Fwupd Firmware Updates Integration Handbook
Stay organized with collections
Save and categorize content based on your preferences.
Version: 1.0.2
Last updated: 2025-03-12
TL;DR
This doc is intended to be a walkthrough of how vendors can implement fwupd for
future projects. It includes insight directly quoted from LVFS maintainers as
well. Fwupd is an open source firmware update framework that can help centralize
the way we perform firmware updates in partnership with external vendors.
For Vendors - First Ask:
Questions on updatable component (s)
Update size
Update time
Existing update type (A/B or bootloader/runtime model)
What happens to the component’s functionality during an update?
What has to happen to the system to start using a successful update?
Do multiple components need to be installed in a particular order?
Familiarity in working with LVFS/fwupd, or knowledge of it
Ability to commit eng resource to help implement plugin (see below for
further details)
Commitment on open sourcing plugin to LGPLv2+ (code that writes the firmware
to component) and allowing firmware to be redistributable by LVFS
For Vendors - Initial Guidance:
Update must minimize time that the peripheral or internal component
functionality is impacted, ideally to a couple of seconds. The longer part
of the update should occur silently in the background without disrupting the
user
- If this peripheral impacts the user experience in an obvious way (e.g.
display stops working) this requirement becomes even more stringent
To enable this type of silent update, A/B updates are strongly encouraged
- A/B updates that can activate at peripheral unplug are ideal to minimize
user disruption
Update must be recoverable - if you power off, unplug peripheral, etc the
update should not brick the device or peripheral. It should be robust to
recover without user action.
- The initial assumption should be that there is no user action during the
entire update, the proper scripts and stages of update should be driven
autonomously
Second Step - Using fwupd
If a vendor has never used fwupd
Chrome OS gives requirements for firmware update through fwupd to OEM. OEM
should communicate this directly to chip / component suppliers
In some cases, ODM can help OEM interface with chip vendors directly. It
is the responsibility of the OEM to communicate pass along these
requirements accordingly
Please note that if providing source code with LGPLv2+ licence, deriving
the plugin from this code is typically not feasible (a lot of intricacies).
So in this scenario the chip vendor will be required to have someone that
can work with the fwupd maintainers and Google engineers.
The OEM can be proactive and help in getting commitment from the chip
vendors to work closely with the maintainers. The ask for the
engineering support on the vendor side has the following requirements:
Very familiar with quirks and design features of the updatable hardware
component, preferably even be on the same team that wrote the firmware
Understand the difference between common open source licenses (e.g.
LGPLv2 and MIT)
Be proficient in C, with a basic understanding of GLib and GObject,
specifically understanding GErrors as well
Have a github account and know how to open and update a pull request, do
GitHub code reviews, and learn how fwupd is structured with all the helpers
fwupd provides (e.g. chunking, attach/detach, device retries, HID, etc)
Optional: ability to send hardware samples to the UK - really useful
for fwupd maintainers to help the vendor debug issues and to add the
board to fwupd tests that are run on each release. The latter being
important to stop regressions in the development branch.
In parallel, the OEM can start engaging through the fwupd mailing list or
with Richard Hughes (hughsient@gmail.com) directly and go over the plan
before plugin code is written
If a company is small with little to no engineering resources or
understanding of open source, the following suggestion might help:
The component vendor could use consulting companies, familiar with open
source work (not that this incurs additional cost)
While this suggestion can help scale, the value of the vendor doing it
in-house is that the engineers get familiar with the process and they
can easily add VID/PID in the future for new hardware. It is also quicker to close on questions / issues to
debug on the hardware
Third Step - Final Steps
Eventually the code is refactored into small reviewable commits using all
the shared functionality in fwupd
Once complete, the plugin gets merged upstream
In the ChromeOS case specifically:
Fourth Step (Optional) - Adding new components
- If the fwupd framework is already in place, the only additional step is the
updatable component supplier must work on pull requests to add quirks and
VID/PIDs for hardware variants
Other Guidance - Working on LVFS
Create a new vendor account (~2 minutes to set up)
Vendors create users for their own domain or use something like Azure AD to
sync user accounts to the LVFS. They can upload firmware to private and
vendor-embargo completely for free with very few checks (so it's often the
engineers doing this right from the start)
Eventually push to testing or stable requires some kind of document from
their legal department which clearly says the LVFS can redistribute and
analyse the firmware. PDF guideline is provided by Richard. ● If the vendor
is just a silicon supplier or an ODM they can become "affiliates" of the OEM
and can upload firmware on their behalf, with the OEM having full visibility
of what's happening with firmware branded with their name.
There are lots of other things to set up (e.g. the Vendor ID restricts them
to a set of PCI or USB IDs) but most of the vendors already have an assigned
ID and this is 20 seconds to set up.
Other Guidance - Chrome OS Specific Bits
In our case, firmware update binaries are not pulled from LVFS directly.
