7, 2013 at 10:56 AM, Christophe Fergeau wrote: > On Thu, Feb 07, 2013 at 02:16:52AM +0200, Zeeshan Ali (Khattak) wrote: >> On Wed, Feb 6, 2013 at 3:23 PM, Christophe Fergeau wrote: >> > On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: >> >> Why not let apps decide that? We are giving them info on the signed >> >> status of drivers and they can make an informed decision. >> > >> > This is exactly my point, applications cannot say "I'm only using signed >> > drivers, don't disable signature checking" with the current series as far >> > as I understand it. >> >> If applications are only going to use signed drivers, they don't need >> to disable anything. So really there is no app that is going to need >> this API but to get this very important work in, I'll live with a bit >> of redundant API. > > Yes, applications using signed drivers will not need to disable anything. > However, my understanding is that you want to use *unsigned* drivers in > your application, in that case you need to disable signature verification. > You are designing the whole thing with the nominal case being unsigned > drivers being case, which makes sense for your use case. Not at all. I'm providing application with information that drivers are signed or not. Based on that they can make a decision. If they decide to use unsigned drivers, there is absolutely no reason any app would want to disable some checks as well. Unless you could specify a (not hypothetical) usecase or example of an app that would want such a thing, I don't think there is any need for what you are asking for. Especially since I told you the problems with making this configurable in the last mail. > The fact that you are using unsigned drivers in the first place is a 'bug' > imo, IMO the bug is that Microsoft requires these signatures. Its obvious that not everyone can get their drivers signed no matter how "secure" or good they are so requiring this signature is just wrong of them. Moreover, even as security measure, its doubtful that MS thought of an application being invovled in the process. The common use case involves only the user and MS' software (mainly the installer). Its a very usual thing to not trust users to know exactly what they are doing. They can get malicious drivers from anywhere and try to install them. In case of libosinfo, there is going to be an app involved, making the decision for the user. > and the right way of handling that is doing whatever it takes to get > signed drivers instead the unsigned ones. Hence, the unsigned driver code > in libosinfo is just a workaround for that, and since this workaround > involves disabling some built-in OS checks, then we need an API to > explicitly disable these if that's what we want. Unless you can point out any usecase, I'm not going to add confusing API just to satisfy some particular proprietary vendor. > I even remember you > telling me that MS says signature checks on Win7 should only be disabled > in test setups, not on production machines, which seems consistent with not > doing this by default in libosinfo.. Yes? I don't live to serve MS. :) -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Thu Feb 7 15:02:53 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Thu, 7 Feb 2013 17:02:53 +0200 Subject: [Libosinfo] [PATCH 8/8] winxp, installer: Make use of post-installation drivers In-Reply-To: <20130129091331.GL22845@teriyaki.redhat.com> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-9-git-send-email-zeeshanak@gnome.org> <20130128131453.GN2332@teriyaki.redhat.com> <20130128171943.GD22845@teriyaki.redhat.com> <20130129091331.GL22845@teriyaki.redhat.com> Message-ID: On Tue, Jan 29, 2013 at 11:13 AM, Christophe Fergeau wrote: > On Mon, Jan 28, 2013 at 11:06:53PM +0200, Zeeshan Ali (Khattak) wrote: >> On Mon, Jan 28, 2013 at 7:19 PM, Christophe Fergeau wrote: >> > On Mon, Jan 28, 2013 at 05:45:25PM +0200, Zeeshan Ali (Khattak) wrote: >> >> On Mon, Jan 28, 2013 at 3:14 PM, Christophe Fergeau wrote: >> >> > You can't expect every possible Windows exe file to honour the /S switch. >> >> >> >> If a binary doesn't support '/S' switch, it will ignore it? >> > >> > Or fail saying it's an unknown parameter? >> >> According to Vmware docs, this is a standard MSI option: >> >> http://pubs.vmware.com/view-50/index.jsp?topic=/com.vmware.view.installation.doc/GUID-F19EBDF6-20A3-4A8B-95AE-786CC74F26AF.html >> >> If that is the case, its supposed to be guaranteed on every windows >> installer setup app? > > I doubt it's guaranteed... Shall I believe those docs or you then? :) Since drivers and scripts could be changed to use .cmd without breaking API, why don't we fix this when/if we need to. Right now we only have one driver and what we are 100% sure is that this driver setup accepts '/S' switch and ignores unknown switches. There is also the indication (docs I mentioned) that we might not need this fix for any setup app at all. >And the way the code currently is, MSIs can't be > installed either. Sorry I didn't understand this part? -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From cfergeau at redhat.com Thu Feb 7 15:14:27 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Thu, 7 Feb 2013 16:14:27 +0100 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> <20130207085605.GA2368@teriyaki.redhat.com> Message-ID: <20130207151427.GE2368@teriyaki.redhat.com> On Thu, Feb 07, 2013 at 04:49:43PM +0200, Zeeshan Ali (Khattak) wrote: > On Thu, Feb 7, 2013 at 10:56 AM, Christophe Fergeau wrote: > > On Thu, Feb 07, 2013 at 02:16:52AM +0200, Zeeshan Ali (Khattak) wrote: > >> On Wed, Feb 6, 2013 at 3:23 PM, Christophe Fergeau