diff options
Diffstat (limited to 'panels/firmware-security/cc-firmware-security-panel.c')
| -rw-r--r-- | panels/firmware-security/cc-firmware-security-panel.c | 717 |
1 files changed, 717 insertions, 0 deletions
diff --git a/panels/firmware-security/cc-firmware-security-panel.c b/panels/firmware-security/cc-firmware-security-panel.c new file mode 100644 index 0000000..d48e7ab --- /dev/null +++ b/panels/firmware-security/cc-firmware-security-panel.c @@ -0,0 +1,717 @@ +/* cc-firmware-security-panel.c + * + * Copyright (C) 2021 Red Hat, Inc + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, see <http://www.gnu.org/licenses/>. + * + * Author: Kate Hsuan <hpa@redhat.com> + * + * SPDX-License-Identifier: GPL-2.0-or-later + */ + +#include "shell/cc-application.h" + +#include "cc-firmware-security-panel.h" +#include "cc-firmware-security-resources.h" +#include "cc-firmware-security-dialog.h" +#include "cc-firmware-security-boot-dialog.h" +#include "cc-firmware-security-utils.h" +#include "cc-util.h" + +#include <gio/gdesktopappinfo.h> +#include <glib/gi18n.h> + +struct _CcfirmwareSecurityPanel +{ + CcPanel parent_instance; + + GtkButton *hsi_button; + GtkButton *secure_boot_button; + + /* HSI button */ + GtkWidget *hsi_grid; + + GtkWidget *hsi_circle_box; + GtkWidget *hsi_circle_number; + + GtkWidget *hsi_label; + GtkWidget *hsi_description; + + /* secure boot button */ + GtkWidget *secure_boot_button_grid; + GtkWidget *secure_boot_icon; + GtkWidget *secure_boot_label; + GtkWidget *secure_boot_description; + + /* event listbox */ + GtkWidget *firmware_security_log_listbox; + GtkWidget *firmware_security_log_stack; + GtkWidget *firmware_security_log_pgroup; + + GDBusProxy *bus_proxy; + GDBusProxy *properties_bus_proxy; + + GHashTable *hsi1_dict; + GHashTable *hsi2_dict; + GHashTable *hsi3_dict; + GHashTable *hsi4_dict; + + guint hsi_number; + SecureBootState secure_boot_state; +}; + +CC_PANEL_REGISTER (CcfirmwareSecurityPanel, cc_firmware_security_panel) + +static void +set_hsi_button_view (CcfirmwareSecurityPanel *self); + +static void +set_secure_boot_button_view (CcfirmwareSecurityPanel *self) +{ + FwupdSecurityAttr *attr; + guint64 sb_flags = 0; + guint64 pk_flags = 0; + + /* get HSI-1 flags if set */ + attr = g_hash_table_lookup (self->hsi1_dict, FWUPD_SECURITY_ATTR_ID_UEFI_SECUREBOOT); + if (attr != NULL) + sb_flags = attr->flags; + attr = g_hash_table_lookup (self->hsi1_dict, FWUPD_SECURITY_ATTR_ID_UEFI_PK); + if (attr != NULL) + pk_flags = attr->flags; + + /* enabled and valid */ + if ((sb_flags & FWUPD_SECURITY_ATTR_FLAG_SUCCESS) > 0 && + (pk_flags & FWUPD_SECURITY_ATTR_FLAG_SUCCESS) > 0) + { + self->secure_boot_state = SECURE_BOOT_STATE_ACTIVE; + } + else if ((sb_flags & FWUPD_SECURITY_ATTR_RESULT_ENABLED) > 0) + { + self->secure_boot_state = SECURE_BOOT_STATE_PROBLEMS; + } + else + { + self->secure_boot_state = SECURE_BOOT_STATE_INACTIVE; + } + + /* update UI */ + if (self->secure_boot_state == SECURE_BOOT_STATE_ACTIVE) + { + gtk_label_set_text (GTK_LABEL (self->secure_boot_label), _("Secure Boot is Active")); + gtk_label_set_text (GTK_LABEL (self->secure_boot_description), _("Protected against malicious software when the device starts.")); + gtk_image_set_from_icon_name (GTK_IMAGE (self->secure_boot_icon), "channel-secure-symbolic"); + gtk_widget_add_css_class (self->secure_boot_icon, "good"); + } + else if (self->secure_boot_state == SECURE_BOOT_STATE_PROBLEMS) + { + gtk_label_set_text (GTK_LABEL (self->secure_boot_label), _("Secure Boot has Problems")); + gtk_label_set_text (GTK_LABEL (self->secure_boot_description), _("Some protection when the device is started.")); + gtk_widget_add_css_class (self->secure_boot_icon, "error"); + } + else + { + gtk_label_set_text (GTK_LABEL (self->secure_boot_label), _("Secure Boot is Off")); + gtk_label_set_text (GTK_LABEL (self->secure_boot_description), _("No protection when the device is started.")); + gtk_widget_add_css_class (self->secure_boot_icon, "error"); + } +} + +static gchar * +fu_security_attr_get_description_for_eventlog (FwupdSecurityAttr *attr) +{ + GString *str = g_string_new (attr->description); + + /* nothing to do */ + if (attr->flags & FWUPD_SECURITY_ATTR_FLAG_SUCCESS) + return g_string_free (str, FALSE); + + if (attr->flags & FWUPD_SECURITY_ATTR_FLAG_ACTION_CONTACT_OEM && + attr->flags & FWUPD_SECURITY_ATTR_FLAG_ACTION_CONFIG_FW) + { + g_string_append_printf (str, "\n\n%s", + /* TRANSLATORS: this is to explain an event that has already happened */ + _("This issue could have been caused by a change in UEFI firmware " + "settings, an operating system configuration change, or because of " + "malicious software on this system.")); + } + else if (attr->flags & FWUPD_SECURITY_ATTR_FLAG_ACTION_CONFIG_FW) + { + g_string_append_printf (str, "\n\n%s", + /* TRANSLATORS: this is to explain an event that has already happened */ + _("This issue could have been caused by a change in the UEFI firmware " + "settings, or because of malicious software on this system.")); + } + else if (attr->flags & FWUPD_SECURITY_ATTR_FLAG_ACTION_CONFIG_OS) + { + g_string_append_printf (str, "\n\n%s", + /* TRANSLATORS: this is to explain an event that has already happened */ + _("This issue could have been caused by an operating system configuration " + "change, or because of malicious software on this system.")); + } + + return g_string_free (str, FALSE); +} + +static void +parse_event_variant_iter (CcfirmwareSecurityPanel *self, + GVariantIter *iter) +{ + g_autofree gchar *date_string = NULL; + g_autoptr (GDateTime) date = NULL; + g_autoptr (FwupdSecurityAttr) attr = fu_security_attr_new_from_variant(iter); + GtkWidget *row; + + /* unknown to us */ + if (attr->appstream_id == NULL || attr->title == NULL) + return; + + /* skip events that have either been added or removed with no prior value */ + if (attr->result == FWUPD_SECURITY_ATTR_RESULT_UNKNOWN || + attr->result_fallback == FWUPD_SECURITY_ATTR_RESULT_UNKNOWN) + return; + + /* build new row */ + date = g_date_time_new_from_unix_local (attr->timestamp); + date_string = g_date_time_format (date, "\%F \%H:\%m:\%S"); + + row = adw_expander_row_new (); + if (attr->flags & FWUPD_SECURITY_ATTR_FLAG_SUCCESS) + { + adw_expander_row_set_icon_name (ADW_EXPANDER_ROW (row), "emblem-ok"); + gtk_widget_add_css_class (row, "success-icon"); + } + else + { + adw_expander_row_set_icon_name (ADW_EXPANDER_ROW (row), "process-stop"); + gtk_widget_add_css_class (row, "error-icon"); + } + + if (attr->description != NULL) + { + GtkWidget *subrow = adw_action_row_new (); + g_autofree gchar *str = fu_security_attr_get_description_for_eventlog (attr); + adw_action_row_set_subtitle (ADW_ACTION_ROW (subrow), str); + adw_expander_row_add_row (ADW_EXPANDER_ROW (row), subrow); + } + else + { + adw_expander_row_set_enable_expansion (ADW_EXPANDER_ROW (row), FALSE); + gtk_widget_add_css_class (row, "hide-arrow"); + } + + adw_preferences_row_set_title (ADW_PREFERENCES_ROW (row), attr->title); + adw_expander_row_set_subtitle (ADW_EXPANDER_ROW (row), date_string); + adw_preferences_group_add (ADW_PREFERENCES_GROUP (self->firmware_security_log_pgroup), GTK_WIDGET (row)); + + adw_view_stack_set_visible_child_name (ADW_VIEW_STACK (self->firmware_security_log_stack), "page2"); +} + +static void +parse_variant_iter (CcfirmwareSecurityPanel *self, + GVariantIter *iter) +{ + g_autoptr (FwupdSecurityAttr) attr = fu_security_attr_new_from_variant(iter); + const gchar *appstream_id = attr->appstream_id; + + /* invalid */ + if (appstream_id == NULL) + return; + + /* in fwupd <= 1.8.3 org.fwupd.hsi.Uefi.SecureBoot was incorrectly marked as HSI-0, + * so lower the HSI number forcefully if this attribute failed -- the correct thing + * to do of course is to update fwupd to a newer build */ + if (g_strcmp0 (attr->appstream_id, FWUPD_SECURITY_ATTR_ID_UEFI_SECUREBOOT) == 0 && + (attr->flags & FWUPD_SECURITY_ATTR_FLAG_SUCCESS) == 0) + { + self->hsi_number = 0; + set_hsi_button_view (self); + } + + /* insert into correct hash table */ + switch (attr->hsi_level) + { + case 1: + g_hash_table_insert (self->hsi1_dict, + g_strdup (appstream_id), + g_steal_pointer (&attr)); + break; + case 2: + g_hash_table_insert (self->hsi2_dict, + g_strdup (appstream_id), + g_steal_pointer (&attr)); + break; + case 3: + g_hash_table_insert (self->hsi3_dict, + g_strdup (appstream_id), + g_steal_pointer (&attr)); + break; + case 4: + g_hash_table_insert (self->hsi4_dict, + g_strdup (appstream_id), + g_steal_pointer (&attr)); + break; + } +} + +static void +parse_data_from_variant (CcfirmwareSecurityPanel *self, + GVariant *value, + const gboolean is_event) +{ + const gchar *type_string; + g_autoptr (GVariantIter) iter = NULL; + + type_string = g_variant_get_type_string (value); + if (g_strcmp0 (type_string, "(a{sv})") == 0) + { + g_variant_get (value, "(a{sv})", &iter); + if (is_event) + parse_event_variant_iter (self, iter); + else + parse_variant_iter (self, iter); + } + else if (g_strcmp0 (type_string, "a{sv}") == 0) + { + g_variant_get (value, "a{sv}", &iter); + if (is_event) + parse_event_variant_iter (self, iter); + else + parse_variant_iter (self, iter); + } + else + { + g_warning ("type %s not known", type_string); + } +} + +static void +parse_array_from_variant (CcfirmwareSecurityPanel *self, + GVariant *value, + const gboolean is_event) +{ + gsize sz; + g_autoptr (GVariant) untuple = NULL; + + untuple = g_variant_get_child_value (value, 0); + sz = g_variant_n_children (untuple); + for (guint i = 0; i < sz; i++) + { + g_autoptr (GVariant) data = NULL; + data = g_variant_get_child_value (untuple, i); + if (is_event) + parse_data_from_variant (self, data, TRUE); + else + parse_data_from_variant (self, data, FALSE); + } +} + +static void +on_bus_event_done_cb (GObject *source, + GAsyncResult *res, + gpointer user_data) +{ + g_autoptr (GError) error = NULL; + g_autoptr (GVariant) val = NULL; + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (user_data); + + val = g_dbus_proxy_call_finish (G_DBUS_PROXY (source), res, &error); + if (val == NULL) + { + g_warning ("failed to get Security Attribute Event: %s", error->message); + return; + } + + parse_array_from_variant (self, val, TRUE); +} + +static void +on_bus_done (GObject *source, + GAsyncResult *res, + gpointer user_data) +{ + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (user_data); + g_autoptr (GError) error = NULL; + g_autoptr (GVariant) val = NULL; + + val = g_dbus_proxy_call_finish (G_DBUS_PROXY (source), res, &error); + if (val == NULL) + { + CcApplication *application = CC_APPLICATION (g_application_get_default ()); + g_warning ("failed to get Security Attribute: %s", error->message); + cc_shell_model_set_panel_visibility (cc_application_get_model (application), + "firmware-security", + CC_PANEL_HIDDEN); + set_secure_boot_button_view (self); + return; + } + + parse_array_from_variant (self, val, FALSE); + set_secure_boot_button_view (self); +} + +static void +on_bus_ready_cb (GObject *source_object, + GAsyncResult *res, + gpointer user_data) +{ + g_autoptr (GError) error = NULL; + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (user_data); + + self->bus_proxy = g_dbus_proxy_new_for_bus_finish (res, &error); + if (self->bus_proxy == NULL) + { + if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) + g_warning ("failed to connect fwupd: %s", error->message); + + return; + } + + g_dbus_proxy_call (self->bus_proxy, + "GetHostSecurityAttrs", + NULL, + G_DBUS_CALL_FLAGS_NONE, + -1, + cc_panel_get_cancellable (CC_PANEL (self)), + on_bus_done, + self); + g_dbus_proxy_call (self->bus_proxy, + "GetHostSecurityEvents", + g_variant_new ("(u)", + 100), + G_DBUS_CALL_FLAGS_NONE, + -1, + cc_panel_get_cancellable (CC_PANEL (self)), + on_bus_event_done_cb, + self); +} + +static void +on_hsi_button_clicked_cb (GtkWidget *widget, + gpointer data) +{ + GtkWidget *toplevel; + CcShell *shell; + GtkWidget *dialog; + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (data); + + dialog = cc_firmware_security_dialog_new (self->hsi_number, + self->hsi1_dict, + self->hsi2_dict, + self->hsi3_dict, + self->hsi4_dict); + shell = cc_panel_get_shell (CC_PANEL (self)); + toplevel = cc_shell_get_toplevel (shell); + gtk_window_set_transient_for (GTK_WINDOW (dialog), GTK_WINDOW (toplevel)); + gtk_widget_show (GTK_WIDGET (dialog)); +} + +static void +on_secure_boot_button_clicked_cb (GtkWidget *widget, + gpointer data) +{ + GtkWidget *toplevel; + CcShell *shell; + GtkWidget *boot_dialog; + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (data); + + boot_dialog = cc_firmware_security_boot_dialog_new (self->secure_boot_state); + shell = cc_panel_get_shell (CC_PANEL (self)); + toplevel = cc_shell_get_toplevel (shell); + gtk_window_set_transient_for (GTK_WINDOW (boot_dialog), GTK_WINDOW (toplevel)); + gtk_widget_show (boot_dialog); +} + +static void +set_hsi_button_view_contain (CcfirmwareSecurityPanel *self, + guint hsi_number, + gchar *title, + const gchar *description) +{ + switch (hsi_number) + { + case 0: + gtk_label_set_label (GTK_LABEL (self->hsi_circle_number), "0"); + gtk_widget_add_css_class (self->hsi_circle_box, "level0"); + gtk_widget_add_css_class (self->hsi_circle_number, "hsi0"); + break; + case 1: + gtk_label_set_label (GTK_LABEL (self->hsi_circle_number), "1"); + gtk_widget_add_css_class (self->hsi_circle_box, "level1"); + gtk_widget_add_css_class (self->hsi_circle_number, "hsi1"); + break; + case 2: + gtk_label_set_label (GTK_LABEL (self->hsi_circle_number), "2"); + gtk_widget_add_css_class (self->hsi_circle_box, "level2"); + gtk_widget_add_css_class (self->hsi_circle_number, "hsi2"); + break; + case 3: + case 4: + gtk_label_set_label (GTK_LABEL (self->hsi_circle_number), "3"); + gtk_widget_add_css_class (self->hsi_circle_box, "level3"); + gtk_widget_add_css_class (self->hsi_circle_number, "hsi3"); + break; + default: + gtk_label_set_label (GTK_LABEL (self->hsi_circle_number), "?"); + gtk_widget_add_css_class (self->hsi_circle_box, "level1"); + gtk_widget_add_css_class (self->hsi_circle_number, "hsi1"); + break; + } + + gtk_label_set_text (GTK_LABEL (self->hsi_label), title); + gtk_label_set_text (GTK_LABEL (self->hsi_description), description); +} + +static void +set_hsi_button_view (CcfirmwareSecurityPanel *self) +{ + switch (self->hsi_number) + { + case 0: + set_hsi_button_view_contain (self, + self->hsi_number, + /* TRANSLATORS: in reference to firmware protection: 0/4 stars */ + _("Security Level 0"), + _("Exposed to serious security threats.")); + break; + case 1: + set_hsi_button_view_contain (self, + self->hsi_number, + /* TRANSLATORS: in reference to firmware protection: 1/4 stars */ + _("Security Level 