Instead the CAB file will be stored in the local file system (rootfs)
- Future workstream: incorporate the firmware binary in DLC by creating a
portage ebuild on the appropriate portage overlay
fwupd needs to be invoked (via its CLI fwupdtool) at the right time. For
each updatable component a udev rule (or equivalent script) must be created
that emits a fwuptool-update upstart event. This event will the be
automatically handled to execute fwupdtool with the right arguments and
proper sandboxing (minijail)
Another component is deciding if UI is required - only under certain
circumstances depending on the nature of the component updated. To be
evaluated by the PM and Eng team. The higher level guidance, as mentioned in
the first step, is to minimize action on the user side
External documentation reference: https://lvfs.readthedocs.io/
External vendor agreements reference: fwupd.org/lvfs/docs/agreement
Developing Plugin tutorial: https://fwupd.github.io/tutorial.html
Debugging Plugin tutorial:
https://lvfs.readthedocs.io/en/latest/custom-plugin.html
Sample quirk file:
https://github.com/fwupd/fwupd/blob/master/plugins/wacom-usb/wacom-usb.quirk
Revision History
| Date |
Version |
Notes |
| 2025-03-12 |
1.0.2 |
Convert text from pdf to markdown |
| 2024-01-31 |
1.0.1 |
Republication on new platform |
| 2023-10-12 |
1.0 |
Initial publication |
Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 4.0 License, and code samples are licensed under the Apache 2.0 License. For details, see the Google Developers Site Policies. Java is a registered trademark of Oracle and/or its affiliates.
Last updated 2025-03-14 UTC.
[[["Easy to understand","easyToUnderstand","thumb-up"],["Solved my problem","solvedMyProblem","thumb-up"],["Other","otherUp","thumb-up"]],[["Missing the information I need","missingTheInformationINeed","thumb-down"],["Too complicated / too many steps","tooComplicatedTooManySteps","thumb-down"],["Out of date","outOfDate","thumb-down"],["Samples / code issue","samplesCodeIssue","thumb-down"],["Other","otherDown","thumb-down"]],["Last updated 2025-03-14 UTC."],[[["\u003cp\u003eThis content was initially published on a partner site on October 12, 2023, and was republished on a new platform on January 31, 2024.\u003c/p\u003e\n"],["\u003cp\u003eThe current version of the content is 1.0.1.\u003c/p\u003e\n"]]],[],null,["# Fwupd Firmware Updates Integration Handbook\n\nVersion: 1.0.2 \n\nLast updated: 2025-03-12\n\n**TL;DR**\n\nThis doc is intended to be a walkthrough of how vendors can implement fwupd for\nfuture projects. It includes insight directly quoted from LVFS maintainers as\nwell. Fwupd is an open source firmware update framework that can help centralize\nthe way we perform firmware updates in partnership with external vendors.\n\nFirst Step - Gather Information \\& Provide Guidance\n---------------------------------------------------\n\n### For Vendors - First Ask:\n\n- Questions on updatable component (s)\n\n - Update size\n\n - Update time\n\n - Existing update type (A/B or bootloader/runtime model)\n\n - What happens to the component's functionality during an update?\n\n - What has to happen to the system to start using a successful update?\n\n - Do multiple components need to be installed in a particular order?\n\n- Familiarity in working with LVFS/fwupd, or knowledge of it\n\n- Ability to commit eng resource to help implement plugin (see below for\n further details)\n\n- Commitment on open sourcing plugin to LGPLv2+ (code that writes the firmware\n to component) and allowing firmware to be redistributable by LVFS\n\n### For Vendors - Initial Guidance:\n\n- Update must minimize time that the peripheral or internal component\n functionality is impacted, ideally to a couple of seconds. The longer part\n of the update should occur silently in the background without disrupting the\n user\n\n - If this peripheral impacts the user experience in an obvious way (e.g. display stops working) this requirement becomes even more stringent\n- To enable this type of silent update, A/B updates are strongly encouraged\n\n - A/B updates that can activate at peripheral unplug are ideal to minimize user disruption\n- Update must be recoverable - if you power off, unplug peripheral, etc the\n update should not brick the device or peripheral. It should be robust to\n recover without user action.\n\n - The initial assumption should be that there is no user action during the entire update, the proper scripts and stages of update should be driven autonomously\n\nSecond Step - Using fwupd\n-------------------------\n\n### If a vendor has never used fwupd\n\n- Chrome OS gives requirements for firmware update through fwupd to OEM. OEM\n should communicate this directly to chip / component suppliers\n\n- In some cases, ODM can help OEM interface with chip vendors directly. It\n is the responsibility of the OEM to communicate pass along these\n requirements accordingly\n\n- Please note that if providing source code with LGPLv2+ licence, deriving\n the plugin from this code is typically not feasible (a lot of intricacies).\n So in this scenario the chip vendor will be required to have someone that\n can work with the fwupd maintainers and Google engineers.