wrote: > >> > On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: > >> >> Why not let apps decide that? We are giving them info on the signed > >> >> status of drivers and they can make an informed decision. > >> > > >> > This is exactly my point, applications cannot say "I'm only using signed > >> > drivers, don't disable signature checking" with the current series as far > >> > as I understand it. > >> > >> If applications are only going to use signed drivers, they don't need > >> to disable anything. So really there is no app that is going to need > >> this API but to get this very important work in, I'll live with a bit > >> of redundant API. > > > > Yes, applications using signed drivers will not need to disable anything. > > However, my understanding is that you want to use *unsigned* drivers in > > your application, in that case you need to disable signature verification. > > You are designing the whole thing with the nominal case being unsigned > > drivers being case, which makes sense for your use case. > > Not at all. I'm providing application with information that drivers > are signed or not. Yes > Based on that they can make a decision. If they > decide to use unsigned drivers, there is absolutely no reason any app > would want to disable some checks as well. I think applications should be able to control whether the OS they install will have DriverSigningPolicy=Ignore set or not. And this should default to not be 'Ignore'. So if you want to be able to install unsigned drivers, you need to be able disable signature checking (ie tell the install script to add this line). > Unless you could specify a > (not hypothetical) usecase or example of an app that would want such a > thing, I don't think there is any need for what you are asking for. Once again, this is a security feature. You keep pretending it's not, waving it away, but this doesn't change the fact that this improves the system security, and you are going to disable this without letting any control to the library user on this. > Especially since I told you the problems with making this configurable > in the last mail. 'this is complicated' is not necessarily a good reason for not doing something. But let's first focus on what we do about this signature checking stuff, I haven't really looked at the mail where you describe the problems you have yet. > Moreover, even as security measure, its doubtful that MS thought of an > application being invovled in the process. The common use case > involves only the user and MS' software (mainly the installer). Its a > very usual thing to not trust users to know exactly what they are > doing. They can get malicious drivers from anywhere and try to install > them. In case of libosinfo, there is going to be an app involved, > making the decision for the user. But once the system is installed, the user will be in control of the OS, and signature checking will still be disabled! And this patch is disabling this even when no unsigned drivers are involved at all. > Unless you can point out any usecase, I'm not going to add confusing > API just to satisfy some particular proprietary vendor. Ok, then we should not do all this work to support unsigned drivers, or to postinstall windows drivers, and we can drop this patch series (in other words, not a useful argument at all). Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From cfergeau at redhat.com Thu Feb 7 15:17:59 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Thu, 7 Feb 2013 16:17:59 +0100 Subject: [Libosinfo] [PATCH 8/8] winxp, installer: Make use of post-installation drivers In-Reply-To: References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1359343127-27272-9-git-send-email-zeeshanak@gnome.org> <20130128131453.GN2332@teriyaki.redhat.com> <20130128171943.GD22845@teriyaki.redhat.com> <20130129091331.GL22845@teriyaki.redhat.com> Message-ID: <20130207151759.GF2368@teriyaki.redhat.com> On Thu, Feb 07, 2013 at 05:02:53PM +0200, Zeeshan Ali (Khattak) wrote: > On Tue, Jan 29, 2013 at 11:13 AM, Christophe Fergeau > wrote: > > On Mon, Jan 28, 2013 at 11:06:53PM +0200, Zeeshan Ali (Khattak) wrote: > >> On Mon, Jan 28, 2013 at 7:19 PM, Christophe Fergeau wrote: > >> > On Mon, Jan 28, 2013 at 05:45:25PM +0200, Zeeshan Ali (Khattak) wrote: > >> >> On Mon, Jan 28, 2013 at 3:14 PM, Christophe Fergeau wrote: > >> >> > You can't expect every possible Windows exe file to honour the /S switch. > >> >> > >> >> If a binary doesn't support '/S' switch, it will ignore it? > >> > > >> > Or fail saying it's an unknown parameter? > >> > >> According to Vmware docs, this is a standard MSI option: > >> > >> http://pubs.vmware.com/view-50/index.jsp?topic=/com.vmware.view.installation.doc/GUID-F19EBDF6-20A3-4A8B-95AE-786CC74F26AF.html > >> > >> If that is the case, its supposed to be guaranteed on every windows > >> installer setup app? > > > > I doubt it's guaranteed... > > Shall I believe those docs or you then? :) Something that is true for MSI installers != something that is true for all installers in the world. > Since drivers and scripts > could be changed to use .cmd without breaking API, why don't we fix > this when/if we need to. Right now we only have one driver and what we > are 100% sure is that this driver setup accepts '/S' switch and > ignores unknown switches. There is also the indication (docs I > mentioned) that we might not need this fix for any setup app at all. > > >And the way the code currently is, MSIs can't be > > installed either. > > Sorry I didn't understand this part? If you have an installer with a .msi extension, *.exe will not catch it... I don't know with what extension they are usually shipped. This *.exe can also be suboptimal for more reasons, one could also imagine situations where a .exe will be there that shall not be run (eg with unpacked drivers). Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From cfergeau at redhat.com Thu Feb 7 15:40:56 2013 From: cfergeau at redhat.com (Christophe Fergeau) Date: Thu, 7 Feb 2013 16:40:56 +0100 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: <20130207151427.GE2368@teriyaki.redhat.com> References: <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> <20130207085605.GA2368@teriyaki.redhat.com> <20130207151427.GE2368@teriyaki.redhat.com> Message-ID: <20130207154056.GG2368@teriyaki.redhat.com> On Thu, Feb 07, 2013 at 04:14:27PM +0100, Christophe Fergeau wrote: > On Thu, Feb 07, 2013 at 04:49:43PM +0200, Zeeshan Ali (Khattak) wrote: > > Moreover, even as security measure, its doubtful that MS thought of an > > application being invovled in the process. The common use case > > involves only the user and MS' software (mainly the installer). Its a > > very usual thing to not trust users to know exactly what they are > > doing. They can get malicious drivers from anywhere and try to install > > them. In case of libosinfo, there is going to be an app involved, > > making the decision for the user. > > But once the system is installed, the user will be in control of the OS, > and signature checking will still be disabled! And this patch is disabling > this even when no unsigned drivers are involved at all. NB: If you make sure unsigned drivers cannot be installed after the automatic installation is done (either using some postinstall scripting magic, or either because I'm mistaken and these changes are only valid during the installation process but are thrown away at the end of the install), then I'm all fine with always disabling signature checking as long as it only happens during installation, and the installed OS checks driver signatures. Christophe -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available URL: From zeeshanak at gnome.org Thu Feb 7 19:19:35 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Thu, 7 Feb 2013 21:19:35 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: <20130207151427.GE2368@teriyaki.redhat.com> References: <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> <20130207085605.GA2368@teriyaki.redhat.com> <20130207151427.GE2368@teriyaki.redhat.com> Message-ID: On Thu, Feb 7, 2013 at 5:14 PM, Christophe Fergeau wrote: > On Thu, Feb 07, 2013 at 04:49:43PM +0200, Zeeshan Ali (Khattak) wrote: >> On Thu, Feb 7, 2013 at 10:56 AM, Christophe Fergeau wrote: >> > On Thu, Feb 07, 2013 at 02:16:52AM +0200, Zeeshan Ali (Khattak) wrote: >> >> On Wed, Feb 6, 2013 at 3:23 PM, Christophe Fergeau wrote: >> >> > On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: >> >> >> Why not let apps decide that? We are giving them info on the signed >> >> >> status of drivers and they can make an informed decision. >> >> > >> >> > This is exactly my point, applications cannot say "I'm only using signed >> >> > drivers, don't disable signature checking" with the current series as far >> >> > as I understand it. >> >> >> >> If applications are only going to use signed drivers, they don't need >> >> to disable anything. So really there is no app that is going to need >> >> this API but to get this very important work in, I'll live with a bit >> >> of redundant API. >> > >> > Yes, applications using signed drivers will not need to disable anything. >> > However, my understanding is that you want to use *unsigned* drivers in >> > your application, in that case you need to disable signature verification. >> > You are designing the whole thing with the nominal case being unsigned >> > drivers being case, which makes sense for your use case. >> >> Not at all. I'm providing application with information that drivers >> are signed or not. > > Yes > >> Based on that they can make a decision. If they >> decide to use unsigned drivers, there is absolutely no reason any app >> would want to disable some checks as well. > > I think applications should be able to control whether the OS they > install will have > DriverSigningPolicy=Ignore > set or not. And this should default to not be 'Ignore'. So if you want to be > able to install unsigned drivers, you need to be able disable signature > checking (ie tell the install script to add this line). > > >> Unless you could specify a >> (not hypothetical) usecase or example of an app that would want such a >> thing, I don't think there is any need for what you are asking for. > > Once again, this is a security feature. You keep pretending it's not, > waving it away, but this doesn't change the fact that this improves the > system security, and you are going to disable this without letting any > control to the library user on this. > >> Especially since I told you the problems with making this configurable >> in the last mail. > > 'this is complicated' is not necessarily a good reason for not doing > something. But let's first focus on what we do about this signature > checking stuff, I haven't really looked at the mail where you describe the > problems you have yet. > >> Moreover, even as security measure, its doubtful that MS thought of an >> application being invovled in the process. The common use case >> involves only the user and MS' software (mainly the installer). Its a >> very usual thing to not trust users to know exactly what they are >> doing. They can get malicious drivers from anywhere and try to install >> them. In case of libosinfo, there is going to be an app involved, >> making the decision for the user. > > But once the system is installed, the user will be in control of the OS, > and signature checking will still be disabled! Now you are talking. :) This is a very good point. I didn't think of the fact that driver checking could be 'permanently' disabled by this. I'll check it out. Based on your following email, I think now we have an agreement on how to proceed. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Fri Feb 8 00:07:32 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Fri, 8 Feb 2013 02:07:32 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> <20130207085605.GA2368@teriyaki.redhat.com> <20130207151427.GE2368@teriyaki.redhat.com> Message-ID: On Thu, Feb 7, 2013 at 9:19 PM, Zeeshan Ali (Khattak) wrote: > On Thu, Feb 7, 2013 at 5:14 PM, Christophe Fergeau wrote: >> On Thu, Feb 07, 2013 at 04:49:43PM +0200, Zeeshan Ali (Khattak) wrote: >>> On Thu, Feb 7, 2013 at 10:56 AM, Christophe Fergeau wrote: >>> > On Thu, Feb 07, 2013 at 02:16:52AM +0200, Zeeshan Ali (Khattak) wrote: >>> >> On Wed, Feb 6, 2013 at 3:23 PM, Christophe Fergeau wrote: >>> >> > On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: >>> >> >> Why not let apps decide that? We are giving them info on the signed >>> >> >> status of drivers and they can make an informed decision. >>> >> > >>> >> > This is exactly my point, applications cannot say "I'm only using signed >>> >> > drivers, don't disable signature checking" with the current series as far >>> >> > as I understand it. >>> >> >>> >> If applications are only going to use signed drivers, they don't need >>> >> to disable anything. So really there is no app that is going to need >>> >> this API but to get this very important work in, I'll live with a bit >>> >> of redundant API. >>> > >>> > Yes, applications using signed drivers will not need to disable anything. >>> > However, my understanding is that you want to use *unsigned* drivers in >>> > your application, in that case you need to disable signature verification. >>> > You are designing the whole thing with the nominal case being unsigned >>> > drivers being case, which makes sense for your use case. >>> >>> Not at all. I'm providing application with information that drivers >>> are signed or not. >> >> Yes >> >>> Based on that they can make a decision. If they >>> decide to use unsigned drivers, there is absolutely no reason any app >>> would want to disable some checks as well. >> >> I think applications should be able to control whether the OS they >> install will have >> DriverSigningPolicy=Ignore >> set or not. And this should default to not be 'Ignore'. So if you want to be >> able to install unsigned drivers, you need to be able disable signature >> checking (ie tell the install script to add this line). >> >> >>> Unless you could specify a >>> (not hypothetical) usecase or example of an app that would want such a >>> thing, I don't think there is any need for what you are asking for. >> >> Once again, this is a security feature. You keep pretending it's not, >> waving it away, but this doesn't change the fact that this improves the >> system security, and you are going to disable this without letting any >> control to the library user on this. >> >>> Especially since I told you the problems with making this configurable >>> in the last mail. >> >> 'this is complicated' is not necessarily a good reason for not doing >> something. But let's first focus on what we do about this signature >> checking stuff, I haven't really looked at the mail where you describe the >> problems you have yet. >> >>> Moreover, even as security measure, its doubtful that MS thought of an >>> application being invovled in the process. The common use case >>> involves only the user and MS' software (mainly the installer). Its a >>> very usual thing to not trust users to know exactly what they are >>> doing. They can get malicious drivers from anywhere and try to install >>> them. In case of libosinfo, there is going to be an app involved, >>> making the decision for the user. >> >> But once the system is installed, the user will be in control of the OS, >> and signature checking will still be disabled! > > Now you are talking. :) This is a very good point. I didn't think of > the fact that driver checking could be 'permanently' disabled by this. > I'll check it out. So checked it out and your fears are very justified: setting this means setting it permanently. I looked around for enabling the signature check after installation but the only working solution I find was this: http://www.remkoweijnen.nl/blog/2010/11/11/programmatically-changing-the-driver-signing-options/ But seems the binary is non-free so we can't just ship that. :( I really don't want to permanently disable driver signature checks, not even in Boxes. So I'd rather we don't do this all together. If any apps need this in future, we can add it (probably as configuration param) later. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Sat Feb 9 02:09:03 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Sat, 9 Feb 2013 04:09:03 +0200 Subject: [Libosinfo] [PATCH 2/8] winxp, installer: Ignore unsigned drivers In-Reply-To: References: <20130129091507.GM22845@teriyaki.redhat.com> <20130130092619.GJ22845@teriyaki.redhat.com> <20130206124224.GD22064@teriyaki.redhat.com> <20130206132354.GF22064@teriyaki.redhat.com> <20130207085605.GA2368@teriyaki.redhat.com> <20130207151427.GE2368@teriyaki.redhat.com> Message-ID: On Fri, Feb 8, 2013 at 2:07 AM, Zeeshan Ali (Khattak) wrote: > On Thu, Feb 7, 2013 at 9:19 PM, Zeeshan Ali (Khattak) > wrote: >> On Thu, Feb 7, 2013 at 5:14 PM, Christophe Fergeau wrote: >>> On Thu, Feb 07, 2013 at 04:49:43PM +0200, Zeeshan Ali (Khattak) wrote: >>>> On Thu, Feb 7, 2013 at 10:56 AM, Christophe Fergeau wrote: >>>> > On Thu, Feb 07, 2013 at 02:16:52AM +0200, Zeeshan Ali (Khattak) wrote: >>>> >> On Wed, Feb 6, 2013 at 3:23 PM, Christophe Fergeau wrote: >>>> >> > On Wed, Feb 06, 2013 at 03:17:00PM +0200, Zeeshan Ali (Khattak) wrote: >>>> >> >> Why not let apps decide that? We are giving them info on the signed >>>> >> >> status of drivers and they can make an informed decision. >>>> >> > >>>> >> > This is exactly my point, applications cannot say "I'm only using signed >>>> >> > drivers, don't disable signature checking" with the current series as far >>>> >> > as I understand it. >>>> >> >>>> >> If applications are only going to use signed drivers, they don't need >>>> >> to disable anything. So really there is no app that is going to need >>>> >> this API but to get this very important work in, I'll live with a bit >>>> >> of redundant API. >>>> > >>>> > Yes, applications using signed drivers will not need to disable anything. >>>> > However, my understanding is that you want to use *unsigned* drivers in >>>> > your application, in that case you need to disable signature verification. >>>> > You are designing the whole thing with the nominal case being unsigned >>>> > drivers being case, which makes sense for your use case. >>>> >>>> Not at all. I'm providing application with information that drivers >>>> are signed or not. >>> >>> Yes >>> >>>> Based on that they can make a decision. If they >>>> decide to use unsigned drivers, there is absolutely no reason any app >>>> would want to disable some checks as well. >>> >>> I think applications should be able to control whether the OS they >>> install will have >>> DriverSigningPolicy=Ignore >>> set or not. And this should default to not be 'Ignore'. So if you want to be >>> able to install unsigned drivers, you need to be able disable signature >>> checking (ie tell the install script to add this line). >>> >>> >>>> Unless you could specify a >>>> (not hypothetical) usecase or example of an app that would want such a >>>> thing, I don't think there is any need for what you are asking for. >>> >>> Once again, this is a security feature. You keep pretending it's not, >>> waving it away, but this doesn't change the fact that this improves the >>> system security, and you are going to disable this without letting any >>> control to the library user on this. >>> >>>> Especially since I told you the problems with making this configurable >>>> in the last mail. >>> >>> 'this is complicated' is not necessarily a good reason for not doing >>> something. But let's first focus on what we do about this signature >>> checking stuff, I haven't really looked at the mail where you describe the >>> problems you have yet. >>> >>>> Moreover, even as security measure, its doubtful that MS thought of an >>>> application being invovled in the process. The common use case >>>> involves only the user and MS' software (mainly the installer). Its a >>>> very usual thing to not trust users to know exactly what they are >>>> doing. They can get malicious drivers from anywhere and try to install >>>> them. In case of libosinfo, there is going to be an app involved, >>>> making the decision for the user. >>> >>> But once the system is installed, the user will be in control of the OS, >>> and signature checking will still be disabled! >> >> Now you are talking. :) This is a very good point. I didn't think of >> the fact that driver checking could be 'permanently' disabled by this. >> I'll check it out. > > So checked it out and your fears are very justified: setting this > means setting it permanently. I looked around for enabling the > signature check after installation but the only working solution I > find was this: > > http://www.remkoweijnen.nl/blog/2010/11/11/programmatically-changing-the-driver-signing-options/ > > But seems the binary is non-free so we can't just ship that. :( I > really don't want to permanently disable driver signature checks, not > even in Boxes. So I'd rather we don't do this all together. If any > apps need this in future, we can add it (probably as configuration > param) later. Would someone kill me if i change my mind on this yet again. :) I just saw the huge difference in guest with and without QXL drivers and I really would hate to see this not working out of the box, upstream. So unless you have any objections, I'll go with your original suggestion to make this configurable and Boxes disabling driver signature checks. -- Regards, Zeeshan Ali (Khattak) FSF member#5124 From zeeshanak at gnome.org Sun Feb 10 16:41:01 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Sun, 10 Feb 2013 18:41:01 +0200 Subject: [Libosinfo] More device drivers v2 In-Reply-To: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> Message-ID: <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> Just like v1, these patches add information about virtio and QXL device drivers, make it possible for apps to automatically install them as part of Windows XP installation and improve drivers-related API. I'll look into getting virtio/QXL driver installation to work for Windows 7 soon but first I'd want to get these changes in so that we can add this feature in Boxes before the feature- and API/ABI-freeze of GNOME 3.7.x[1]. Changes since v1: * Since disabling drivers signature checks permanently is a security issue, Apps now must explicity disable it. * Driver signing requirement of scripts is not a simple boolean now but rather an enum. * Drivers in executable