From 6ddc3f7b12c7858edd7b4f1e375fdf2d0162edd1 Mon Sep 17 00:00:00 2001 From: Richard Hughes Date: Wed, 23 Nov 2022 09:41:52 +0000 Subject: [PATCH] firmware-security: Soft depend on fwupd 1.8.3 to reduce translator load This was released many months ago, and it's not likely that someone is going to ship a bleeding edge GNOME 44 with an obsolete fwupd. In the event that they do, just fallback to the untranslated attribute name. --- .../cc-firmware-security-utils.c | 209 +----------------- 1 file changed, 5 insertions(+), 204 deletions(-) diff --git a/panels/firmware-security/cc-firmware-security-utils.c b/panels/firmware-security/cc-firmware-security-utils.c index f6df3aebeb..b955b6d777 100644 --- a/panels/firmware-security/cc-firmware-security-utils.c +++ b/panels/firmware-security/cc-firmware-security-utils.c @@ -26,208 +26,6 @@ #include "cc-firmware-security-utils.h" -/* we don't need to keep this up to date, as any new attrs added by fwupd >= 1.8.3 will also - * come with translated titles *and* descriptions */ -static const gchar * -fu_security_attr_get_title_fallback (const gchar *appstream_id) -{ - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_SPI_BIOSWE) == 0) - { - /* TRANSLATORS: Title: firmware refers to the flash chip in the computer */ - return _("Firmware Write Protection"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_SPI_BLE) == 0) - { - /* TRANSLATORS: Title: firmware refers to the flash chip in the computer */ - return _("Firmware Write Protection Lock"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_SPI_SMM_BWP) == 0) - { - /* TRANSLATORS: Title: SPI refers to the flash chip in the computer */ - return _("Firmware BIOS Region"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_SPI_DESCRIPTOR) == 0) - { - /* TRANSLATORS: Title: firmware refers to the flash chip in the computer */ - return _("Firmware BIOS Descriptor"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_PREBOOT_DMA_PROTECTION) == 0) - { - /* TRANSLATORS: Title: DMA as in https://en.wikipedia.org/wiki/DMA_attack */ - return _("Pre-boot DMA Protection"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_ENABLED) == 0) - { - /* TRANSLATORS: Title: BootGuard is a trademark from Intel */ - return _("Intel BootGuard"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_VERIFIED) == 0) - { - /* TRANSLATORS: Title: BootGuard is a trademark from Intel, - * verified boot refers to the way the boot process is verified */ - return _("Intel BootGuard Verified Boot"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_ACM) == 0) - { - /* TRANSLATORS: Title: BootGuard is a trademark from Intel, - * ACM means to verify the integrity of Initial Boot Block */ - return _("Intel BootGuard ACM Protected"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_POLICY) == 0) - { - /* TRANSLATORS: Title: BootGuard is a trademark from Intel, - * error policy is what to do on failure */ - return _("Intel BootGuard Error Policy"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_BOOTGUARD_OTP) == 0) - { - /* TRANSLATORS: Title: BootGuard is a trademark from Intel */ - return _("Intel BootGuard Fuse"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_CET_ENABLED) == 0) - { - /* TRANSLATORS: Title: CET = Control-flow Enforcement Technology, - * enabled means supported by the processor */ - return _("Intel CET Enabled"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_CET_ACTIVE) == 0) - { - /* TRANSLATORS: Title: CET = Control-flow Enforcement Technology, - * active means being used by the OS */ - return _("Intel CET Active"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_INTEL_SMAP) == 0) - { - /* TRANSLATORS: Title: SMAP = Supervisor Mode Access Prevention */ - return _("Intel SMAP"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_ENCRYPTED_RAM) == 0) - { - /* TRANSLATORS: Title: Memory contents are encrypted, e.g. Intel TME */ - return _("Encrypted RAM"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_IOMMU) == 0) - { - /* TRANSLATORS: Title: - * https://en.wikipedia.org/wiki/Input%E2%80%93output_memory_management_unit */ - return _("IOMMU Protection"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_KERNEL_LOCKDOWN) == 0) - { - /* TRANSLATORS: Title: lockdown is a security mode of the kernel */ - return _("Linux Kernel Lockdown"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_KERNEL_TAINTED) == 0) - { - /* TRANSLATORS: Title: if it's tainted or not */ - return _("Linux Kernel Verification"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_KERNEL_SWAP) == 0) - { - /* TRANSLATORS: Title: swap space or swap partition */ - return _("Linux Swap"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_SUSPEND_TO_RAM) == 0) - { - /* TRANSLATORS: Title: sleep state */ - return _("Suspend To RAM"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_SUSPEND_TO_IDLE) == 0) - { - /* TRANSLATORS: Title: a better sleep state */ - return _("Suspend To Idle"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_UEFI_PK) == 0) - { - /* TRANSLATORS: Title: PK is the 'platform key' for the machine */ - return _("UEFI Platform Key"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_UEFI_SECUREBOOT) == 0) - { - /* TRANSLATORS: Title: SB is a way of locking down UEFI */ - return _("UEFI Secure Boot"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_TPM_EMPTY_PCR) == 0) - { - /* TRANSLATORS: Title: PCRs (Platform Configuration Registers) shouldn't be empty */ - return _("TPM Platform Configuration"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_TPM_RECONSTRUCTION_PCR0) == 0) - { - /* TRANSLATORS: Title: the PCR is rebuilt from the TPM event log */ - return _("TPM Reconstruction"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_TPM_VERSION_20) == 0) - { - /* TRANSLATORS: Title: TPM = Trusted Platform Module */ - return _("TPM v2.0"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_MEI_MANUFACTURING_MODE) == 0) - { - /* TRANSLATORS: Title: MEI = Intel Management Engine */ - return _("Intel Management Engine Manufacturing Mode"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_MEI_OVERRIDE_STRAP) == 0) - { - /* TRANSLATORS: Title: MEI = Intel Management Engine, and the "override" is enabled - * with a jumper -- luckily it is probably not accessible to end users on consumer - * boards */ - return _("Intel Management Engine Override"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_MEI_VERSION) == 0) - { - /* TRANSLATORS: Title: MEI = Intel Management Engine */ - return _("Intel Management Engine Version"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_FWUPD_UPDATES) == 0) - { - /* TRANSLATORS: Title: if firmware updates are available */ - return _("Firmware Updates"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_FWUPD_ATTESTATION) == 0) - { - /* TRANSLATORS: Title: if we can verify the firmware checksums */ - return _("Firmware Attestation"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_FWUPD_PLUGINS) == 0) - { - /* TRANSLATORS: Title: if the fwupd plugins are all present and correct */ - return _("Firmware Updater Verification"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_ENABLED) == 0 || - g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_PLATFORM_DEBUG_LOCKED) == 0) - { - /* TRANSLATORS: Title: Allows debugging of parts using proprietary hardware */ - return _("Platform Debugging"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_SUPPORTED_CPU) == 0) - { - /* TRANSLATORS: Title: if fwupd supports HSI on this chip */ - return _("Processor Security Checks"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_AMD_ROLLBACK_PROTECTION) == 0) - { - /* TRANSLATORS: Title: if firmware enforces rollback protection */ - return _("AMD Rollback Protection"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_AMD_SPI_REPLAY_PROTECTION) == 0) - { - /* TRANSLATORS: Title: if hardware enforces control of SPI replays */ - return _("AMD Firmware Replay Protection"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_AMD_SPI_WRITE_PROTECTION) == 0) - { - /* TRANSLATORS: Title: if hardware enforces control of SPI writes */ - return _("AMD Firmware Write Protection"); - } - if (g_strcmp0 (appstream_id, FWUPD_SECURITY_ATTR_ID_PLATFORM_FUSED) == 0) - { - /* TRANSLATORS: Title: if the part has been fused */ - return _("Fused Platform"); - } - return NULL; -} - const gchar * fwupd_security_attr_result_to_string (FwupdSecurityAttrResult result) { @@ -312,6 +110,7 @@ fu_security_attr_new_from_variant (GVariantIter *iter) FwupdSecurityAttr *attr = g_new0 (FwupdSecurityAttr, 1); const gchar *key; GVariant *value; + g_autofree gchar *name = NULL; while (g_variant_iter_next (iter, "{&sv}", &key, &value)) { @@ -331,6 +130,8 @@ fu_security_attr_new_from_variant (GVariantIter *iter) attr->description = g_strdup (dgettext ("fwupd", g_variant_get_string (value, NULL))); else if (g_strcmp0 (key, "Summary") == 0) attr->title = g_strdup (dgettext ("fwupd", g_variant_get_string (value, NULL))); + else if (g_strcmp0 (key, "Name") == 0) + name = g_variant_dup_string (value, NULL); g_variant_unref (value); } @@ -339,8 +140,8 @@ fu_security_attr_new_from_variant (GVariantIter *iter) attr->hsi_level = 1; /* fallback for older fwupd versions */ - if (attr->appstream_id != NULL && attr->title == NULL) - attr->title = g_strdup (fu_security_attr_get_title_fallback (attr->appstream_id)); + if (attr->appstream_id != NULL && attr->title == NULL && name != NULL) + attr->title = g_strdup (name); /* success */ return attr; -- GitLab