\n\n- The OEM can be proactive and help in getting commitment from the chip\n vendors to work closely with the maintainers. The ask for the\n engineering support on the vendor side has the following requirements:\n\n - Very familiar with quirks and design features of the updatable hardware\n component, preferably even be on the same team that wrote the firmware\n\n - Understand the difference between common open source licenses (e.g.\n LGPLv2 and MIT)\n\n - Be proficient in C, with a basic understanding of GLib and GObject,\n specifically understanding GErrors as well\n\n - Have a github account and know how to open and update a pull request, do\n GitHub code reviews, and learn how fwupd is structured with all the helpers\n fwupd provides (e.g. chunking, attach/detach, device retries, HID, etc)\n\n - Optional: ability to send hardware samples to the UK - really useful\n for fwupd maintainers to help the vendor debug issues and to add the\n board to fwupd tests that are run on each release. The latter being\n important to stop regressions in the development branch.\n\n- In parallel, the OEM can start engaging through the fwupd mailing list or\n with Richard Hughes (hughsient@gmail.com) directly and go over the plan\n before plugin code is written\n\n- **If a company is small** with little to no engineering resources or\n understanding of open source, the following suggestion might help:\n\n - The component vendor could use consulting companies, familiar with open\n source work (not that this incurs additional cost)\n\n - While this suggestion can help scale, the value of the vendor doing it\n in-house is that the engineers get familiar with the process and they\n can easily add VID/PID in the future for new hardware. It is also quicker to close on questions / issues to\n debug on the hardware\n\nThird Step - Final Steps\n------------------------\n\n- Eventually the code is refactored into small reviewable commits using all\n the shared functionality in fwupd\n\n- Once complete, the plugin gets merged upstream\n\n - The code used upstream would be the same code in ChromeOS\n\n - The firmware update binaries used outside of ChromeOS would be distributed\n to LVFS\n\n**In the ChromeOS case specifically:**\n\n- The OEM has to upload the firmware binary into our servers via CPFE\n\n- There still needs to be redistributable update cabinet archives on the LVFS\n for the hardware regression tests to work\n\nFourth Step (Optional) - Adding new components\n----------------------------------------------\n\n- If the fwupd framework is already in place, the only additional step is the updatable component supplier must work on pull requests to add quirks and VID/PIDs for hardware variants\n\nOther Guidance - Working on LVFS\n--------------------------------\n\n- Create a new vendor account (\\~2 minutes to set up)\n\n- Vendors create users for their own domain or use something like Azure AD to\n sync user accounts to the LVFS. They can upload firmware to private and\n vendor-embargo completely for free with very few checks (so it's often the\n engineers doing this right from the start)\n\n- Eventually push to testing or stable requires some kind of document from\n their legal department which clearly says the LVFS can redistribute and\n analyse the firmware. PDF guideline is provided by Richard. ● If the vendor\n is just a silicon supplier or an ODM they can become \"affiliates\" of the OEM\n and can upload firmware on their behalf, with the OEM having full visibility\n of what's happening with firmware branded with their name.\n\n- There are lots of other things to set up (e.g. the Vendor ID restricts them\n to a set of PCI or USB IDs) but most of the vendors already have an assigned\n ID and this is 20 seconds to set up.\n\nOther Guidance - Chrome OS Specific Bits\n----------------------------------------\n\n- In our case, firmware update binaries are not pulled from LVFS directly.\n Instead the CAB file will be stored in the local file system (rootfs)\n\n - Future workstream: incorporate the firmware binary in DLC by creating a portage ebuild on the appropriate portage overlay\n- fwupd needs to be invoked (via its CLI fwupdtool) at the right time. For\n each updatable component a udev rule (or equivalent script) must be created\n that emits a fwuptool-update upstart event. This event will the be\n automatically handled to execute fwupdtool with the right arguments and\n proper sandboxing (minijail)\n\n- Another component is deciding if UI is required - only under certain\n circumstances depending on the nature of the component updated. To be\n evaluated by the PM and Eng team. The higher level guidance, as mentioned in\n the first step, is to minimize action on the user side\n\nExtra Resources for Vendors\n---------------------------\n\n- External documentation reference: https://lvfs.readthedocs.io/\n\n- External vendor agreements reference: fwupd.org/lvfs/docs/agreement\n\n- Developing Plugin tutorial: https://fwupd.github.io/tutorial.html\n\n- Debugging Plugin tutorial:\n https://lvfs.readthedocs.io/en/latest/custom-plugin.html\n\n- Sample quirk file:\n https://github.com/fwupd/fwupd/blob/master/plugins/wacom-usb/wacom-usb.quirk\n\n\u003cbr /\u003e\n\nRevision History\n----------------\n\n| Date | Version | Notes |\n|------------|---------|-----------------------------------|\n| 2025-03-12 | 1.0.2 | Convert text from pdf to markdown |\n| 2024-01-31 | 1.0.1 | Republication on new platform |\n| 2023-10-12 | 1.0 | Initial publication |\n\n\u003cbr /\u003e"]]