1"), + _("Limited protection against simple security threats.")); + break; + case 2: + set_hsi_button_view_contain (self, + self->hsi_number, + /* TRANSLATORS: in reference to firmware protection: 2/4 stars */ + _("Security Level 2"), + _("Protected against common security threats.")); + break; + case 3: + set_hsi_button_view_contain (self, + self->hsi_number, + /* TRANSLATORS: in reference to firmware protection: 3/4 stars */ + _("Security Level 3"), + _("Protected against a wide range of security threats.")); + break; + case 4: + set_hsi_button_view_contain (self, + /* Based on current HSI definition, the max HSI value would be 3. */ + 3, + /* TRANSLATORS: in reference to firmware protection: 4/4 stars */ + _("Comprehensive Protection"), + _("Protected against a wide range of security threats.")); + break; + case G_MAXUINT: + set_hsi_button_view_contain (self, + self->hsi_number, + /* TRANSLATORS: in reference to firmware protection: ??? stars */ + _("Security Level"), + _("Security levels are not available for this device.")); + break; + default: + g_warning ("incorrect HSI number %u", self->hsi_number); + } +} + +static void +on_properties_bus_done_cb (GObject *source, + GAsyncResult *res, + gpointer user_data) +{ + g_autoptr (GError) error = NULL; + g_autoptr (GVariant) val = NULL; + const gchar *hsi_str = NULL; + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (user_data); + + val = g_dbus_proxy_call_finish (G_DBUS_PROXY (source), res, &error); + if (val == NULL) + { + g_warning ("failed to get HSI number"); + return; + } + + /* parse value */ + hsi_str = g_variant_get_data (val); + if (hsi_str != NULL && g_str_has_prefix (hsi_str, "HSI:INVALID")) + { + self->hsi_number = G_MAXUINT; + } + else if (hsi_str != NULL && g_str_has_prefix (hsi_str, "HSI:")) + { + self->hsi_number = g_ascii_strtoll (hsi_str + 4, NULL, 10); + } + set_hsi_button_view (self); +} + +static void +on_properties_bus_ready_cb (GObject *source_object, + GAsyncResult *res, + gpointer user_data) +{ + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (user_data); + g_autoptr (GError) error = NULL; + + self->properties_bus_proxy = g_dbus_proxy_new_for_bus_finish (res, &error); + if (self->properties_bus_proxy == NULL) + { + if (!g_error_matches (error, G_IO_ERROR, G_IO_ERROR_CANCELLED)) + g_warning ("failed to connect fwupd: %s", error->message); + + return; + } + + g_dbus_proxy_call (self->properties_bus_proxy, + "Get", + g_variant_new ("(ss)", + "org.freedesktop.fwupd", + "HostSecurityId"), + G_DBUS_CALL_FLAGS_NONE, + -1, + cc_panel_get_cancellable (CC_PANEL (self)), + on_properties_bus_done_cb, + self); +} + +static void +update_panel_visibility (const gchar *chassis_type) +{ + CcApplication *application; + gboolean visible = TRUE; + + /* there's no point showing this */ + if (g_strcmp0 (chassis_type, "vm") == 0 || g_strcmp0 (chassis_type, "") == 0) + visible = FALSE; + application = CC_APPLICATION (g_application_get_default ()); + cc_shell_model_set_panel_visibility (cc_application_get_model (application), + "firmware-security", + visible ? CC_PANEL_VISIBLE : CC_PANEL_HIDDEN); + g_debug ("Firmware Security panel visible: %s as chassis was %s", + visible ? "yes" : "no", + chassis_type); +} + +void +cc_firmware_security_panel_static_init_func (void) +{ + g_autoptr(GDBusConnection) connection = NULL; + g_autoptr(GError) error = NULL; + g_autoptr(GVariant) inner = NULL; + g_autoptr(GVariant) variant = NULL; + + connection = g_bus_get_sync (G_BUS_TYPE_SYSTEM, NULL, &error); + if (!connection) + { + g_warning ("system bus not available: %s", error->message); + return; + } + variant = g_dbus_connection_call_sync (connection, + "org.freedesktop.hostname1", + "/org/freedesktop/hostname1", + "org.freedesktop.DBus.Properties", + "Get", + g_variant_new ("(ss)", + "org.freedesktop.hostname1", + "Chassis"), + NULL, + G_DBUS_CALL_FLAGS_NONE, + -1, + NULL, + &error); + if (!variant) + { + g_warning ("Cannot get org.freedesktop.hostname1.Chassis: %s", error->message); + return; + } + g_variant_get (variant, "(v)", &inner); + update_panel_visibility (g_variant_get_string (inner, NULL)); +} + +static void +cc_firmware_security_panel_finalize (GObject *object) +{ + CcfirmwareSecurityPanel *self = CC_FIRMWARE_SECURITY_PANEL (object); + + g_clear_pointer (&self->hsi1_dict, g_hash_table_unref); + g_clear_pointer (&self->hsi2_dict, g_hash_table_unref); + g_clear_pointer (&self->hsi3_dict, g_hash_table_unref); + g_clear_pointer (&self->hsi4_dict, g_hash_table_unref); + + g_clear_object (&self->bus_proxy); + g_clear_object (&self->properties_bus_proxy); + + G_OBJECT_CLASS (cc_firmware_security_panel_parent_class)->finalize (object); +} + + +static void +cc_firmware_security_panel_class_init (CcfirmwareSecurityPanelClass *klass) +{ + GtkWidgetClass *widget_class = GTK_WIDGET_CLASS (klass); + GObjectClass *object_class = G_OBJECT_CLASS (klass); + + object_class->finalize = cc_firmware_security_panel_finalize; + + gtk_widget_class_set_template_from_resource (widget_class, "/org/gnome/control-center/firmware-security/cc-firmware-security-panel.ui"); + + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, firmware_security_log_pgroup); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, firmware_security_log_stack); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, hsi_button); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, hsi_description); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, hsi_circle_box); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, hsi_circle_number); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, hsi_label); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, secure_boot_button); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, secure_boot_description); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, secure_boot_icon); + gtk_widget_class_bind_template_child (widget_class, CcfirmwareSecurityPanel, secure_boot_label); + + gtk_widget_class_bind_template_callback (widget_class, on_hsi_button_clicked_cb); + gtk_widget_class_bind_template_callback (widget_class, on_secure_boot_button_clicked_cb); +} + +static void +cc_firmware_security_panel_init (CcfirmwareSecurityPanel *self) +{ + g_resources_register (cc_firmware_security_get_resource ()); + + gtk_widget_init_template (GTK_WIDGET (self)); + + self->hsi1_dict = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, (GDestroyNotify) fu_security_attr_free); + self->hsi2_dict = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, (GDestroyNotify) fu_security_attr_free); + self->hsi3_dict = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, (GDestroyNotify) fu_security_attr_free); + self->hsi4_dict = g_hash_table_new_full (g_str_hash, g_str_equal, g_free, (GDestroyNotify) fu_security_attr_free); + + load_custom_css ("/org/gnome/control-center/firmware-security/security-level.css"); + + g_dbus_proxy_new_for_bus (G_BUS_TYPE_SYSTEM, + G_DBUS_PROXY_FLAGS_NONE, + NULL, + "org.freedesktop.fwupd", + "/", + "org.freedesktop.DBus.Properties", + cc_panel_get_cancellable (CC_PANEL (self)), + on_properties_bus_ready_cb, + self); + g_dbus_proxy_new_for_bus (G_BUS_TYPE_SYSTEM, + G_DBUS_PROXY_FLAGS_NONE, + NULL, + "org.freedesktop.fwupd", + "/", + "org.freedesktop.fwupd", + cc_panel_get_cancellable (CC_PANEL (self)), + on_bus_ready_cb, + self); +} |