format must provide script (.cmd in case of windows) files that calls the actual setup binary with the appropriate arguments for us. * Scripts can (at least theoretically) support multiple driver formats now. Issues: * I get a blue screen of death[2] on Windows XP professional at the end of installation. Christophe tells me that this probably will be fixed with the next spice-guest-tools binary with up2date vioser drivers. That is hopefully available before these patches are merged but for now the work around is to simply reboot the VM (virsh reboot VM_NAME). [1] https://live.gnome.org/ThreePointSeven#Schedule [2] http://static.fi/~zeenix/tmp/blue-screen-of-death.png From zeeshanak at gnome.org Sun Feb 10 16:41:03 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Sun, 10 Feb 2013 18:41:03 +0200 Subject: [Libosinfo] [v2 2/8] Add enum list param getter In-Reply-To: <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> Message-ID: <1360514469-25259-3-git-send-email-zeeshanak@gnome.org> From: "Zeeshan Ali (Khattak)" --- osinfo/libosinfo.syms | 1 + osinfo/osinfo_entity.c | 71 ++++++++++++++++++++++++++++++++++++++++---------- osinfo/osinfo_entity.h | 4 +++ 3 files changed, 62 insertions(+), 14 deletions(-) diff --git a/osinfo/libosinfo.syms b/osinfo/libosinfo.syms index 41d3756..1ad4d82 100644 --- a/osinfo/libosinfo.syms +++ b/osinfo/libosinfo.syms @@ -403,6 +403,7 @@ LIBOSINFO_0.2.4 { global: osinfo_device_driver_format_get_type; osinfo_device_driver_get_format; + osinfo_entity_get_param_value_enum_list; } LIBOSINFO_0.2.3; /* Symbols in next release... diff --git a/osinfo/osinfo_entity.c b/osinfo/osinfo_entity.c index 543c710..8b9286e 100644 --- a/osinfo/osinfo_entity.c +++ b/osinfo/osinfo_entity.c @@ -382,24 +382,19 @@ gint osinfo_entity_get_param_value_enum(OsinfoEntity *entity, GType enum_type, gint default_value) { - const gchar *nick; - GEnumClass *enum_class; - GEnumValue *enum_value; + GList *value_list; + gint ret; g_return_val_if_fail(G_TYPE_IS_ENUM(enum_type), default_value); - nick = osinfo_entity_get_param_value(entity, key); - if (nick == NULL) - return default_value; - - enum_class = g_type_class_ref(enum_type); - enum_value = g_enum_get_value_by_nick(enum_class, nick); - g_type_class_unref(enum_class); - - if (enum_value != NULL) - return enum_value->value; + value_list = osinfo_entity_get_param_value_enum_list(entity, + key, + enum_type, + default_value); + ret = GPOINTER_TO_INT(value_list->data); + g_list_free (value_list); - g_return_val_if_reached(default_value); + return ret; } /** @@ -425,6 +420,54 @@ GList *osinfo_entity_get_param_value_list(OsinfoEntity *entity, const gchar *key return g_list_copy(values); } +/** + * osinfo_entity_get_param_value_enum_list: + * @entity: an #OsinfoEntity containing the parameters + * @key: the name of the key + * + * Retrieve all the parameter values associated with a named key as enums. If + * no values are associated, a list with only @default_value is returned. + * + * Returns: (transfer container) (element-type gint): the values associated with the key + */ +GList *osinfo_entity_get_param_value_enum_list(OsinfoEntity *entity, + const char *key, + GType enum_type, + gint default_value) +{ + GList *value_list; + GList *iter; + GList *ret = NULL; + GList *default_list; + + default_list = g_list_append (NULL, GINT_TO_POINTER(default_value)); + + g_return_val_if_fail(G_TYPE_IS_ENUM(enum_type), NULL); + + value_list = osinfo_entity_get_param_value_list(entity, key); + if (value_list == NULL) + return default_list; + + for (iter = value_list; iter; iter = iter->next) { + GEnumClass *enum_class; + GEnumValue *enum_value; + const gchar *nick = (const gchar *) iter->data; + + enum_class = g_type_class_ref(enum_type); + enum_value = g_enum_get_value_by_nick(enum_class, nick); + g_type_class_unref(enum_class); + + if (enum_value != NULL) + ret = g_list_append(ret, GINT_TO_POINTER(enum_value->value)); + } + + if (ret == NULL) + return default_list; + + g_list_free(default_list); + + return ret; +} /* * Local variables: diff --git a/osinfo/osinfo_entity.h b/osinfo/osinfo_entity.h index 4c6dc45..64f31d2 100644 --- a/osinfo/osinfo_entity.h +++ b/osinfo/osinfo_entity.h @@ -84,6 +84,10 @@ gint64 osinfo_entity_get_param_value_int64_with_default(OsinfoEntity *entity, const gchar *key, gint64 default_value); GList *osinfo_entity_get_param_value_list(OsinfoEntity *entity, const gchar *key); +GList *osinfo_entity_get_param_value_enum_list(OsinfoEntity *entity, + const char *key, + GType enum_type, + gint default_value); void osinfo_entity_set_param(OsinfoEntity *entity, const gchar *key, const gchar *value); void osinfo_entity_set_param_boolean(OsinfoEntity *entity, const gchar *key, gboolean value); void osinfo_entity_set_param_int64(OsinfoEntity *entity, const gchar *key, gint64 value); -- 1.8.1.2 From zeeshanak at gnome.org Sun Feb 10 16:41:02 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Sun, 10 Feb 2013 18:41:02 +0200 Subject: [Libosinfo] [v2 1/8] API to query format of device driver In-Reply-To: <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> Message-ID: <1360514469-25259-2-git-send-email-zeeshanak@gnome.org> From: "Zeeshan Ali (Khattak)" --- data/oses/windows.xml.in | 8 ++++---- data/schemas/libosinfo.rng | 11 +++++++++++ osinfo/libosinfo.syms | 6 ++++++ osinfo/osinfo_device_driver.c | 9 +++++++++ osinfo/osinfo_device_driver.h | 20 ++++++++++++++++++++ osinfo/osinfo_loader.c | 8 ++++++++ 6 files changed, 58 insertions(+), 4 deletions(-) diff --git a/data/oses/windows.xml.in b/data/oses/windows.xml.in index 310de62..1b762f8 100644 --- a/data/oses/windows.xml.in +++ b/data/oses/windows.xml.in @@ -383,7 +383,7 @@ - + viostor.cat viostor.inf viostor.sys @@ -392,7 +392,7 @@ - + viostor.cat viostor.inf viostor.sys @@ -754,14 +754,14 @@ - + viostor.cat viostor.inf viostor.sys - + viostor.cat viostor.inf viostor.sys diff --git a/data/schemas/libosinfo.rng b/data/schemas/libosinfo.rng index 90b0dfb..74fc9ce 100644 --- a/data/schemas/libosinfo.rng +++ b/data/schemas/libosinfo.rng @@ -451,6 +451,11 @@ + + + + + @@ -677,4 +682,10 @@ dos|unix + + + + windows|script|package + + diff --git a/osinfo/libosinfo.syms b/osinfo/libosinfo.syms index 4615829..41d3756 100644 --- a/osinfo/libosinfo.syms +++ b/osinfo/libosinfo.syms @@ -399,6 +399,12 @@ LIBOSINFO_0.2.3 { } LIBOSINFO_0.2.2; +LIBOSINFO_0.2.4 { + global: + osinfo_device_driver_format_get_type; + osinfo_device_driver_get_format; +} LIBOSINFO_0.2.3; + /* Symbols in next release... LIBOSINFO_0.0.2 { diff --git a/osinfo/osinfo_device_driver.c b/osinfo/osinfo_device_driver.c index 23731bf..da525cf 100644 --- a/osinfo/osinfo_device_driver.c +++ b/osinfo/osinfo_device_driver.c @@ -160,6 +160,15 @@ OsinfoDeviceList *osinfo_device_driver_get_devices(OsinfoDeviceDriver *driver) return driver->priv->devices; } +OsinfoDeviceDriverFormat osinfo_device_driver_get_format(OsinfoDeviceDriver *driver) +{ + return osinfo_entity_get_param_value_enum + (OSINFO_ENTITY(driver), + OSINFO_DEVICE_DRIVER_PROP_FORMAT, + OSINFO_TYPE_DEVICE_DRIVER_FORMAT, + OSINFO_DEVICE_DRIVER_FORMAT_SCRIPT); +} + void osinfo_device_driver_add_device(OsinfoDeviceDriver *driver, OsinfoDevice *device) { diff --git a/osinfo/osinfo_device_driver.h b/osinfo/osinfo_device_driver.h index c894fe8..dae3f97 100644 --- a/osinfo/osinfo_device_driver.h +++ b/osinfo/osinfo_device_driver.h @@ -55,6 +55,7 @@ typedef struct _OsinfoDeviceDriverPrivate OsinfoDeviceDriverPrivate; #define OSINFO_DEVICE_DRIVER_PROP_PRE_INSTALLABLE "pre-installable" #define OSINFO_DEVICE_DRIVER_PROP_FILE "file" #define OSINFO_DEVICE_DRIVER_PROP_DEVICE "device" +#define OSINFO_DEVICE_DRIVER_PROP_FORMAT "format" /* object */ struct _OsinfoDeviceDriver @@ -76,6 +77,24 @@ struct _OsinfoDeviceDriverClass /* class members */ }; +/** + * OsinfoDeviceDriverFormat: + * @OSINFO_DEVICE_DRIVER_FORMAT_WINDOWS: Windows specific driver in the form of + * .cat, .inf, .sys and (optionally) .dll + * files. + * @OSINFO_DEVICE_DRIVER_FORMAT_SCRIPT: OS-specific installer script. For + * Unix/Linux, this means files with '.sh' + * extension with executable permission + * bits set. For Windows, this would mean + * files with '.cmd' extension. + * @OSINFO_DEVICE_DRIVER_FORMAT_PACKAGE: OS-specific installer package (e.g RPM or DEB etc). + */ +typedef enum { + OSINFO_DEVICE_DRIVER_FORMAT_WINDOWS, + OSINFO_DEVICE_DRIVER_FORMAT_SCRIPT, + OSINFO_DEVICE_DRIVER_FORMAT_PACKAGE +} OsinfoDeviceDriverFormat; + GType osinfo_device_driver_get_type(void); const gchar *osinfo_device_driver_get_architecture(OsinfoDeviceDriver *driver); @@ -83,6 +102,7 @@ const gchar *osinfo_device_driver_get_location(OsinfoDeviceDriver *driver); gboolean osinfo_device_driver_get_pre_installable(OsinfoDeviceDriver *driver); GList *osinfo_device_driver_get_files(OsinfoDeviceDriver *driver); OsinfoDeviceList *osinfo_device_driver_get_devices(OsinfoDeviceDriver *driver); +OsinfoDeviceDriverFormat osinfo_device_driver_get_format(OsinfoDeviceDriver *driver); #endif /* __OSINFO_DEVICE_DRIVER_H__ */ /* diff --git a/osinfo/osinfo_loader.c b/osinfo/osinfo_loader.c index d713767..a190018 100644 --- a/osinfo/osinfo_loader.c +++ b/osinfo/osinfo_loader.c @@ -1016,6 +1016,7 @@ static OsinfoDeviceDriver *osinfo_loader_driver(OsinfoLoader *loader, xmlChar *arch = xmlGetProp(root, BAD_CAST OSINFO_DEVICE_DRIVER_PROP_ARCHITECTURE); xmlChar *location = xmlGetProp(root, BAD_CAST OSINFO_DEVICE_DRIVER_PROP_LOCATION); xmlChar *preinst = xmlGetProp(root, BAD_CAST OSINFO_DEVICE_DRIVER_PROP_PRE_INSTALLABLE); + xmlChar *format = xmlGetProp(root, BAD_CAST OSINFO_DEVICE_DRIVER_PROP_FORMAT); OsinfoDeviceDriver *driver = osinfo_device_driver_new(id); @@ -1040,6 +1041,13 @@ static OsinfoDeviceDriver *osinfo_loader_driver(OsinfoLoader *loader, xmlFree(preinst); } + if (format) { + osinfo_entity_set_param(OSINFO_ENTITY(driver), + OSINFO_DEVICE_DRIVER_PROP_FORMAT, + (gchar *)format); + xmlFree(format); + } + gint nnodes = osinfo_loader_nodeset("./*", ctxt, &nodes, err); if (error_is_set(err)) { g_object_unref(G_OBJECT(driver)); -- 1.8.1.2 From zeeshanak at gnome.org Sun Feb 10 16:41:04 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Sun, 10 Feb 2013 18:41:04 +0200 Subject: [Libosinfo] [v2 3/8] installer: API to query supported device driver formats In-Reply-To: <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> Message-ID: <1360514469-25259-4-git-send-email-zeeshanak@gnome.org> From: "Zeeshan Ali (Khattak)" --- data/install-scripts/windows-sif.xml | 2 ++ data/install-scripts/windows-unattend.xml | 2 ++ data/schemas/libosinfo.rng | 10 ++++++++++ osinfo/libosinfo.syms | 2 ++ osinfo/osinfo_install_script.c | 28 ++++++++++++++++++++++++++++ osinfo/osinfo_install_script.h | 5 +++++ osinfo/osinfo_loader.c | 20 ++++++++++++++++++++ 7 files changed, 69 insertions(+) diff --git a/data/install-scripts/windows-sif.xml b/data/install-scripts/windows-sif.xml index c072f4b..262e6ec 100644 --- a/data/install-scripts/windows-sif.xml +++ b/data/install-scripts/windows-sif.xml @@ -6,6 +6,7 @@ $$$$$-$$$$$-$$$$$-$$$$$-$$$$$ winnt.sif true + windows @@ -72,6 +73,7 @@ $$$$$-$$$$$-$$$$$-$$$$$-$$$$$ winnt.sif true + windows diff --git a/data/install-scripts/windows-unattend.xml b/data/install-scripts/windows-unattend.xml index e140617..e306ec4 100644 --- a/data/install-scripts/windows-unattend.xml +++ b/data/install-scripts/windows-unattend.xml @@ -5,6 +5,7 @@ $$$$$-$$$$$-$$$$$-$$$$$-$$$$$ autounattend.xml true + windows @@ -220,6 +221,7 @@ $$$$$-$$$$$-$$$$$-$$$$$-$$$$$ autounattend.xml true + windows diff --git a/data/schemas/libosinfo.rng b/data/schemas/libosinfo.rng index 74fc9ce..042ba53 100644 --- a/data/schemas/libosinfo.rng +++ b/data/schemas/libosinfo.rng @@ -579,11 +579,21 @@ + + + + + + + + + + diff --git a/osinfo/libosinfo.syms b/osinfo/libosinfo.syms index 1ad4d82..5a61e93 100644 --- a/osinfo/libosinfo.syms +++ b/osinfo/libosinfo.syms @@ -404,6 +404,8 @@ LIBOSINFO_0.2.4 { osinfo_device_driver_format_get_type; osinfo_device_driver_get_format; osinfo_entity_get_param_value_enum_list; + osinfo_install_script_get_pre_install_driver_formats; + osinfo_install_script_get_post_install_driver_formats; } LIBOSINFO_0.2.3; /* Symbols in next release... diff --git a/osinfo/osinfo_install_script.c b/osinfo/osinfo_install_script.c index 276c756..8b70365 100644 --- a/osinfo/osinfo_install_script.c +++ b/osinfo/osinfo_install_script.c @@ -1230,6 +1230,34 @@ gboolean osinfo_install_script_get_can_post_install_drivers(OsinfoInstallScript OSINFO_INSTALL_SCRIPT_PROP_CAN_POST_INSTALL_DRIVERS); } +/** + * osinfo_install_script_get_pre_install_driver_formats: + * + * Returns: (transfer container) (element-type OsinfoDeviceDriverFormat): + */ +GList *osinfo_install_script_get_pre_install_driver_formats(OsinfoInstallScript *script) +{ + return osinfo_entity_get_param_value_enum_list + (OSINFO_ENTITY(script), + OSINFO_INSTALL_SCRIPT_PROP_PRE_INSTALL_DEVICE_DRIVER_FORMAT, + OSINFO_TYPE_DEVICE_DRIVER_FORMAT, + OSINFO_DEVICE_DRIVER_FORMAT_SCRIPT); +} + +/** + * osinfo_install_script_get_post_install_driver_formats: + * + * Returns: (transfer container) (element-type OsinfoDeviceDriverFormat): + */ +GList *osinfo_install_script_get_post_install_driver_formats(OsinfoInstallScript *script) +{ + return osinfo_entity_get_param_value_enum_list + (OSINFO_ENTITY(script), + OSINFO_INSTALL_SCRIPT_PROP_POST_INSTALL_DEVICE_DRIVER_FORMAT, + OSINFO_TYPE_DEVICE_DRIVER_FORMAT, + OSINFO_DEVICE_DRIVER_FORMAT_SCRIPT); +} + /* * Local variables: * indent-tabs-mode: nil diff --git a/osinfo/osinfo_install_script.h b/osinfo/osinfo_install_script.h index d91751e..f9c0aaf 100644 --- a/osinfo/osinfo_install_script.h +++ b/osinfo/osinfo_install_script.h @@ -55,6 +55,8 @@ typedef struct _OsinfoInstallScriptPrivate OsinfoInstallScriptPrivate; #define OSINFO_INSTALL_SCRIPT_PROP_PATH_FORMAT "path-format" #define OSINFO_INSTALL_SCRIPT_PROP_CAN_PRE_INSTALL_DRIVERS "can-pre-install-drivers" #define OSINFO_INSTALL_SCRIPT_PROP_CAN_POST_INSTALL_DRIVERS "can-post-install-drivers" +#define OSINFO_INSTALL_SCRIPT_PROP_PRE_INSTALL_DEVICE_DRIVER_FORMAT "pre-install-driver-format" +#define OSINFO_INSTALL_SCRIPT_PROP_POST_INSTALL_DEVICE_DRIVER_FORMAT "post-install-driver-format" /* object */ struct _OsinfoInstallScript @@ -163,6 +165,9 @@ OsinfoPathFormat osinfo_install_script_get_path_format(OsinfoInstallScript *scri gboolean osinfo_install_script_get_can_pre_install_drivers(OsinfoInstallScript *script); gboolean osinfo_install_script_get_can_post_install_drivers(OsinfoInstallScript *script); +GList *osinfo_install_script_get_pre_install_driver_formats(OsinfoInstallScript *script); +GList *osinfo_install_script_get_post_install_driver_formats(OsinfoInstallScript *script); + #endif /* __OSINFO_INSTALL_SCRIPT_H__ */ /* * Local variables: diff --git a/osinfo/osinfo_loader.c b/osinfo/osinfo_loader.c index a190018..0c9cc0b 100644 --- a/osinfo/osinfo_loader.c +++ b/osinfo/osinfo_loader.c @@ -705,6 +705,7 @@ static void osinfo_loader_install_script(OsinfoLoader *loader, gchar *value = NULL; xmlNodePtr *nodes = NULL; int nnodes; + int i; if (!id) { OSINFO_ERROR(err, _("Missing install script id property")); @@ -762,6 +763,25 @@ static void osinfo_loader_install_script(OsinfoLoader *loader, } g_free(nodes); + nnodes = osinfo_loader_nodeset("./*", ctxt, &nodes, err); + if (error_is_set(err)) + goto error; + + for (i = 0 ; i < nnodes ; i++) { + if (!nodes[i]->children || + nodes[i]->children->type != XML_TEXT_NODE || + (strcmp((const gchar *)nodes[i]->name, + OSINFO_INSTALL_SCRIPT_PROP_PRE_INSTALL_DEVICE_DRIVER_FORMAT) != 0 && + strcmp((const gchar *)nodes[i]->name, + OSINFO_INSTALL_SCRIPT_PROP_POST_INSTALL_DEVICE_DRIVER_FORMAT))) + continue; + + osinfo_entity_set_param(OSINFO_ENTITY(installScript), + (const gchar *)nodes[i]->name, + (const gchar *)nodes[i]->children->content); + } + g_free(nodes); + osinfo_db_add_install_script(loader->priv->db, installScript); return; -- 1.8.1.2 From zeeshanak at gnome.org Sun Feb 10 16:41:06 2013 From: zeeshanak at gnome.org (Zeeshan Ali (Khattak)) Date: Sun, 10 Feb 2013 18:41:06 +0200 Subject: [Libosinfo] [v2 5/8] install-config: API to enable/disable driver signing In-Reply-To: <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> References: <1359343127-27272-1-git-send-email-zeeshanak@gnome.org> <1360514469-25259-1-git-send-email-zeeshanak@gnome.org> Message-ID: <1360514469-25259-6-git-send-email-zeeshanak@gnome.org> From: "Zeeshan Ali (Khattak)" Currently only used by Windows XP. --- data/install-scripts/windows-sif.xml | 8 ++++++++ osinfo/libosinfo.syms | 2 ++ osinfo/osinfo_install_config.c | 25 +++++++++++++++++++++++++ osinfo/osinfo_install_config.h | 6 ++++++ 4 files changed, 41 insertions(+) diff --git a/data/install-scripts/windows-sif.xml b/data/install-scripts/windows-sif.xml index 262e6ec..3bb79c8 100644 --- a/data/install-scripts/windows-sif.xml +++ b/data/install-scripts/windows-sif.xml @@ -11,6 +11,7 @@ +